From fbc2135a3ef1cc17482d487c066a700a2f9a844d Mon Sep 17 00:00:00 2001 From: Kenji Urushima Date: Sun, 18 May 2014 00:29:38 +0900 Subject: [PATCH] 4.5.0 release --- ChangeLog.txt | 13 + api/files.html | 51 +- api/index.html | 96 + api/symbols/ASN1HEX.html | 24 + api/symbols/Base64x.html | 24 + api/symbols/KEYUTIL.html | 24 + api/symbols/KJUR.asn1.ASN1Object.html | 24 + api/symbols/KJUR.asn1.ASN1Util.html | 24 + api/symbols/KJUR.asn1.DERAbstractString.html | 24 + .../KJUR.asn1.DERAbstractStructured.html | 24 + api/symbols/KJUR.asn1.DERAbstractTime.html | 24 + api/symbols/KJUR.asn1.DERBitString.html | 24 + api/symbols/KJUR.asn1.DERBoolean.html | 24 + api/symbols/KJUR.asn1.DERGeneralizedTime.html | 24 + api/symbols/KJUR.asn1.DERIA5String.html | 24 + api/symbols/KJUR.asn1.DERInteger.html | 24 + api/symbols/KJUR.asn1.DERNull.html | 24 + api/symbols/KJUR.asn1.DERNumericString.html | 24 + .../KJUR.asn1.DERObjectIdentifier.html | 24 + api/symbols/KJUR.asn1.DEROctetString.html | 24 + api/symbols/KJUR.asn1.DERPrintableString.html | 24 + api/symbols/KJUR.asn1.DERSequence.html | 24 + api/symbols/KJUR.asn1.DERSet.html | 31 +- api/symbols/KJUR.asn1.DERTaggedObject.html | 24 + api/symbols/KJUR.asn1.DERTeletexString.html | 24 + api/symbols/KJUR.asn1.DERUTCTime.html | 24 + api/symbols/KJUR.asn1.DERUTF8String.html | 24 + api/symbols/KJUR.asn1.cms.Attribute.html | 491 +++ api/symbols/KJUR.asn1.cms.AttributeList.html | 499 +++ api/symbols/KJUR.asn1.cms.CMSUtil.html | 545 +++ api/symbols/KJUR.asn1.cms.ContentInfo.html | 496 +++ api/symbols/KJUR.asn1.cms.ContentType.html | 496 +++ ...KJUR.asn1.cms.EncapsulatedContentInfo.html | 499 +++ .../KJUR.asn1.cms.IssuerAndSerialNumber.html | 495 +++ api/symbols/KJUR.asn1.cms.MessageDigest.html | 495 +++ api/symbols/KJUR.asn1.cms.SignedData.html | 517 +++ api/symbols/KJUR.asn1.cms.SignerInfo.html | 591 +++ api/symbols/KJUR.asn1.cms.SigningTime.html | 504 +++ api/symbols/KJUR.asn1.cms.html | 582 +++ api/symbols/KJUR.asn1.html | 24 + .../KJUR.asn1.x509.AlgorithmIdentifier.html | 24 + .../KJUR.asn1.x509.AttributeTypeAndValue.html | 24 + ...KJUR.asn1.x509.AuthorityKeyIdentifier.html | 24 + .../KJUR.asn1.x509.BasicConstraints.html | 24 + api/symbols/KJUR.asn1.x509.CRL.html | 24 + .../KJUR.asn1.x509.CRLDistributionPoints.html | 24 + api/symbols/KJUR.asn1.x509.CRLEntry.html | 24 + api/symbols/KJUR.asn1.x509.Certificate.html | 24 + .../KJUR.asn1.x509.DistributionPoint.html | 24 + .../KJUR.asn1.x509.DistributionPointName.html | 24 + api/symbols/KJUR.asn1.x509.ExtKeyUsage.html | 24 + api/symbols/KJUR.asn1.x509.Extension.html | 24 + api/symbols/KJUR.asn1.x509.GeneralName.html | 24 + api/symbols/KJUR.asn1.x509.GeneralNames.html | 24 + api/symbols/KJUR.asn1.x509.KeyUsage.html | 24 + api/symbols/KJUR.asn1.x509.OID.html | 24 + api/symbols/KJUR.asn1.x509.RDN.html | 24 + .../KJUR.asn1.x509.SubjectPublicKeyInfo.html | 24 + api/symbols/KJUR.asn1.x509.TBSCertList.html | 24 + .../KJUR.asn1.x509.TBSCertificate.html | 24 + api/symbols/KJUR.asn1.x509.Time.html | 24 + api/symbols/KJUR.asn1.x509.X500Name.html | 24 + api/symbols/KJUR.asn1.x509.X509Util.html | 24 + api/symbols/KJUR.asn1.x509.html | 24 + api/symbols/KJUR.crypto.DSA.html | 24 + api/symbols/KJUR.crypto.ECDSA.html | 24 + api/symbols/KJUR.crypto.ECParameterDB.html | 24 + api/symbols/KJUR.crypto.Mac.html | 24 + api/symbols/KJUR.crypto.MessageDigest.html | 24 + api/symbols/KJUR.crypto.OID.html | 24 + api/symbols/KJUR.crypto.Signature.html | 24 + api/symbols/KJUR.crypto.Util.html | 24 + api/symbols/KJUR.crypto.html | 24 + api/symbols/KJUR.html | 24 + api/symbols/PKCS5PKEY.html | 24 + api/symbols/RSAKey.html | 24 + api/symbols/X509.html | 28 +- api/symbols/global__.html | 24 + api/symbols/src/asn1-1.0.js.html | 565 +-- api/symbols/src/asn1cms-1.0.js.html | 805 ++++ api/symbols/src/asn1x509-1.0.js.html | 1646 ++++---- api/symbols/src/keyutil-1.0.js.html | 3357 +++++++++-------- api/symbols/src/x509-1.1.js.html | 150 +- asn1-1.0.js | 277 +- asn1-1.0.min.js | 4 +- asn1cms-1.0.js | 797 ++++ asn1cms-1.0.min.js | 3 + asn1x509-1.0.js | 100 +- asn1x509-1.0.min.js | 4 +- index.html | 94 +- index_alg.html | 134 + index_oldnews.html | 219 ++ jsrsasign-4.5.0-all-min.js | 252 ++ jsrsasign-latest-all-min.js | 17 +- keyutil-1.0.js | 2435 ++++++------ keyutil-1.0.min.js | 4 +- pkcs5pkey-1.0.js | 1687 +++++---- test/qunit-do-asn1.html | 12 +- test/qunit-do-asn1cms.html | 329 ++ test/qunit-do-asn1x509.html | 8 +- test/qunit-do-keyutil.html | 5 +- test/qunit-do-x509-kid.html | 99 + tool_ca.html | 26 +- tool_cmssign.html | 205 + x509-1.1.js | 150 +- x509-1.1.min.js | 2 +- 106 files changed, 16019 insertions(+), 5260 deletions(-) create mode 100755 api/symbols/KJUR.asn1.cms.Attribute.html create mode 100755 api/symbols/KJUR.asn1.cms.AttributeList.html create mode 100755 api/symbols/KJUR.asn1.cms.CMSUtil.html create mode 100755 api/symbols/KJUR.asn1.cms.ContentInfo.html create mode 100755 api/symbols/KJUR.asn1.cms.ContentType.html create mode 100755 api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html create mode 100755 api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html create mode 100755 api/symbols/KJUR.asn1.cms.MessageDigest.html create mode 100755 api/symbols/KJUR.asn1.cms.SignedData.html create mode 100755 api/symbols/KJUR.asn1.cms.SignerInfo.html create mode 100755 api/symbols/KJUR.asn1.cms.SigningTime.html create mode 100755 api/symbols/KJUR.asn1.cms.html create mode 100755 api/symbols/src/asn1cms-1.0.js.html create mode 100755 asn1cms-1.0.js create mode 100755 asn1cms-1.0.min.js create mode 100755 index_alg.html create mode 100755 index_oldnews.html create mode 100644 jsrsasign-4.5.0-all-min.js create mode 100755 test/qunit-do-asn1cms.html create mode 100755 test/qunit-do-x509-kid.html create mode 100755 tool_cmssign.html diff --git a/ChangeLog.txt b/ChangeLog.txt index 5372c5d8..16e27516 100755 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,6 +1,19 @@ ChangeLog for jsrsasign +* Changes between 4.2.3 to 4.5.0 (2014-May-17) + - RFC 5652 CMS SignedData generator is now supported. + - asn1cms 1.0.0 (NEW) + - asn1 1.0.4 to 1.0.5 + - unsorted DERSet is now supported for ASN.1 BER + - DERUTCTime/GeneralizedTime provides current time + if arguments is not specified. + - asn1x509 1.0.8 to 1.0.9 + - x509.Time: automatic detection for UTC/Gen by length + - OID: some oids are added. + - keyutil 1.0.6 to 1.0.7 + - KEYUTIL.getHexFromPEM can omit sHead now. + * Changes between 4.2.2 to 4.2.3 (2014-May-14) minor update - keyutil 1.0.6 - isPublic and isPrivate flag fix for generateKey method. diff --git a/api/files.html b/api/files.html index 0ea304dd..09cb93f3 100755 --- a/api/files.html +++ b/api/files.html @@ -202,6 +202,30 @@

Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • @@ -331,7 +355,26 @@

    asn1-1.0.js

    Version:
    -
    asn1 1.0.4 (2013-Oct-02)
    +
    asn1 1.0.5 (2014-May-17)
    + + + + + +
    + +
    +

    asn1cms-1.0.js

    + + +
    + +
    Author:
    +
    Kenji Urushima kenji.urushima@gmail.com
    + + +
    Version:
    +
    1.0.0 (2014-May-14)
    @@ -369,7 +412,7 @@

    asn1x509-1.0.js

    Version:
    -
    1.0.8 (2014-Apr-16)
    +
    1.0.9 (2014-May-17)
    @@ -476,7 +519,7 @@

    keyutil-1.0.js

    Version:
    -
    keyutil 1.0.6 (2014-May-14)
    +
    keyutil 1.0.7 (2014-May-17)
    @@ -552,7 +595,7 @@

    x509-1.1.js

    Version:
    -
    x509 1.1.2 (2013-Oct-06)
    +
    x509 1.1.3 (2014-May-17)
    diff --git a/api/index.html b/api/index.html index 6fe14071..719c1c4b 100755 --- a/api/index.html +++ b/api/index.html @@ -202,6 +202,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • @@ -368,6 +392,78 @@

    KJUR.asn1.ASN1Util


    +
    +

    KJUR.asn1.cms

    + +
    +
    + +
    +

    KJUR.asn1.cms.Attribute

    + Attribute class for base of CMS attribute +
    +
    + +
    +

    KJUR.asn1.cms.AttributeList

    + class for Attributes ASN.1 structure for CMS +
    +
    + +
    +

    KJUR.asn1.cms.CMSUtil

    + CMS utilities class +
    +
    + +
    +

    KJUR.asn1.cms.ContentInfo

    + class for ContentInfo ASN.1 structure for CMS +
    +
    + +
    +

    KJUR.asn1.cms.ContentType

    + class for CMS ContentType attribute +
    +
    + +
    +

    KJUR.asn1.cms.EncapsulatedContentInfo

    + class for EncapsulatedContentInfo ASN.1 structure for CMS +
    +
    + +
    +

    KJUR.asn1.cms.IssuerAndSerialNumber

    + class for CMS IssuerAndSerialNumber ASN.1 structure for CMS +
    +
    + +
    +

    KJUR.asn1.cms.MessageDigest

    + class for CMS MessageDigest attribute +
    +
    + +
    +

    KJUR.asn1.cms.SignedData

    + class for Attributes ASN.1 structure of CMS SigndData +
    +
    + +
    +

    KJUR.asn1.cms.SignerInfo

    + class for Attributes ASN.1 structure of CMS SigndData +
    +
    + +
    +

    KJUR.asn1.cms.SigningTime

    + class for CMS SigningTime attribute +
    +
    +

    KJUR.asn1.DERAbstractString

    base class for ASN.1 DER string classes diff --git a/api/symbols/ASN1HEX.html b/api/symbols/ASN1HEX.html index 7cb4ca71..d420f687 100755 --- a/api/symbols/ASN1HEX.html +++ b/api/symbols/ASN1HEX.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/Base64x.html b/api/symbols/Base64x.html index d8763433..9a99439c 100755 --- a/api/symbols/Base64x.html +++ b/api/symbols/Base64x.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KEYUTIL.html b/api/symbols/KEYUTIL.html index b175a66e..9de48cee 100755 --- a/api/symbols/KEYUTIL.html +++ b/api/symbols/KEYUTIL.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.ASN1Object.html b/api/symbols/KJUR.asn1.ASN1Object.html index 5a108dc4..3512610a 100755 --- a/api/symbols/KJUR.asn1.ASN1Object.html +++ b/api/symbols/KJUR.asn1.ASN1Object.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.ASN1Util.html b/api/symbols/KJUR.asn1.ASN1Util.html index cb4c0a71..e203a6ed 100755 --- a/api/symbols/KJUR.asn1.ASN1Util.html +++ b/api/symbols/KJUR.asn1.ASN1Util.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERAbstractString.html b/api/symbols/KJUR.asn1.DERAbstractString.html index 230d4cbf..a20df0c3 100755 --- a/api/symbols/KJUR.asn1.DERAbstractString.html +++ b/api/symbols/KJUR.asn1.DERAbstractString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERAbstractStructured.html b/api/symbols/KJUR.asn1.DERAbstractStructured.html index e29932f0..e8a4da29 100755 --- a/api/symbols/KJUR.asn1.DERAbstractStructured.html +++ b/api/symbols/KJUR.asn1.DERAbstractStructured.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERAbstractTime.html b/api/symbols/KJUR.asn1.DERAbstractTime.html index 2a8608a0..83081f1c 100755 --- a/api/symbols/KJUR.asn1.DERAbstractTime.html +++ b/api/symbols/KJUR.asn1.DERAbstractTime.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERBitString.html b/api/symbols/KJUR.asn1.DERBitString.html index 1968b218..ba13d920 100755 --- a/api/symbols/KJUR.asn1.DERBitString.html +++ b/api/symbols/KJUR.asn1.DERBitString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERBoolean.html b/api/symbols/KJUR.asn1.DERBoolean.html index 75086423..fa877ff1 100755 --- a/api/symbols/KJUR.asn1.DERBoolean.html +++ b/api/symbols/KJUR.asn1.DERBoolean.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERGeneralizedTime.html b/api/symbols/KJUR.asn1.DERGeneralizedTime.html index 26e6e175..11470235 100755 --- a/api/symbols/KJUR.asn1.DERGeneralizedTime.html +++ b/api/symbols/KJUR.asn1.DERGeneralizedTime.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERIA5String.html b/api/symbols/KJUR.asn1.DERIA5String.html index 4f4111de..fcae780e 100755 --- a/api/symbols/KJUR.asn1.DERIA5String.html +++ b/api/symbols/KJUR.asn1.DERIA5String.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERInteger.html b/api/symbols/KJUR.asn1.DERInteger.html index 0d1dee0a..477bfa95 100755 --- a/api/symbols/KJUR.asn1.DERInteger.html +++ b/api/symbols/KJUR.asn1.DERInteger.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERNull.html b/api/symbols/KJUR.asn1.DERNull.html index 6cc30e81..ef5726cf 100755 --- a/api/symbols/KJUR.asn1.DERNull.html +++ b/api/symbols/KJUR.asn1.DERNull.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERNumericString.html b/api/symbols/KJUR.asn1.DERNumericString.html index 1e4f314b..a517341e 100755 --- a/api/symbols/KJUR.asn1.DERNumericString.html +++ b/api/symbols/KJUR.asn1.DERNumericString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERObjectIdentifier.html b/api/symbols/KJUR.asn1.DERObjectIdentifier.html index 731cef25..98820b72 100755 --- a/api/symbols/KJUR.asn1.DERObjectIdentifier.html +++ b/api/symbols/KJUR.asn1.DERObjectIdentifier.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DEROctetString.html b/api/symbols/KJUR.asn1.DEROctetString.html index 79c51d98..eb433ea9 100755 --- a/api/symbols/KJUR.asn1.DEROctetString.html +++ b/api/symbols/KJUR.asn1.DEROctetString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERPrintableString.html b/api/symbols/KJUR.asn1.DERPrintableString.html index c6f8c03d..4e53a845 100755 --- a/api/symbols/KJUR.asn1.DERPrintableString.html +++ b/api/symbols/KJUR.asn1.DERPrintableString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERSequence.html b/api/symbols/KJUR.asn1.DERSequence.html index 75093f23..4a6d8d07 100755 --- a/api/symbols/KJUR.asn1.DERSequence.html +++ b/api/symbols/KJUR.asn1.DERSequence.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERSet.html b/api/symbols/KJUR.asn1.DERSet.html index eff3fafd..be299348 100755 --- a/api/symbols/KJUR.asn1.DERSet.html +++ b/api/symbols/KJUR.asn1.DERSet.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • @@ -366,8 +390,7 @@

    following properties:
    • array - specify array of ASN1Object to set elements of content
    • -
    -NOTE: 'params' can be omitted.

    +
  • sortflag - flag for sort (default: true). @@ -409,8 +432,10 @@

    following properties:
    • array - specify array of ASN1Object to set elements of content
    • +
    • sortflag - flag for sort (default: true). ASN.1 BER is not sorted in 'SET OF'.
    -NOTE: 'params' can be omitted. +NOTE1: 'params' can be omitted.
    +NOTE2: sortflag is supported since 1.0.5. diff --git a/api/symbols/KJUR.asn1.DERTaggedObject.html b/api/symbols/KJUR.asn1.DERTaggedObject.html index 033adbca..652477e5 100755 --- a/api/symbols/KJUR.asn1.DERTaggedObject.html +++ b/api/symbols/KJUR.asn1.DERTaggedObject.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERTeletexString.html b/api/symbols/KJUR.asn1.DERTeletexString.html index cc51696e..77bfb540 100755 --- a/api/symbols/KJUR.asn1.DERTeletexString.html +++ b/api/symbols/KJUR.asn1.DERTeletexString.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERUTCTime.html b/api/symbols/KJUR.asn1.DERUTCTime.html index 6f6a51ff..3b1dfe46 100755 --- a/api/symbols/KJUR.asn1.DERUTCTime.html +++ b/api/symbols/KJUR.asn1.DERUTCTime.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.DERUTF8String.html b/api/symbols/KJUR.asn1.DERUTF8String.html index 40c35904..bc02d3d8 100755 --- a/api/symbols/KJUR.asn1.DERUTF8String.html +++ b/api/symbols/KJUR.asn1.DERUTF8String.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.cms.Attribute.html b/api/symbols/KJUR.asn1.cms.Attribute.html new file mode 100755 index 00000000..4a2cb84b --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.Attribute.html @@ -0,0 +1,491 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.Attribute + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.Attribute +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + Attribute class for base of CMS attribute + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    Attribute class for base of CMS attribute +
    +Attributes ::= SET OF Attribute
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.Attribute(params) +
    + +
    + Attribute class for base of CMS attribute +
    +Attributes ::= SET OF Attribute
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +
    + +
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.AttributeList.html b/api/symbols/KJUR.asn1.cms.AttributeList.html new file mode 100755 index 00000000..031215fe --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.AttributeList.html @@ -0,0 +1,499 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.AttributeList + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.AttributeList +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for Attributes ASN.1 structure for CMS + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for Attributes ASN.1 structure for CMS +
    +Attributes ::= SET OF Attribute
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.AttributeList(params) +
    + +
    + class for Attributes ASN.1 structure for CMS +
    +Attributes ::= SET OF Attribute
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +
    + +
    + + + +
    // specify by X500Name and DERInteger
    +o = new KJUR.asn1.cms.AttributeList({sorted: false}); // ASN.1 BER unsorted SET OF
    +o = new KJUR.asn1.cms.AttributeList();  // ASN.1 DER sorted by default
    +o.clear();                              // clear list of Attributes
    +n = o.length();                         // get number of Attribute
    +o.add(new KJUR.asn1.cms.SigningTime()); // add SigningTime attribute
    +hex = o.getEncodedHex();                // get hex encoded ASN.1 data
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.CMSUtil.html b/api/symbols/KJUR.asn1.cms.CMSUtil.html new file mode 100755 index 00000000..3f4cb3af --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.CMSUtil.html @@ -0,0 +1,545 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.CMSUtil + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.CMSUtil +

    + + +

    + + + + CMS utilities class + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    CMS utiliteis class
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + +
    Method Summary
    Method AttributesMethod Name and Description
    <static>   +
    KJUR.asn1.cms.CMSUtil.newSignedData(param) +
    +
    generate SignedData object specified by JSON parameters +This method provides more easy way to genereate +CMS SignedData ASN.1 structure by JSON data.
    +
    + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.CMSUtil() +
    + +
    + CMS utiliteis class + +
    + + + + + + + + + + + + +
    + + + + + + + +
    + Method Detail +
    + + +
    <static> + + {KJUR.asn1.cms.SignedData} + KJUR.asn1.cms.CMSUtil.newSignedData(param) + +
    +
    + generate SignedData object specified by JSON parameters +This method provides more easy way to genereate +CMS SignedData ASN.1 structure by JSON data. + + +
    + + + +
    var sd = KJUR.asn1.cms.CMSUtil.newSignedData({
    +  content: {str: "jsrsasign"},
    +  certs: [certPEM],
    +  signerInfos: [{
    +    hashAlg: 'sha256',
    +    sAttr: {
    +      SigningTime: {}
    +    },
    +    signerCert: certPEM,
    +    sigAlg: 'SHA256withRSA',
    +    signerPrvKey: prvPEM
    +  }]
    +});
    + + + + +
    +
    Parameters:
    + +
    + {Array} param + +
    +
    JSON parameter to generate CMS SignedData
    + +
    + + + + + +
    +
    Returns:
    + +
    {KJUR.asn1.cms.SignedData} object just generated
    + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.ContentInfo.html b/api/symbols/KJUR.asn1.cms.ContentInfo.html new file mode 100755 index 00000000..2526cf84 --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.ContentInfo.html @@ -0,0 +1,496 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.ContentInfo + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.ContentInfo +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for ContentInfo ASN.1 structure for CMS + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for ContentInfo ASN.1 structure for CMS +
    +ContentInfo ::= SEQUENCE {
    +   contentType ContentType,
    +   content [0] EXPLICIT ANY DEFINED BY contentType }
    +ContentType ::= OBJECT IDENTIFIER
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.ContentInfo(params) +
    + +
    + class for ContentInfo ASN.1 structure for CMS +
    +ContentInfo ::= SEQUENCE {
    +   contentType ContentType,
    +   content [0] EXPLICIT ANY DEFINED BY contentType }
    +ContentType ::= OBJECT IDENTIFIER
    +
    + +
    + + + +
    a = [new KJUR.asn1.DERInteger({int: 1}),
    +     new KJUR.asn1.DERInteger({int: 2})];
    +seq = new KJUR.asn1.DERSequence({array: a});
    +o = new KJUR.asn1.cms.ContentInfo({type: 'data', obj: seq});
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.ContentType.html b/api/symbols/KJUR.asn1.cms.ContentType.html new file mode 100755 index 00000000..3a363efb --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.ContentType.html @@ -0,0 +1,496 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.ContentType + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.ContentType +

    + + +

    + +
    Extends + KJUR.asn1.cms.Attribute.
    + + + class for CMS ContentType attribute + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for CMS ContentType attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +ContentType ::= OBJECT IDENTIFIER
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.ContentType(params) +
    + +
    + class for CMS ContentType attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +ContentType ::= OBJECT IDENTIFIER
    +
    + +
    + + + +
    o = new KJUR.asn1.cms.ContentType({name: 'data'});
    +o = new KJUR.asn1.cms.ContentType({oid: '1.2.840.113549.1.9.16.1.4'});
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html b/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html new file mode 100755 index 00000000..d8c2fcfb --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html @@ -0,0 +1,499 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.EncapsulatedContentInfo + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.EncapsulatedContentInfo +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for EncapsulatedContentInfo ASN.1 structure for CMS + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for EncapsulatedContentInfo ASN.1 structure for CMS +
    +EncapsulatedContentInfo ::= SEQUENCE {
    +   eContentType ContentType,
    +   eContent [0] EXPLICIT OCTET STRING OPTIONAL }
    +ContentType ::= OBJECT IDENTIFIER
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.EncapsulatedContentInfo(params) +
    + +
    + class for EncapsulatedContentInfo ASN.1 structure for CMS +
    +EncapsulatedContentInfo ::= SEQUENCE {
    +   eContentType ContentType,
    +   eContent [0] EXPLICIT OCTET STRING OPTIONAL }
    +ContentType ::= OBJECT IDENTIFIER
    +
    + +
    + + + +
    o = new KJUR.asn1.cms.EncapsulatedContentInfo();
    +o.setContentType('1.2.3.4.5');     // specify eContentType by OID
    +o.setContentType('data');          // specify eContentType by name
    +o.setContentValueHex('a1a2a4...'); // specify eContent data by hex string
    +o.setContentValueStr('apple');     // specify eContent data by UTF-8 string
    +// for detached contents (i.e. data not concluded in eContent)
    +o.isDetached = true;               // false as default
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html b/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html new file mode 100755 index 00000000..c81b3f8a --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html @@ -0,0 +1,495 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.IssuerAndSerialNumber + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.IssuerAndSerialNumber +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for CMS IssuerAndSerialNumber ASN.1 structure for CMS + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for IssuerAndSerialNumber ASN.1 structure for CMS +
    +IssuerAndSerialNumber ::= SEQUENCE {
    +   issuer Name,
    +   serialNumber CertificateSerialNumber }
    +CertificateSerialNumber ::= INTEGER
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.IssuerAndSerialNumber(params) +
    + +
    + class for IssuerAndSerialNumber ASN.1 structure for CMS +
    +IssuerAndSerialNumber ::= SEQUENCE {
    +   issuer Name,
    +   serialNumber CertificateSerialNumber }
    +CertificateSerialNumber ::= INTEGER
    +
    + +
    + + + +
    // specify by X500Name and DERInteger
    +o = new KJUR.asn1.cms.IssuerAndSerialNumber(
    +     {issuer: {str: '/C=US/O=T1'}, serial {int: 3}});
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.MessageDigest.html b/api/symbols/KJUR.asn1.cms.MessageDigest.html new file mode 100755 index 00000000..9da68a6f --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.MessageDigest.html @@ -0,0 +1,495 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.MessageDigest + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.MessageDigest +

    + + +

    + +
    Extends + KJUR.asn1.cms.Attribute.
    + + + class for CMS MessageDigest attribute + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for CMS MessageDigest attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +MessageDigest ::= OCTET STRING
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.MessageDigest(params) +
    + +
    + class for CMS MessageDigest attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +MessageDigest ::= OCTET STRING
    +
    + +
    + + + +
    o = new KJUR.asn1.cms.MessageDigest({hex: 'a1a2a3a4...'});
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.SignedData.html b/api/symbols/KJUR.asn1.cms.SignedData.html new file mode 100755 index 00000000..2fd526b7 --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.SignedData.html @@ -0,0 +1,517 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.SignedData + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.SignedData +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for Attributes ASN.1 structure of CMS SigndData + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for SignerInfo ASN.1 structure of CMS SignedData +
    +SignedData ::= SEQUENCE {
    +   version CMSVersion,
    +   digestAlgorithms DigestAlgorithmIdentifiers,
    +   encapContentInfo EncapsulatedContentInfo,
    +   certificates [0] IMPLICIT CertificateSet OPTIONAL,
    +   crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
    +   signerInfos SignerInfos }
    +SignerInfos ::= SET OF SignerInfo
    +CertificateSet ::= SET OF CertificateChoices
    +DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
    +CertificateSet ::= SET OF CertificateChoices
    +RevocationInfoChoices ::= SET OF RevocationInfoChoice
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.SignedData(params) +
    + +
    + class for SignerInfo ASN.1 structure of CMS SignedData +
    +SignedData ::= SEQUENCE {
    +   version CMSVersion,
    +   digestAlgorithms DigestAlgorithmIdentifiers,
    +   encapContentInfo EncapsulatedContentInfo,
    +   certificates [0] IMPLICIT CertificateSet OPTIONAL,
    +   crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
    +   signerInfos SignerInfos }
    +SignerInfos ::= SET OF SignerInfo
    +CertificateSet ::= SET OF CertificateChoices
    +DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
    +CertificateSet ::= SET OF CertificateChoices
    +RevocationInfoChoices ::= SET OF RevocationInfoChoice
    +
    + +
    + + + +
    sd = new KJUR.asn1.cms.SignedData();
    +sd.dEncapContentInfo.setContentValueStr("test string");
    +sd.signerInfoList[0].setForContentAndHash({sdObj: sd,
    +                                           eciObj: sd.dEncapContentInfo,
    +                                           hashAlg: 'sha256'});
    +sd.signerInfoList[0].dSignedAttrs.add(new KJUR.asn1.cms.SigningTime());
    +sd.signerInfoList[0].setSignerIdentifier(certPEM);
    +sd.signerInfoList[0].sign(prvP8PEM, "SHA256withRSA");
    +hex = sd.getContentInfoEncodedHex();
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.SignerInfo.html b/api/symbols/KJUR.asn1.cms.SignerInfo.html new file mode 100755 index 00000000..2f874b85 --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.SignerInfo.html @@ -0,0 +1,591 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.SignerInfo + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.SignerInfo +

    + + +

    + +
    Extends + KJUR.asn1.ASN1Object.
    + + + class for Attributes ASN.1 structure of CMS SigndData + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for SignerInfo ASN.1 structure of CMS SignedData +
    +SignerInfo ::= SEQUENCE {
    +   version CMSVersion,
    +   sid SignerIdentifier,
    +   digestAlgorithm DigestAlgorithmIdentifier,
    +   signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
    +   signatureAlgorithm SignatureAlgorithmIdentifier,
    +   signature SignatureValue,
    +   unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + +
    Field Summary
    Field AttributesField Name and Description
    <static>   +
    + KJUR.asn1.cms.SignerInfo.setForContentAndHash +
    +
    set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData +This method will specify following fields by a parameters: +
      +
    • add ContentType signed attribute by encapContentInfo
    • +
    • add MessageDigest signed attribute by encapContentInfo and hashAlg
    • +
    • add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData
    • +
    • set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo
    • +
    +Argument 'params' is an associative array having following elements: + +some of elements can be omited.
    +
    + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.SignerInfo(params) +
    + +
    + class for SignerInfo ASN.1 structure of CMS SignedData +
    +SignerInfo ::= SEQUENCE {
    +   version CMSVersion,
    +   sid SignerIdentifier,
    +   digestAlgorithm DigestAlgorithmIdentifier,
    +   signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
    +   signatureAlgorithm SignatureAlgorithmIdentifier,
    +   signature SignatureValue,
    +   unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
    +
    + +
    + + + +
    o = new KJUR.asn1.cms.SignerInfo();
    +o.setSignerIdentifier(certPEMstring);
    +o.dSignedAttrs.add(new KJUR.asn1.cms.ContentType({name: 'data'}));
    +o.dSignedAttrs.add(new KJUR.asn1.cms.MessageDigest({hex: 'a1b2...'}));
    +o.dSignedAttrs.add(new KJUR.asn1.cms.SigningTime());
    +o.sign(privteKeyParam, "SHA1withRSA");
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + +
    + Field Detail +
    + + +
    <static> + + + KJUR.asn1.cms.SignerInfo.setForContentAndHash + +
    +
    + set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData +This method will specify following fields by a parameters: +
      +
    • add ContentType signed attribute by encapContentInfo
    • +
    • add MessageDigest signed attribute by encapContentInfo and hashAlg
    • +
    • add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData
    • +
    • set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo
    • +
    +Argument 'params' is an associative array having following elements: + +some of elements can be omited. + + +
    + + + +
    sd = new KJUR.asn1.cms.SignedData();
    +signerInfo.setForContentAndHash({sdObj: sd,
    +                                 eciObj: sd.dEncapContentInfo,
    +                                 hashAlg: 'sha256'});
    + + + + + + + + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.SigningTime.html b/api/symbols/KJUR.asn1.cms.SigningTime.html new file mode 100755 index 00000000..a927151f --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.SigningTime.html @@ -0,0 +1,504 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms.SigningTime + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Class KJUR.asn1.cms.SigningTime +

    + + +

    + +
    Extends + KJUR.asn1.cms.Attribute.
    + + + class for CMS SigningTime attribute + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Class Summary
    Constructor AttributesConstructor Name and Description
      + +
    class for CMS SigningTime attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +SigningTime  ::= Time
    +Time ::= CHOICE {
    +   utcTime UTCTime,
    +   generalTime GeneralizedTime }
    +
    +
    + + + + + + + + +
    +
    Fields borrowed from class KJUR.asn1.ASN1Object:
    hL, hT, hTLV, hV, isModified
    +
    + + + + + + + + + + +
    +
    + Class Detail +
    + +
    + KJUR.asn1.cms.SigningTime(params) +
    + +
    + class for CMS SigningTime attribute +
    +Attribute ::= SEQUENCE {
    +   type               OBJECT IDENTIFIER,
    +   values             AttributeSetValue }
    +AttributeSetValue ::= SET OF ANY
    +SigningTime  ::= Time
    +Time ::= CHOICE {
    +   utcTime UTCTime,
    +   generalTime GeneralizedTime }
    +
    + +
    + + + +
    o = new KJUR.asn1.cms.SigningTime(); // current time UTCTime by default
    +o = new KJUR.asn1.cms.SigningTime({type: 'gen'}); // current time GeneralizedTime
    +o = new KJUR.asn1.cms.SigningTime({str: '20140517093800Z'}); // specified GeneralizedTime
    +o = new KJUR.asn1.cms.SigningTime({str: '140517093800Z'}); // specified UTCTime
    + + + + + +
    +
    Parameters:
    + +
    + {Array} params + +
    +
    associative array of parameters
    + +
    + + + +
    +
    Since:
    +
    jsrsasign 4.2.4 asn1cms 1.0.0
    +
    + + + + + + +
    + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.cms.html b/api/symbols/KJUR.asn1.cms.html new file mode 100755 index 00000000..6440500c --- /dev/null +++ b/api/symbols/KJUR.asn1.cms.html @@ -0,0 +1,582 @@ + + + + + + + jsrsasign 4.0.0 JavaScript API Reference - KJUR.asn1.cms + + + + + + + + + + + + +
    + +
    Class Index +| File Index
    +
    +

    Classes

    + +
    + +
    + +
    + +

    + + Namespace KJUR.asn1.cms +

    + + +

    + + + + + + +
    Defined in: asn1cms-1.0.js. + +

    + + + + + + + + + + + + + + + + + +
    Namespace Summary
    Constructor AttributesConstructor Name and Description
      + +
    kjur's ASN.1 class for Cryptographic Message Syntax(CMS) +

    +This name space provides +RFC 5652 +Cryptographic Message Syntax (CMS) SignedData generator.

    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Method Summary
    Method AttributesMethod Name and Description
    <static>   +
    KJUR.asn1.cms.getEncodedHex() +
    +
    +
    <static>   +
    KJUR.asn1.cms.setContentType(nameOrOid) +
    +
    +
    + + + + + + + + + +
    +
    + Namespace Detail +
    + +
    + KJUR.asn1.cms +
    + +
    + kjur's ASN.1 class for Cryptographic Message Syntax(CMS) +

    +This name space provides +RFC 5652 +Cryptographic Message Syntax (CMS) SignedData generator. + +

    FEATURES

    +
      +
    • easily generate CMS SignedData
    • +
    • APIs are very similar to BouncyCastle library ASN.1 classes. So easy to learn.
    • +
    + +

    PROVIDED CLASSES

    + +NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2. +

    + +
    + + + + + + + + + + + + +
    + + + + + + + +
    + Method Detail +
    + + +
    <static> + + + KJUR.asn1.cms.getEncodedHex() + +
    +
    + + + +
    + + + + + + + + + + + +
    + + +
    <static> + + + KJUR.asn1.cms.setContentType(nameOrOid) + +
    +
    + + + +
    + + + + +
    +
    Parameters:
    + +
    + nameOrOid + +
    +
    + +
    + + + + + + + + + + + + + + + +
    +
    + + + +
    + © 2012 Kenji Urushima, All rights reserved
    + + Documentation generated by JsDoc Toolkit 2.4.0 +
    + + diff --git a/api/symbols/KJUR.asn1.html b/api/symbols/KJUR.asn1.html index af7b9900..34747057 100755 --- a/api/symbols/KJUR.asn1.html +++ b/api/symbols/KJUR.asn1.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html b/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html index 297731cc..85e9185a 100755 --- a/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html +++ b/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html b/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html index 58e27ed2..7d9fa95f 100755 --- a/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html +++ b/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html b/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html index 616b6ddc..3275b647 100755 --- a/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html +++ b/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.BasicConstraints.html b/api/symbols/KJUR.asn1.x509.BasicConstraints.html index 0f3752c6..1bb6383e 100755 --- a/api/symbols/KJUR.asn1.x509.BasicConstraints.html +++ b/api/symbols/KJUR.asn1.x509.BasicConstraints.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.CRL.html b/api/symbols/KJUR.asn1.x509.CRL.html index 5fa192d3..6775602d 100755 --- a/api/symbols/KJUR.asn1.x509.CRL.html +++ b/api/symbols/KJUR.asn1.x509.CRL.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html b/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html index 97c68caf..be0c3008 100755 --- a/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html +++ b/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.CRLEntry.html b/api/symbols/KJUR.asn1.x509.CRLEntry.html index 82a03b28..de641d7e 100755 --- a/api/symbols/KJUR.asn1.x509.CRLEntry.html +++ b/api/symbols/KJUR.asn1.x509.CRLEntry.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.Certificate.html b/api/symbols/KJUR.asn1.x509.Certificate.html index c8c82204..18525212 100755 --- a/api/symbols/KJUR.asn1.x509.Certificate.html +++ b/api/symbols/KJUR.asn1.x509.Certificate.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.DistributionPoint.html b/api/symbols/KJUR.asn1.x509.DistributionPoint.html index a0a55364..2493c353 100755 --- a/api/symbols/KJUR.asn1.x509.DistributionPoint.html +++ b/api/symbols/KJUR.asn1.x509.DistributionPoint.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.DistributionPointName.html b/api/symbols/KJUR.asn1.x509.DistributionPointName.html index d69b8558..6dc11675 100755 --- a/api/symbols/KJUR.asn1.x509.DistributionPointName.html +++ b/api/symbols/KJUR.asn1.x509.DistributionPointName.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html b/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html index 8f64dbc4..7d3699bd 100755 --- a/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html +++ b/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.Extension.html b/api/symbols/KJUR.asn1.x509.Extension.html index 4ad367fe..ef861653 100755 --- a/api/symbols/KJUR.asn1.x509.Extension.html +++ b/api/symbols/KJUR.asn1.x509.Extension.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.GeneralName.html b/api/symbols/KJUR.asn1.x509.GeneralName.html index 3541c10b..c2b7dd00 100755 --- a/api/symbols/KJUR.asn1.x509.GeneralName.html +++ b/api/symbols/KJUR.asn1.x509.GeneralName.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.GeneralNames.html b/api/symbols/KJUR.asn1.x509.GeneralNames.html index 5ef09566..4012f812 100755 --- a/api/symbols/KJUR.asn1.x509.GeneralNames.html +++ b/api/symbols/KJUR.asn1.x509.GeneralNames.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.KeyUsage.html b/api/symbols/KJUR.asn1.x509.KeyUsage.html index b6bb1a31..c1a6b04d 100755 --- a/api/symbols/KJUR.asn1.x509.KeyUsage.html +++ b/api/symbols/KJUR.asn1.x509.KeyUsage.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.OID.html b/api/symbols/KJUR.asn1.x509.OID.html index 31610c09..0ebff27f 100755 --- a/api/symbols/KJUR.asn1.x509.OID.html +++ b/api/symbols/KJUR.asn1.x509.OID.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.RDN.html b/api/symbols/KJUR.asn1.x509.RDN.html index e4af74b5..ebcd7b8f 100755 --- a/api/symbols/KJUR.asn1.x509.RDN.html +++ b/api/symbols/KJUR.asn1.x509.RDN.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html b/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html index 882531d5..1f10d177 100755 --- a/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html +++ b/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.TBSCertList.html b/api/symbols/KJUR.asn1.x509.TBSCertList.html index a24b4ea6..83d2ba55 100755 --- a/api/symbols/KJUR.asn1.x509.TBSCertList.html +++ b/api/symbols/KJUR.asn1.x509.TBSCertList.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.TBSCertificate.html b/api/symbols/KJUR.asn1.x509.TBSCertificate.html index acedc76a..ca182dc7 100755 --- a/api/symbols/KJUR.asn1.x509.TBSCertificate.html +++ b/api/symbols/KJUR.asn1.x509.TBSCertificate.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.Time.html b/api/symbols/KJUR.asn1.x509.Time.html index a2a2cb6f..6280fd17 100755 --- a/api/symbols/KJUR.asn1.x509.Time.html +++ b/api/symbols/KJUR.asn1.x509.Time.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.X500Name.html b/api/symbols/KJUR.asn1.x509.X500Name.html index e7dfff2b..b16770f6 100755 --- a/api/symbols/KJUR.asn1.x509.X500Name.html +++ b/api/symbols/KJUR.asn1.x509.X500Name.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.X509Util.html b/api/symbols/KJUR.asn1.x509.X509Util.html index 039e15ca..9202e0b5 100755 --- a/api/symbols/KJUR.asn1.x509.X509Util.html +++ b/api/symbols/KJUR.asn1.x509.X509Util.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.asn1.x509.html b/api/symbols/KJUR.asn1.x509.html index f1851658..5f7c0669 100755 --- a/api/symbols/KJUR.asn1.x509.html +++ b/api/symbols/KJUR.asn1.x509.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.DSA.html b/api/symbols/KJUR.crypto.DSA.html index 5f66b492..218730bf 100755 --- a/api/symbols/KJUR.crypto.DSA.html +++ b/api/symbols/KJUR.crypto.DSA.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.ECDSA.html b/api/symbols/KJUR.crypto.ECDSA.html index 8b608b4c..d1c56f96 100755 --- a/api/symbols/KJUR.crypto.ECDSA.html +++ b/api/symbols/KJUR.crypto.ECDSA.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.ECParameterDB.html b/api/symbols/KJUR.crypto.ECParameterDB.html index b1864119..b99b61c1 100755 --- a/api/symbols/KJUR.crypto.ECParameterDB.html +++ b/api/symbols/KJUR.crypto.ECParameterDB.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.Mac.html b/api/symbols/KJUR.crypto.Mac.html index 0643d16f..f6e9f47e 100755 --- a/api/symbols/KJUR.crypto.Mac.html +++ b/api/symbols/KJUR.crypto.Mac.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.MessageDigest.html b/api/symbols/KJUR.crypto.MessageDigest.html index 18a55563..f9c386f9 100755 --- a/api/symbols/KJUR.crypto.MessageDigest.html +++ b/api/symbols/KJUR.crypto.MessageDigest.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.OID.html b/api/symbols/KJUR.crypto.OID.html index cb386595..237b75c3 100755 --- a/api/symbols/KJUR.crypto.OID.html +++ b/api/symbols/KJUR.crypto.OID.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.Signature.html b/api/symbols/KJUR.crypto.Signature.html index 5e3f9163..aa914bb3 100755 --- a/api/symbols/KJUR.crypto.Signature.html +++ b/api/symbols/KJUR.crypto.Signature.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.Util.html b/api/symbols/KJUR.crypto.Util.html index e2f34b85..e8b3779f 100755 --- a/api/symbols/KJUR.crypto.Util.html +++ b/api/symbols/KJUR.crypto.Util.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.crypto.html b/api/symbols/KJUR.crypto.html index 191ce305..e35c8c5b 100755 --- a/api/symbols/KJUR.crypto.html +++ b/api/symbols/KJUR.crypto.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/KJUR.html b/api/symbols/KJUR.html index f4100547..cf6197f1 100755 --- a/api/symbols/KJUR.html +++ b/api/symbols/KJUR.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/PKCS5PKEY.html b/api/symbols/PKCS5PKEY.html index 94c2176c..734194dc 100755 --- a/api/symbols/PKCS5PKEY.html +++ b/api/symbols/PKCS5PKEY.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/RSAKey.html b/api/symbols/RSAKey.html index 7dc699c3..34f49f7a 100755 --- a/api/symbols/RSAKey.html +++ b/api/symbols/RSAKey.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/X509.html b/api/symbols/X509.html index 8962ab8a..c2c70ca3 100755 --- a/api/symbols/X509.html +++ b/api/symbols/X509.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • @@ -447,7 +471,7 @@

    -
    get hexadecimal string of issuer field of certificate.
    +
    get hexadecimal string of issuer field TLV of certificate.
    @@ -695,7 +719,7 @@

    - get hexadecimal string of issuer field of certificate.
    + get hexadecimal string of issuer field TLV of certificate.
    diff --git a/api/symbols/global__.html b/api/symbols/global__.html index 1abdfd20..2ff96b7d 100755 --- a/api/symbols/global__.html +++ b/api/symbols/global__.html @@ -207,6 +207,30 @@

    Classes

  • KJUR.asn1.ASN1Util
  • +
  • KJUR.asn1.cms
  • + +
  • KJUR.asn1.cms.Attribute
  • + +
  • KJUR.asn1.cms.AttributeList
  • + +
  • KJUR.asn1.cms.CMSUtil
  • + +
  • KJUR.asn1.cms.ContentInfo
  • + +
  • KJUR.asn1.cms.ContentType
  • + +
  • KJUR.asn1.cms.EncapsulatedContentInfo
  • + +
  • KJUR.asn1.cms.IssuerAndSerialNumber
  • + +
  • KJUR.asn1.cms.MessageDigest
  • + +
  • KJUR.asn1.cms.SignedData
  • + +
  • KJUR.asn1.cms.SignerInfo
  • + +
  • KJUR.asn1.cms.SigningTime
  • +
  • KJUR.asn1.DERAbstractString
  • KJUR.asn1.DERAbstractStructured
  • diff --git a/api/symbols/src/asn1-1.0.js.html b/api/symbols/src/asn1-1.0.js.html index d1f43969..24ab016b 100755 --- a/api/symbols/src/asn1-1.0.js.html +++ b/api/symbols/src/asn1-1.0.js.html @@ -5,12 +5,12 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} -
      1 /*! asn1-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
    +	
      1 /*! asn1-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
       2  */
       3 /*
       4  * asn1.js - ASN.1 DER encoder classes
       5  *
    -  6  * Copyright (c) 2013 Kenji Urushima (kenji.urushima@gmail.com)
    +  6  * Copyright (c) 2013-2014 Kenji Urushima (kenji.urushima@gmail.com)
       7  *
       8  * This software is licensed under the terms of the MIT License.
       9  * http://kjur.github.com/jsrsasign/license
    @@ -23,7 +23,7 @@
      16  * @fileOverview
      17  * @name asn1-1.0.js
      18  * @author Kenji Urushima kenji.urushima@gmail.com
    - 19  * @version asn1 1.0.4 (2013-Oct-02)
    + 19  * @version asn1 1.0.5 (2014-May-17)
      20  * @since jsrsasign 2.1
      21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
      22  */
    @@ -892,25 +892,25 @@
     885  */
     886 KJUR.asn1.DERObjectIdentifier = function(params) {
     887     var itox = function(i) {
    -888 	var h = i.toString(16);
    -889 	if (h.length == 1) h = '0' + h;
    -890 	return h;
    +888         var h = i.toString(16);
    +889         if (h.length == 1) h = '0' + h;
    +890         return h;
     891     };
     892     var roidtox = function(roid) {
    -893 	var h = '';
    -894 	var bi = new BigInteger(roid, 10);
    -895 	var b = bi.toString(2);
    -896 	var padLen = 7 - b.length % 7;
    -897 	if (padLen == 7) padLen = 0;
    -898 	var bPad = '';
    -899 	for (var i = 0; i < padLen; i++) bPad += '0';
    -900 	b = bPad + b;
    -901 	for (var i = 0; i < b.length - 1; i += 7) {
    -902 	    var b8 = b.substr(i, 7);
    -903 	    if (i != b.length - 7) b8 = '1' + b8;
    -904 	    h += itox(parseInt(b8, 2));
    -905 	}
    -906 	return h;
    +893         var h = '';
    +894         var bi = new BigInteger(roid, 10);
    +895         var b = bi.toString(2);
    +896         var padLen = 7 - b.length % 7;
    +897         if (padLen == 7) padLen = 0;
    +898         var bPad = '';
    +899         for (var i = 0; i < padLen; i++) bPad += '0';
    +900         b = bPad + b;
    +901         for (var i = 0; i < b.length - 1; i += 7) {
    +902             var b8 = b.substr(i, 7);
    +903             if (i != b.length - 7) b8 = '1' + b8;
    +904             h += itox(parseInt(b8, 2));
    +905         }
    +906         return h;
     907     }
     908 
     909     KJUR.asn1.DERObjectIdentifier.superclass.constructor.call(this);
    @@ -924,10 +924,10 @@
     917      * @param {String} newHexString hexadecimal value of OID bytes
     918      */
     919     this.setValueHex = function(newHexString) {
    -920 	this.hTLV = null;
    -921 	this.isModified = true;
    -922 	this.s = null;
    -923 	this.hV = newHexString;
    +920         this.hTLV = null;
    +921         this.isModified = true;
    +922         this.s = null;
    +923         this.hV = newHexString;
     924     };
     925 
     926     /**
    @@ -938,21 +938,21 @@
     931      * @param {String} oidString OID string (ex. 2.5.4.13)
     932      */
     933     this.setValueOidString = function(oidString) {
    -934 	if (! oidString.match(/^[0-9.]+$/)) {
    -935 	    throw "malformed oid string: " + oidString;
    -936 	}
    -937 	var h = '';
    -938 	var a = oidString.split('.');
    -939 	var i0 = parseInt(a[0]) * 40 + parseInt(a[1]);
    -940 	h += itox(i0);
    -941 	a.splice(0, 2);
    -942 	for (var i = 0; i < a.length; i++) {
    -943 	    h += roidtox(a[i]);
    -944 	}
    -945 	this.hTLV = null;
    -946 	this.isModified = true;
    -947 	this.s = null;
    -948 	this.hV = h;
    +934         if (! oidString.match(/^[0-9.]+$/)) {
    +935             throw "malformed oid string: " + oidString;
    +936         }
    +937         var h = '';
    +938         var a = oidString.split('.');
    +939         var i0 = parseInt(a[0]) * 40 + parseInt(a[1]);
    +940         h += itox(i0);
    +941         a.splice(0, 2);
    +942         for (var i = 0; i < a.length; i++) {
    +943             h += roidtox(a[i]);
    +944         }
    +945         this.hTLV = null;
    +946         this.isModified = true;
    +947         this.s = null;
    +948         this.hV = h;
     949     };
     950 
     951     /**
    @@ -967,30 +967,30 @@
     960      * Otherwise raise error.
     961      */
     962     this.setValueName = function(oidName) {
    -963 	if (typeof KJUR.asn1.x509.OID.name2oidList[oidName] != "undefined") {
    -964 	    var oid = KJUR.asn1.x509.OID.name2oidList[oidName];
    -965 	    this.setValueOidString(oid);
    -966 	} else {
    -967 	    throw "DERObjectIdentifier oidName undefined: " + oidName;
    -968 	}
    +963         if (typeof KJUR.asn1.x509.OID.name2oidList[oidName] != "undefined") {
    +964             var oid = KJUR.asn1.x509.OID.name2oidList[oidName];
    +965             this.setValueOidString(oid);
    +966         } else {
    +967             throw "DERObjectIdentifier oidName undefined: " + oidName;
    +968         }
     969     };
     970 
     971     this.getFreshValueHex = function() {
    -972 	return this.hV;
    +972         return this.hV;
     973     };
     974 
     975     if (typeof params != "undefined") {
    -976 	if (typeof params == "string" && params.match(/^[0-2].[0-9.]+$/)) {
    -977 	    this.setValueOidString(params);
    -978 	} else if (KJUR.asn1.x509.OID.name2oidList[params] !== undefined) {
    -979 	    this.setValueOidString(KJUR.asn1.x509.OID.name2oidList[params]);
    -980 	} else if (typeof params['oid'] != "undefined") {
    -981 	    this.setValueOidString(params['oid']);
    -982 	} else if (typeof params['hex'] != "undefined") {
    -983 	    this.setValueHex(params['hex']);
    -984 	} else if (typeof params['name'] != "undefined") {
    -985 	    this.setValueName(params['name']);
    -986 	}
    +976         if (typeof params == "string" && params.match(/^[0-2].[0-9.]+$/)) {
    +977             this.setValueOidString(params);
    +978         } else if (KJUR.asn1.x509.OID.name2oidList[params] !== undefined) {
    +979             this.setValueOidString(KJUR.asn1.x509.OID.name2oidList[params]);
    +980         } else if (typeof params['oid'] != "undefined") {
    +981             this.setValueOidString(params['oid']);
    +982         } else if (typeof params['hex'] != "undefined") {
    +983             this.setValueHex(params['hex']);
    +984         } else if (typeof params['name'] != "undefined") {
    +985             this.setValueName(params['name']);
    +986         }
     987     }
     988 };
     989 YAHOO.lang.extend(KJUR.asn1.DERObjectIdentifier, KJUR.asn1.ASN1Object);
    @@ -1113,217 +1113,244 @@
     1106      * @param {Date} dateObject Date object to set ASN.1 value(V)
     1107      */
     1108     this.setByDate = function(dateObject) {
    -1109 	this.hTLV = null;
    -1110 	this.isModified = true;
    -1111 	this.date = dateObject;
    -1112 	this.s = this.formatDate(this.date, 'utc');
    -1113 	this.hV = stohex(this.s);
    +1109         this.hTLV = null;
    +1110         this.isModified = true;
    +1111         this.date = dateObject;
    +1112         this.s = this.formatDate(this.date, 'utc');
    +1113         this.hV = stohex(this.s);
     1114     };
     1115 
    -1116     if (typeof params != "undefined") {
    -1117 	if (typeof params['str'] != "undefined") {
    -1118 	    this.setString(params['str']);
    -1119 	} else if (typeof params == "string" && params.match(/^[0-9]{12}Z$/)) {
    -1120 	    this.setString(params);
    -1121 	} else if (typeof params['hex'] != "undefined") {
    -1122 	    this.setStringHex(params['hex']);
    -1123 	} else if (typeof params['date'] != "undefined") {
    -1124 	    this.setByDate(params['date']);
    -1125 	}
    -1126     }
    -1127 };
    -1128 YAHOO.lang.extend(KJUR.asn1.DERUTCTime, KJUR.asn1.DERAbstractTime);
    -1129 
    -1130 // ********************************************************************
    -1131 /**
    -1132  * class for ASN.1 DER GeneralizedTime
    -1133  * @name KJUR.asn1.DERGeneralizedTime
    -1134  * @class class for ASN.1 DER GeneralizedTime
    -1135  * @param {Array} params associative array of parameters (ex. {'str': '20130430235959Z'})
    -1136  * @extends KJUR.asn1.DERAbstractTime
    -1137  * @description
    -1138  * <br/>
    -1139  * As for argument 'params' for constructor, you can specify one of
    -1140  * following properties:
    -1141  * <ul>
    -1142  * <li>str - specify initial ASN.1 value(V) by a string (ex.'20130430235959Z')</li>
    -1143  * <li>hex - specify initial ASN.1 value(V) by a hexadecimal string</li>
    -1144  * <li>date - specify Date object.</li>
    -1145  * </ul>
    -1146  * NOTE: 'params' can be omitted.
    -1147  */
    -1148 KJUR.asn1.DERGeneralizedTime = function(params) {
    -1149     KJUR.asn1.DERGeneralizedTime.superclass.constructor.call(this, params);
    -1150     this.hT = "18";
    -1151 
    -1152     /**
    -1153      * set value by a Date object
    -1154      * @name setByDate
    -1155      * @memberOf KJUR.asn1.DERGeneralizedTime
    -1156      * @function
    -1157      * @param {Date} dateObject Date object to set ASN.1 value(V)
    -1158      * @example
    -1159      * When you specify UTC time, use 'Date.UTC' method like this:<br/>
    -1160      * var o = new DERUTCTime();
    -1161      * var date = new Date(Date.UTC(2015, 0, 31, 23, 59, 59, 0)); #2015JAN31 23:59:59
    -1162      * o.setByDate(date);
    -1163      */
    -1164     this.setByDate = function(dateObject) {
    -1165 	this.hTLV = null;
    -1166 	this.isModified = true;
    -1167 	this.date = dateObject;
    -1168 	this.s = this.formatDate(this.date, 'gen');
    -1169 	this.hV = stohex(this.s);
    -1170     };
    -1171 
    -1172     if (typeof params != "undefined") {
    -1173 	if (typeof params['str'] != "undefined") {
    -1174 	    this.setString(params['str']);
    -1175 	} else if (typeof params == "string" && params.match(/^[0-9]{14}Z$/)) {
    -1176 	    this.setString(params);
    -1177 	} else if (typeof params['hex'] != "undefined") {
    -1178 	    this.setStringHex(params['hex']);
    -1179 	} else if (typeof params['date'] != "undefined") {
    -1180 	    this.setByDate(params['date']);
    -1181 	}
    -1182     }
    -1183 };
    -1184 YAHOO.lang.extend(KJUR.asn1.DERGeneralizedTime, KJUR.asn1.DERAbstractTime);
    -1185 
    -1186 // ********************************************************************
    -1187 /**
    -1188  * class for ASN.1 DER Sequence
    -1189  * @name KJUR.asn1.DERSequence
    -1190  * @class class for ASN.1 DER Sequence
    -1191  * @extends KJUR.asn1.DERAbstractStructured
    -1192  * @description
    -1193  * <br/>
    -1194  * As for argument 'params' for constructor, you can specify one of
    -1195  * following properties:
    -1196  * <ul>
    -1197  * <li>array - specify array of ASN1Object to set elements of content</li>
    -1198  * </ul>
    -1199  * NOTE: 'params' can be omitted.
    -1200  */
    -1201 KJUR.asn1.DERSequence = function(params) {
    -1202     KJUR.asn1.DERSequence.superclass.constructor.call(this, params);
    -1203     this.hT = "30";
    -1204     this.getFreshValueHex = function() {
    -1205 	var h = '';
    -1206 	for (var i = 0; i < this.asn1Array.length; i++) {
    -1207 	    var asn1Obj = this.asn1Array[i];
    -1208 	    h += asn1Obj.getEncodedHex();
    -1209 	}
    -1210 	this.hV = h;
    -1211 	return this.hV;
    -1212     };
    -1213 };
    -1214 YAHOO.lang.extend(KJUR.asn1.DERSequence, KJUR.asn1.DERAbstractStructured);
    -1215 
    -1216 // ********************************************************************
    -1217 /**
    -1218  * class for ASN.1 DER Set
    -1219  * @name KJUR.asn1.DERSet
    -1220  * @class class for ASN.1 DER Set
    -1221  * @extends KJUR.asn1.DERAbstractStructured
    -1222  * @description
    -1223  * <br/>
    -1224  * As for argument 'params' for constructor, you can specify one of
    -1225  * following properties:
    -1226  * <ul>
    -1227  * <li>array - specify array of ASN1Object to set elements of content</li>
    -1228  * </ul>
    -1229  * NOTE: 'params' can be omitted.
    -1230  */
    -1231 KJUR.asn1.DERSet = function(params) {
    -1232     KJUR.asn1.DERSet.superclass.constructor.call(this, params);
    -1233     this.hT = "31";
    -1234     this.getFreshValueHex = function() {
    -1235 	var a = new Array();
    -1236 	for (var i = 0; i < this.asn1Array.length; i++) {
    -1237 	    var asn1Obj = this.asn1Array[i];
    -1238 	    a.push(asn1Obj.getEncodedHex());
    -1239 	}
    -1240 	a.sort();
    -1241 	this.hV = a.join('');
    -1242 	return this.hV;
    -1243     };
    -1244 };
    -1245 YAHOO.lang.extend(KJUR.asn1.DERSet, KJUR.asn1.DERAbstractStructured);
    -1246 
    -1247 // ********************************************************************
    -1248 /**
    -1249  * class for ASN.1 DER TaggedObject
    -1250  * @name KJUR.asn1.DERTaggedObject
    -1251  * @class class for ASN.1 DER TaggedObject
    -1252  * @extends KJUR.asn1.ASN1Object
    -1253  * @description
    -1254  * <br/>
    -1255  * Parameter 'tagNoNex' is ASN.1 tag(T) value for this object.
    -1256  * For example, if you find '[1]' tag in a ASN.1 dump, 
    -1257  * 'tagNoHex' will be 'a1'.
    -1258  * <br/>
    -1259  * As for optional argument 'params' for constructor, you can specify *ANY* of
    -1260  * following properties:
    -1261  * <ul>
    -1262  * <li>explicit - specify true if this is explicit tag otherwise false 
    -1263  *     (default is 'true').</li>
    -1264  * <li>tag - specify tag (default is 'a0' which means [0])</li>
    -1265  * <li>obj - specify ASN1Object which is tagged</li>
    -1266  * </ul>
    -1267  * @example
    -1268  * d1 = new KJUR.asn1.DERUTF8String({'str':'a'});
    -1269  * d2 = new KJUR.asn1.DERTaggedObject({'obj': d1});
    -1270  * hex = d2.getEncodedHex();
    -1271  */
    -1272 KJUR.asn1.DERTaggedObject = function(params) {
    -1273     KJUR.asn1.DERTaggedObject.superclass.constructor.call(this);
    -1274     this.hT = "a0";
    -1275     this.hV = '';
    -1276     this.isExplicit = true;
    -1277     this.asn1Object = null;
    -1278 
    -1279     /**
    -1280      * set value by an ASN1Object
    -1281      * @name setString
    -1282      * @memberOf KJUR.asn1.DERTaggedObject
    -1283      * @function
    -1284      * @param {Boolean} isExplicitFlag flag for explicit/implicit tag
    -1285      * @param {Integer} tagNoHex hexadecimal string of ASN.1 tag
    -1286      * @param {ASN1Object} asn1Object ASN.1 to encapsulate
    -1287      */
    -1288     this.setASN1Object = function(isExplicitFlag, tagNoHex, asn1Object) {
    -1289 	this.hT = tagNoHex;
    -1290 	this.isExplicit = isExplicitFlag;
    -1291 	this.asn1Object = asn1Object;
    -1292 	if (this.isExplicit) {
    -1293 	    this.hV = this.asn1Object.getEncodedHex();
    -1294 	    this.hTLV = null;
    -1295 	    this.isModified = true;
    -1296 	} else {
    -1297 	    this.hV = null;
    -1298 	    this.hTLV = asn1Object.getEncodedHex();
    -1299 	    this.hTLV = this.hTLV.replace(/^../, tagNoHex);
    -1300 	    this.isModified = false;
    -1301 	}
    -1302     };
    -1303 
    -1304     this.getFreshValueHex = function() {
    -1305 	return this.hV;
    -1306     };
    -1307 
    -1308     if (typeof params != "undefined") {
    -1309 	if (typeof params['tag'] != "undefined") {
    -1310 	    this.hT = params['tag'];
    -1311 	}
    -1312 	if (typeof params['explicit'] != "undefined") {
    -1313 	    this.isExplicit = params['explicit'];
    -1314 	}
    -1315 	if (typeof params['obj'] != "undefined") {
    -1316 	    this.asn1Object = params['obj'];
    -1317 	    this.setASN1Object(this.isExplicit, this.hT, this.asn1Object);
    -1318 	}
    -1319     }
    -1320 };
    -1321 YAHOO.lang.extend(KJUR.asn1.DERTaggedObject, KJUR.asn1.ASN1Object);
    -1322 
    \ No newline at end of file +1116
    this.getFreshValueHex = function() { +1117 if (typeof this.date == "undefined" && typeof this.s == "undefined") { +1118 this.date = new Date(); +1119 this.s = this.formatDate(this.date, 'utc'); +1120 this.hV = stohex(this.s); +1121 } +1122 return this.hV; +1123 }; +1124 +1125 if (typeof params != "undefined") { +1126 if (typeof params['str'] != "undefined") { +1127 this.setString(params['str']); +1128 } else if (typeof params == "string" && params.match(/^[0-9]{12}Z$/)) { +1129 this.setString(params); +1130 } else if (typeof params['hex'] != "undefined") { +1131 this.setStringHex(params['hex']); +1132 } else if (typeof params['date'] != "undefined") { +1133 this.setByDate(params['date']); +1134 } +1135 } +1136 }; +1137 YAHOO.lang.extend(KJUR.asn1.DERUTCTime, KJUR.asn1.DERAbstractTime); +1138 +1139 // ******************************************************************** +1140 /** +1141 * class for ASN.1 DER GeneralizedTime +1142 * @name KJUR.asn1.DERGeneralizedTime +1143 * @class class for ASN.1 DER GeneralizedTime +1144 * @param {Array} params associative array of parameters (ex. {'str': '20130430235959Z'}) +1145 * @extends KJUR.asn1.DERAbstractTime +1146 * @description +1147 * <br/> +1148 * As for argument 'params' for constructor, you can specify one of +1149 * following properties: +1150 * <ul> +1151 * <li>str - specify initial ASN.1 value(V) by a string (ex.'20130430235959Z')</li> +1152 * <li>hex - specify initial ASN.1 value(V) by a hexadecimal string</li> +1153 * <li>date - specify Date object.</li> +1154 * </ul> +1155 * NOTE: 'params' can be omitted. +1156 */ +1157 KJUR.asn1.DERGeneralizedTime = function(params) { +1158 KJUR.asn1.DERGeneralizedTime.superclass.constructor.call(this, params); +1159 this.hT = "18"; +1160 +1161 /** +1162 * set value by a Date object +1163 * @name setByDate +1164 * @memberOf KJUR.asn1.DERGeneralizedTime +1165 * @function +1166 * @param {Date} dateObject Date object to set ASN.1 value(V) +1167 * @example +1168 * When you specify UTC time, use 'Date.UTC' method like this:<br/> +1169 * var o = new DERUTCTime(); +1170 * var date = new Date(Date.UTC(2015, 0, 31, 23, 59, 59, 0)); #2015JAN31 23:59:59 +1171 * o.setByDate(date); +1172 */ +1173 this.setByDate = function(dateObject) { +1174 this.hTLV = null; +1175 this.isModified = true; +1176 this.date = dateObject; +1177 this.s = this.formatDate(this.date, 'gen'); +1178 this.hV = stohex(this.s); +1179 }; +1180 +1181 this.getFreshValueHex = function() { +1182 if (typeof this.date == "undefined" && typeof this.s == "undefined") { +1183 this.date = new Date(); +1184 this.s = this.formatDate(this.date, 'gen'); +1185 this.hV = stohex(this.s); +1186 } +1187 return this.hV; +1188 }; +1189 +1190 if (typeof params != "undefined") { +1191 if (typeof params['str'] != "undefined") { +1192 this.setString(params['str']); +1193 } else if (typeof params == "string" && params.match(/^[0-9]{14}Z$/)) { +1194 this.setString(params); +1195 } else if (typeof params['hex'] != "undefined") { +1196 this.setStringHex(params['hex']); +1197 } else if (typeof params['date'] != "undefined") { +1198 this.setByDate(params['date']); +1199 } +1200 } +1201 }; +1202 YAHOO.lang.extend(KJUR.asn1.DERGeneralizedTime, KJUR.asn1.DERAbstractTime); +1203 +1204 // ******************************************************************** +1205 /** +1206 * class for ASN.1 DER Sequence +1207 * @name KJUR.asn1.DERSequence +1208 * @class class for ASN.1 DER Sequence +1209 * @extends KJUR.asn1.DERAbstractStructured +1210 * @description +1211 * <br/> +1212 * As for argument 'params' for constructor, you can specify one of +1213 * following properties: +1214 * <ul> +1215 * <li>array - specify array of ASN1Object to set elements of content</li> +1216 * </ul> +1217 * NOTE: 'params' can be omitted. +1218 */ +1219 KJUR.asn1.DERSequence = function(params) { +1220 KJUR.asn1.DERSequence.superclass.constructor.call(this, params); +1221 this.hT = "30"; +1222 this.getFreshValueHex = function() { +1223 var h = ''; +1224 for (var i = 0; i < this.asn1Array.length; i++) { +1225 var asn1Obj = this.asn1Array[i]; +1226 h += asn1Obj.getEncodedHex(); +1227 } +1228 this.hV = h; +1229 return this.hV; +1230 }; +1231 }; +1232 YAHOO.lang.extend(KJUR.asn1.DERSequence, KJUR.asn1.DERAbstractStructured); +1233 +1234 // ******************************************************************** +1235 /** +1236 * class for ASN.1 DER Set +1237 * @name KJUR.asn1.DERSet +1238 * @class class for ASN.1 DER Set +1239 * @extends KJUR.asn1.DERAbstractStructured +1240 * @description +1241 * <br/> +1242 * As for argument 'params' for constructor, you can specify one of +1243 * following properties: +1244 * <ul> +1245 * <li>array - specify array of ASN1Object to set elements of content</li> +1246 * <li>sortflag - flag for sort (default: true). ASN.1 BER is not sorted in 'SET OF'.</li> +1247 * </ul> +1248 * NOTE1: 'params' can be omitted.<br/> +1249 * NOTE2: sortflag is supported since 1.0.5. +1250 */ +1251 KJUR.asn1.DERSet = function(params) { +1252 KJUR.asn1.DERSet.superclass.constructor.call(this, params); +1253 this.hT = "31"; +1254 this.sortFlag = true; // item shall be sorted only in ASN.1 DER +1255 this.getFreshValueHex = function() { +1256 var a = new Array(); +1257 for (var i = 0; i < this.asn1Array.length; i++) { +1258 var asn1Obj = this.asn1Array[i]; +1259 a.push(asn1Obj.getEncodedHex()); +1260 } +1261 if (this.sortFlag == true) a.sort(); +1262 this.hV = a.join(''); +1263 return this.hV; +1264 }; +1265 +1266 if (typeof params != "undefined") { +1267 if (typeof params.sortflag != "undefined" && +1268 params.sortflag == false) +1269 this.sortFlag = false; +1270 } +1271 }; +1272 YAHOO.lang.extend(KJUR.asn1.DERSet, KJUR.asn1.DERAbstractStructured); +1273 +1274 // ******************************************************************** +1275 /** +1276 * class for ASN.1 DER TaggedObject +1277 * @name KJUR.asn1.DERTaggedObject +1278 * @class class for ASN.1 DER TaggedObject +1279 * @extends KJUR.asn1.ASN1Object +1280 * @description +1281 * <br/> +1282 * Parameter 'tagNoNex' is ASN.1 tag(T) value for this object. +1283 * For example, if you find '[1]' tag in a ASN.1 dump, +1284 * 'tagNoHex' will be 'a1'. +1285 * <br/> +1286 * As for optional argument 'params' for constructor, you can specify *ANY* of +1287 * following properties: +1288 * <ul> +1289 * <li>explicit - specify true if this is explicit tag otherwise false +1290 * (default is 'true').</li> +1291 * <li>tag - specify tag (default is 'a0' which means [0])</li> +1292 * <li>obj - specify ASN1Object which is tagged</li> +1293 * </ul> +1294 * @example +1295 * d1 = new KJUR.asn1.DERUTF8String({'str':'a'}); +1296 * d2 = new KJUR.asn1.DERTaggedObject({'obj': d1}); +1297 * hex = d2.getEncodedHex(); +1298 */ +1299 KJUR.asn1.DERTaggedObject = function(params) { +1300 KJUR.asn1.DERTaggedObject.superclass.constructor.call(this); +1301 this.hT = "a0"; +1302 this.hV = ''; +1303 this.isExplicit = true; +1304 this.asn1Object = null; +1305 +1306 /** +1307 * set value by an ASN1Object +1308 * @name setString +1309 * @memberOf KJUR.asn1.DERTaggedObject +1310 * @function +1311 * @param {Boolean} isExplicitFlag flag for explicit/implicit tag +1312 * @param {Integer} tagNoHex hexadecimal string of ASN.1 tag +1313 * @param {ASN1Object} asn1Object ASN.1 to encapsulate +1314 */ +1315 this.setASN1Object = function(isExplicitFlag, tagNoHex, asn1Object) { +1316 this.hT = tagNoHex; +1317 this.isExplicit = isExplicitFlag; +1318 this.asn1Object = asn1Object; +1319 if (this.isExplicit) { +1320 this.hV = this.asn1Object.getEncodedHex(); +1321 this.hTLV = null; +1322 this.isModified = true; +1323 } else { +1324 this.hV = null; +1325 this.hTLV = asn1Object.getEncodedHex(); +1326 this.hTLV = this.hTLV.replace(/^../, tagNoHex); +1327 this.isModified = false; +1328 } +1329 }; +1330 +1331 this.getFreshValueHex = function() { +1332 return this.hV; +1333 }; +1334 +1335 if (typeof params != "undefined") { +1336 if (typeof params['tag'] != "undefined") { +1337 this.hT = params['tag']; +1338 } +1339 if (typeof params['explicit'] != "undefined") { +1340 this.isExplicit = params['explicit']; +1341 } +1342 if (typeof params['obj'] != "undefined") { +1343 this.asn1Object = params['obj']; +1344 this.setASN1Object(this.isExplicit, this.hT, this.asn1Object); +1345 } +1346 } +1347 }; +1348 YAHOO.lang.extend(KJUR.asn1.DERTaggedObject, KJUR.asn1.ASN1Object); +1349
    \ No newline at end of file diff --git a/api/symbols/src/asn1cms-1.0.js.html b/api/symbols/src/asn1cms-1.0.js.html new file mode 100755 index 00000000..0f68f468 --- /dev/null +++ b/api/symbols/src/asn1cms-1.0.js.html @@ -0,0 +1,805 @@ +
      1 /*! asn1cms-1.0.0.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
    +  2  */
    +  3 /*
    +  4  * asn1cms.js - ASN.1 DER encoder classes for Cryptographic Message Syntax(CMS)
    +  5  *
    +  6  * Copyright (c) 2014 Kenji Urushima (kenji.urushima@gmail.com)
    +  7  *
    +  8  * This software is licensed under the terms of the MIT License.
    +  9  * http://kjur.github.com/jsrsasign/license
    + 10  *
    + 11  * The above copyright and license notice shall be 
    + 12  * included in all copies or substantial portions of the Software.
    + 13  */
    + 14 
    + 15 /**
    + 16  * @fileOverview
    + 17  * @name asn1cms-1.0.js
    + 18  * @author Kenji Urushima kenji.urushima@gmail.com
    + 19  * @version 1.0.0 (2014-May-14)
    + 20  * @since jsrsasign 4.2.4
    + 21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
    + 22  */
    + 23 
    + 24 /** 
    + 25  * kjur's class library name space
    + 26  * // already documented in asn1-1.0.js
    + 27  * @name KJUR
    + 28  * @namespace kjur's class library name space
    + 29  */
    + 30     if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
    + 31 
    + 32 /**
    + 33  * kjur's ASN.1 class library name space
    + 34  * // already documented in asn1-1.0.js
    + 35  * @name KJUR.asn1
    + 36  * @namespace
    + 37  */
    + 38 if (typeof KJUR.asn1 == "undefined" || !KJUR.asn1) KJUR.asn1 = {};
    + 39 
    + 40 /**
    + 41  * kjur's ASN.1 class for Cryptographic Message Syntax(CMS)
    + 42  * <p>
    + 43  * This name space provides 
    + 44  * <a href="https://tools.ietf.org/html/rfc5652">RFC 5652
    + 45  * Cryptographic Message Syntax (CMS)</a> SignedData generator.
    + 46  *
    + 47  * <h4>FEATURES</h4>
    + 48  * <ul>
    + 49  * <li>easily generate CMS SignedData</li>
    + 50  * <li>APIs are very similar to BouncyCastle library ASN.1 classes. So easy to learn.</li>
    + 51  * </ul>
    + 52  * 
    + 53  * <h4>PROVIDED CLASSES</h4>
    + 54  * <ul>
    + 55  * <li>{@link KJUR.asn1.cms.SignedData}</li>
    + 56  * <li>{@link KJUR.asn1.cms.SignerInfo}</li>
    + 57  * <li>{@link KJUR.asn1.cms.AttributeList}</li>
    + 58  * <li>{@link KJUR.asn1.cms.ContentInfo}</li>
    + 59  * <li>{@link KJUR.asn1.cms.EncapsulatedContentInfo}</li>
    + 60  * <li>{@link KJUR.asn1.cms.IssuerAndSerialNumber}</li>
    + 61 
    + 62  * <li>{@link KJUR.asn1.cms.Attribute}</li>
    + 63  * <li>{@link KJUR.asn1.cms.ContentType}</li>
    + 64  * <li>{@link KJUR.asn1.cms.MessageDigest}</li>
    + 65  * <li>{@link KJUR.asn1.cms.SigningTime}</li>
    + 66  * </ul>
    + 67  * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2.
    + 68  * </p>
    + 69  * @name KJUR.asn1.cms
    + 70  * @namespace
    + 71  */
    + 72 if (typeof KJUR.asn1.cms == "undefined" || !KJUR.asn1.cms) KJUR.asn1.cms = {};
    + 73 
    + 74 /**
    + 75  * Attribute class for base of CMS attribute
    + 76  * @name KJUR.asn1.cms.Attribute
    + 77  * @class Attribute class for base of CMS attribute
    + 78  * @param {Array} params associative array of parameters
    + 79  * @extends KJUR.asn1.ASN1Object
    + 80  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    + 81  * @description
    + 82  * <pre>
    + 83  * Attributes ::= SET OF Attribute
    + 84  * Attribute ::= SEQUENCE {
    + 85  *    type               OBJECT IDENTIFIER,
    + 86  *    values             AttributeSetValue }
    + 87  * AttributeSetValue ::= SET OF ANY
    + 88  * </pre>
    + 89  */
    + 90 KJUR.asn1.cms.Attribute = function(params) {
    + 91     KJUR.asn1.cms.Attribute.superclass.constructor.call(this);
    + 92     var valueList = []; // array of values
    + 93 
    + 94     this.getEncodedHex = function() {
    + 95         var attrTypeASN1, attrValueASN1, seq;
    + 96         attrTypeASN1 = new KJUR.asn1.DERObjectIdentifier({"oid": this.attrTypeOid});
    + 97 
    + 98         attrValueASN1 = new KJUR.asn1.DERSet({"array": this.valueList});
    + 99         try {
    +100             attrValueASN1.getEncodedHex();
    +101         } catch (ex) {
    +102             throw "fail valueSet.getEncodedHex in Attribute(1)/" + ex;
    +103         }
    +104 
    +105         seq = new KJUR.asn1.DERSequence({"array": [attrTypeASN1, attrValueASN1]});
    +106         try {
    +107             this.hTLV = seq.getEncodedHex();
    +108         } catch (ex) {
    +109             throw "failed seq.getEncodedHex in Attribute(2)/" + ex;
    +110         }
    +111 
    +112         return this.hTLV;
    +113     };
    +114 };
    +115 YAHOO.lang.extend(KJUR.asn1.cms.Attribute, KJUR.asn1.ASN1Object);
    +116 
    +117 /**
    +118  * class for CMS ContentType attribute
    +119  * @name KJUR.asn1.cms.ContentType
    +120  * @class class for CMS ContentType attribute
    +121  * @param {Array} params associative array of parameters
    +122  * @extends KJUR.asn1.cms.Attribute
    +123  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +124  * @description
    +125  * <pre>
    +126  * Attribute ::= SEQUENCE {
    +127  *    type               OBJECT IDENTIFIER,
    +128  *    values             AttributeSetValue }
    +129  * AttributeSetValue ::= SET OF ANY
    +130  * ContentType ::= OBJECT IDENTIFIER
    +131  * </pre>
    +132  * @example
    +133  * o = new KJUR.asn1.cms.ContentType({name: 'data'});
    +134  * o = new KJUR.asn1.cms.ContentType({oid: '1.2.840.113549.1.9.16.1.4'});
    +135  */
    +136 KJUR.asn1.cms.ContentType = function(params) {
    +137     KJUR.asn1.cms.ContentType.superclass.constructor.call(this);
    +138     this.attrTypeOid = "1.2.840.113549.1.9.3";
    +139     var contentTypeASN1 = null;
    +140 
    +141     if (typeof params != "undefined") {
    +142         var contentTypeASN1 = new KJUR.asn1.DERObjectIdentifier(params);
    +143         this.valueList = [contentTypeASN1];
    +144     }
    +145 };
    +146 YAHOO.lang.extend(KJUR.asn1.cms.ContentType, KJUR.asn1.cms.Attribute);
    +147 
    +148 /**
    +149  * class for CMS MessageDigest attribute
    +150  * @name KJUR.asn1.cms.MessageDigest
    +151  * @class class for CMS MessageDigest attribute
    +152  * @param {Array} params associative array of parameters
    +153  * @extends KJUR.asn1.cms.Attribute
    +154  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +155  * @description
    +156  * <pre>
    +157  * Attribute ::= SEQUENCE {
    +158  *    type               OBJECT IDENTIFIER,
    +159  *    values             AttributeSetValue }
    +160  * AttributeSetValue ::= SET OF ANY
    +161  * MessageDigest ::= OCTET STRING
    +162  * </pre>
    +163  * @example
    +164  * o = new KJUR.asn1.cms.MessageDigest({hex: 'a1a2a3a4...'});
    +165  */
    +166 KJUR.asn1.cms.MessageDigest = function(params) {
    +167     KJUR.asn1.cms.MessageDigest.superclass.constructor.call(this);
    +168     this.attrTypeOid = "1.2.840.113549.1.9.4";
    +169 
    +170     if (typeof params != "undefined") {
    +171         if (params.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo &&
    +172             typeof params.hashAlg == "string") {
    +173             var dataHex = params.eciObj.eContentValueHex;
    +174             var hashAlg = params.hashAlg;
    +175             var hashValueHex = KJUR.crypto.Util.hashHex(dataHex, hashAlg);
    +176             var dAttrValue1 = new KJUR.asn1.DEROctetString({hex: hashValueHex});
    +177             dAttrValue1.getEncodedHex();
    +178             this.valueList = [dAttrValue1];
    +179         } else {
    +180             var dAttrValue1 = new KJUR.asn1.DEROctetString(params);
    +181             dAttrValue1.getEncodedHex();
    +182             this.valueList = [dAttrValue1];
    +183         }
    +184     }
    +185 };
    +186 YAHOO.lang.extend(KJUR.asn1.cms.MessageDigest, KJUR.asn1.cms.Attribute);
    +187 
    +188 /**
    +189  * class for CMS SigningTime attribute
    +190  * @name KJUR.asn1.cms.SigningTime
    +191  * @class class for CMS SigningTime attribute
    +192  * @param {Array} params associative array of parameters
    +193  * @extends KJUR.asn1.cms.Attribute
    +194  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +195  * @description
    +196  * <pre>
    +197  * Attribute ::= SEQUENCE {
    +198  *    type               OBJECT IDENTIFIER,
    +199  *    values             AttributeSetValue }
    +200  * AttributeSetValue ::= SET OF ANY
    +201  * SigningTime  ::= Time
    +202  * Time ::= CHOICE {
    +203  *    utcTime UTCTime,
    +204  *    generalTime GeneralizedTime }
    +205  * </pre>
    +206  * @example
    +207  * o = new KJUR.asn1.cms.SigningTime(); // current time UTCTime by default
    +208  * o = new KJUR.asn1.cms.SigningTime({type: 'gen'}); // current time GeneralizedTime
    +209  * o = new KJUR.asn1.cms.SigningTime({str: '20140517093800Z'}); // specified GeneralizedTime
    +210  * o = new KJUR.asn1.cms.SigningTime({str: '140517093800Z'}); // specified UTCTime
    +211  */
    +212 KJUR.asn1.cms.SigningTime = function(params) {
    +213     KJUR.asn1.cms.SigningTime.superclass.constructor.call(this);
    +214     this.attrTypeOid = "1.2.840.113549.1.9.5";
    +215 
    +216     if (typeof params != "undefined") {
    +217         var asn1 = new KJUR.asn1.x509.Time(params);
    +218         try {
    +219             asn1.getEncodedHex();
    +220         } catch (ex) {
    +221             throw "SigningTime.getEncodedHex() failed/" + ex;
    +222         }
    +223         this.valueList = [asn1];
    +224     }
    +225 };
    +226 YAHOO.lang.extend(KJUR.asn1.cms.SigningTime, KJUR.asn1.cms.Attribute);
    +227 
    +228 // not implemented yet
    +229 KJUR.asn1.cms.SigningCertificate = function(params) {
    +230     KJUR.asn1.cms.SigningCertificate.superclass.constructor.call(this);
    +231     this.attrTypeOid = "1.2.840.113549.1.9.16.2.12";
    +232 
    +233     if (typeof params != "undefined") {
    +234         var contentTypeASN1 = new KJUR.asn1.DEROctetString(params);
    +235         try {
    +236             contentTypeASN1.getEncodedHex();
    +237         } catch (ex) {
    +238             throw "SigningCertificate.getEncodedHex() failed/" + ex;
    +239         }
    +240         this.valueList = [contentTypeASN1];
    +241     }
    +242 };
    +243 YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificate, KJUR.asn1.cms.Attribute);
    +244 
    +245 /**
    +246  * class for IssuerAndSerialNumber ASN.1 structure for CMS
    +247  * @name KJUR.asn1.cms.IssuerAndSerialNumber
    +248  * @class class for CMS IssuerAndSerialNumber ASN.1 structure for CMS
    +249  * @param {Array} params associative array of parameters
    +250  * @extends KJUR.asn1.ASN1Object
    +251  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +252  * @description
    +253  * <pre>
    +254  * IssuerAndSerialNumber ::= SEQUENCE {
    +255  *    issuer Name,
    +256  *    serialNumber CertificateSerialNumber }
    +257  * CertificateSerialNumber ::= INTEGER
    +258  * </pre>
    +259  * @example
    +260  * // specify by X500Name and DERInteger
    +261  * o = new KJUR.asn1.cms.IssuerAndSerialNumber(
    +262  *      {issuer: {str: '/C=US/O=T1'}, serial {int: 3}});
    +263  */
    +264 KJUR.asn1.cms.IssuerAndSerialNumber = function(params) {
    +265     KJUR.asn1.cms.IssuerAndSerialNumber.superclass.constructor.call(this);
    +266     var dIssuer = null;
    +267     var dSerial = null;
    +268 
    +269     this.getEncodedHex = function() {
    +270         var seq = new KJUR.asn1.DERSequence({"array": [this.dIssuer,
    +271                                                        this.dSerial]});
    +272         this.hTLV = seq.getEncodedHex();
    +273         return this.hTLV;
    +274     };
    +275 
    +276     if (typeof params != "undefined") {
    +277         if (params.issuer && params.serial) {
    +278             if (params.issuer instanceof KJUR.asn1.x509.X500Name) {
    +279                 this.dIssuer = params.issuer;
    +280             } else {
    +281                 this.dIssuer = new KJUR.asn1.x509.X500Name(params.issuer);
    +282             }
    +283             if (params.serial instanceof KJUR.asn1.DERInteger) {
    +284                 this.dSerial = params.serial;
    +285             } else {
    +286                 this.dSerial = new KJUR.asn1.DERInteger(params.serial);
    +287             }
    +288         }
    +289     }
    +290 };
    +291 YAHOO.lang.extend(KJUR.asn1.cms.IssuerAndSerialNumber, KJUR.asn1.ASN1Object);
    +292 
    +293 /**
    +294  * class for Attributes ASN.1 structure for CMS
    +295  * @name KJUR.asn1.cms.AttributeList
    +296  * @class class for Attributes ASN.1 structure for CMS
    +297  * @param {Array} params associative array of parameters
    +298  * @extends KJUR.asn1.ASN1Object
    +299  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +300  * @description
    +301  * <pre>
    +302  * Attributes ::= SET OF Attribute
    +303  * Attribute ::= SEQUENCE {
    +304  *    type               OBJECT IDENTIFIER,
    +305  *    values             AttributeSetValue }
    +306  * </pre>
    +307  * @example
    +308  * // specify by X500Name and DERInteger
    +309  * o = new KJUR.asn1.cms.AttributeList({sorted: false}); // ASN.1 BER unsorted SET OF
    +310  * o = new KJUR.asn1.cms.AttributeList();  // ASN.1 DER sorted by default
    +311  * o.clear();                              // clear list of Attributes
    +312  * n = o.length();                         // get number of Attribute
    +313  * o.add(new KJUR.asn1.cms.SigningTime()); // add SigningTime attribute
    +314  * hex = o.getEncodedHex();                // get hex encoded ASN.1 data
    +315  */
    +316 KJUR.asn1.cms.AttributeList = function(params) {
    +317     KJUR.asn1.cms.AttributeList.superclass.constructor.call(this);
    +318     this.list = new Array();
    +319     this.sortFlag = true;
    +320 
    +321     this.add = function(item) {
    +322         if (item instanceof KJUR.asn1.cms.Attribute) {
    +323             this.list.push(item);
    +324         }
    +325     };
    +326 
    +327     this.length = function() {
    +328         return this.list.length;
    +329     };
    +330 
    +331     this.clear = function() {
    +332         this.list = new Array();
    +333         this.hTLV = null;
    +334         this.hV = null;
    +335     };
    +336 
    +337     this.getEncodedHex = function() {
    +338         if (typeof this.hTLV == "string") return this.hTLV;
    +339         var set = new KJUR.asn1.DERSet({array: this.list, sortflag: this.sortFlag});
    +340         this.hTLV = set.getEncodedHex();
    +341         return this.hTLV;
    +342     };
    +343 
    +344     if (typeof params != "undefined") {
    +345         if (typeof params.sortflag != "undefined" &&
    +346             params.sortflag == false)
    +347             this.sortFlag = false;
    +348     }
    +349 };
    +350 YAHOO.lang.extend(KJUR.asn1.cms.AttributeList, KJUR.asn1.ASN1Object);
    +351 
    +352 /**
    +353  * class for SignerInfo ASN.1 structure of CMS SignedData
    +354  * @name KJUR.asn1.cms.SignerInfo
    +355  * @class class for Attributes ASN.1 structure of CMS SigndData
    +356  * @param {Array} params associative array of parameters
    +357  * @extends KJUR.asn1.ASN1Object
    +358  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +359  * @description
    +360  * <pre>
    +361  * SignerInfo ::= SEQUENCE {
    +362  *    version CMSVersion,
    +363  *    sid SignerIdentifier,
    +364  *    digestAlgorithm DigestAlgorithmIdentifier,
    +365  *    signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
    +366  *    signatureAlgorithm SignatureAlgorithmIdentifier,
    +367  *    signature SignatureValue,
    +368  *    unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
    +369  * </pre>
    +370  * @example
    +371  * o = new KJUR.asn1.cms.SignerInfo();
    +372  * o.setSignerIdentifier(certPEMstring);
    +373  * o.dSignedAttrs.add(new KJUR.asn1.cms.ContentType({name: 'data'}));
    +374  * o.dSignedAttrs.add(new KJUR.asn1.cms.MessageDigest({hex: 'a1b2...'}));
    +375  * o.dSignedAttrs.add(new KJUR.asn1.cms.SigningTime());
    +376  * o.sign(privteKeyParam, "SHA1withRSA");
    +377  */
    +378 KJUR.asn1.cms.SignerInfo = function(params) {
    +379     KJUR.asn1.cms.SignerInfo.superclass.constructor.call(this);
    +380     var nA = KJUR.asn1;
    +381     var nC = KJUR.asn1.cms;
    +382     var nX = KJUR.asn1.x509;
    +383 
    +384     this.dCMSVersion = new nA.DERInteger({'int': 1});
    +385     this.dSignerIdentifier = null;
    +386     this.dDigestAlgorithm = null;
    +387     this.dSignedAttrs = new nC.AttributeList();
    +388     this.dSigAlg = null;
    +389     this.dSig = null;
    +390     this.dUnsignedAttrs = new nC.AttributeList();
    +391 
    +392     this.setSignerIdentifier = function(params) {
    +393         if (typeof params == "string" &&
    +394             params.indexOf("CERTIFICATE") != -1 &&
    +395             params.indexOf("BEGIN") != -1 &&
    +396             params.indexOf("END") != -1) {
    +397             var certPEM = params;
    +398             var x = new X509();
    +399             x.hex = X509.pemToHex(certPEM);
    +400 
    +401             var issuerTLVHex = x.getIssuerHex();
    +402             var dIssuer = new nX.X500Name();
    +403             dIssuer.hTLV = issuerTLVHex;
    +404 
    +405             var serialVHex = x.getSerialNumberHex();
    +406             var dSerial = new nA.DERInteger({hex: serialVHex});
    +407 
    +408             //alert(issuerTLVHex + "--" + serialVHex);
    +409             this.dSignerIdentifier = 
    +410                 new nC.IssuerAndSerialNumber({issuer: dIssuer, serial: dSerial});
    +411         }
    +412     };
    +413 
    +414     /**
    +415      * set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData
    +416      * @name setForContentAndHash
    +417      * @memberOf KJUR.asn1.cms.SignerInfo
    +418      * @param {Array} params JSON parameter to set content related field
    +419      * @description
    +420      * This method will specify following fields by a parameters:
    +421      * <ul>
    +422      * <li>add ContentType signed attribute by encapContentInfo</li>
    +423      * <li>add MessageDigest signed attribute by encapContentInfo and hashAlg</li>
    +424      * <li>add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData</li>
    +425      * <li>set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo</li>
    +426      * </ul>
    +427      * Argument 'params' is an associative array having following elements:
    +428      * <ul>
    +429      * <li>eciObj - {@link KJUR.asn1.cms.EncapsulatedContentInfo} object</li>
    +430      * <li>sdObj - {@link KJUR.asn1.cms.SignedData} object (Option) to set DigestAlgorithms</li>
    +431      * <li>hashAlg - string of hash algorithm name which is used for MessageDigest attribute</li>
    +432      * </ul>
    +433      * some of elements can be omited.
    +434      * @example
    +435      * sd = new KJUR.asn1.cms.SignedData();
    +436      * signerInfo.setForContentAndHash({sdObj: sd,
    +437      *                                  eciObj: sd.dEncapContentInfo,
    +438      *                                  hashAlg: 'sha256'});
    +439      */
    +440     this.setForContentAndHash = function(params) {
    +441         if (typeof params != "undefined") {
    +442             if (params.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo) {
    +443                 this.dSignedAttrs.add(new nC.ContentType({oid: '1.2.840.113549.1.7.1'}));
    +444                 this.dSignedAttrs.add(new nC.MessageDigest({eciObj: params.eciObj,
    +445                                                             hashAlg: params.hashAlg}));
    +446             }
    +447             if (typeof params.sdObj != "undefined" &&
    +448                 params.sdObj instanceof KJUR.asn1.cms.SignedData) {
    +449                 if (params.sdObj.digestAlgNameList.join(":").indexOf(params.hashAlg) == -1) {
    +450                     params.sdObj.digestAlgNameList.push(params.hashAlg);
    +451                 }
    +452             }
    +453             if (typeof params.hashAlg == "string") {
    +454                 this.dDigestAlgorithm = new nX.AlgorithmIdentifier({name: params.hashAlg});
    +455             }
    +456         }
    +457     };
    +458 
    +459     this.sign = function(keyParam, sigAlg) {
    +460         // set algorithm
    +461         this.dSigAlg = new nX.AlgorithmIdentifier({name: sigAlg});
    +462 
    +463         // set signature
    +464         var data = this.dSignedAttrs.getEncodedHex();
    +465         var prvKey = KEYUTIL.getKey(keyParam);
    +466         var sig = new KJUR.crypto.Signature({alg: sigAlg});
    +467         sig.init(prvKey);
    +468         sig.updateHex(data);
    +469         var sigValHex = sig.sign();
    +470         this.dSig = new nA.DEROctetString({hex: sigValHex});
    +471     };
    +472 
    +473     this.getEncodedHex = function() {
    +474         if (this.dSignedAttrs.length() == 0) {
    +475             throw "SignedAttrs length = 0 (empty)";
    +476         }
    +477         var sa = new nA.DERTaggedObject({obj: this.dSignedAttrs, tag: 'a0', explicit: false});
    +478         var ua = null;;
    +479         if (this.dUnsignedAttrs.length() > 0) {
    +480             ua = new nA.DERTaggedObject({obj: this.dUnsignedAttrs, tag: 'a1', explicit: false});
    +481         }
    +482 
    +483         var items = [
    +484             this.dCMSVersion,
    +485             this.dSignerIdentifier,
    +486             this.dDigestAlgorithm,
    +487             sa,
    +488             this.dSigAlg,
    +489             this.dSig,
    +490         ];
    +491         if (ua != null) items.push(ua);
    +492 
    +493         var seq = new nA.DERSequence({array: items});
    +494         this.hTLV = seq.getEncodedHex();
    +495         return this.hTLV;
    +496     };
    +497 };
    +498 YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo, KJUR.asn1.ASN1Object);
    +499 
    +500 /**
    +501  * class for EncapsulatedContentInfo ASN.1 structure for CMS
    +502  * @name KJUR.asn1.cms.EncapsulatedContentInfo
    +503  * @class class for EncapsulatedContentInfo ASN.1 structure for CMS
    +504  * @param {Array} params associative array of parameters
    +505  * @extends KJUR.asn1.ASN1Object
    +506  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +507  * @description
    +508  * <pre>
    +509  * EncapsulatedContentInfo ::= SEQUENCE {
    +510  *    eContentType ContentType,
    +511  *    eContent [0] EXPLICIT OCTET STRING OPTIONAL }
    +512  * ContentType ::= OBJECT IDENTIFIER
    +513  * </pre>
    +514  * @example
    +515  * o = new KJUR.asn1.cms.EncapsulatedContentInfo();
    +516  * o.setContentType('1.2.3.4.5');     // specify eContentType by OID
    +517  * o.setContentType('data');          // specify eContentType by name
    +518  * o.setContentValueHex('a1a2a4...'); // specify eContent data by hex string
    +519  * o.setContentValueStr('apple');     // specify eContent data by UTF-8 string
    +520  * // for detached contents (i.e. data not concluded in eContent)
    +521  * o.isDetached = true;               // false as default 
    +522  */
    +523 KJUR.asn1.cms.EncapsulatedContentInfo = function(params) {
    +524     KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this);
    +525     var nA = KJUR.asn1;
    +526     var nC = KJUR.asn1.cms;
    +527     var nX = KJUR.asn1.x509;
    +528     this.dEContentType = new nA.DERObjectIdentifier({name: 'data'});
    +529     this.dEContent = null;
    +530     this.isDetached = false;
    +531     this.eContentValueHex = null;
    +532     
    +533     this.setContentType = function(nameOrOid) {
    +534         if (nameOrOid.match(/^[0-2][.][0-9.]+$/)) {
    +535             this.dEContentType = new nA.DERObjectIdentifier({oid: nameOrOid});
    +536         } else {
    +537             this.dEContentType = new nA.DERObjectIdentifier({name: nameOrOid});
    +538         }
    +539     };
    +540 
    +541     this.setContentValue = function(params) {
    +542         if (typeof params != "undefined") {
    +543             if (typeof params.hex == "string") {
    +544                 this.eContentValueHex = params.hex;
    +545             } else if (typeof params.str == "string") {
    +546                 this.eContentValueHex = utf8tohex(params.str);
    +547             }
    +548         }
    +549     };
    +550 
    +551     this.setContentValueHex = function(valueHex) {
    +552         this.eContentValueHex = valueHex;
    +553     };
    +554 
    +555     this.setContentValueStr = function(valueStr) {
    +556         this.eContentValueHex = utf8tohex(valueStr);
    +557     };
    +558 
    +559     this.getEncodedHex = function() {
    +560         if (typeof this.eContentValueHex != "string") {
    +561             throw "eContentValue not yet set";
    +562         }
    +563 
    +564         var dValue = new nA.DEROctetString({hex: this.eContentValueHex});
    +565         this.dEContent = new nA.DERTaggedObject({obj: dValue,
    +566                                                  tag: 'a0',
    +567                                                  explicit: true});
    +568 
    +569         var a = [this.dEContentType];
    +570         if (! this.isDetached) a.push(this.dEContent);
    +571         var seq = new nA.DERSequence({array: a});
    +572         this.hTLV = seq.getEncodedHex();
    +573         return this.hTLV;
    +574     };
    +575 };
    +576 YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo, KJUR.asn1.ASN1Object);
    +577 
    +578 // - type
    +579 // - obj
    +580 /**
    +581  * class for ContentInfo ASN.1 structure for CMS
    +582  * @name KJUR.asn1.cms.ContentInfo
    +583  * @class class for ContentInfo ASN.1 structure for CMS
    +584  * @param {Array} params associative array of parameters
    +585  * @extends KJUR.asn1.ASN1Object
    +586  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +587  * @description
    +588  * <pre>
    +589  * ContentInfo ::= SEQUENCE {
    +590  *    contentType ContentType,
    +591  *    content [0] EXPLICIT ANY DEFINED BY contentType }
    +592  * ContentType ::= OBJECT IDENTIFIER
    +593  * </pre>
    +594  * @example
    +595  * a = [new KJUR.asn1.DERInteger({int: 1}),
    +596  *      new KJUR.asn1.DERInteger({int: 2})];
    +597  * seq = new KJUR.asn1.DERSequence({array: a});
    +598  * o = new KJUR.asn1.cms.ContentInfo({type: 'data', obj: seq});
    +599  */
    +600 KJUR.asn1.cms.ContentInfo = function(params) {
    +601     KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);
    +602     var nA = KJUR.asn1;
    +603     var nC = KJUR.asn1.cms;
    +604     var nX = KJUR.asn1.x509;
    +605 
    +606     this.dContentType = null;
    +607     this.dContent = null;
    +608 
    +609     this.setContentType = function(params) {
    +610         if (typeof params == "string") {
    +611             this.dContentType = nX.OID.name2obj(params);
    +612         }
    +613     };
    +614 
    +615     this.getEncodedHex = function() {
    +616         var dContent0 = new nA.DERTaggedObject({obj: this.dContent, tag: 'a0', explicit: true});
    +617         var seq = new nA.DERSequence({array: [this.dContentType, dContent0]});
    +618         this.hTLV = seq.getEncodedHex();
    +619         return this.hTLV;
    +620     };
    +621 
    +622     if (typeof params != "undefined") {
    +623         if (params.type) this.setContentType(params.type);
    +624         if (params.obj && params.obj instanceof nA.ASN1Object) this.dContent = params.obj;
    +625     }
    +626 };
    +627 YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo, KJUR.asn1.ASN1Object);
    +628 
    +629 /**
    +630  * class for SignerInfo ASN.1 structure of CMS SignedData
    +631  * @name KJUR.asn1.cms.SignedData
    +632  * @class class for Attributes ASN.1 structure of CMS SigndData
    +633  * @param {Array} params associative array of parameters
    +634  * @extends KJUR.asn1.ASN1Object
    +635  * @since jsrsasign 4.2.4 asn1cms 1.0.0
    +636  *
    +637  * @description
    +638  * <pre>
    +639  * SignedData ::= SEQUENCE {
    +640  *    version CMSVersion,
    +641  *    digestAlgorithms DigestAlgorithmIdentifiers,
    +642  *    encapContentInfo EncapsulatedContentInfo,
    +643  *    certificates [0] IMPLICIT CertificateSet OPTIONAL,
    +644  *    crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
    +645  *    signerInfos SignerInfos }
    +646  * SignerInfos ::= SET OF SignerInfo
    +647  * CertificateSet ::= SET OF CertificateChoices
    +648  * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
    +649  * CertificateSet ::= SET OF CertificateChoices
    +650  * RevocationInfoChoices ::= SET OF RevocationInfoChoice
    +651  * </pre>
    +652  *
    +653  * @example
    +654  * sd = new KJUR.asn1.cms.SignedData();
    +655  * sd.dEncapContentInfo.setContentValueStr("test string");
    +656  * sd.signerInfoList[0].setForContentAndHash({sdObj: sd,
    +657  *                                            eciObj: sd.dEncapContentInfo,
    +658  *                                            hashAlg: 'sha256'});
    +659  * sd.signerInfoList[0].dSignedAttrs.add(new KJUR.asn1.cms.SigningTime());
    +660  * sd.signerInfoList[0].setSignerIdentifier(certPEM);
    +661  * sd.signerInfoList[0].sign(prvP8PEM, "SHA256withRSA");
    +662  * hex = sd.getContentInfoEncodedHex();
    +663  */
    +664 KJUR.asn1.cms.SignedData = function(params) {
    +665     KJUR.asn1.cms.SignedData.superclass.constructor.call(this);
    +666     var nA = KJUR.asn1;
    +667     var nC = KJUR.asn1.cms;
    +668     var nX = KJUR.asn1.x509;
    +669 
    +670     this.dCMSVersion = new nA.DERInteger({'int': 1});
    +671     this.digestAlgNameList = [];
    +672     this.dEncapContentInfo = new nC.EncapsulatedContentInfo();
    +673     this.certificateList = [];
    +674     this.crlList = [];
    +675     this.signerInfoList = [new nC.SignerInfo()];
    +676 
    +677     this.addCertificatesByPEM = function(certPEM) {
    +678         var hex = KEYUTIL.getHexFromPEM(certPEM);
    +679         var o = new nA.ASN1Object();
    +680         o.hTLV = hex;
    +681         this.certificateList.push(o);
    +682     };
    +683 
    +684     this.getEncodedHex = function() {
    +685         if (typeof this.hTLV == "string") return this.hTLV;
    +686         
    +687         var digestAlgList = [];
    +688         for (var i = 0; i < this.digestAlgNameList.length; i++) {
    +689             var o = new nX.AlgorithmIdentifier({name: this.digestAlgNameList[i]});
    +690             digestAlgList.push(o);
    +691         }
    +692 
    +693         var dDigestAlgs = new nA.DERSet({array: digestAlgList});
    +694         var dSignerInfos = new nA.DERSet({array: this.signerInfoList});
    +695 
    +696         var a = [this.dCMSVersion,
    +697                  dDigestAlgs,
    +698                  this.dEncapContentInfo];
    +699 
    +700         if (this.certificateList.length > 0) {
    +701             var o1 = new nA.DERSet({array: this.certificateList});
    +702             var o2 = new nA.DERTaggedObject({obj: o1,
    +703                                              tag: 'a0',
    +704                                              explicit: false});
    +705             a.push(o2);
    +706         }
    +707         
    +708         a.push(dSignerInfos);
    +709 
    +710         var seq = new nA.DERSequence({array: a});
    +711         this.hTLV = seq.getEncodedHex();
    +712         return this.hTLV;
    +713     };
    +714 
    +715     this.getContentInfoEncodedHex = function() {
    +716         this.getEncodedHex();
    +717         var ci = new nC.ContentInfo({type: 'signed-data', obj: this});
    +718         var ciHex = ci.getEncodedHex();
    +719         return ciHex;
    +720     };
    +721 
    +722     this.getPEM = function() {
    +723         var hex = this.getContentInfoEncodedHex();
    +724         var pem = nA.ASN1Util.getPEMStringFromHex(hex, "CMS");
    +725         return pem;
    +726     };
    +727 };
    +728 YAHOO.lang.extend(KJUR.asn1.cms.SignedData, KJUR.asn1.ASN1Object);
    +729 
    +730 /**
    +731  * CMS utiliteis class
    +732  * @name KJUR.asn1.cms.CMSUtil
    +733  * @class CMS utilities class
    +734  */
    +735 KJUR.asn1.cms.CMSUtil = new function() {
    +736 };
    +737 /**
    +738  * generate SignedData object specified by JSON parameters
    +739  * @name newSignedData
    +740  * @memberOf KJUR.asn1.cms.CMSUtil
    +741  * @function
    +742  * @param {Array} param JSON parameter to generate CMS SignedData
    +743  * @return {KJUR.asn1.cms.SignedData} object just generated
    +744  * @description
    +745  * This method provides more easy way to genereate
    +746  * CMS SignedData ASN.1 structure by JSON data.
    +747  * @example
    +748  * var sd = KJUR.asn1.cms.CMSUtil.newSignedData({
    +749  *   content: {str: "jsrsasign"},
    +750  *   certs: [certPEM],
    +751  *   signerInfos: [{
    +752  *     hashAlg: 'sha256',
    +753  *     sAttr: {
    +754  *       SigningTime: {}
    +755  *     },
    +756  *     signerCert: certPEM,
    +757  *     sigAlg: 'SHA256withRSA',
    +758  *     signerPrvKey: prvPEM
    +759  *   }]
    +760  * });
    +761  */
    +762 KJUR.asn1.cms.CMSUtil.newSignedData = function(param) {
    +763     var nC = KJUR.asn1.cms;
    +764     var sd = new nC.SignedData();
    +765 
    +766     sd.dEncapContentInfo.setContentValue(param.content);
    +767 
    +768     if (typeof param.certs == "object") {
    +769         for (var i = 0; i < param.certs.length; i++) {
    +770             sd.addCertificatesByPEM(param.certs[i]);
    +771         }
    +772     }
    +773     
    +774     sd.signerInfoList = [];
    +775     for (var i = 0; i < param.signerInfos.length; i++) {
    +776         var siParam = param.signerInfos[i];
    +777         var si = new nC.SignerInfo();
    +778         si.setSignerIdentifier(siParam.signerCert);
    +779 
    +780         si.setForContentAndHash({sdObj: sd,
    +781                                  eciObj: sd.dEncapContentInfo,
    +782                                  hashAlg: siParam.hashAlg});
    +783 
    +784         for (attrName in siParam.sAttr) {
    +785             if (attrName == "SigningTime") {
    +786                 var attr = new nC.SigningTime(siParam.sAttr[attrName]);
    +787                 si.dSignedAttrs.add(attr);
    +788             }
    +789         }
    +790 
    +791         si.sign(siParam.signerPrvKey, siParam.sigAlg);
    +792         sd.signerInfoList.push(si);
    +793     }
    +794 
    +795     return sd;
    +796 };
    +797 
    +798 
    \ No newline at end of file diff --git a/api/symbols/src/asn1x509-1.0.js.html b/api/symbols/src/asn1x509-1.0.js.html index 82c717d6..a46dbc35 100755 --- a/api/symbols/src/asn1x509-1.0.js.html +++ b/api/symbols/src/asn1x509-1.0.js.html @@ -5,7 +5,7 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} -
      1 /*! asn1x509-1.0.8.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
    +	
      1 /*! asn1x509-1.0.9.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
       2  */
       3 /*
       4  * asn1x509.js - ASN.1 DER encoder classes for X.509 certificate
    @@ -23,7 +23,7 @@
      16  * @fileOverview
      17  * @name asn1x509-1.0.js
      18  * @author Kenji Urushima kenji.urushima@gmail.com
    - 19  * @version 1.0.8 (2014-Apr-16)
    + 19  * @version 1.0.9 (2014-May-17)
      20  * @since jsrsasign 2.1
      21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
      22  */
    @@ -1155,820 +1155,848 @@
     1148     };
     1149 
     1150     this.getEncodedHex = function() {
    -1151         var o = new KJUR.asn1.DERSequence({"array": this.asn1Array});
    -1152         this.TLV = o.getEncodedHex();
    -1153         return this.TLV;
    -1154     };
    -1155 
    -1156     if (typeof params != "undefined") {
    -1157         if (typeof params['str'] != "undefined") {
    -1158             this.setByString(params['str']);
    -1159         }
    -1160     }
    -1161 
    -1162 };
    -1163 YAHOO.lang.extend(KJUR.asn1.x509.X500Name, KJUR.asn1.ASN1Object);
    -1164 
    -1165 /**
    -1166  * RDN (Relative Distinguish Name) ASN.1 structure class
    -1167  * @name KJUR.asn1.x509.RDN
    -1168  * @class RDN (Relative Distinguish Name) ASN.1 structure class
    -1169  * @param {Array} params associative array of parameters (ex. {'str': 'C=US'})
    -1170  * @extends KJUR.asn1.ASN1Object
    -1171  * @description
    -1172  * @example
    -1173  */
    -1174 KJUR.asn1.x509.RDN = function(params) {
    -1175     KJUR.asn1.x509.RDN.superclass.constructor.call(this);
    -1176     this.asn1Array = new Array();
    -1177 
    -1178     this.addByString = function(rdnStr) {
    -1179         this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({'str':rdnStr}));
    -1180     };
    -1181 
    -1182     this.getEncodedHex = function() {
    -1183         var o = new KJUR.asn1.DERSet({"array": this.asn1Array});
    -1184         this.TLV = o.getEncodedHex();
    -1185         return this.TLV;
    -1186     };
    -1187 
    -1188     if (typeof params != "undefined") {
    -1189         if (typeof params['str'] != "undefined") {
    -1190             this.addByString(params['str']);
    -1191         }
    -1192     }
    -1193 };
    -1194 YAHOO.lang.extend(KJUR.asn1.x509.RDN, KJUR.asn1.ASN1Object);
    -1195 
    -1196 /**
    -1197  * AttributeTypeAndValue ASN.1 structure class
    -1198  * @name KJUR.asn1.x509.AttributeTypeAndValue
    -1199  * @class AttributeTypeAndValue ASN.1 structure class
    -1200  * @param {Array} params associative array of parameters (ex. {'str': 'C=US'})
    -1201  * @extends KJUR.asn1.ASN1Object
    -1202  * @description
    -1203  * @example
    -1204  */
    -1205 KJUR.asn1.x509.AttributeTypeAndValue = function(params) {
    -1206     KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);
    -1207     var typeObj = null;
    -1208     var valueObj = null;
    -1209     var defaultDSType = "utf8";
    -1210 
    -1211     this.setByString = function(attrTypeAndValueStr) {
    -1212         if (attrTypeAndValueStr.match(/^([^=]+)=(.+)$/)) {
    -1213             this.setByAttrTypeAndValueStr(RegExp.$1, RegExp.$2);
    -1214         } else {
    -1215             throw "malformed attrTypeAndValueStr: " + attrTypeAndValueStr;
    -1216         }
    -1217     };
    -1218 
    -1219     this.setByAttrTypeAndValueStr = function(shortAttrType, valueStr) {
    -1220         this.typeObj = KJUR.asn1.x509.OID.atype2obj(shortAttrType);
    -1221         var dsType = defaultDSType;
    -1222         if (shortAttrType == "C") dsType = "prn";
    -1223         this.valueObj = this.getValueObj(dsType, valueStr);
    -1224     };
    -1225 
    -1226     this.getValueObj = function(dsType, valueStr) {
    -1227         if (dsType == "utf8")   return new KJUR.asn1.DERUTF8String({"str": valueStr});
    -1228         if (dsType == "prn")    return new KJUR.asn1.DERPrintableString({"str": valueStr});
    -1229         if (dsType == "tel")    return new KJUR.asn1.DERTeletexString({"str": valueStr});
    -1230         if (dsType == "ia5")    return new KJUR.asn1.DERIA5String({"str": valueStr});
    -1231         throw "unsupported directory string type: type=" + dsType + " value=" + valueStr;
    -1232     };
    -1233 
    -1234     this.getEncodedHex = function() {
    -1235         var o = new KJUR.asn1.DERSequence({"array": [this.typeObj, this.valueObj]});
    -1236         this.TLV = o.getEncodedHex();
    -1237         return this.TLV;
    -1238     };
    -1239 
    -1240     if (typeof params != "undefined") {
    -1241         if (typeof params['str'] != "undefined") {
    -1242             this.setByString(params['str']);
    -1243         }
    -1244     }
    -1245 };
    -1246 YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue, KJUR.asn1.ASN1Object);
    -1247 
    -1248 // === END   X500Name Related =================================================
    -1249 
    -1250 // === BEGIN Other ASN1 structure class  ======================================
    -1251 
    -1252 /**
    -1253  * SubjectPublicKeyInfo ASN.1 structure class
    -1254  * @name KJUR.asn1.x509.SubjectPublicKeyInfo
    -1255  * @class SubjectPublicKeyInfo ASN.1 structure class
    -1256  * @param {Object} params parameter for subject public key
    -1257  * @extends KJUR.asn1.ASN1Object
    -1258  * @description
    -1259  * <br/>
    -1260  * As for argument 'params' for constructor, you can specify one of
    -1261  * following properties:
    -1262  * <ul>
    -1263  * <li>{@link RSAKey} object</li>
    -1264  * <li>{@link KJUR.crypto.ECDSA} object</li>
    -1265  * <li>{@link KJUR.crypto.DSA} object</li>
    -1266  * <li>(DEPRECATED)rsakey - specify {@link RSAKey} object of subject public key</li>
    -1267  * <li>(DEPRECATED)rsapem - specify a string of PEM public key of RSA key</li>
    -1268  * </ul>
    -1269  * NOTE1: 'params' can be omitted.<br/>
    -1270  * NOTE2: DSA/ECDSA key object is also supported since asn1x509 1.0.6.<br/>
    -1271  * <h4>EXAMPLE</h4>
    -1272  * @example
    -1273  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(RSAKey_object);
    -1274  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoECDSA_object);
    -1275  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoDSA_object);
    -1276  */
    -1277 KJUR.asn1.x509.SubjectPublicKeyInfo = function(params) {
    -1278     KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);
    -1279     var asn1AlgId = null;
    -1280     var asn1SubjPKey = null;
    -1281     var rsaKey = null;
    -1282 
    -1283     /**
    -1284      * (DEPRECATED) set RSAKey object as subject public key
    -1285      * @name setRSAKey
    -1286      * @memberOf KJUR.asn1.x509.SubjectPublicKeyInfo
    -1287      * @function
    -1288      * @param {RSAKey} rsaKey {@link RSAKey} object for RSA public key
    -1289      * @description
    -1290      * @deprecated
    -1291      * @example
    -1292      * spki.setRSAKey(rsaKey);
    -1293      */
    -1294     this.setRSAKey = function(rsaKey) {
    -1295         if (! RSAKey.prototype.isPrototypeOf(rsaKey))
    -1296             throw "argument is not RSAKey instance";
    -1297         this.rsaKey = rsaKey;
    -1298         var asn1RsaN = new KJUR.asn1.DERInteger({'bigint': rsaKey.n});
    -1299         var asn1RsaE = new KJUR.asn1.DERInteger({'int': rsaKey.e});
    -1300         var asn1RsaPub = new KJUR.asn1.DERSequence({'array': [asn1RsaN, asn1RsaE]});
    -1301         var rsaKeyHex = asn1RsaPub.getEncodedHex();
    -1302         this.asn1AlgId = new KJUR.asn1.x509.AlgorithmIdentifier({'name':'rsaEncryption'});
    -1303         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex':'00'+rsaKeyHex});
    -1304     };
    -1305 
    -1306     /**
    -1307      * (DEPRECATED) set a PEM formatted RSA public key string as RSA public key
    -1308      * @name setRSAPEM
    -1309      * @memberOf KJUR.asn1.x509.SubjectPublicKeyInfo
    -1310      * @function
    -1311      * @param {String} rsaPubPEM PEM formatted RSA public key string
    -1312      * @deprecated
    -1313      * @description
    -1314      * @example
    -1315      * spki.setRSAPEM(rsaPubPEM);
    -1316      */
    -1317     this.setRSAPEM = function(rsaPubPEM) {
    -1318         if (rsaPubPEM.match(/-----BEGIN PUBLIC KEY-----/)) {
    -1319             var s = rsaPubPEM;
    -1320             s = s.replace(/^-----[^-]+-----/, '');
    -1321             s = s.replace(/-----[^-]+-----\s*$/, '');
    -1322             var rsaB64 = s.replace(/\s+/g, '');
    -1323             var rsaWA = CryptoJS.enc.Base64.parse(rsaB64);
    -1324             var rsaP8Hex = CryptoJS.enc.Hex.stringify(rsaWA);
    -1325             var a = _rsapem_getHexValueArrayOfChildrenFromHex(rsaP8Hex);
    -1326             var hBitStrVal = a[1];
    -1327             var rsaHex = hBitStrVal.substr(2);
    -1328             var a3 = _rsapem_getHexValueArrayOfChildrenFromHex(rsaHex);
    -1329             var rsaKey = new RSAKey();
    -1330             rsaKey.setPublic(a3[0], a3[1]);
    -1331             this.setRSAKey(rsaKey);
    -1332         } else {
    -1333             throw "key not supported";
    -1334         }
    -1335     };
    -1336 
    -1337     /*
    -1338      * @since asn1x509 1.0.7
    -1339      */
    -1340     this.getASN1Object = function() {
    -1341         if (this.asn1AlgId == null || this.asn1SubjPKey == null)
    -1342             throw "algId and/or subjPubKey not set";
    -1343         var o = new KJUR.asn1.DERSequence({'array':
    -1344                                            [this.asn1AlgId, this.asn1SubjPKey]});
    -1345         return o;
    -1346     };
    -1347 
    -1348     this.getEncodedHex = function() {
    -1349         var o = this.getASN1Object();
    -1350         this.hTLV = o.getEncodedHex();
    -1351         return this.hTLV;
    -1352     };
    -1353 
    -1354     this._setRSAKey = function(key) {
    -1355         var asn1RsaPub = KJUR.asn1.ASN1Util.newObject({
    -1356             'seq': [{'int': {'bigint': key.n}}, {'int': {'int': key.e}}]
    -1357         });
    -1358         var rsaKeyHex = asn1RsaPub.getEncodedHex();
    -1359         this.asn1AlgId = new KJUR.asn1.x509.AlgorithmIdentifier({'name':'rsaEncryption'});
    -1360         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex':'00'+rsaKeyHex});
    -1361     };
    -1362 
    -1363     this._setEC = function(key) {
    -1364         var asn1Params = new KJUR.asn1.DERObjectIdentifier({'name': key.curveName});
    -1365         this.asn1AlgId = 
    -1366             new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'ecPublicKey',
    -1367                                                     'asn1params': asn1Params});
    -1368         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + key.pubKeyHex});
    -1369     };
    -1370 
    -1371     this._setDSA = function(key) {
    -1372         var asn1Params = new KJUR.asn1.ASN1Util.newObject({
    -1373             'seq': [{'int': {'bigint': key.p}},
    -1374                     {'int': {'bigint': key.q}},
    -1375                     {'int': {'bigint': key.g}}]
    -1376         });
    -1377         this.asn1AlgId = 
    -1378             new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'dsa',
    -1379                                                     'asn1params': asn1Params});
    -1380         var pubInt = new KJUR.asn1.DERInteger({'bigint': key.y});
    -1381         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + pubInt.getEncodedHex()});
    -1382     };
    -1383 
    -1384     if (typeof params != "undefined") {
    -1385         if (typeof RSAKey != 'undefined' && params instanceof RSAKey) {
    -1386             this._setRSAKey(params);
    -1387         } else if (typeof KJUR.crypto.ECDSA != 'undefined' &&
    -1388                    params instanceof KJUR.crypto.ECDSA) {
    -1389             this._setEC(params);
    -1390         } else if (typeof KJUR.crypto.DSA != 'undefined' &&
    -1391                    params instanceof KJUR.crypto.DSA) {
    -1392             this._setDSA(params);
    -1393         } else if (typeof params['rsakey'] != "undefined") {
    -1394             this.setRSAKey(params['rsakey']);
    -1395         } else if (typeof params['rsapem'] != "undefined") {
    -1396             this.setRSAPEM(params['rsapem']);
    -1397         }
    -1398     }
    -1399 };
    -1400 YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo, KJUR.asn1.ASN1Object);
    -1401 
    -1402 /**
    -1403  * Time ASN.1 structure class
    -1404  * @name KJUR.asn1.x509.Time
    -1405  * @class Time ASN.1 structure class
    -1406  * @param {Array} params associative array of parameters (ex. {'str': '130508235959Z'})
    -1407  * @extends KJUR.asn1.ASN1Object
    -1408  * @description
    -1409  * <br/>
    -1410  * <h4>EXAMPLES</h4>
    -1411  * @example
    -1412  * var t1 = new KJUR.asn1.x509.Time{'str': '130508235959Z'} // UTCTime by default
    -1413  * var t2 = new KJUR.asn1.x509.Time{'type': 'gen',  'str': '20130508235959Z'} // GeneralizedTime
    -1414  */
    -1415 KJUR.asn1.x509.Time = function(params) {
    -1416     KJUR.asn1.x509.Time.superclass.constructor.call(this);
    -1417     var type = null;
    -1418     var timeParams = null;
    -1419 
    -1420     this.setTimeParams = function(timeParams) {
    -1421         this.timeParams = timeParams;
    -1422     }
    -1423 
    -1424     this.getEncodedHex = function() {
    -1425         if (this.timeParams == null) {
    -1426             throw "timeParams shall be specified. ({'str':'130403235959Z'}}";
    -1427         }
    -1428         var o = null;
    -1429         if (this.type == "utc") {
    -1430             o = new KJUR.asn1.DERUTCTime(this.timeParams);
    -1431         } else {
    -1432             o = new KJUR.asn1.DERGeneralizedTime(this.timeParams);
    -1433         }
    -1434         this.TLV = o.getEncodedHex();
    -1435         return this.TLV;
    -1436     };
    -1437     
    -1438     this.type = "utc";
    -1439     if (typeof params != "undefined") {
    -1440         if (typeof params['type'] != "undefined") {
    -1441             this.type = params['type'];
    -1442         }
    -1443         this.timeParams = params;
    -1444     }
    -1445 };
    -1446 YAHOO.lang.extend(KJUR.asn1.x509.Time, KJUR.asn1.ASN1Object);
    -1447 
    -1448 /**
    -1449  * AlgorithmIdentifier ASN.1 structure class
    -1450  * @name KJUR.asn1.x509.AlgorithmIdentifier
    -1451  * @class AlgorithmIdentifier ASN.1 structure class
    -1452  * @param {Array} params associative array of parameters (ex. {'name': 'SHA1withRSA'})
    -1453  * @extends KJUR.asn1.ASN1Object
    -1454  * @description
    -1455  * @example
    -1456  */
    -1457 KJUR.asn1.x509.AlgorithmIdentifier = function(params) {
    -1458     KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);
    -1459     var nameAlg = null;
    -1460     var asn1Alg = null;
    -1461     var asn1Params = null;
    -1462     var paramEmpty = false;
    -1463 
    -1464     this.getEncodedHex = function() {
    -1465         if (this.nameAlg == null && this.asn1Alg == null) {
    -1466             throw "algorithm not specified";
    -1467         }
    -1468         if (this.nameAlg != null && this.asn1Alg == null) {
    -1469             this.asn1Alg = KJUR.asn1.x509.OID.name2obj(this.nameAlg);
    -1470         }
    -1471         var a = [this.asn1Alg];
    -1472         if (! this.paramEmpty) a.push(this.asn1Params);
    -1473         var o = new KJUR.asn1.DERSequence({'array': a});
    -1474         this.hTLV = o.getEncodedHex();
    -1475         return this.hTLV;
    -1476     };
    -1477 
    -1478     if (typeof params != "undefined") {
    -1479         if (typeof params['name'] != "undefined") {
    -1480             this.nameAlg = params['name'];
    -1481         }
    -1482         if (typeof params['asn1params'] != "undefined") {
    -1483             this.asn1Params = params['asn1params'];
    -1484         }
    -1485         if (typeof params['paramempty'] != "undefined") {
    -1486             this.paramEmpty = params['paramempty'];
    -1487         }
    -1488     }
    -1489     if (this.asn1Params == null) {
    -1490         this.asn1Params = new KJUR.asn1.DERNull();
    -1491     }
    -1492 };
    -1493 YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier, KJUR.asn1.ASN1Object);
    -1494 
    -1495 /**
    -1496  * GeneralName ASN.1 structure class
    -1497  * @name KJUR.asn1.x509.GeneralName
    -1498  * @class GeneralName ASN.1 structure class
    -1499  * @description
    -1500  * <br/>
    -1501  * As for argument 'params' for constructor, you can specify one of
    -1502  * following properties:
    -1503  * <ul>
    -1504  * <li>rfc822 - rfc822Name[1] (ex. user1@foo.com)</li>
    -1505  * <li>dns - dNSName[2] (ex. foo.com)</li>
    -1506  * <li>uri - uniformResourceIdentifier[6] (ex. http://foo.com/)</li>
    -1507  * </ul>
    -1508  * NOTE: Currently this only supports 'uniformResourceIdentifier'.
    -1509  * <h4>EXAMPLE AND ASN.1 SYNTAX</h4>
    -1510  * @example
    -1511  * var gn = new KJUR.asn1.x509.GeneralName({'uri': 'http://aaa.com/'});
    -1512  *
    -1513  * GeneralName ::= CHOICE {
    -1514  *         otherName                       [0]     OtherName,
    -1515  *         rfc822Name                      [1]     IA5String,
    -1516  *         dNSName                         [2]     IA5String,
    -1517  *         x400Address                     [3]     ORAddress,
    -1518  *         directoryName                   [4]     Name,
    -1519  *         ediPartyName                    [5]     EDIPartyName,
    -1520  *         uniformResourceIdentifier       [6]     IA5String,
    -1521  *         iPAddress                       [7]     OCTET STRING,
    -1522  *         registeredID                    [8]     OBJECT IDENTIFIER } 
    -1523  */
    -1524 KJUR.asn1.x509.GeneralName = function(params) {
    -1525     KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);
    -1526     var asn1Obj = null;
    -1527     var type = null;
    -1528     var pTag = {'rfc822': '81', 'dns': '82', 'uri': '86'};
    -1529 
    -1530     this.setByParam = function(params) {
    -1531         var str = null;
    -1532         var v = null;
    -1533 
    -1534         if (typeof params['rfc822'] != "undefined") {
    -1535             this.type = 'rfc822';
    -1536             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    -1537         }
    -1538         if (typeof params['dns'] != "undefined") {
    -1539             this.type = 'dns';
    -1540             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    -1541         }
    -1542         if (typeof params['uri'] != "undefined") {
    -1543             this.type = 'uri';
    -1544             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    -1545         }
    -1546 
    -1547         if (this.type == null)
    -1548             throw "unsupported type in params=" + params;
    -1549         this.asn1Obj = new KJUR.asn1.DERTaggedObject({'explicit': false,
    -1550                                                       'tag': pTag[this.type],
    -1551                                                       'obj': v});
    -1552     };
    -1553 
    -1554     this.getEncodedHex = function() {
    -1555         return this.asn1Obj.getEncodedHex();
    -1556     }
    -1557 
    -1558     if (typeof params != "undefined") {
    -1559         this.setByParam(params);
    -1560     }
    -1561 
    -1562 };
    -1563 YAHOO.lang.extend(KJUR.asn1.x509.GeneralName, KJUR.asn1.ASN1Object);
    -1564 
    -1565 /**
    -1566  * GeneralNames ASN.1 structure class
    -1567  * @name KJUR.asn1.x509.GeneralNames
    -1568  * @class GeneralNames ASN.1 structure class
    -1569  * @description
    -1570  * <br/>
    -1571  * <h4>EXAMPLE AND ASN.1 SYNTAX</h4>
    -1572  * @example
    -1573  * var gns = new KJUR.asn1.x509.GeneralNames([{'uri': 'http://aaa.com/'}, {'uri': 'http://bbb.com/'}]); 
    -1574  *
    -1575  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
    -1576  */
    -1577 KJUR.asn1.x509.GeneralNames = function(paramsArray) {
    -1578     KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);
    -1579     var asn1Array = null;
    -1580 
    -1581     /**
    -1582      * set a array of {@link KJUR.asn1.x509.GeneralName} parameters
    -1583      * @name setByParamArray
    -1584      * @memberOf KJUR.asn1.x509.GeneralNames
    -1585      * @function
    -1586      * @param {Array} paramsArray Array of {@link KJUR.asn1.x509.GeneralNames}
    -1587      * @description
    -1588      * <br/>
    -1589      * <h4>EXAMPLES</h4>
    -1590      * @example
    -1591      * var gns = new KJUR.asn1.x509.GeneralNames();
    -1592      * gns.setByParamArray([{'uri': 'http://aaa.com/'}, {'uri': 'http://bbb.com/'}]);
    -1593      */
    -1594     this.setByParamArray = function(paramsArray) {
    -1595         for (var i = 0; i < paramsArray.length; i++) {
    -1596             var o = new KJUR.asn1.x509.GeneralName(paramsArray[i]);
    -1597             this.asn1Array.push(o);
    -1598         }
    -1599     };
    -1600 
    -1601     this.getEncodedHex = function() {
    -1602         var o = new KJUR.asn1.DERSequence({'array': this.asn1Array});
    -1603         return o.getEncodedHex();
    -1604     };
    -1605 
    -1606     this.asn1Array = new Array();
    -1607     if (typeof paramsArray != "undefined") {
    -1608         this.setByParamArray(paramsArray);
    -1609     }
    -1610 };
    -1611 YAHOO.lang.extend(KJUR.asn1.x509.GeneralNames, KJUR.asn1.ASN1Object);
    +1151         if (typeof this.hTLV == "string") return this.hTLV;
    +1152         var o = new KJUR.asn1.DERSequence({"array": this.asn1Array});
    +1153         this.hTLV = o.getEncodedHex();
    +1154         return this.hTLV;
    +1155     };
    +1156 
    +1157     if (typeof params != "undefined") {
    +1158         if (typeof params['str'] != "undefined") {
    +1159             this.setByString(params['str']);
    +1160         }
    +1161     }
    +1162 
    +1163 };
    +1164 YAHOO.lang.extend(KJUR.asn1.x509.X500Name, KJUR.asn1.ASN1Object);
    +1165 
    +1166 /**
    +1167  * RDN (Relative Distinguish Name) ASN.1 structure class
    +1168  * @name KJUR.asn1.x509.RDN
    +1169  * @class RDN (Relative Distinguish Name) ASN.1 structure class
    +1170  * @param {Array} params associative array of parameters (ex. {'str': 'C=US'})
    +1171  * @extends KJUR.asn1.ASN1Object
    +1172  * @description
    +1173  * @example
    +1174  */
    +1175 KJUR.asn1.x509.RDN = function(params) {
    +1176     KJUR.asn1.x509.RDN.superclass.constructor.call(this);
    +1177     this.asn1Array = new Array();
    +1178 
    +1179     this.addByString = function(rdnStr) {
    +1180         this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({'str':rdnStr}));
    +1181     };
    +1182 
    +1183     this.getEncodedHex = function() {
    +1184         var o = new KJUR.asn1.DERSet({"array": this.asn1Array});
    +1185         this.TLV = o.getEncodedHex();
    +1186         return this.TLV;
    +1187     };
    +1188 
    +1189     if (typeof params != "undefined") {
    +1190         if (typeof params['str'] != "undefined") {
    +1191             this.addByString(params['str']);
    +1192         }
    +1193     }
    +1194 };
    +1195 YAHOO.lang.extend(KJUR.asn1.x509.RDN, KJUR.asn1.ASN1Object);
    +1196 
    +1197 /**
    +1198  * AttributeTypeAndValue ASN.1 structure class
    +1199  * @name KJUR.asn1.x509.AttributeTypeAndValue
    +1200  * @class AttributeTypeAndValue ASN.1 structure class
    +1201  * @param {Array} params associative array of parameters (ex. {'str': 'C=US'})
    +1202  * @extends KJUR.asn1.ASN1Object
    +1203  * @description
    +1204  * @example
    +1205  */
    +1206 KJUR.asn1.x509.AttributeTypeAndValue = function(params) {
    +1207     KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);
    +1208     var typeObj = null;
    +1209     var valueObj = null;
    +1210     var defaultDSType = "utf8";
    +1211 
    +1212     this.setByString = function(attrTypeAndValueStr) {
    +1213         if (attrTypeAndValueStr.match(/^([^=]+)=(.+)$/)) {
    +1214             this.setByAttrTypeAndValueStr(RegExp.$1, RegExp.$2);
    +1215         } else {
    +1216             throw "malformed attrTypeAndValueStr: " + attrTypeAndValueStr;
    +1217         }
    +1218     };
    +1219 
    +1220     this.setByAttrTypeAndValueStr = function(shortAttrType, valueStr) {
    +1221         this.typeObj = KJUR.asn1.x509.OID.atype2obj(shortAttrType);
    +1222         var dsType = defaultDSType;
    +1223         if (shortAttrType == "C") dsType = "prn";
    +1224         this.valueObj = this.getValueObj(dsType, valueStr);
    +1225     };
    +1226 
    +1227     this.getValueObj = function(dsType, valueStr) {
    +1228         if (dsType == "utf8")   return new KJUR.asn1.DERUTF8String({"str": valueStr});
    +1229         if (dsType == "prn")    return new KJUR.asn1.DERPrintableString({"str": valueStr});
    +1230         if (dsType == "tel")    return new KJUR.asn1.DERTeletexString({"str": valueStr});
    +1231         if (dsType == "ia5")    return new KJUR.asn1.DERIA5String({"str": valueStr});
    +1232         throw "unsupported directory string type: type=" + dsType + " value=" + valueStr;
    +1233     };
    +1234 
    +1235     this.getEncodedHex = function() {
    +1236         var o = new KJUR.asn1.DERSequence({"array": [this.typeObj, this.valueObj]});
    +1237         this.TLV = o.getEncodedHex();
    +1238         return this.TLV;
    +1239     };
    +1240 
    +1241     if (typeof params != "undefined") {
    +1242         if (typeof params['str'] != "undefined") {
    +1243             this.setByString(params['str']);
    +1244         }
    +1245     }
    +1246 };
    +1247 YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue, KJUR.asn1.ASN1Object);
    +1248 
    +1249 // === END   X500Name Related =================================================
    +1250 
    +1251 // === BEGIN Other ASN1 structure class  ======================================
    +1252 
    +1253 /**
    +1254  * SubjectPublicKeyInfo ASN.1 structure class
    +1255  * @name KJUR.asn1.x509.SubjectPublicKeyInfo
    +1256  * @class SubjectPublicKeyInfo ASN.1 structure class
    +1257  * @param {Object} params parameter for subject public key
    +1258  * @extends KJUR.asn1.ASN1Object
    +1259  * @description
    +1260  * <br/>
    +1261  * As for argument 'params' for constructor, you can specify one of
    +1262  * following properties:
    +1263  * <ul>
    +1264  * <li>{@link RSAKey} object</li>
    +1265  * <li>{@link KJUR.crypto.ECDSA} object</li>
    +1266  * <li>{@link KJUR.crypto.DSA} object</li>
    +1267  * <li>(DEPRECATED)rsakey - specify {@link RSAKey} object of subject public key</li>
    +1268  * <li>(DEPRECATED)rsapem - specify a string of PEM public key of RSA key</li>
    +1269  * </ul>
    +1270  * NOTE1: 'params' can be omitted.<br/>
    +1271  * NOTE2: DSA/ECDSA key object is also supported since asn1x509 1.0.6.<br/>
    +1272  * <h4>EXAMPLE</h4>
    +1273  * @example
    +1274  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(RSAKey_object);
    +1275  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoECDSA_object);
    +1276  * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoDSA_object);
    +1277  */
    +1278 KJUR.asn1.x509.SubjectPublicKeyInfo = function(params) {
    +1279     KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);
    +1280     var asn1AlgId = null;
    +1281     var asn1SubjPKey = null;
    +1282     var rsaKey = null;
    +1283 
    +1284     /**
    +1285      * (DEPRECATED) set RSAKey object as subject public key
    +1286      * @name setRSAKey
    +1287      * @memberOf KJUR.asn1.x509.SubjectPublicKeyInfo
    +1288      * @function
    +1289      * @param {RSAKey} rsaKey {@link RSAKey} object for RSA public key
    +1290      * @description
    +1291      * @deprecated
    +1292      * @example
    +1293      * spki.setRSAKey(rsaKey);
    +1294      */
    +1295     this.setRSAKey = function(rsaKey) {
    +1296         if (! RSAKey.prototype.isPrototypeOf(rsaKey))
    +1297             throw "argument is not RSAKey instance";
    +1298         this.rsaKey = rsaKey;
    +1299         var asn1RsaN = new KJUR.asn1.DERInteger({'bigint': rsaKey.n});
    +1300         var asn1RsaE = new KJUR.asn1.DERInteger({'int': rsaKey.e});
    +1301         var asn1RsaPub = new KJUR.asn1.DERSequence({'array': [asn1RsaN, asn1RsaE]});
    +1302         var rsaKeyHex = asn1RsaPub.getEncodedHex();
    +1303         this.asn1AlgId = new KJUR.asn1.x509.AlgorithmIdentifier({'name':'rsaEncryption'});
    +1304         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex':'00'+rsaKeyHex});
    +1305     };
    +1306 
    +1307     /**
    +1308      * (DEPRECATED) set a PEM formatted RSA public key string as RSA public key
    +1309      * @name setRSAPEM
    +1310      * @memberOf KJUR.asn1.x509.SubjectPublicKeyInfo
    +1311      * @function
    +1312      * @param {String} rsaPubPEM PEM formatted RSA public key string
    +1313      * @deprecated
    +1314      * @description
    +1315      * @example
    +1316      * spki.setRSAPEM(rsaPubPEM);
    +1317      */
    +1318     this.setRSAPEM = function(rsaPubPEM) {
    +1319         if (rsaPubPEM.match(/-----BEGIN PUBLIC KEY-----/)) {
    +1320             var s = rsaPubPEM;
    +1321             s = s.replace(/^-----[^-]+-----/, '');
    +1322             s = s.replace(/-----[^-]+-----\s*$/, '');
    +1323             var rsaB64 = s.replace(/\s+/g, '');
    +1324             var rsaWA = CryptoJS.enc.Base64.parse(rsaB64);
    +1325             var rsaP8Hex = CryptoJS.enc.Hex.stringify(rsaWA);
    +1326             var a = _rsapem_getHexValueArrayOfChildrenFromHex(rsaP8Hex);
    +1327             var hBitStrVal = a[1];
    +1328             var rsaHex = hBitStrVal.substr(2);
    +1329             var a3 = _rsapem_getHexValueArrayOfChildrenFromHex(rsaHex);
    +1330             var rsaKey = new RSAKey();
    +1331             rsaKey.setPublic(a3[0], a3[1]);
    +1332             this.setRSAKey(rsaKey);
    +1333         } else {
    +1334             throw "key not supported";
    +1335         }
    +1336     };
    +1337 
    +1338     /*
    +1339      * @since asn1x509 1.0.7
    +1340      */
    +1341     this.getASN1Object = function() {
    +1342         if (this.asn1AlgId == null || this.asn1SubjPKey == null)
    +1343             throw "algId and/or subjPubKey not set";
    +1344         var o = new KJUR.asn1.DERSequence({'array':
    +1345                                            [this.asn1AlgId, this.asn1SubjPKey]});
    +1346         return o;
    +1347     };
    +1348 
    +1349     this.getEncodedHex = function() {
    +1350         var o = this.getASN1Object();
    +1351         this.hTLV = o.getEncodedHex();
    +1352         return this.hTLV;
    +1353     };
    +1354 
    +1355     this._setRSAKey = function(key) {
    +1356         var asn1RsaPub = KJUR.asn1.ASN1Util.newObject({
    +1357             'seq': [{'int': {'bigint': key.n}}, {'int': {'int': key.e}}]
    +1358         });
    +1359         var rsaKeyHex = asn1RsaPub.getEncodedHex();
    +1360         this.asn1AlgId = new KJUR.asn1.x509.AlgorithmIdentifier({'name':'rsaEncryption'});
    +1361         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex':'00'+rsaKeyHex});
    +1362     };
    +1363 
    +1364     this._setEC = function(key) {
    +1365         var asn1Params = new KJUR.asn1.DERObjectIdentifier({'name': key.curveName});
    +1366         this.asn1AlgId = 
    +1367             new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'ecPublicKey',
    +1368                                                     'asn1params': asn1Params});
    +1369         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + key.pubKeyHex});
    +1370     };
    +1371 
    +1372     this._setDSA = function(key) {
    +1373         var asn1Params = new KJUR.asn1.ASN1Util.newObject({
    +1374             'seq': [{'int': {'bigint': key.p}},
    +1375                     {'int': {'bigint': key.q}},
    +1376                     {'int': {'bigint': key.g}}]
    +1377         });
    +1378         this.asn1AlgId = 
    +1379             new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'dsa',
    +1380                                                     'asn1params': asn1Params});
    +1381         var pubInt = new KJUR.asn1.DERInteger({'bigint': key.y});
    +1382         this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + pubInt.getEncodedHex()});
    +1383     };
    +1384 
    +1385     if (typeof params != "undefined") {
    +1386         if (typeof RSAKey != 'undefined' && params instanceof RSAKey) {
    +1387             this._setRSAKey(params);
    +1388         } else if (typeof KJUR.crypto.ECDSA != 'undefined' &&
    +1389                    params instanceof KJUR.crypto.ECDSA) {
    +1390             this._setEC(params);
    +1391         } else if (typeof KJUR.crypto.DSA != 'undefined' &&
    +1392                    params instanceof KJUR.crypto.DSA) {
    +1393             this._setDSA(params);
    +1394         } else if (typeof params['rsakey'] != "undefined") {
    +1395             this.setRSAKey(params['rsakey']);
    +1396         } else if (typeof params['rsapem'] != "undefined") {
    +1397             this.setRSAPEM(params['rsapem']);
    +1398         }
    +1399     }
    +1400 };
    +1401 YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo, KJUR.asn1.ASN1Object);
    +1402 
    +1403 /**
    +1404  * Time ASN.1 structure class
    +1405  * @name KJUR.asn1.x509.Time
    +1406  * @class Time ASN.1 structure class
    +1407  * @param {Array} params associative array of parameters (ex. {'str': '130508235959Z'})
    +1408  * @extends KJUR.asn1.ASN1Object
    +1409  * @description
    +1410  * <br/>
    +1411  * <h4>EXAMPLES</h4>
    +1412  * @example
    +1413  * var t1 = new KJUR.asn1.x509.Time{'str': '130508235959Z'} // UTCTime by default
    +1414  * var t2 = new KJUR.asn1.x509.Time{'type': 'gen',  'str': '20130508235959Z'} // GeneralizedTime
    +1415  */
    +1416 KJUR.asn1.x509.Time = function(params) {
    +1417     KJUR.asn1.x509.Time.superclass.constructor.call(this);
    +1418     var type = null;
    +1419     var timeParams = null;
    +1420 
    +1421     this.setTimeParams = function(timeParams) {
    +1422         this.timeParams = timeParams;
    +1423     }
    +1424 
    +1425     this.getEncodedHex = function() {
    +1426         var o = null;
    +1427 
    +1428         if (this.timeParams != null) {
    +1429             if (this.type == "utc") {
    +1430                 o = new KJUR.asn1.DERUTCTime(this.timeParams);
    +1431             } else {
    +1432                 o = new KJUR.asn1.DERGeneralizedTime(this.timeParams);
    +1433             }
    +1434         } else {
    +1435             if (this.type == "utc") {
    +1436                 o = new KJUR.asn1.DERUTCTime();
    +1437             } else {
    +1438                 o = new KJUR.asn1.DERGeneralizedTime();
    +1439             }
    +1440         }
    +1441         this.TLV = o.getEncodedHex();
    +1442         return this.TLV;
    +1443     };
    +1444     
    +1445     this.type = "utc";
    +1446     if (typeof params != "undefined") {
    +1447         if (typeof params.type != "undefined") {
    +1448             this.type = params.type;
    +1449         } else {
    +1450             if (typeof params.str != "undefined") {
    +1451                 if (params.str.match(/^[0-9]{12}Z$/)) this.type = "utc";
    +1452                 if (params.str.match(/^[0-9]{14}Z$/)) this.type = "gen";
    +1453             }
    +1454         }
    +1455         this.timeParams = params;
    +1456     }
    +1457 };
    +1458 YAHOO.lang.extend(KJUR.asn1.x509.Time, KJUR.asn1.ASN1Object);
    +1459 
    +1460 /**
    +1461  * AlgorithmIdentifier ASN.1 structure class
    +1462  * @name KJUR.asn1.x509.AlgorithmIdentifier
    +1463  * @class AlgorithmIdentifier ASN.1 structure class
    +1464  * @param {Array} params associative array of parameters (ex. {'name': 'SHA1withRSA'})
    +1465  * @extends KJUR.asn1.ASN1Object
    +1466  * @description
    +1467  * @example
    +1468  */
    +1469 KJUR.asn1.x509.AlgorithmIdentifier = function(params) {
    +1470     KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);
    +1471     var nameAlg = null;
    +1472     var asn1Alg = null;
    +1473     var asn1Params = null;
    +1474     var paramEmpty = false;
    +1475 
    +1476     this.getEncodedHex = function() {
    +1477         if (this.nameAlg == null && this.asn1Alg == null) {
    +1478             throw "algorithm not specified";
    +1479         }
    +1480         if (this.nameAlg != null && this.asn1Alg == null) {
    +1481             this.asn1Alg = KJUR.asn1.x509.OID.name2obj(this.nameAlg);
    +1482         }
    +1483         var a = [this.asn1Alg];
    +1484         if (! this.paramEmpty) a.push(this.asn1Params);
    +1485         var o = new KJUR.asn1.DERSequence({'array': a});
    +1486         this.hTLV = o.getEncodedHex();
    +1487         return this.hTLV;
    +1488     };
    +1489 
    +1490     if (typeof params != "undefined") {
    +1491         if (typeof params['name'] != "undefined") {
    +1492             this.nameAlg = params['name'];
    +1493         }
    +1494         if (typeof params['asn1params'] != "undefined") {
    +1495             this.asn1Params = params['asn1params'];
    +1496         }
    +1497         if (typeof params['paramempty'] != "undefined") {
    +1498             this.paramEmpty = params['paramempty'];
    +1499         }
    +1500     }
    +1501     if (this.asn1Params == null) {
    +1502         this.asn1Params = new KJUR.asn1.DERNull();
    +1503     }
    +1504 };
    +1505 YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier, KJUR.asn1.ASN1Object);
    +1506 
    +1507 /**
    +1508  * GeneralName ASN.1 structure class
    +1509  * @name KJUR.asn1.x509.GeneralName
    +1510  * @class GeneralName ASN.1 structure class
    +1511  * @description
    +1512  * <br/>
    +1513  * As for argument 'params' for constructor, you can specify one of
    +1514  * following properties:
    +1515  * <ul>
    +1516  * <li>rfc822 - rfc822Name[1] (ex. user1@foo.com)</li>
    +1517  * <li>dns - dNSName[2] (ex. foo.com)</li>
    +1518  * <li>uri - uniformResourceIdentifier[6] (ex. http://foo.com/)</li>
    +1519  * </ul>
    +1520  * NOTE: Currently this only supports 'uniformResourceIdentifier'.
    +1521  * <h4>EXAMPLE AND ASN.1 SYNTAX</h4>
    +1522  * @example
    +1523  * var gn = new KJUR.asn1.x509.GeneralName({'uri': 'http://aaa.com/'});
    +1524  *
    +1525  * GeneralName ::= CHOICE {
    +1526  *         otherName                       [0]     OtherName,
    +1527  *         rfc822Name                      [1]     IA5String,
    +1528  *         dNSName                         [2]     IA5String,
    +1529  *         x400Address                     [3]     ORAddress,
    +1530  *         directoryName                   [4]     Name,
    +1531  *         ediPartyName                    [5]     EDIPartyName,
    +1532  *         uniformResourceIdentifier       [6]     IA5String,
    +1533  *         iPAddress                       [7]     OCTET STRING,
    +1534  *         registeredID                    [8]     OBJECT IDENTIFIER } 
    +1535  */
    +1536 KJUR.asn1.x509.GeneralName = function(params) {
    +1537     KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);
    +1538     var asn1Obj = null;
    +1539     var type = null;
    +1540     var pTag = {'rfc822': '81', 'dns': '82', 'uri': '86'};
    +1541 
    +1542     this.setByParam = function(params) {
    +1543         var str = null;
    +1544         var v = null;
    +1545 
    +1546         if (typeof params['rfc822'] != "undefined") {
    +1547             this.type = 'rfc822';
    +1548             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    +1549         }
    +1550         if (typeof params['dns'] != "undefined") {
    +1551             this.type = 'dns';
    +1552             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    +1553         }
    +1554         if (typeof params['uri'] != "undefined") {
    +1555             this.type = 'uri';
    +1556             v = new KJUR.asn1.DERIA5String({'str': params[this.type]});
    +1557         }
    +1558 
    +1559         if (this.type == null)
    +1560             throw "unsupported type in params=" + params;
    +1561         this.asn1Obj = new KJUR.asn1.DERTaggedObject({'explicit': false,
    +1562                                                       'tag': pTag[this.type],
    +1563                                                       'obj': v});
    +1564     };
    +1565 
    +1566     this.getEncodedHex = function() {
    +1567         return this.asn1Obj.getEncodedHex();
    +1568     }
    +1569 
    +1570     if (typeof params != "undefined") {
    +1571         this.setByParam(params);
    +1572     }
    +1573 
    +1574 };
    +1575 YAHOO.lang.extend(KJUR.asn1.x509.GeneralName, KJUR.asn1.ASN1Object);
    +1576 
    +1577 /**
    +1578  * GeneralNames ASN.1 structure class
    +1579  * @name KJUR.asn1.x509.GeneralNames
    +1580  * @class GeneralNames ASN.1 structure class
    +1581  * @description
    +1582  * <br/>
    +1583  * <h4>EXAMPLE AND ASN.1 SYNTAX</h4>
    +1584  * @example
    +1585  * var gns = new KJUR.asn1.x509.GeneralNames([{'uri': 'http://aaa.com/'}, {'uri': 'http://bbb.com/'}]); 
    +1586  *
    +1587  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
    +1588  */
    +1589 KJUR.asn1.x509.GeneralNames = function(paramsArray) {
    +1590     KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);
    +1591     var asn1Array = null;
    +1592 
    +1593     /**
    +1594      * set a array of {@link KJUR.asn1.x509.GeneralName} parameters
    +1595      * @name setByParamArray
    +1596      * @memberOf KJUR.asn1.x509.GeneralNames
    +1597      * @function
    +1598      * @param {Array} paramsArray Array of {@link KJUR.asn1.x509.GeneralNames}
    +1599      * @description
    +1600      * <br/>
    +1601      * <h4>EXAMPLES</h4>
    +1602      * @example
    +1603      * var gns = new KJUR.asn1.x509.GeneralNames();
    +1604      * gns.setByParamArray([{'uri': 'http://aaa.com/'}, {'uri': 'http://bbb.com/'}]);
    +1605      */
    +1606     this.setByParamArray = function(paramsArray) {
    +1607         for (var i = 0; i < paramsArray.length; i++) {
    +1608             var o = new KJUR.asn1.x509.GeneralName(paramsArray[i]);
    +1609             this.asn1Array.push(o);
    +1610         }
    +1611     };
     1612 
    -1613 /**
    -1614  * DistributionPointName ASN.1 structure class
    -1615  * @name KJUR.asn1.x509.DistributionPointName
    -1616  * @class DistributionPointName ASN.1 structure class
    -1617  * @description
    -1618  * @example
    -1619  */
    -1620 KJUR.asn1.x509.DistributionPointName = function(gnOrRdn) {
    -1621     KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);
    -1622     var asn1Obj = null;
    -1623     var type = null;
    -1624     var tag = null;
    -1625     var asn1V = null;
    -1626 
    -1627     this.getEncodedHex = function() {
    -1628         if (this.type != "full")
    -1629             throw "currently type shall be 'full': " + this.type;
    -1630         this.asn1Obj = new KJUR.asn1.DERTaggedObject({'explicit': false,
    -1631                                                       'tag': this.tag,
    -1632                                                       'obj': this.asn1V});
    -1633         this.hTLV = this.asn1Obj.getEncodedHex();
    -1634         return this.hTLV;
    -1635     };
    -1636 
    -1637     if (typeof gnOrRdn != "undefined") {
    -1638         if (KJUR.asn1.x509.GeneralNames.prototype.isPrototypeOf(gnOrRdn)) {
    -1639             this.type = "full";
    -1640             this.tag = "a0";
    -1641             this.asn1V = gnOrRdn;
    -1642         } else {
    -1643             throw "This class supports GeneralNames only as argument";
    -1644         }
    -1645     }
    -1646 };
    -1647 YAHOO.lang.extend(KJUR.asn1.x509.DistributionPointName, KJUR.asn1.ASN1Object);
    +1613     this.getEncodedHex = function() {
    +1614         var o = new KJUR.asn1.DERSequence({'array': this.asn1Array});
    +1615         return o.getEncodedHex();
    +1616     };
    +1617 
    +1618     this.asn1Array = new Array();
    +1619     if (typeof paramsArray != "undefined") {
    +1620         this.setByParamArray(paramsArray);
    +1621     }
    +1622 };
    +1623 YAHOO.lang.extend(KJUR.asn1.x509.GeneralNames, KJUR.asn1.ASN1Object);
    +1624 
    +1625 /**
    +1626  * DistributionPointName ASN.1 structure class
    +1627  * @name KJUR.asn1.x509.DistributionPointName
    +1628  * @class DistributionPointName ASN.1 structure class
    +1629  * @description
    +1630  * @example
    +1631  */
    +1632 KJUR.asn1.x509.DistributionPointName = function(gnOrRdn) {
    +1633     KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);
    +1634     var asn1Obj = null;
    +1635     var type = null;
    +1636     var tag = null;
    +1637     var asn1V = null;
    +1638 
    +1639     this.getEncodedHex = function() {
    +1640         if (this.type != "full")
    +1641             throw "currently type shall be 'full': " + this.type;
    +1642         this.asn1Obj = new KJUR.asn1.DERTaggedObject({'explicit': false,
    +1643                                                       'tag': this.tag,
    +1644                                                       'obj': this.asn1V});
    +1645         this.hTLV = this.asn1Obj.getEncodedHex();
    +1646         return this.hTLV;
    +1647     };
     1648 
    -1649 /**
    -1650  * DistributionPoint ASN.1 structure class
    -1651  * @name KJUR.asn1.x509.DistributionPoint
    -1652  * @class DistributionPoint ASN.1 structure class
    -1653  * @description
    -1654  * @example
    -1655  */
    -1656 KJUR.asn1.x509.DistributionPoint = function(params) {
    -1657     KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);
    -1658     var asn1DP = null;
    -1659 
    -1660     this.getEncodedHex = function() {
    -1661         var seq = new KJUR.asn1.DERSequence();
    -1662         if (this.asn1DP != null) {
    -1663             var o1 = new KJUR.asn1.DERTaggedObject({'explicit': true,
    -1664                                                     'tag': 'a0',
    -1665                                                     'obj': this.asn1DP});
    -1666             seq.appendASN1Object(o1);
    -1667         }
    -1668         this.hTLV = seq.getEncodedHex();
    -1669         return this.hTLV;
    -1670     };
    +1649     if (typeof gnOrRdn != "undefined") {
    +1650         if (KJUR.asn1.x509.GeneralNames.prototype.isPrototypeOf(gnOrRdn)) {
    +1651             this.type = "full";
    +1652             this.tag = "a0";
    +1653             this.asn1V = gnOrRdn;
    +1654         } else {
    +1655             throw "This class supports GeneralNames only as argument";
    +1656         }
    +1657     }
    +1658 };
    +1659 YAHOO.lang.extend(KJUR.asn1.x509.DistributionPointName, KJUR.asn1.ASN1Object);
    +1660 
    +1661 /**
    +1662  * DistributionPoint ASN.1 structure class
    +1663  * @name KJUR.asn1.x509.DistributionPoint
    +1664  * @class DistributionPoint ASN.1 structure class
    +1665  * @description
    +1666  * @example
    +1667  */
    +1668 KJUR.asn1.x509.DistributionPoint = function(params) {
    +1669     KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);
    +1670     var asn1DP = null;
     1671 
    -1672     if (typeof params != "undefined") {
    -1673         if (typeof params['dpobj'] != "undefined") {
    -1674             this.asn1DP = params['dpobj'];
    -1675         }
    -1676     }
    -1677 };
    -1678 YAHOO.lang.extend(KJUR.asn1.x509.DistributionPoint, KJUR.asn1.ASN1Object);
    -1679 
    -1680 /**
    -1681  * static object for OID
    -1682  * @name KJUR.asn1.x509.OID
    -1683  * @class static object for OID
    -1684  * @property {Assoc Array} atype2oidList for short attribyte type name and oid (i.e. 'C' and '2.5.4.6')
    -1685  * @property {Assoc Array} name2oidList for oid name and oid (i.e. 'keyUsage' and '2.5.29.15')
    -1686  * @property {Assoc Array} objCache for caching name and DERObjectIdentifier object 
    -1687  * @description
    -1688  * <dl>
    -1689  * <dt><b>atype2oidList</b>
    -1690  * <dd>currently supports 'C', 'O', 'OU', 'ST', 'L' and 'CN' only.
    -1691  * <dt><b>name2oidList</b>
    -1692  * <dd>currently supports 'SHA1withRSA', 'rsaEncryption' and some extension OIDs
    -1693  * </dl>
    -1694  * @example
    -1695  */
    -1696 KJUR.asn1.x509.OID = new function(params) {
    -1697     this.atype2oidList = {
    -1698         'C':    '2.5.4.6',
    -1699         'O':    '2.5.4.10',
    -1700         'OU':   '2.5.4.11',
    -1701         'ST':   '2.5.4.8',
    -1702         'L':    '2.5.4.7',
    -1703         'CN':   '2.5.4.3',
    -1704     };
    -1705     this.name2oidList = {
    -1706         'sha384':           '2.16.840.1.101.3.4.2.2',
    -1707         'sha224':           '2.16.840.1.101.3.4.2.4',
    -1708 
    -1709         'MD2withRSA':           '1.2.840.113549.1.1.2',
    -1710         'MD4withRSA':           '1.2.840.113549.1.1.3',
    -1711         'MD5withRSA':           '1.2.840.113549.1.1.4',
    -1712         'SHA1withRSA':          '1.2.840.113549.1.1.5',
    -1713         'SHA224withRSA':        '1.2.840.113549.1.1.14',
    -1714         'SHA256withRSA':        '1.2.840.113549.1.1.11',
    -1715         'SHA384withRSA':        '1.2.840.113549.1.1.12',
    -1716         'SHA512withRSA':        '1.2.840.113549.1.1.13',
    -1717 
    -1718         'SHA1withECDSA':        '1.2.840.10045.4.1',
    -1719         'SHA224withECDSA':      '1.2.840.10045.4.3.1',
    -1720         'SHA256withECDSA':      '1.2.840.10045.4.3.2',
    -1721         'SHA384withECDSA':      '1.2.840.10045.4.3.3',
    -1722         'SHA512withECDSA':      '1.2.840.10045.4.3.4',
    -1723 
    -1724         'dsa':              '1.2.840.10040.4.1',
    -1725         'SHA1withDSA':          '1.2.840.10040.4.3',
    -1726         'SHA224withDSA':        '2.16.840.1.101.3.4.3.1',
    -1727         'SHA256withDSA':        '2.16.840.1.101.3.4.3.2',
    +1672     this.getEncodedHex = function() {
    +1673         var seq = new KJUR.asn1.DERSequence();
    +1674         if (this.asn1DP != null) {
    +1675             var o1 = new KJUR.asn1.DERTaggedObject({'explicit': true,
    +1676                                                     'tag': 'a0',
    +1677                                                     'obj': this.asn1DP});
    +1678             seq.appendASN1Object(o1);
    +1679         }
    +1680         this.hTLV = seq.getEncodedHex();
    +1681         return this.hTLV;
    +1682     };
    +1683 
    +1684     if (typeof params != "undefined") {
    +1685         if (typeof params['dpobj'] != "undefined") {
    +1686             this.asn1DP = params['dpobj'];
    +1687         }
    +1688     }
    +1689 };
    +1690 YAHOO.lang.extend(KJUR.asn1.x509.DistributionPoint, KJUR.asn1.ASN1Object);
    +1691 
    +1692 /**
    +1693  * static object for OID
    +1694  * @name KJUR.asn1.x509.OID
    +1695  * @class static object for OID
    +1696  * @property {Assoc Array} atype2oidList for short attribyte type name and oid (i.e. 'C' and '2.5.4.6')
    +1697  * @property {Assoc Array} name2oidList for oid name and oid (i.e. 'keyUsage' and '2.5.29.15')
    +1698  * @property {Assoc Array} objCache for caching name and DERObjectIdentifier object 
    +1699  * @description
    +1700  * <dl>
    +1701  * <dt><b>atype2oidList</b>
    +1702  * <dd>currently supports 'C', 'O', 'OU', 'ST', 'L' and 'CN' only.
    +1703  * <dt><b>name2oidList</b>
    +1704  * <dd>currently supports 'SHA1withRSA', 'rsaEncryption' and some extension OIDs
    +1705  * </dl>
    +1706  * @example
    +1707  */
    +1708 KJUR.asn1.x509.OID = new function(params) {
    +1709     this.atype2oidList = {
    +1710         'C':    '2.5.4.6',
    +1711         'O':    '2.5.4.10',
    +1712         'OU':   '2.5.4.11',
    +1713         'ST':   '2.5.4.8',
    +1714         'L':    '2.5.4.7',
    +1715         'CN':   '2.5.4.3',
    +1716         'DN':   '2.5.4.49',
    +1717         'DC':   '0.9.2342.19200300.100.1.25',
    +1718     };
    +1719     this.name2oidList = {
    +1720         'sha1':                 '1.3.14.3.2.26',
    +1721         'sha256':               '2.16.840.1.101.3.4.2.1',
    +1722         'sha384':               '2.16.840.1.101.3.4.2.2',
    +1723         'sha512':               '2.16.840.1.101.3.4.2.3',
    +1724         'sha224':               '2.16.840.1.101.3.4.2.4',
    +1725         'md5':                  '1.2.840.113549.2.5',
    +1726         'md2':                  '1.3.14.7.2.2.1',
    +1727         'ripemd160':            '1.3.36.3.2.1',
     1728 
    -1729         'rsaEncryption':        '1.2.840.113549.1.1.1',
    -1730         'subjectKeyIdentifier':     '2.5.29.14',
    -1731 
    -1732         'countryName':          '2.5.4.6',
    -1733         'organization':         '2.5.4.10',
    -1734         'organizationalUnit':       '2.5.4.11',
    -1735         'stateOrProvinceName':      '2.5.4.8',
    -1736         'locality':         '2.5.4.7',
    -1737         'commonName':           '2.5.4.3',
    -1738 
    -1739         'keyUsage':         '2.5.29.15',
    -1740         'basicConstraints':     '2.5.29.19',
    -1741         'cRLDistributionPoints':    '2.5.29.31',
    -1742         'certificatePolicies':      '2.5.29.32',
    -1743         'authorityKeyIdentifier':   '2.5.29.35',
    -1744         'extKeyUsage':          '2.5.29.37',
    -1745 
    -1746         'anyExtendedKeyUsage':      '2.5.29.37.0',
    -1747         'serverAuth':           '1.3.6.1.5.5.7.3.1',
    -1748         'clientAuth':           '1.3.6.1.5.5.7.3.2',
    -1749         'codeSigning':          '1.3.6.1.5.5.7.3.3',
    -1750         'emailProtection':      '1.3.6.1.5.5.7.3.4',
    -1751         'timeStamping':         '1.3.6.1.5.5.7.3.8',
    -1752         'ocspSigning':          '1.3.6.1.5.5.7.3.9',
    -1753 
    -1754         'ecPublicKey':          '1.2.840.10045.2.1',
    -1755         'secp256r1':            '1.2.840.10045.3.1.7',
    -1756         'secp256k1':            '1.3.132.0.10',
    -1757         'secp384r1':            '1.3.132.0.34',
    +1729         'MD2withRSA':           '1.2.840.113549.1.1.2',
    +1730         'MD4withRSA':           '1.2.840.113549.1.1.3',
    +1731         'MD5withRSA':           '1.2.840.113549.1.1.4',
    +1732         'SHA1withRSA':          '1.2.840.113549.1.1.5',
    +1733         'SHA224withRSA':        '1.2.840.113549.1.1.14',
    +1734         'SHA256withRSA':        '1.2.840.113549.1.1.11',
    +1735         'SHA384withRSA':        '1.2.840.113549.1.1.12',
    +1736         'SHA512withRSA':        '1.2.840.113549.1.1.13',
    +1737 
    +1738         'SHA1withECDSA':        '1.2.840.10045.4.1',
    +1739         'SHA224withECDSA':      '1.2.840.10045.4.3.1',
    +1740         'SHA256withECDSA':      '1.2.840.10045.4.3.2',
    +1741         'SHA384withECDSA':      '1.2.840.10045.4.3.3',
    +1742         'SHA512withECDSA':      '1.2.840.10045.4.3.4',
    +1743 
    +1744         'dsa':                  '1.2.840.10040.4.1',
    +1745         'SHA1withDSA':          '1.2.840.10040.4.3',
    +1746         'SHA224withDSA':        '2.16.840.1.101.3.4.3.1',
    +1747         'SHA256withDSA':        '2.16.840.1.101.3.4.3.2',
    +1748 
    +1749         'rsaEncryption':        '1.2.840.113549.1.1.1',
    +1750         'subjectKeyIdentifier': '2.5.29.14',
    +1751 
    +1752         'countryName':          '2.5.4.6',
    +1753         'organization':         '2.5.4.10',
    +1754         'organizationalUnit':   '2.5.4.11',
    +1755         'stateOrProvinceName':  '2.5.4.8',
    +1756         'locality':             '2.5.4.7',
    +1757         'commonName':           '2.5.4.3',
     1758 
    -1759         'pkcs5PBES2':           '1.2.840.113549.1.5.13',
    -1760         'pkcs5PBKDF2':          '1.2.840.113549.1.5.12',
    -1761 
    -1762         'des-EDE3-CBC':         '1.2.840.113549.3.7',
    -1763     };
    -1764 
    -1765     this.objCache = {};
    -1766 
    -1767     /**
    -1768      * get DERObjectIdentifier by registered OID name
    -1769      * @name name2obj
    -1770      * @memberOf KJUR.asn1.x509.OID
    -1771      * @function
    -1772      * @param {String} name OID
    -1773      * @description
    -1774      * @example
    -1775      * var asn1ObjOID = OID.name2obj('SHA1withRSA');
    -1776      */
    -1777     this.name2obj = function(name) {
    -1778         if (typeof this.objCache[name] != "undefined")
    -1779             return this.objCache[name];
    -1780         if (typeof this.name2oidList[name] == "undefined")
    -1781             throw "Name of ObjectIdentifier not defined: " + name;
    -1782         var oid = this.name2oidList[name];
    -1783         var obj = new KJUR.asn1.DERObjectIdentifier({'oid': oid});
    -1784         this.objCache[name] = obj;
    -1785         return obj;
    -1786     };
    -1787 
    -1788     /**
    -1789      * get DERObjectIdentifier by registered attribyte type name such like 'C' or 'CN'
    -1790      * @name atype2obj
    -1791      * @memberOf KJUR.asn1.x509.OID
    -1792      * @function
    -1793      * @param {String} atype short attribute type name such like 'C' or 'CN'
    -1794      * @description
    -1795      * @example
    -1796      * var asn1ObjOID = OID.atype2obj('CN');
    -1797      */
    -1798     this.atype2obj = function(atype) {
    -1799         if (typeof this.objCache[atype] != "undefined")
    -1800             return this.objCache[atype];
    -1801         if (typeof this.atype2oidList[atype] == "undefined")
    -1802             throw "AttributeType name undefined: " + atype;
    -1803         var oid = this.atype2oidList[atype];
    -1804         var obj = new KJUR.asn1.DERObjectIdentifier({'oid': oid});
    -1805         this.objCache[atype] = obj;
    -1806         return obj;
    -1807     };
    -1808 };
    -1809 
    -1810 /**
    -1811  * X.509 certificate and CRL utilities class
    -1812  * @name KJUR.asn1.x509.X509Util
    -1813  * @class X.509 certificate and CRL utilities class
    -1814  */
    -1815 KJUR.asn1.x509.X509Util = new function() {
    +1759         'keyUsage':             '2.5.29.15',
    +1760         'basicConstraints':     '2.5.29.19',
    +1761         'cRLDistributionPoints':'2.5.29.31',
    +1762         'certificatePolicies':  '2.5.29.32',
    +1763         'authorityKeyIdentifier':'2.5.29.35',
    +1764         'extKeyUsage':          '2.5.29.37',
    +1765 
    +1766         'anyExtendedKeyUsage':  '2.5.29.37.0',
    +1767         'serverAuth':           '1.3.6.1.5.5.7.3.1',
    +1768         'clientAuth':           '1.3.6.1.5.5.7.3.2',
    +1769         'codeSigning':          '1.3.6.1.5.5.7.3.3',
    +1770         'emailProtection':      '1.3.6.1.5.5.7.3.4',
    +1771         'timeStamping':         '1.3.6.1.5.5.7.3.8',
    +1772         'ocspSigning':          '1.3.6.1.5.5.7.3.9',
    +1773 
    +1774         'ecPublicKey':          '1.2.840.10045.2.1',
    +1775         'secp256r1':            '1.2.840.10045.3.1.7',
    +1776         'secp256k1':            '1.3.132.0.10',
    +1777         'secp384r1':            '1.3.132.0.34',
    +1778 
    +1779         'pkcs5PBES2':           '1.2.840.113549.1.5.13',
    +1780         'pkcs5PBKDF2':          '1.2.840.113549.1.5.12',
    +1781 
    +1782         'des-EDE3-CBC':         '1.2.840.113549.3.7',
    +1783 
    +1784         'data':                 '1.2.840.113549.1.7.1', // CMS data
    +1785         'signed-data':          '1.2.840.113549.1.7.2', // CMS signed-data
    +1786         'enveloped-data':       '1.2.840.113549.1.7.3', // CMS enveloped-data
    +1787         'digested-data':        '1.2.840.113549.1.7.5', // CMS digested-data
    +1788         'encrypted-data':       '1.2.840.113549.1.7.6', // CMS encrypted-data
    +1789         'authenticated-data':   '1.2.840.113549.1.9.16.1.2', // CMS authenticated-data
    +1790         'tstinfo':              '1.2.840.113549.1.9.16.1.4', // RFC3161 TSTInfo
    +1791     };
    +1792 
    +1793     this.objCache = {};
    +1794 
    +1795     /**
    +1796      * get DERObjectIdentifier by registered OID name
    +1797      * @name name2obj
    +1798      * @memberOf KJUR.asn1.x509.OID
    +1799      * @function
    +1800      * @param {String} name OID
    +1801      * @description
    +1802      * @example
    +1803      * var asn1ObjOID = OID.name2obj('SHA1withRSA');
    +1804      */
    +1805     this.name2obj = function(name) {
    +1806         if (typeof this.objCache[name] != "undefined")
    +1807             return this.objCache[name];
    +1808         if (typeof this.name2oidList[name] == "undefined")
    +1809             throw "Name of ObjectIdentifier not defined: " + name;
    +1810         var oid = this.name2oidList[name];
    +1811         var obj = new KJUR.asn1.DERObjectIdentifier({'oid': oid});
    +1812         this.objCache[name] = obj;
    +1813         return obj;
    +1814     };
    +1815 
     1816     /**
    -1817      * get PKCS#8 PEM public key string from RSAKey object
    -1818      * @name getPKCS8PubKeyPEMfromRSAKey
    -1819      * @memberOf KJUR.asn1.x509.X509Util
    +1817      * get DERObjectIdentifier by registered attribyte type name such like 'C' or 'CN'
    +1818      * @name atype2obj
    +1819      * @memberOf KJUR.asn1.x509.OID
     1820      * @function
    -1821      * @param {RSAKey} rsaKey RSA public key of {@link RSAKey} object
    +1821      * @param {String} atype short attribute type name such like 'C' or 'CN'
     1822      * @description
     1823      * @example
    -1824      * var pem = KJUR.asn1.x509.X509Util.getPKCS8PubKeyPEMfromRSAKey(pubKey);
    +1824      * var asn1ObjOID = OID.atype2obj('CN');
     1825      */
    -1826     this.getPKCS8PubKeyPEMfromRSAKey = function(rsaKey) {
    -1827         var pem = null;
    -1828         var hN = KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(rsaKey.n);
    -1829         var hE = KJUR.asn1.ASN1Util.integerToByteHex(rsaKey.e);
    -1830         var iN = new KJUR.asn1.DERInteger({hex: hN});
    -1831         var iE = new KJUR.asn1.DERInteger({hex: hE});
    -1832         var asn1PubKey = new KJUR.asn1.DERSequence({array: [iN, iE]});
    -1833         var hPubKey = asn1PubKey.getEncodedHex();
    -1834         var o1 = new KJUR.asn1.x509.AlgorithmIdentifier({name: 'rsaEncryption'});
    -1835         var o2 = new KJUR.asn1.DERBitString({hex: '00' + hPubKey});
    -1836         var seq = new KJUR.asn1.DERSequence({array: [o1, o2]});
    -1837         var hP8 = seq.getEncodedHex();
    -1838         var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(hP8, "PUBLIC KEY");
    -1839         return pem;
    -1840     };
    -1841 };
    -1842 /**
    -1843  * issue a certificate in PEM format
    -1844  * @name newCertPEM
    -1845  * @memberOf KJUR.asn1.x509.X509Util
    -1846  * @function
    -1847  * @param {Array} param parameter to issue a certificate
    -1848  * @since asn1x509 1.0.6
    -1849  * @description
    -1850  * This method can issue a certificate by a simple
    -1851  * JSON object.
    -1852  * Signature value will be provided by signing with 
    -1853  * private key using 'cakey' parameter or 
    -1854  * hexa decimal signature value by 'sighex' parameter.
    -1855  *
    -1856  * NOTE: When using DSA or ECDSA CA signing key,
    -1857  * use 'paramempty' in 'sigalg' to ommit parameter field
    -1858  * of AlgorithmIdentifer. In case of RSA, parameter
    -1859  * NULL will be specified by default.
    -1860  *
    -1861  * @example
    -1862  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
    -1863  * { serial: {int: 4},
    -1864  *   sigalg: {name: 'SHA1withECDSA', paramempty: true},
    -1865  *   issuer: {str: '/C=US/O=a'},
    -1866  *   notbefore: {'str': '130504235959Z'},
    -1867  *   notafter: {'str': '140504235959Z'},
    -1868  *   subject: {str: '/C=US/O=b'},
    -1869  *   sbjpubkey: pubKeyPEM,
    -1870  *   ext: [
    -1871  *     {basicConstraints: {cA: true, critical: true}},
    -1872  *     {keyUsage: {bin: '11'}},
    -1873  *   ],
    -1874  *   cakey: [prvkey, pass]}
    -1875  * );
    -1876  * // -- or --
    -1877  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
    -1878  * { serial: {int: 1},
    -1879  *   sigalg: {name: 'SHA1withRSA', paramempty: true},
    -1880  *   issuer: {str: '/C=US/O=T1'},
    -1881  *   notbefore: {'str': '130504235959Z'},
    -1882  *   notafter: {'str': '140504235959Z'},
    -1883  *   subject: {str: '/C=US/O=T1'},
    -1884  *   sbjpubkey: pubKeyObj,
    -1885  *   sighex: '0102030405..'}
    -1886  * );
    -1887  */
    -1888 KJUR.asn1.x509.X509Util.newCertPEM = function(param) {
    -1889     var ns1 = KJUR.asn1.x509;
    -1890     var o = new ns1.TBSCertificate();
    -1891 
    -1892     if (param.serial !== undefined)
    -1893         o.setSerialNumberByParam(param.serial);
    -1894     else
    -1895         throw "serial number undefined.";
    -1896 
    -1897     if (typeof param.sigalg.name == 'string')
    -1898         o.setSignatureAlgByParam(param.sigalg);
    -1899     else 
    -1900         throw "unproper signature algorithm name";
    -1901 
    -1902     if (param.issuer !== undefined)
    -1903         o.setIssuerByParam(param.issuer);
    -1904     else
    -1905         throw "issuer name undefined.";
    -1906     
    -1907     if (param.notbefore !== undefined)
    -1908         o.setNotBeforeByParam(param.notbefore);
    -1909     else
    -1910         throw "notbefore undefined.";
    -1911 
    -1912     if (param.notafter !== undefined)
    -1913         o.setNotAfterByParam(param.notafter);
    -1914     else
    -1915         throw "notafter undefined.";
    -1916 
    -1917     if (param.subject !== undefined)
    -1918         o.setSubjectByParam(param.subject);
    -1919     else
    -1920         throw "subject name undefined.";
    -1921 
    -1922     if (param.sbjpubkey !== undefined)
    -1923         o.setSubjectPublicKeyByGetKey(param.sbjpubkey);
    -1924     else
    -1925         throw "subject public key undefined.";
    -1926 
    -1927     if (param.ext !== undefined && param.ext.length !== undefined) {
    -1928         for (var i = 0; i < param.ext.length; i++) {
    -1929             for (key in param.ext[i]) {
    -1930                 o.appendExtensionByName(key, param.ext[i][key]);
    -1931             }
    -1932         }
    -1933     }
    -1934 
    -1935 	// set signature
    -1936 	if (param.cakey === undefined && param.sighex === undefined)
    -1937 		throw "param cakey and sighex undefined.";
    -1938 
    -1939     var caKey = null;
    -1940 	var cert = null;
    -1941 
    -1942     if (param.cakey) {
    -1943         caKey = KEYUTIL.getKey.apply(null, param.cakey);
    -1944 		cert = new ns1.Certificate({'tbscertobj': o, 'prvkeyobj': caKey});
    -1945 		cert.sign();
    -1946 	}
    -1947 
    -1948 	if (param.sighex) {
    -1949 		cert = new ns1.Certificate({'tbscertobj': o});
    -1950 		cert.setSignatureHex(param.sighex);
    -1951 	}
    -1952 
    -1953     return cert.getPEMString();
    -1954 };
    -1955 
    -1956 /*
    -1957   org.bouncycastle.asn1.x500
    -1958   AttributeTypeAndValue
    -1959   DirectoryString
    -1960   RDN
    -1961   X500Name
    -1962   X500NameBuilder
    -1963 
    -1964   org.bouncycastleasn1.x509
    -1965   TBSCertificate
    -1966 */
    -1967 
    \ No newline at end of file +1826
    this.atype2obj = function(atype) { +1827 if (typeof this.objCache[atype] != "undefined") +1828 return this.objCache[atype]; +1829 if (typeof this.atype2oidList[atype] == "undefined") +1830 throw "AttributeType name undefined: " + atype; +1831 var oid = this.atype2oidList[atype]; +1832 var obj = new KJUR.asn1.DERObjectIdentifier({'oid': oid}); +1833 this.objCache[atype] = obj; +1834 return obj; +1835 }; +1836 }; +1837 +1838 /** +1839 * X.509 certificate and CRL utilities class +1840 * @name KJUR.asn1.x509.X509Util +1841 * @class X.509 certificate and CRL utilities class +1842 */ +1843 KJUR.asn1.x509.X509Util = new function() { +1844 /** +1845 * get PKCS#8 PEM public key string from RSAKey object +1846 * @name getPKCS8PubKeyPEMfromRSAKey +1847 * @memberOf KJUR.asn1.x509.X509Util +1848 * @function +1849 * @param {RSAKey} rsaKey RSA public key of {@link RSAKey} object +1850 * @description +1851 * @example +1852 * var pem = KJUR.asn1.x509.X509Util.getPKCS8PubKeyPEMfromRSAKey(pubKey); +1853 */ +1854 this.getPKCS8PubKeyPEMfromRSAKey = function(rsaKey) { +1855 var pem = null; +1856 var hN = KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(rsaKey.n); +1857 var hE = KJUR.asn1.ASN1Util.integerToByteHex(rsaKey.e); +1858 var iN = new KJUR.asn1.DERInteger({hex: hN}); +1859 var iE = new KJUR.asn1.DERInteger({hex: hE}); +1860 var asn1PubKey = new KJUR.asn1.DERSequence({array: [iN, iE]}); +1861 var hPubKey = asn1PubKey.getEncodedHex(); +1862 var o1 = new KJUR.asn1.x509.AlgorithmIdentifier({name: 'rsaEncryption'}); +1863 var o2 = new KJUR.asn1.DERBitString({hex: '00' + hPubKey}); +1864 var seq = new KJUR.asn1.DERSequence({array: [o1, o2]}); +1865 var hP8 = seq.getEncodedHex(); +1866 var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(hP8, "PUBLIC KEY"); +1867 return pem; +1868 }; +1869 }; +1870 /** +1871 * issue a certificate in PEM format +1872 * @name newCertPEM +1873 * @memberOf KJUR.asn1.x509.X509Util +1874 * @function +1875 * @param {Array} param parameter to issue a certificate +1876 * @since asn1x509 1.0.6 +1877 * @description +1878 * This method can issue a certificate by a simple +1879 * JSON object. +1880 * Signature value will be provided by signing with +1881 * private key using 'cakey' parameter or +1882 * hexa decimal signature value by 'sighex' parameter. +1883 * +1884 * NOTE: When using DSA or ECDSA CA signing key, +1885 * use 'paramempty' in 'sigalg' to ommit parameter field +1886 * of AlgorithmIdentifer. In case of RSA, parameter +1887 * NULL will be specified by default. +1888 * +1889 * @example +1890 * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM( +1891 * { serial: {int: 4}, +1892 * sigalg: {name: 'SHA1withECDSA', paramempty: true}, +1893 * issuer: {str: '/C=US/O=a'}, +1894 * notbefore: {'str': '130504235959Z'}, +1895 * notafter: {'str': '140504235959Z'}, +1896 * subject: {str: '/C=US/O=b'}, +1897 * sbjpubkey: pubKeyPEM, +1898 * ext: [ +1899 * {basicConstraints: {cA: true, critical: true}}, +1900 * {keyUsage: {bin: '11'}}, +1901 * ], +1902 * cakey: [prvkey, pass]} +1903 * ); +1904 * // -- or -- +1905 * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM( +1906 * { serial: {int: 1}, +1907 * sigalg: {name: 'SHA1withRSA', paramempty: true}, +1908 * issuer: {str: '/C=US/O=T1'}, +1909 * notbefore: {'str': '130504235959Z'}, +1910 * notafter: {'str': '140504235959Z'}, +1911 * subject: {str: '/C=US/O=T1'}, +1912 * sbjpubkey: pubKeyObj, +1913 * sighex: '0102030405..'} +1914 * ); +1915 */ +1916 KJUR.asn1.x509.X509Util.newCertPEM = function(param) { +1917 var ns1 = KJUR.asn1.x509; +1918 var o = new ns1.TBSCertificate(); +1919 +1920 if (param.serial !== undefined) +1921 o.setSerialNumberByParam(param.serial); +1922 else +1923 throw "serial number undefined."; +1924 +1925 if (typeof param.sigalg.name == 'string') +1926 o.setSignatureAlgByParam(param.sigalg); +1927 else +1928 throw "unproper signature algorithm name"; +1929 +1930 if (param.issuer !== undefined) +1931 o.setIssuerByParam(param.issuer); +1932 else +1933 throw "issuer name undefined."; +1934 +1935 if (param.notbefore !== undefined) +1936 o.setNotBeforeByParam(param.notbefore); +1937 else +1938 throw "notbefore undefined."; +1939 +1940 if (param.notafter !== undefined) +1941 o.setNotAfterByParam(param.notafter); +1942 else +1943 throw "notafter undefined."; +1944 +1945 if (param.subject !== undefined) +1946 o.setSubjectByParam(param.subject); +1947 else +1948 throw "subject name undefined."; +1949 +1950 if (param.sbjpubkey !== undefined) +1951 o.setSubjectPublicKeyByGetKey(param.sbjpubkey); +1952 else +1953 throw "subject public key undefined."; +1954 +1955 if (param.ext !== undefined && param.ext.length !== undefined) { +1956 for (var i = 0; i < param.ext.length; i++) { +1957 for (key in param.ext[i]) { +1958 o.appendExtensionByName(key, param.ext[i][key]); +1959 } +1960 } +1961 } +1962 +1963 // set signature +1964 if (param.cakey === undefined && param.sighex === undefined) +1965 throw "param cakey and sighex undefined."; +1966 +1967 var caKey = null; +1968 var cert = null; +1969 +1970 if (param.cakey) { +1971 caKey = KEYUTIL.getKey.apply(null, param.cakey); +1972 cert = new ns1.Certificate({'tbscertobj': o, 'prvkeyobj': caKey}); +1973 cert.sign(); +1974 } +1975 +1976 if (param.sighex) { +1977 cert = new ns1.Certificate({'tbscertobj': o}); +1978 cert.setSignatureHex(param.sighex); +1979 } +1980 +1981 return cert.getPEMString(); +1982 }; +1983 +1984 /* +1985 org.bouncycastle.asn1.x500 +1986 AttributeTypeAndValue +1987 DirectoryString +1988 RDN +1989 X500Name +1990 X500NameBuilder +1991 +1992 org.bouncycastleasn1.x509 +1993 TBSCertificate +1994 */ +1995
    \ No newline at end of file diff --git a/api/symbols/src/keyutil-1.0.js.html b/api/symbols/src/keyutil-1.0.js.html index 1e08a38c..b781eb2f 100755 --- a/api/symbols/src/keyutil-1.0.js.html +++ b/api/symbols/src/keyutil-1.0.js.html @@ -5,7 +5,7 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} -
      1 /*! keyutil-1.0.6.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
    +	
      1 /*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
       2  */
       3 /*
       4  * keyutil.js - key utility for PKCS#1/5/8 PEM, RSA/DSA/ECDSA key object
    @@ -22,7 +22,7 @@
      15  * @fileOverview
      16  * @name keyutil-1.0.js
      17  * @author Kenji Urushima kenji.urushima@gmail.com
    - 18  * @version keyutil 1.0.6 (2014-May-14)
    + 18  * @version keyutil 1.0.7 (2014-May-17)
      19  * @since jsrsasign 4.1.4
      20  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
      21  */
    @@ -113,131 +113,131 @@
     106     // *****************************************************************
     107     // shared key decryption ------------------------------------------
     108     var decryptAES = function(dataHex, keyHex, ivHex) {
    -109 		return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex);
    +109         return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex);
     110     };
     111 
     112     var decrypt3DES = function(dataHex, keyHex, ivHex) {
    -113 		return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex);
    +113         return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex);
     114     };
     115 
     116     var decryptDES = function(dataHex, keyHex, ivHex) {
    -117 		return decryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex);
    +117         return decryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex);
     118     };
     119 
     120     var decryptGeneral = function(f, dataHex, keyHex, ivHex) {
    -121 		var data = CryptoJS.enc.Hex.parse(dataHex);
    -122 		var key = CryptoJS.enc.Hex.parse(keyHex);
    -123 		var iv = CryptoJS.enc.Hex.parse(ivHex);
    -124 		var encrypted = {};
    -125 		encrypted.key = key;
    -126 		encrypted.iv = iv;
    -127 		encrypted.ciphertext = data;
    -128 		var decrypted = f.decrypt(encrypted, key, { iv: iv });
    -129 		return CryptoJS.enc.Hex.stringify(decrypted);
    +121         var data = CryptoJS.enc.Hex.parse(dataHex);
    +122         var key = CryptoJS.enc.Hex.parse(keyHex);
    +123         var iv = CryptoJS.enc.Hex.parse(ivHex);
    +124         var encrypted = {};
    +125         encrypted.key = key;
    +126         encrypted.iv = iv;
    +127         encrypted.ciphertext = data;
    +128         var decrypted = f.decrypt(encrypted, key, { iv: iv });
    +129         return CryptoJS.enc.Hex.stringify(decrypted);
     130     };
     131 
     132     // shared key decryption ------------------------------------------
     133     var encryptAES = function(dataHex, keyHex, ivHex) {
    -134 		return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex);
    +134         return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex);
     135     };
     136 
     137     var encrypt3DES = function(dataHex, keyHex, ivHex) {
    -138 		return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex);
    +138         return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex);
     139     };
     140 
     141     var encryptDES = function(dataHex, keyHex, ivHex) {
    -142 		return encryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex);
    +142         return encryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex);
     143     };
     144 
     145     var encryptGeneral = function(f, dataHex, keyHex, ivHex) {
    -146 		var data = CryptoJS.enc.Hex.parse(dataHex);
    -147 		var key = CryptoJS.enc.Hex.parse(keyHex);
    -148 		var iv = CryptoJS.enc.Hex.parse(ivHex);
    -149 		var encryptedHex = f.encrypt(data, key, { iv: iv });
    +146         var data = CryptoJS.enc.Hex.parse(dataHex);
    +147         var key = CryptoJS.enc.Hex.parse(keyHex);
    +148         var iv = CryptoJS.enc.Hex.parse(ivHex);
    +149         var encryptedHex = f.encrypt(data, key, { iv: iv });
     150         var encryptedWA = CryptoJS.enc.Hex.parse(encryptedHex.toString());
     151         var encryptedB64 = CryptoJS.enc.Base64.stringify(encryptedWA);
    -152 		return encryptedB64;
    +152         return encryptedB64;
     153     };
     154 
     155     // other methods and properties ----------------------------------------
     156     var ALGLIST = {
    -157 		'AES-256-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 32, ivlen: 16 },
    -158 		'AES-192-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 24, ivlen: 16 },
    -159 		'AES-128-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 16, ivlen: 16 },
    -160 		'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 },
    -161 		'DES-CBC':      { 'proc': decryptDES,  'eproc': encryptDES,  keylen: 8,  ivlen: 8 }
    +157         'AES-256-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 32, ivlen: 16 },
    +158         'AES-192-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 24, ivlen: 16 },
    +159         'AES-128-CBC':  { 'proc': decryptAES,  'eproc': encryptAES,  keylen: 16, ivlen: 16 },
    +160         'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 },
    +161         'DES-CBC':      { 'proc': decryptDES,  'eproc': encryptDES,  keylen: 8,  ivlen: 8 }
     162     };
     163 
     164     var getFuncByName = function(algName) {
    -165 		return ALGLIST[algName]['proc'];
    +165         return ALGLIST[algName]['proc'];
     166     };
     167 
     168     var _generateIvSaltHex = function(numBytes) {
    -169 		var wa = CryptoJS.lib.WordArray.random(numBytes);
    -170 		var hex = CryptoJS.enc.Hex.stringify(wa);
    -171 		return hex;
    +169         var wa = CryptoJS.lib.WordArray.random(numBytes);
    +170         var hex = CryptoJS.enc.Hex.stringify(wa);
    +171         return hex;
     172     };
     173 
     174     var _parsePKCS5PEM = function(sPKCS5PEM) {
    -175 		var info = {};
    -176 		if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) {
    -177 			info.cipher = RegExp.$1;
    -178 			info.ivsalt = RegExp.$2;
    -179 		}
    -180 		if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) {
    -181 			info.type = RegExp.$1;
    -182 		}
    -183 		var i1 = -1;
    -184 		var lenNEWLINE = 0;
    -185 		if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) {
    -186 			i1 = sPKCS5PEM.indexOf("\r\n\r\n");
    -187 			lenNEWLINE = 2;
    -188 		}
    -189 		if (sPKCS5PEM.indexOf("\n\n") != -1) {
    -190 			i1 = sPKCS5PEM.indexOf("\n\n");
    -191 			lenNEWLINE = 1;
    -192 		}
    -193 		var i2 = sPKCS5PEM.indexOf("-----END");
    -194 		if (i1 != -1 && i2 != -1) {
    -195 			var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE);
    -196 			s = s.replace(/\s+/g, '');
    -197 			info.data = s;
    -198 		}
    -199 		return info;
    +175         var info = {};
    +176         if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) {
    +177             info.cipher = RegExp.$1;
    +178             info.ivsalt = RegExp.$2;
    +179         }
    +180         if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) {
    +181             info.type = RegExp.$1;
    +182         }
    +183         var i1 = -1;
    +184         var lenNEWLINE = 0;
    +185         if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) {
    +186             i1 = sPKCS5PEM.indexOf("\r\n\r\n");
    +187             lenNEWLINE = 2;
    +188         }
    +189         if (sPKCS5PEM.indexOf("\n\n") != -1) {
    +190             i1 = sPKCS5PEM.indexOf("\n\n");
    +191             lenNEWLINE = 1;
    +192         }
    +193         var i2 = sPKCS5PEM.indexOf("-----END");
    +194         if (i1 != -1 && i2 != -1) {
    +195             var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE);
    +196             s = s.replace(/\s+/g, '');
    +197             info.data = s;
    +198         }
    +199         return info;
     200     };
     201 
     202     var _getKeyAndUnusedIvByPasscodeAndIvsalt = function(algName, passcode, ivsaltHex) {
    -203 		//alert("ivsaltHex(2) = " + ivsaltHex);
    -204 		var saltHex = ivsaltHex.substring(0, 16);
    -205 		//alert("salt = " + saltHex);
    -206 	    
    -207 		var salt = CryptoJS.enc.Hex.parse(saltHex);
    -208 		var data = CryptoJS.enc.Utf8.parse(passcode);
    -209 		//alert("salt = " + salt);
    -210 		//alert("data = " + data);
    +203         //alert("ivsaltHex(2) = " + ivsaltHex);
    +204         var saltHex = ivsaltHex.substring(0, 16);
    +205         //alert("salt = " + saltHex);
    +206         
    +207         var salt = CryptoJS.enc.Hex.parse(saltHex);
    +208         var data = CryptoJS.enc.Utf8.parse(passcode);
    +209         //alert("salt = " + salt);
    +210         //alert("data = " + data);
     211 
    -212 		var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen'];
    -213 		var hHexValueJoined = '';
    -214 		var hLastValue = null;
    -215 		//alert("nRequiredBytes = " + nRequiredBytes);
    -216 		for (;;) {
    -217 			var h = CryptoJS.algo.MD5.create();
    -218 			if (hLastValue != null) {
    -219 				h.update(hLastValue);
    -220 			}
    -221 			h.update(data);
    -222 			h.update(salt);
    -223 			hLastValue = h.finalize();
    -224 			hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue);
    -225 			//alert("joined = " + hHexValueJoined);
    -226 			if (hHexValueJoined.length >= nRequiredBytes * 2) {
    -227 				break;
    -228 			}
    -229 		}
    -230 		var result = {};
    -231 		result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2);
    -232 		result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2);
    -233 		return result;
    +212         var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen'];
    +213         var hHexValueJoined = '';
    +214         var hLastValue = null;
    +215         //alert("nRequiredBytes = " + nRequiredBytes);
    +216         for (;;) {
    +217             var h = CryptoJS.algo.MD5.create();
    +218             if (hLastValue != null) {
    +219                 h.update(hLastValue);
    +220             }
    +221             h.update(data);
    +222             h.update(salt);
    +223             hLastValue = h.finalize();
    +224             hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue);
    +225             //alert("joined = " + hHexValueJoined);
    +226             if (hHexValueJoined.length >= nRequiredBytes * 2) {
    +227                 break;
    +228             }
    +229         }
    +230         var result = {};
    +231         result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2);
    +232         result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2);
    +233         return result;
     234     };
     235 
     236     /*
    @@ -248,11 +248,11 @@
     241      * @param {String} hexadecimal string of decrypted private key
     242      */
     243     var _decryptKeyB64 = function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) {
    -244 		var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64);
    -245 		var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA);
    -246 		var f = ALGLIST[sharedKeyAlgName]['proc'];
    -247 		var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex);
    -248 		return decryptedKeyHex;
    +244         var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64);
    +245         var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA);
    +246         var f = ALGLIST[sharedKeyAlgName]['proc'];
    +247         var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex);
    +248         return decryptedKeyHex;
     249     };
     250     
     251     /*
    @@ -263,9 +263,9 @@
     256      * @param {String} base64 string of encrypted private key
     257      */
     258     var _encryptKeyHex = function(privateKeyHex, sharedKeyAlgName, sharedKeyHex, ivsaltHex) {
    -259 		var f = ALGLIST[sharedKeyAlgName]['eproc'];
    -260 		var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex);
    -261 		return encryptedKeyB64;
    +259         var f = ALGLIST[sharedKeyAlgName]['eproc'];
    +260         var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex);
    +261         return encryptedKeyB64;
     262     };
     263 
     264     // *****************************************************************
    @@ -273,1620 +273,1623 @@
     266     // *****************************************************************
     267     return {
     268         // -- UTILITY METHODS ------------------------------------------------------------
    -269 		/**
    +269         /**
     270          * decrypt private key by shared key
    -271 		 * @name version
    -272 		 * @memberOf KEYUTIL
    -273 		 * @property {String} version
    -274 		 * @description version string of KEYUTIL class
    -275 		 */
    -276 		version: "1.0.0",
    +271          * @name version
    +272          * @memberOf KEYUTIL
    +273          * @property {String} version
    +274          * @description version string of KEYUTIL class
    +275          */
    +276         version: "1.0.0",
     277 
    -278 		/**
    +278         /**
     279          * get hexacedimal string of PEM format
    -280 		 * @name getHexFromPEM
    -281 		 * @memberOf KEYUTIL
    -282 		 * @function
    -283 		 * @param {String} sPEM PEM formatted string
    -284 		 * @param {String} sHead PEM header string without BEGIN/END
    -285 		 * @return {String} hexadecimal string data of PEM contents
    -286 		 * @since pkcs5pkey 1.0.5
    -287 		 */
    +280          * @name getHexFromPEM
    +281          * @memberOf KEYUTIL
    +282          * @function
    +283          * @param {String} sPEM PEM formatted string
    +284          * @param {String} sHead PEM header string without BEGIN/END
    +285          * @return {String} hexadecimal string data of PEM contents
    +286          * @since pkcs5pkey 1.0.5
    +287          */
     288         getHexFromPEM: function(sPEM, sHead) {
    -289 			var s = sPEM;
    -290 			if (s.indexOf("BEGIN " + sHead) == -1) {
    -291 				throw "can't find PEM header: " + sHead;
    -292 			}
    -293 			s = s.replace("-----BEGIN " + sHead + "-----", "");
    -294 			s = s.replace("-----END " + sHead + "-----", "");
    -295 			var sB64 = s.replace(/\s+/g, '');
    -296             var dataHex = b64tohex(sB64);
    -297 			return dataHex;
    -298 		},
    -299 
    -300 		/**
    -301          * decrypt private key by shared key
    -302 		 * @name getDecryptedKeyHexByKeyIV
    -303 		 * @memberOf KEYUTIL
    -304 		 * @function
    -305 		 * @param {String} encryptedKeyHex hexadecimal string of encrypted private key
    -306 		 * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
    -307 		 * @param {String} sharedKeyHex hexadecimal string of symmetric key
    -308 		 * @param {String} ivHex hexadecimal string of initial vector(IV).
    -309 		 * @return {String} hexadecimal string of decrypted privated key
    -310 		 */
    -311 		getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) {
    -312 			var f1 = getFuncByName(algName);
    -313 			return f1(encryptedKeyHex, sharedKeyHex, ivHex);
    -314 		},
    -315 
    -316 		/**
    -317          * parse PEM formatted passcode protected PKCS#5 private key
    -318 		 * @name parsePKCS5PEM
    -319 		 * @memberOf KEYUTIL
    -320 		 * @function
    -321 		 * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key
    -322 		 * @return {Hash} hash of key information
    -323 		 * @description
    -324          * Resulted hash has following attributes.
    -325 		 * <ul>
    -326 		 * <li>cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')</li>
    -327 		 * <li>ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.</li>
    -328 		 * <li>type - asymmetric key algorithm name of private key described in PEM header.</li>
    -329 		 * <li>data - base64 encoded encrypted private key.</li>
    -330 		 * </ul>
    -331          *
    -332 		 */
    -333         parsePKCS5PEM: function(sPKCS5PEM) {
    -334 			return _parsePKCS5PEM(sPKCS5PEM);
    -335 		},
    -336 
    -337 		/**
    -338          * the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
    -339 		 * @name getKeyAndUnusedIvByPasscodeAndIvsalt
    -340 		 * @memberOf KEYUTIL
    -341 		 * @function
    -342 		 * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
    -343 		 * @param {String} passcode passcode to decrypt private key (ex. 'password')
    -344 		 * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt
    -345 		 * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..})
    -346 		 */
    -347 		getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) {
    -348 			return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex);
    -349 		},
    -350 
    -351         decryptKeyB64: function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) {
    -352 			return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    -353         },
    -354 
    -355 		/**
    -356          * decrypt PEM formatted protected PKCS#5 private key with passcode
    -357 		 * @name getDecryptedKeyHex
    -358 		 * @memberOf KEYUTIL
    -359 		 * @function
    -360 		 * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key
    -361 		 * @param {String} passcode passcode to decrypt private key (ex. 'password')
    -362 		 * @return {String} hexadecimal string of decrypted RSA priavte key
    -363 		 */
    -364 		getDecryptedKeyHex: function(sEncryptedPEM, passcode) {
    -365 			// 1. parse pem
    -366 			var info = _parsePKCS5PEM(sEncryptedPEM);
    -367 			var publicKeyAlgName = info.type;
    -368 			var sharedKeyAlgName = info.cipher;
    -369 			var ivsaltHex = info.ivsalt;
    -370 			var privateKeyB64 = info.data;
    -371 			//alert("ivsaltHex = " + ivsaltHex);
    -372 
    -373 			// 2. generate shared key
    -374 			var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex);
    -375 			var sharedKeyHex = sharedKeyInfo.keyhex;
    -376 			//alert("sharedKeyHex = " + sharedKeyHex);
    +289             var s = sPEM;
    +290             if (s.indexOf("-----BEGIN ") == -1) {
    +291                 throw "can't find PEM header: " + sHead;
    +292             }
    +293             if (typeof sHead == "string" && sHead != "") {
    +294                 s = s.replace("-----BEGIN " + sHead + "-----", "");
    +295                 s = s.replace("-----END " + sHead + "-----", "");
    +296             } else {
    +297                 s = s.replace(/-----BEGIN [^-]+-----/, '');
    +298                 s = s.replace(/-----END [^-]+-----/, '');
    +299             }
    +300             var sB64 = s.replace(/\s+/g, '');
    +301             var dataHex = b64tohex(sB64);
    +302             return dataHex;
    +303         },
    +304 
    +305         /**
    +306          * decrypt private key by shared key
    +307          * @name getDecryptedKeyHexByKeyIV
    +308          * @memberOf KEYUTIL
    +309          * @function
    +310          * @param {String} encryptedKeyHex hexadecimal string of encrypted private key
    +311          * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
    +312          * @param {String} sharedKeyHex hexadecimal string of symmetric key
    +313          * @param {String} ivHex hexadecimal string of initial vector(IV).
    +314          * @return {String} hexadecimal string of decrypted privated key
    +315          */
    +316         getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) {
    +317             var f1 = getFuncByName(algName);
    +318             return f1(encryptedKeyHex, sharedKeyHex, ivHex);
    +319         },
    +320 
    +321         /**
    +322          * parse PEM formatted passcode protected PKCS#5 private key
    +323          * @name parsePKCS5PEM
    +324          * @memberOf KEYUTIL
    +325          * @function
    +326          * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key
    +327          * @return {Hash} hash of key information
    +328          * @description
    +329          * Resulted hash has following attributes.
    +330          * <ul>
    +331          * <li>cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')</li>
    +332          * <li>ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.</li>
    +333          * <li>type - asymmetric key algorithm name of private key described in PEM header.</li>
    +334          * <li>data - base64 encoded encrypted private key.</li>
    +335          * </ul>
    +336          *
    +337          */
    +338         parsePKCS5PEM: function(sPKCS5PEM) {
    +339             return _parsePKCS5PEM(sPKCS5PEM);
    +340         },
    +341 
    +342         /**
    +343          * the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
    +344          * @name getKeyAndUnusedIvByPasscodeAndIvsalt
    +345          * @memberOf KEYUTIL
    +346          * @function
    +347          * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
    +348          * @param {String} passcode passcode to decrypt private key (ex. 'password')
    +349          * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt
    +350          * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..})
    +351          */
    +352         getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) {
    +353             return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex);
    +354         },
    +355 
    +356         decryptKeyB64: function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) {
    +357             return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    +358         },
    +359 
    +360         /**
    +361          * decrypt PEM formatted protected PKCS#5 private key with passcode
    +362          * @name getDecryptedKeyHex
    +363          * @memberOf KEYUTIL
    +364          * @function
    +365          * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key
    +366          * @param {String} passcode passcode to decrypt private key (ex. 'password')
    +367          * @return {String} hexadecimal string of decrypted RSA priavte key
    +368          */
    +369         getDecryptedKeyHex: function(sEncryptedPEM, passcode) {
    +370             // 1. parse pem
    +371             var info = _parsePKCS5PEM(sEncryptedPEM);
    +372             var publicKeyAlgName = info.type;
    +373             var sharedKeyAlgName = info.cipher;
    +374             var ivsaltHex = info.ivsalt;
    +375             var privateKeyB64 = info.data;
    +376             //alert("ivsaltHex = " + ivsaltHex);
     377 
    -378 			// 3. decrypt private key
    -379             var decryptedKey = _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    -380 			return decryptedKey;
    -381 		},
    +378             // 2. generate shared key
    +379             var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex);
    +380             var sharedKeyHex = sharedKeyInfo.keyhex;
    +381             //alert("sharedKeyHex = " + sharedKeyHex);
     382 
    -383 		/**
    -384          * (DEPRECATED) read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
    -385 		 * @name getRSAKeyFromEncryptedPKCS5PEM
    -386 		 * @memberOf KEYUTIL
    -387 		 * @function
    -388 		 * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key
    -389 		 * @param {String} passcode passcode to decrypt private key
    -390 		 * @return {RSAKey} loaded RSAKey object of RSA private key
    -391          * @since pkcs5pkey 1.0.2
    -392 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -393 		 */
    -394 		getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) {
    -395 			var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode);
    -396 			var rsaKey = new RSAKey();
    -397 			rsaKey.readPrivateKeyFromASN1HexString(hPKey);
    -398 			return rsaKey;
    -399 		},
    -400 
    -401 		/*
    -402          * get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key
    -403 		 * @name getEncryptedPKCS5PEMFromPrvKeyHex
    -404 		 * @memberOf KEYUTIL
    -405 		 * @function
    -406 		 * @param {String} pemHeadAlg algorithm name in the pem header (i.e. RSA,EC or DSA)
    -407 		 * @param {String} hPrvKey hexadecimal string of plain private key
    -408 		 * @param {String} passcode pass code to protect private key (ex. password)
    -409 		 * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC)
    -410 		 * @param {String} ivsaltHex hexadecimal string of IV and salt
    -411 		 * @return {String} string of PEM formatted encrypted PKCS#5 private key
    -412          * @since pkcs5pkey 1.0.2
    -413 		 * @description
    -414 		 * <br/>
    -415 		 * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded
    -416 		 * ASN.1 object of plain RSA private key.
    -417 		 * Following arguments can be omitted.
    -418 		 * <ul>
    -419 		 * <li>alg - AES-256-CBC will be used if omitted.</li>
    -420 		 * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li>
    -421 		 * </ul>
    -422 		 * NOTE1: DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC algorithm are supported.
    -423 		 * @example
    -424 		 * var pem = 
    -425          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password");
    -426 		 * var pem2 = 
    -427          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC");
    -428 		 * var pem3 = 
    -429          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02...");
    -430 		 */
    -431 		getEncryptedPKCS5PEMFromPrvKeyHex: function(pemHeadAlg, hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) {
    -432 			var sPEM = "";
    -433 
    -434 			// 1. set sharedKeyAlgName if undefined (default AES-256-CBC)
    -435 			if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) {
    -436 				sharedKeyAlgName = "AES-256-CBC";
    -437 			}
    -438 			if (typeof ALGLIST[sharedKeyAlgName] == "undefined")
    -439 				throw "KEYUTIL unsupported algorithm: " + sharedKeyAlgName;
    -440 
    -441 			// 2. set ivsaltHex if undefined
    -442 			if (typeof ivsaltHex == "undefined" || ivsaltHex == null) {
    -443 				var ivlen = ALGLIST[sharedKeyAlgName]['ivlen'];
    -444 				var randIV = _generateIvSaltHex(ivlen);
    -445 				ivsaltHex = randIV.toUpperCase();
    -446 			}
    -447 
    -448 			// 3. get shared key
    -449             //alert("ivsalthex=" + ivsaltHex);
    -450 			var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex);
    -451 			var sharedKeyHex = sharedKeyInfo.keyhex;
    -452 			// alert("sharedKeyHex = " + sharedKeyHex);
    -453 
    -454             // 3. get encrypted Key in Base64
    -455             var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    -456 
    -457 			var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n");
    -458 			var sPEM = "-----BEGIN " + pemHeadAlg + " PRIVATE KEY-----\r\n";
    -459 			sPEM += "Proc-Type: 4,ENCRYPTED\r\n";
    -460 			sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n";
    -461 			sPEM += "\r\n";
    -462 			sPEM += pemBody;
    -463 			sPEM += "\r\n-----END " + pemHeadAlg + " PRIVATE KEY-----\r\n";
    -464 
    -465 			return sPEM;
    -466         },
    -467 
    -468 		/**
    -469          * (DEPRECATED) get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
    -470 		 * @name getEncryptedPKCS5PEMFromRSAKey
    -471 		 * @memberOf KEYUTIL
    -472 		 * @function
    -473 		 * @param {RSAKey} pKey RSAKey object of private key
    -474 		 * @param {String} passcode pass code to protect private key (ex. password)
    -475 		 * @param {String} alg algorithm name to protect private key (default AES-256-CBC)
    -476 		 * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV)
    -477 		 * @return {String} string of PEM formatted encrypted PKCS#5 private key
    -478          * @since pkcs5pkey 1.0.2
    -479 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getPEM#}.
    -480 		 * @description
    -481 		 * <br/>
    -482 		 * generate PEM formatted encrypted PKCS#5 private key by
    -483 		 * {@link RSAKey} object of RSA private key and passcode.
    -484 		 * Following argument can be omitted.
    -485 		 * <ul>
    -486 		 * <li>alg - AES-256-CBC will be used if omitted.</li>
    -487 		 * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li>
    -488 		 * </ul>
    -489 		 * @example
    -490 		 * var pkey = new RSAKey();
    -491 		 * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001'
    -492 		 * var pem = KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pkey, "password");
    -493 		 */
    -494         getEncryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) {
    -495 			var version = new KJUR.asn1.DERInteger({'int': 0});
    -496 			var n = new KJUR.asn1.DERInteger({'bigint': pKey.n});
    -497 			var e = new KJUR.asn1.DERInteger({'int': pKey.e});
    -498 			var d = new KJUR.asn1.DERInteger({'bigint': pKey.d});
    -499 			var p = new KJUR.asn1.DERInteger({'bigint': pKey.p});
    -500 			var q = new KJUR.asn1.DERInteger({'bigint': pKey.q});
    -501 			var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1});
    -502 			var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1});
    -503 			var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff});
    -504 			var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]});
    -505 			var hex = seq.getEncodedHex();
    -506 			return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", hex, passcode, alg, ivsaltHex);
    -507         },
    -508 
    -509 		/**
    -510          * generate RSAKey and PEM formatted encrypted PKCS#5 private key
    -511 		 * @name newEncryptedPKCS5PEM
    -512 		 * @memberOf KEYUTIL
    -513 		 * @function
    -514 		 * @param {String} passcode pass code to protect private key (ex. password)
    -515 		 * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024)
    -516 		 * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001)
    -517 		 * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC)
    -518 		 * @return {String} string of PEM formatted encrypted PKCS#5 private key
    -519          * @since pkcs5pkey 1.0.2
    -520 		 * @example
    -521 		 * var pem1 = KEYUTIL.newEncryptedPKCS5PEM("password");           // RSA1024bit/10001/AES-256-CBC
    -522 		 * var pem2 = KEYUTIL.newEncryptedPKCS5PEM("password", 512);      // RSA 512bit/10001/AES-256-CBC
    -523 		 * var pem3 = KEYUTIL.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/    3/AES-256-CBC
    -524 		 */
    -525 		newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) {
    -526 			if (typeof keyLen == "undefined" || keyLen == null) {
    -527 				keyLen = 1024;
    -528 			}
    -529 			if (typeof hPublicExponent == "undefined" || hPublicExponent == null) {
    -530 				hPublicExponent = '10001';
    -531 			}
    -532 			var pKey = new RSAKey();
    -533 			pKey.generate(keyLen, hPublicExponent);
    -534 			var pem = null;
    -535 			if (typeof alg == "undefined" || alg == null) {
    -536 				pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode);
    -537 			} else {
    -538 				pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg);
    -539 			}
    -540 			return pem;
    -541         },
    -542 
    -543 		// === PKCS8 ===============================================================
    -544 
    -545 		/**
    -546          * (DEPRECATED) read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
    -547 		 * @name getRSAKeyFromPlainPKCS8PEM
    -548 		 * @memberOf KEYUTIL
    -549 		 * @function
    -550 		 * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key
    -551 		 * @return {RSAKey} loaded RSAKey object of RSA private key
    -552          * @since pkcs5pkey 1.0.1
    -553 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -554 		 */
    -555         getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) {
    -556             if (pkcs8PEM.match(/ENCRYPTED/))
    -557                 throw "pem shall be not ENCRYPTED";
    -558             var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY");
    -559             var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex);
    -560 			return rsaKey;
    -561         },
    -562 
    -563 		/**
    -564          * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
    -565 		 * @name getRSAKeyFromPlainPKCS8Hex
    -566 		 * @memberOf KEYUTIL
    -567 		 * @function
    -568 		 * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key
    -569 		 * @return {RSAKey} loaded RSAKey object of RSA private key
    -570          * @since pkcs5pkey 1.0.3
    -571 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -572 		 */
    -573         getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) {
    -574 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0);
    -575 			if (a1.length != 3)
    -576 				throw "outer DERSequence shall have 3 elements: " + a1.length;
    -577             var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]);
    -578 			if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption
    -579 				throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV;
    -580             var algIdTLV = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]);
    -581 			var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]);
    -582 			var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0);
    -583             //alert(p5KeyHex);
    -584 			var rsaKey = new RSAKey();
    -585 			rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex);
    -586 			return rsaKey;
    -587         },
    -588 
    -589 		/**
    -590          * generate PBKDF2 key hexstring with specified passcode and information
    -591 		 * @name parseHexOfEncryptedPKCS8
    -592 		 * @memberOf KEYUTIL
    -593 		 * @function
    -594 		 * @param {String} passcode passcode to decrypto private key
    -595 		 * @return {Array} info associative array of PKCS#8 parameters
    -596          * @since pkcs5pkey 1.0.3
    -597 		 * @description
    -598 		 * The associative array which is returned by this method has following properties:
    -599 		 * <ul>
    -600 		 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li>
    -601 		 * <li>info.pkbdf2Iter - iteration count</li>
    -602 		 * <li>info.ciphertext - hexadecimal string of encrypted private key</li>
    -603 		 * <li>info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)</li>
    -604 		 * <li>info.encryptionSchemeIV - initial vector for encryption algorithm</li>
    -605 		 * </ul>
    -606 		 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    -607 		 * <ul>
    -608 		 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    -609 		 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    -610 		 * </ul>
    -611 		 * @example
    -612 		 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    -613 		 * // key with PBKDF2 with TripleDES
    -614 		 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    -615 		 */
    -616         parseHexOfEncryptedPKCS8: function(sHEX) {
    -617             var info = {};
    -618 			
    -619 			var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0);
    -620 			if (a0.length != 2)
    -621 				throw "malformed format: SEQUENCE(0).items != 2: " + a0.length;
    -622 
    -623 			// 1. ciphertext
    -624 			info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]);
    -625 
    -626 			// 2. pkcs5PBES2
    -627 			var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); 
    -628 			if (a0_0.length != 2)
    -629 				throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length;
    +383             // 3. decrypt private key
    +384             var decryptedKey = _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    +385             return decryptedKey;
    +386         },
    +387 
    +388         /**
    +389          * (DEPRECATED) read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
    +390          * @name getRSAKeyFromEncryptedPKCS5PEM
    +391          * @memberOf KEYUTIL
    +392          * @function
    +393          * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key
    +394          * @param {String} passcode passcode to decrypt private key
    +395          * @return {RSAKey} loaded RSAKey object of RSA private key
    +396          * @since pkcs5pkey 1.0.2
    +397          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +398          */
    +399         getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) {
    +400             var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode);
    +401             var rsaKey = new RSAKey();
    +402             rsaKey.readPrivateKeyFromASN1HexString(hPKey);
    +403             return rsaKey;
    +404         },
    +405 
    +406         /*
    +407          * get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key
    +408          * @name getEncryptedPKCS5PEMFromPrvKeyHex
    +409          * @memberOf KEYUTIL
    +410          * @function
    +411          * @param {String} pemHeadAlg algorithm name in the pem header (i.e. RSA,EC or DSA)
    +412          * @param {String} hPrvKey hexadecimal string of plain private key
    +413          * @param {String} passcode pass code to protect private key (ex. password)
    +414          * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC)
    +415          * @param {String} ivsaltHex hexadecimal string of IV and salt
    +416          * @return {String} string of PEM formatted encrypted PKCS#5 private key
    +417          * @since pkcs5pkey 1.0.2
    +418          * @description
    +419          * <br/>
    +420          * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded
    +421          * ASN.1 object of plain RSA private key.
    +422          * Following arguments can be omitted.
    +423          * <ul>
    +424          * <li>alg - AES-256-CBC will be used if omitted.</li>
    +425          * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li>
    +426          * </ul>
    +427          * NOTE1: DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC algorithm are supported.
    +428          * @example
    +429          * var pem = 
    +430          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password");
    +431          * var pem2 = 
    +432          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC");
    +433          * var pem3 = 
    +434          *   KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02...");
    +435          */
    +436         getEncryptedPKCS5PEMFromPrvKeyHex: function(pemHeadAlg, hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) {
    +437             var sPEM = "";
    +438 
    +439             // 1. set sharedKeyAlgName if undefined (default AES-256-CBC)
    +440             if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) {
    +441                 sharedKeyAlgName = "AES-256-CBC";
    +442             }
    +443             if (typeof ALGLIST[sharedKeyAlgName] == "undefined")
    +444                 throw "KEYUTIL unsupported algorithm: " + sharedKeyAlgName;
    +445 
    +446             // 2. set ivsaltHex if undefined
    +447             if (typeof ivsaltHex == "undefined" || ivsaltHex == null) {
    +448                 var ivlen = ALGLIST[sharedKeyAlgName]['ivlen'];
    +449                 var randIV = _generateIvSaltHex(ivlen);
    +450                 ivsaltHex = randIV.toUpperCase();
    +451             }
    +452 
    +453             // 3. get shared key
    +454             //alert("ivsalthex=" + ivsaltHex);
    +455             var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex);
    +456             var sharedKeyHex = sharedKeyInfo.keyhex;
    +457             // alert("sharedKeyHex = " + sharedKeyHex);
    +458 
    +459             // 3. get encrypted Key in Base64
    +460             var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex);
    +461 
    +462             var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n");
    +463             var sPEM = "-----BEGIN " + pemHeadAlg + " PRIVATE KEY-----\r\n";
    +464             sPEM += "Proc-Type: 4,ENCRYPTED\r\n";
    +465             sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n";
    +466             sPEM += "\r\n";
    +467             sPEM += pemBody;
    +468             sPEM += "\r\n-----END " + pemHeadAlg + " PRIVATE KEY-----\r\n";
    +469 
    +470             return sPEM;
    +471         },
    +472 
    +473         /**
    +474          * (DEPRECATED) get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
    +475          * @name getEncryptedPKCS5PEMFromRSAKey
    +476          * @memberOf KEYUTIL
    +477          * @function
    +478          * @param {RSAKey} pKey RSAKey object of private key
    +479          * @param {String} passcode pass code to protect private key (ex. password)
    +480          * @param {String} alg algorithm name to protect private key (default AES-256-CBC)
    +481          * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV)
    +482          * @return {String} string of PEM formatted encrypted PKCS#5 private key
    +483          * @since pkcs5pkey 1.0.2
    +484          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getPEM#}.
    +485          * @description
    +486          * <br/>
    +487          * generate PEM formatted encrypted PKCS#5 private key by
    +488          * {@link RSAKey} object of RSA private key and passcode.
    +489          * Following argument can be omitted.
    +490          * <ul>
    +491          * <li>alg - AES-256-CBC will be used if omitted.</li>
    +492          * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li>
    +493          * </ul>
    +494          * @example
    +495          * var pkey = new RSAKey();
    +496          * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001'
    +497          * var pem = KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pkey, "password");
    +498          */
    +499         getEncryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) {
    +500             var version = new KJUR.asn1.DERInteger({'int': 0});
    +501             var n = new KJUR.asn1.DERInteger({'bigint': pKey.n});
    +502             var e = new KJUR.asn1.DERInteger({'int': pKey.e});
    +503             var d = new KJUR.asn1.DERInteger({'bigint': pKey.d});
    +504             var p = new KJUR.asn1.DERInteger({'bigint': pKey.p});
    +505             var q = new KJUR.asn1.DERInteger({'bigint': pKey.q});
    +506             var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1});
    +507             var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1});
    +508             var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff});
    +509             var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]});
    +510             var hex = seq.getEncodedHex();
    +511             return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", hex, passcode, alg, ivsaltHex);
    +512         },
    +513 
    +514         /**
    +515          * generate RSAKey and PEM formatted encrypted PKCS#5 private key
    +516          * @name newEncryptedPKCS5PEM
    +517          * @memberOf KEYUTIL
    +518          * @function
    +519          * @param {String} passcode pass code to protect private key (ex. password)
    +520          * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024)
    +521          * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001)
    +522          * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC)
    +523          * @return {String} string of PEM formatted encrypted PKCS#5 private key
    +524          * @since pkcs5pkey 1.0.2
    +525          * @example
    +526          * var pem1 = KEYUTIL.newEncryptedPKCS5PEM("password");           // RSA1024bit/10001/AES-256-CBC
    +527          * var pem2 = KEYUTIL.newEncryptedPKCS5PEM("password", 512);      // RSA 512bit/10001/AES-256-CBC
    +528          * var pem3 = KEYUTIL.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/    3/AES-256-CBC
    +529          */
    +530         newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) {
    +531             if (typeof keyLen == "undefined" || keyLen == null) {
    +532                 keyLen = 1024;
    +533             }
    +534             if (typeof hPublicExponent == "undefined" || hPublicExponent == null) {
    +535                 hPublicExponent = '10001';
    +536             }
    +537             var pKey = new RSAKey();
    +538             pKey.generate(keyLen, hPublicExponent);
    +539             var pem = null;
    +540             if (typeof alg == "undefined" || alg == null) {
    +541                 pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode);
    +542             } else {
    +543                 pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg);
    +544             }
    +545             return pem;
    +546         },
    +547 
    +548         // === PKCS8 ===============================================================
    +549 
    +550         /**
    +551          * (DEPRECATED) read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
    +552          * @name getRSAKeyFromPlainPKCS8PEM
    +553          * @memberOf KEYUTIL
    +554          * @function
    +555          * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key
    +556          * @return {RSAKey} loaded RSAKey object of RSA private key
    +557          * @since pkcs5pkey 1.0.1
    +558          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +559          */
    +560         getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) {
    +561             if (pkcs8PEM.match(/ENCRYPTED/))
    +562                 throw "pem shall be not ENCRYPTED";
    +563             var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY");
    +564             var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex);
    +565             return rsaKey;
    +566         },
    +567 
    +568         /**
    +569          * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
    +570          * @name getRSAKeyFromPlainPKCS8Hex
    +571          * @memberOf KEYUTIL
    +572          * @function
    +573          * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key
    +574          * @return {RSAKey} loaded RSAKey object of RSA private key
    +575          * @since pkcs5pkey 1.0.3
    +576          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +577          */
    +578         getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) {
    +579             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0);
    +580             if (a1.length != 3)
    +581                 throw "outer DERSequence shall have 3 elements: " + a1.length;
    +582             var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]);
    +583             if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption
    +584                 throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV;
    +585             var algIdTLV = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]);
    +586             var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]);
    +587             var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0);
    +588             //alert(p5KeyHex);
    +589             var rsaKey = new RSAKey();
    +590             rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex);
    +591             return rsaKey;
    +592         },
    +593 
    +594         /**
    +595          * generate PBKDF2 key hexstring with specified passcode and information
    +596          * @name parseHexOfEncryptedPKCS8
    +597          * @memberOf KEYUTIL
    +598          * @function
    +599          * @param {String} passcode passcode to decrypto private key
    +600          * @return {Array} info associative array of PKCS#8 parameters
    +601          * @since pkcs5pkey 1.0.3
    +602          * @description
    +603          * The associative array which is returned by this method has following properties:
    +604          * <ul>
    +605          * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li>
    +606          * <li>info.pkbdf2Iter - iteration count</li>
    +607          * <li>info.ciphertext - hexadecimal string of encrypted private key</li>
    +608          * <li>info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)</li>
    +609          * <li>info.encryptionSchemeIV - initial vector for encryption algorithm</li>
    +610          * </ul>
    +611          * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    +612          * <ul>
    +613          * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    +614          * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    +615          * </ul>
    +616          * @example
    +617          * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    +618          * // key with PBKDF2 with TripleDES
    +619          * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    +620          */
    +621         parseHexOfEncryptedPKCS8: function(sHEX) {
    +622             var info = {};
    +623             
    +624             var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0);
    +625             if (a0.length != 2)
    +626                 throw "malformed format: SEQUENCE(0).items != 2: " + a0.length;
    +627 
    +628             // 1. ciphertext
    +629             info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]);
     630 
    -631 			// 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13)
    -632 			if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d")
    -633 				throw "this only supports pkcs5PBES2";
    -634 
    -635 			// 2.2 pkcs5PBES2 param
    -636             var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); 
    -637 			if (a0_0.length != 2)
    -638 				throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length;
    +631             // 2. pkcs5PBES2
    +632             var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); 
    +633             if (a0_0.length != 2)
    +634                 throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length;
    +635 
    +636             // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13)
    +637             if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d")
    +638                 throw "this only supports pkcs5PBES2";
     639 
    -640 			// 2.2.1 encryptionScheme
    -641 			var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); 
    -642 			if (a0_0_1_1.length != 2)
    -643 				throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length;
    -644 			if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307")
    -645 				throw "this only supports TripleDES";
    -646 			info.encryptionSchemeAlg = "TripleDES";
    -647 
    -648 			// 2.2.1.1 IV of encryptionScheme
    -649 			info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]);
    -650 
    -651 			// 2.2.2 keyDerivationFunc
    -652 			var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); 
    -653 			if (a0_0_1_0.length != 2)
    -654 				throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length;
    -655 			if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c")
    -656 				throw "this only supports pkcs5PBKDF2";
    -657 
    -658 			// 2.2.2.1 pkcs5PBKDF2 param
    -659 			var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); 
    -660 			if (a0_0_1_0_1.length < 2)
    -661 				throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length;
    +640             // 2.2 pkcs5PBES2 param
    +641             var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); 
    +642             if (a0_0.length != 2)
    +643                 throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length;
    +644 
    +645             // 2.2.1 encryptionScheme
    +646             var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); 
    +647             if (a0_0_1_1.length != 2)
    +648                 throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length;
    +649             if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307")
    +650                 throw "this only supports TripleDES";
    +651             info.encryptionSchemeAlg = "TripleDES";
    +652 
    +653             // 2.2.1.1 IV of encryptionScheme
    +654             info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]);
    +655 
    +656             // 2.2.2 keyDerivationFunc
    +657             var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); 
    +658             if (a0_0_1_0.length != 2)
    +659                 throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length;
    +660             if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c")
    +661                 throw "this only supports pkcs5PBKDF2";
     662 
    -663 			// 2.2.2.1.1 PBKDF2 salt
    -664 			info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]);
    -665 
    -666 			// 2.2.2.1.2 PBKDF2 iter
    -667 			var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]);
    -668 			try {
    -669 				info.pbkdf2Iter = parseInt(iterNumHex, 16);
    -670 			} catch(ex) {
    -671 				throw "malformed format pbkdf2Iter: " + iterNumHex;
    -672 			}
    -673 
    -674 			return info;
    -675 		},
    -676 
    -677 		/**
    -678          * generate PBKDF2 key hexstring with specified passcode and information
    -679 		 * @name getPBKDF2KeyHexFromParam
    -680 		 * @memberOf KEYUTIL
    -681 		 * @function
    -682 		 * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file
    -683 		 * @param {String} passcode passcode to decrypto private key
    -684 		 * @return {String} hexadecimal string of PBKDF2 key
    -685          * @since pkcs5pkey 1.0.3
    -686 		 * @description
    -687 		 * As for info, this uses following properties:
    -688 		 * <ul>
    -689 		 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li>
    -690 		 * <li>info.pkbdf2Iter - iteration count</li>
    -691 		 * </ul>
    -692 		 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    -693 		 * <ul>
    -694 		 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    -695 		 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    -696 		 * </ul>
    -697 		 * @example
    -698 		 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    -699 		 * // key with PBKDF2 with TripleDES
    -700 		 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    -701 		 */
    -702 		getPBKDF2KeyHexFromParam: function(info, passcode) {
    -703 			var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt);
    -704 			var pbkdf2Iter = info.pbkdf2Iter;
    -705 			var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
    -706 											  pbkdf2SaltWS, 
    -707 											  { keySize: 192/32, iterations: pbkdf2Iter });
    -708 			var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS);
    -709 			return pbkdf2KeyHex;
    -710 		},
    -711 
    -712 		/**
    -713          * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key
    -714 		 * @name getPlainPKCS8HexFromEncryptedPKCS8PEM
    -715 		 * @memberOf KEYUTIL
    -716 		 * @function
    -717 		 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key
    -718 		 * @param {String} passcode passcode to decrypto private key
    -719 		 * @return {String} hexadecimal string of plain PKCS#8 private key
    -720          * @since pkcs5pkey 1.0.3
    -721 		 * @description
    -722 		 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    -723 		 * <ul>
    -724 		 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    -725 		 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    -726 		 * </ul>
    -727 		 * @example
    -728 		 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    -729 		 * // key with PBKDF2 with TripleDES
    -730 		 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    -731 		 */
    -732 		getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    -733 			// 1. derHex - PKCS#8 private key encrypted by PBKDF2
    -734             var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY");
    -735 			// 2. info - PKCS#5 PBES info
    -736 			var info = this.parseHexOfEncryptedPKCS8(derHex);
    -737 			// 3. hKey - PBKDF2 key
    -738 			var pbkdf2KeyHex = KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode);
    -739 			// 4. decrypt ciphertext by PBKDF2 key
    -740 			var encrypted = {};
    -741 			encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext);
    -742 			var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex);
    -743 			var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV);
    -744 			var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS });
    -745 			var decHex = CryptoJS.enc.Hex.stringify(decWS);
    -746 			return decHex;
    -747 		},
    -748 
    -749 		/**
    -750          * (DEPRECATED) read PEM formatted encrypted PKCS#8 private key and returns RSAKey object
    -751 		 * @name getRSAKeyFromEncryptedPKCS8PEM
    -752 		 * @memberOf KEYUTIL
    -753 		 * @function
    -754 		 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key
    -755 		 * @param {String} passcode passcode to decrypto private key
    -756 		 * @return {RSAKey} loaded RSAKey object of RSA private key
    -757          * @since pkcs5pkey 1.0.3
    -758 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -759 		 * @description
    -760 		 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    -761 		 * <ul>
    -762 		 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    -763 		 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    -764 		 * </ul>
    -765 		 * @example
    -766 		 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    -767 		 * // key with PBKDF2 with TripleDES
    -768 		 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    -769 		 */
    -770         getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    -771 			var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode);
    -772 			var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex);
    -773 			return rsaKey;
    -774         },
    -775 
    -776 		/**
    -777          * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
    -778 		 * @name getKeyFromEncryptedPKCS8PEM
    -779 		 * @memberOf KEYUTIL
    -780 		 * @function
    -781 		 * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key
    -782 		 * @param {String} passcode passcode string to decrypt key
    -783 		 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    -784 		 * @since pkcs5pkey 1.0.5
    -785 		 */
    -786         getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    -787 			var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode);
    -788 			var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex);
    -789 			return key;
    -790         },
    -791 
    -792 		/**
    -793          * parse hexadecimal string of plain PKCS#8 private key
    -794 		 * @name parsePlainPrivatePKCS8Hex
    -795 		 * @memberOf KEYUTIL
    -796 		 * @function
    -797 		 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key
    -798 		 * @return {Array} associative array of parsed key
    -799 		 * @since pkcs5pkey 1.0.5
    -800 		 * @description
    -801 		 * Resulted associative array has following properties:
    -802 		 * <ul>
    -803 		 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li>
    -804 		 * <li>algparam - hexadecimal string of OID of ECC curve name or null</li>
    -805 		 * <li>keyidx - string starting index of key in pkcs8PrvHex</li>
    -806 		 * </ul>
    -807 		 */
    -808 		parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) {
    -809 			var result = {};
    -810 			result.algparam = null;
    -811 
    -812 			// 1. sequence
    -813 			if (pkcs8PrvHex.substr(0, 2) != "30")
    -814 				throw "malformed plain PKCS8 private key(code:001)"; // not sequence
    -815 
    -816 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0);
    -817 			if (a1.length != 3)
    -818 				throw "malformed plain PKCS8 private key(code:002)";
    -819 
    -820 			// 2. AlgID
    -821             if (pkcs8PrvHex.substr(a1[1], 2) != "30")
    -822                 throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence
    -823 
    -824             var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, a1[1]);
    -825             if (a2.length != 2)
    -826                 throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements
    -827 
    -828 			// 2.1. AlgID OID
    -829 			if (pkcs8PrvHex.substr(a2[0], 2) != "06")
    -830 				throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID
    -831 
    -832 			result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]);
    -833 
    -834 			// 2.2. AlgID param
    -835 			if (pkcs8PrvHex.substr(a2[1], 2) == "06") {
    -836 				result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]);
    -837 			}
    +663             // 2.2.2.1 pkcs5PBKDF2 param
    +664             var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); 
    +665             if (a0_0_1_0_1.length < 2)
    +666                 throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length;
    +667 
    +668             // 2.2.2.1.1 PBKDF2 salt
    +669             info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]);
    +670 
    +671             // 2.2.2.1.2 PBKDF2 iter
    +672             var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]);
    +673             try {
    +674                 info.pbkdf2Iter = parseInt(iterNumHex, 16);
    +675             } catch(ex) {
    +676                 throw "malformed format pbkdf2Iter: " + iterNumHex;
    +677             }
    +678 
    +679             return info;
    +680         },
    +681 
    +682         /**
    +683          * generate PBKDF2 key hexstring with specified passcode and information
    +684          * @name getPBKDF2KeyHexFromParam
    +685          * @memberOf KEYUTIL
    +686          * @function
    +687          * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file
    +688          * @param {String} passcode passcode to decrypto private key
    +689          * @return {String} hexadecimal string of PBKDF2 key
    +690          * @since pkcs5pkey 1.0.3
    +691          * @description
    +692          * As for info, this uses following properties:
    +693          * <ul>
    +694          * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li>
    +695          * <li>info.pkbdf2Iter - iteration count</li>
    +696          * </ul>
    +697          * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    +698          * <ul>
    +699          * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    +700          * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    +701          * </ul>
    +702          * @example
    +703          * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    +704          * // key with PBKDF2 with TripleDES
    +705          * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    +706          */
    +707         getPBKDF2KeyHexFromParam: function(info, passcode) {
    +708             var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt);
    +709             var pbkdf2Iter = info.pbkdf2Iter;
    +710             var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
    +711                                               pbkdf2SaltWS, 
    +712                                               { keySize: 192/32, iterations: pbkdf2Iter });
    +713             var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS);
    +714             return pbkdf2KeyHex;
    +715         },
    +716 
    +717         /**
    +718          * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key
    +719          * @name getPlainPKCS8HexFromEncryptedPKCS8PEM
    +720          * @memberOf KEYUTIL
    +721          * @function
    +722          * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key
    +723          * @param {String} passcode passcode to decrypto private key
    +724          * @return {String} hexadecimal string of plain PKCS#8 private key
    +725          * @since pkcs5pkey 1.0.3
    +726          * @description
    +727          * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    +728          * <ul>
    +729          * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    +730          * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    +731          * </ul>
    +732          * @example
    +733          * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    +734          * // key with PBKDF2 with TripleDES
    +735          * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    +736          */
    +737         getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    +738             // 1. derHex - PKCS#8 private key encrypted by PBKDF2
    +739             var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY");
    +740             // 2. info - PKCS#5 PBES info
    +741             var info = this.parseHexOfEncryptedPKCS8(derHex);
    +742             // 3. hKey - PBKDF2 key
    +743             var pbkdf2KeyHex = KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode);
    +744             // 4. decrypt ciphertext by PBKDF2 key
    +745             var encrypted = {};
    +746             encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext);
    +747             var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex);
    +748             var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV);
    +749             var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS });
    +750             var decHex = CryptoJS.enc.Hex.stringify(decWS);
    +751             return decHex;
    +752         },
    +753 
    +754         /**
    +755          * (DEPRECATED) read PEM formatted encrypted PKCS#8 private key and returns RSAKey object
    +756          * @name getRSAKeyFromEncryptedPKCS8PEM
    +757          * @memberOf KEYUTIL
    +758          * @function
    +759          * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key
    +760          * @param {String} passcode passcode to decrypto private key
    +761          * @return {RSAKey} loaded RSAKey object of RSA private key
    +762          * @since pkcs5pkey 1.0.3
    +763          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +764          * @description
    +765          * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
    +766          * <ul>
    +767          * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li>
    +768          * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li>
    +769          * </ul>
    +770          * @example
    +771          * // to convert plain PKCS#5 private key to encrypted PKCS#8 private
    +772          * // key with PBKDF2 with TripleDES
    +773          * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
    +774          */
    +775         getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    +776             var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode);
    +777             var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex);
    +778             return rsaKey;
    +779         },
    +780 
    +781         /**
    +782          * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
    +783          * @name getKeyFromEncryptedPKCS8PEM
    +784          * @memberOf KEYUTIL
    +785          * @function
    +786          * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key
    +787          * @param {String} passcode passcode string to decrypt key
    +788          * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    +789          * @since pkcs5pkey 1.0.5
    +790          */
    +791         getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) {
    +792             var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode);
    +793             var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex);
    +794             return key;
    +795         },
    +796 
    +797         /**
    +798          * parse hexadecimal string of plain PKCS#8 private key
    +799          * @name parsePlainPrivatePKCS8Hex
    +800          * @memberOf KEYUTIL
    +801          * @function
    +802          * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key
    +803          * @return {Array} associative array of parsed key
    +804          * @since pkcs5pkey 1.0.5
    +805          * @description
    +806          * Resulted associative array has following properties:
    +807          * <ul>
    +808          * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li>
    +809          * <li>algparam - hexadecimal string of OID of ECC curve name or null</li>
    +810          * <li>keyidx - string starting index of key in pkcs8PrvHex</li>
    +811          * </ul>
    +812          */
    +813         parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) {
    +814             var result = {};
    +815             result.algparam = null;
    +816 
    +817             // 1. sequence
    +818             if (pkcs8PrvHex.substr(0, 2) != "30")
    +819                 throw "malformed plain PKCS8 private key(code:001)"; // not sequence
    +820 
    +821             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0);
    +822             if (a1.length != 3)
    +823                 throw "malformed plain PKCS8 private key(code:002)";
    +824 
    +825             // 2. AlgID
    +826             if (pkcs8PrvHex.substr(a1[1], 2) != "30")
    +827                 throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence
    +828 
    +829             var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, a1[1]);
    +830             if (a2.length != 2)
    +831                 throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements
    +832 
    +833             // 2.1. AlgID OID
    +834             if (pkcs8PrvHex.substr(a2[0], 2) != "06")
    +835                 throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID
    +836 
    +837             result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]);
     838 
    -839 			// 3. Key index
    -840 			if (pkcs8PrvHex.substr(a1[2], 2) != "04")
    -841 				throw "malformed PKCS8 private key(code:006)"; // not octet string
    -842 
    -843 			result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]);
    -844 
    -845 			return result;
    -846         },
    +839             // 2.2. AlgID param
    +840             if (pkcs8PrvHex.substr(a2[1], 2) == "06") {
    +841                 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]);
    +842             }
    +843 
    +844             // 3. Key index
    +845             if (pkcs8PrvHex.substr(a1[2], 2) != "04")
    +846                 throw "malformed PKCS8 private key(code:006)"; // not octet string
     847 
    -848 		/**
    -849          * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
    -850 		 * @name getKeyFromPlainPrivatePKCS8PEM
    -851 		 * @memberOf KEYUTIL
    -852 		 * @function
    -853 		 * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key
    -854 		 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    -855 		 * @since pkcs5pkey 1.0.5
    -856 		 */
    -857 		getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) {
    -858 			var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY");
    -859 			var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex);
    -860 			return key;
    -861 		},
    -862 
    -863 		/**
    -864          * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
    -865 		 * @name getKeyFromPlainPrivatePKCS8Hex
    -866 		 * @memberOf KEYUTIL
    -867 		 * @function
    -868 		 * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key
    -869 		 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    -870 		 * @since pkcs5pkey 1.0.5
    -871 		 */
    -872 		getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) {
    -873 			var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex);
    -874 			
    -875 			if (p8.algoid == "2a864886f70d010101") { // RSA
    -876 				this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8);
    -877 				var k = p8.key;
    -878 				var key = new RSAKey();
    -879 				key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co);
    -880 				return key;
    -881 			} else if (p8.algoid == "2a8648ce3d0201") { // ECC
    -882 				this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8);
    -883 				if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined)
    -884 					throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam;
    -885 				var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam];
    -886 				var key = new KJUR.crypto.ECDSA({'curve': curveName});
    -887 				key.setPublicKeyHex(p8.pubkey);
    -888 				key.setPrivateKeyHex(p8.key);
    -889 				key.isPublic = false;
    -890 				return key;
    -891 			} else if (p8.algoid == "2a8648ce380401") { // DSA
    -892 				var hP = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,0], "02");
    -893 				var hQ = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,1], "02");
    -894 				var hG = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,2], "02");
    -895 				var hX = ASN1HEX.getVbyList(prvKeyHex, 0, [2,0], "02");
    -896 				var biP = new BigInteger(hP, 16);
    -897 				var biQ = new BigInteger(hQ, 16);
    -898 				var biG = new BigInteger(hG, 16);
    -899 				var biX = new BigInteger(hX, 16);
    -900 				var key = new KJUR.crypto.DSA();
    -901 				key.setPrivate(biP, biQ, biG, null, biX);
    -902 				return key;
    -903 			} else {
    -904 				throw "unsupported private key algorithm";
    -905 			}
    -906 		},
    -907 
    -908 		// === PKCS8 RSA Public Key ================================================
    -909 		/**
    -910          * (DEPRECATED) read PEM formatted PKCS#8 public key and returns RSAKey object
    -911 		 * @name getRSAKeyFromPublicPKCS8PEM
    -912 		 * @memberOf KEYUTIL
    -913 		 * @function
    -914 		 * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key
    -915 		 * @return {RSAKey} loaded RSAKey object of RSA public key
    -916          * @since pkcs5pkey 1.0.4
    -917 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -918 		 */
    -919         getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) {
    -920             var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY");
    -921             var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex);
    -922 			return rsaKey;
    -923 		},
    -924 
    -925 		/**
    -926          * (DEPRECATED) get RSAKey/ECDSA public key object from PEM PKCS#8 public key
    -927 		 * @name getKeyFromPublicPKCS8PEM
    -928 		 * @memberOf KEYUTIL
    -929 		 * @function
    -930 		 * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key
    -931 		 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    -932 		 * @since pkcs5pkey 1.0.5
    -933 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -934 		 */
    -935         getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) {
    -936             var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY");
    -937             var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex);
    -938 			return key;
    -939 		},
    -940 
    -941 		/**
    -942          * (DEPRECATED) get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key
    -943 		 * @name getKeyFromPublicPKCS8Hex
    -944 		 * @memberOf KEYUTIL
    -945 		 * @function
    -946 		 * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key
    -947 		 * @return {Object} RSAKey or KJUR.crypto.{ECDSA,DSA} private key object
    -948 		 * @since pkcs5pkey 1.0.5
    -949 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -950 		 */
    -951         getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) {
    -952 			var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex);
    -953 			
    -954 			if (p8.algoid == "2a864886f70d010101") { // RSA
    -955 				var aRSA = this.parsePublicRawRSAKeyHex(p8.key);
    -956 				var key = new RSAKey();
    -957 				key.setPublic(aRSA.n, aRSA.e);
    -958 				return key;
    -959 			} else if (p8.algoid == "2a8648ce3d0201") { // ECC
    -960 				if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined)
    -961 					throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam;
    -962 				var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam];
    -963 				var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key});
    -964 				return key;
    -965 			} else if (p8.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1
    -966 				var param = p8.algparam;
    -967                 var y = ASN1HEX.getHexOfV_AtObj(p8.key, 0);
    -968 				var key = new KJUR.crypto.DSA();
    -969 				key.setPublic(new BigInteger(param.p, 16),
    -970 							  new BigInteger(param.q, 16),
    -971 							  new BigInteger(param.g, 16),
    -972 							  new BigInteger(y, 16));
    -973 				return key;
    -974 			} else {
    -975 				throw "unsupported public key algorithm";
    -976 			}
    -977 		},
    -978 
    -979 		/**
    -980          * parse hexadecimal string of plain PKCS#8 private key
    -981 		 * @name parsePublicRawRSAKeyHex
    -982 		 * @memberOf KEYUTIL
    -983 		 * @function
    -984 		 * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key
    -985 		 * @return {Array} associative array of parsed key
    -986 		 * @since pkcs5pkey 1.0.5
    -987 		 * @description
    -988 		 * Resulted associative array has following properties:
    -989 		 * <ul>
    -990 		 * <li>n - hexadecimal string of public key
    -991 		 * <li>e - hexadecimal string of public exponent
    -992 		 * </ul>
    -993 		 */
    -994 		parsePublicRawRSAKeyHex: function(pubRawRSAHex) {
    -995 			var result = {};
    -996 			
    -997 			// 1. Sequence
    -998 			if (pubRawRSAHex.substr(0, 2) != "30")
    -999 				throw "malformed RSA key(code:001)"; // not sequence
    -1000 			
    -1001 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0);
    -1002 			if (a1.length != 2)
    -1003 				throw "malformed RSA key(code:002)"; // not 2 items in seq
    -1004 
    -1005 			// 2. public key "N"
    -1006 			if (pubRawRSAHex.substr(a1[0], 2) != "02")
    -1007 				throw "malformed RSA key(code:003)"; // 1st item is not integer
    -1008 
    -1009 			result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]);
    -1010 
    -1011 			// 3. public key "E"
    -1012 			if (pubRawRSAHex.substr(a1[1], 2) != "02")
    -1013 				throw "malformed RSA key(code:004)"; // 2nd item is not integer
    -1014 
    -1015 			result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]);
    -1016 
    -1017 			return result;
    -1018 		},
    +848             result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]);
    +849 
    +850             return result;
    +851         },
    +852 
    +853         /**
    +854          * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
    +855          * @name getKeyFromPlainPrivatePKCS8PEM
    +856          * @memberOf KEYUTIL
    +857          * @function
    +858          * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key
    +859          * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    +860          * @since pkcs5pkey 1.0.5
    +861          */
    +862         getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) {
    +863             var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY");
    +864             var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex);
    +865             return key;
    +866         },
    +867 
    +868         /**
    +869          * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
    +870          * @name getKeyFromPlainPrivatePKCS8Hex
    +871          * @memberOf KEYUTIL
    +872          * @function
    +873          * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key
    +874          * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    +875          * @since pkcs5pkey 1.0.5
    +876          */
    +877         getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) {
    +878             var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex);
    +879             
    +880             if (p8.algoid == "2a864886f70d010101") { // RSA
    +881                 this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8);
    +882                 var k = p8.key;
    +883                 var key = new RSAKey();
    +884                 key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co);
    +885                 return key;
    +886             } else if (p8.algoid == "2a8648ce3d0201") { // ECC
    +887                 this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8);
    +888                 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined)
    +889                     throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam;
    +890                 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam];
    +891                 var key = new KJUR.crypto.ECDSA({'curve': curveName});
    +892                 key.setPublicKeyHex(p8.pubkey);
    +893                 key.setPrivateKeyHex(p8.key);
    +894                 key.isPublic = false;
    +895                 return key;
    +896             } else if (p8.algoid == "2a8648ce380401") { // DSA
    +897                 var hP = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,0], "02");
    +898                 var hQ = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,1], "02");
    +899                 var hG = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,2], "02");
    +900                 var hX = ASN1HEX.getVbyList(prvKeyHex, 0, [2,0], "02");
    +901                 var biP = new BigInteger(hP, 16);
    +902                 var biQ = new BigInteger(hQ, 16);
    +903                 var biG = new BigInteger(hG, 16);
    +904                 var biX = new BigInteger(hX, 16);
    +905                 var key = new KJUR.crypto.DSA();
    +906                 key.setPrivate(biP, biQ, biG, null, biX);
    +907                 return key;
    +908             } else {
    +909                 throw "unsupported private key algorithm";
    +910             }
    +911         },
    +912 
    +913         // === PKCS8 RSA Public Key ================================================
    +914         /**
    +915          * (DEPRECATED) read PEM formatted PKCS#8 public key and returns RSAKey object
    +916          * @name getRSAKeyFromPublicPKCS8PEM
    +917          * @memberOf KEYUTIL
    +918          * @function
    +919          * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key
    +920          * @return {RSAKey} loaded RSAKey object of RSA public key
    +921          * @since pkcs5pkey 1.0.4
    +922          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +923          */
    +924         getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) {
    +925             var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY");
    +926             var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex);
    +927             return rsaKey;
    +928         },
    +929 
    +930         /**
    +931          * (DEPRECATED) get RSAKey/ECDSA public key object from PEM PKCS#8 public key
    +932          * @name getKeyFromPublicPKCS8PEM
    +933          * @memberOf KEYUTIL
    +934          * @function
    +935          * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key
    +936          * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object
    +937          * @since pkcs5pkey 1.0.5
    +938          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +939          */
    +940         getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) {
    +941             var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY");
    +942             var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex);
    +943             return key;
    +944         },
    +945 
    +946         /**
    +947          * (DEPRECATED) get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key
    +948          * @name getKeyFromPublicPKCS8Hex
    +949          * @memberOf KEYUTIL
    +950          * @function
    +951          * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key
    +952          * @return {Object} RSAKey or KJUR.crypto.{ECDSA,DSA} private key object
    +953          * @since pkcs5pkey 1.0.5
    +954          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +955          */
    +956         getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) {
    +957             var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex);
    +958             
    +959             if (p8.algoid == "2a864886f70d010101") { // RSA
    +960                 var aRSA = this.parsePublicRawRSAKeyHex(p8.key);
    +961                 var key = new RSAKey();
    +962                 key.setPublic(aRSA.n, aRSA.e);
    +963                 return key;
    +964             } else if (p8.algoid == "2a8648ce3d0201") { // ECC
    +965                 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined)
    +966                     throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam;
    +967                 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam];
    +968                 var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key});
    +969                 return key;
    +970             } else if (p8.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1
    +971                 var param = p8.algparam;
    +972                 var y = ASN1HEX.getHexOfV_AtObj(p8.key, 0);
    +973                 var key = new KJUR.crypto.DSA();
    +974                 key.setPublic(new BigInteger(param.p, 16),
    +975                               new BigInteger(param.q, 16),
    +976                               new BigInteger(param.g, 16),
    +977                               new BigInteger(y, 16));
    +978                 return key;
    +979             } else {
    +980                 throw "unsupported public key algorithm";
    +981             }
    +982         },
    +983 
    +984         /**
    +985          * parse hexadecimal string of plain PKCS#8 private key
    +986          * @name parsePublicRawRSAKeyHex
    +987          * @memberOf KEYUTIL
    +988          * @function
    +989          * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key
    +990          * @return {Array} associative array of parsed key
    +991          * @since pkcs5pkey 1.0.5
    +992          * @description
    +993          * Resulted associative array has following properties:
    +994          * <ul>
    +995          * <li>n - hexadecimal string of public key
    +996          * <li>e - hexadecimal string of public exponent
    +997          * </ul>
    +998          */
    +999         parsePublicRawRSAKeyHex: function(pubRawRSAHex) {
    +1000             var result = {};
    +1001             
    +1002             // 1. Sequence
    +1003             if (pubRawRSAHex.substr(0, 2) != "30")
    +1004                 throw "malformed RSA key(code:001)"; // not sequence
    +1005             
    +1006             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0);
    +1007             if (a1.length != 2)
    +1008                 throw "malformed RSA key(code:002)"; // not 2 items in seq
    +1009 
    +1010             // 2. public key "N"
    +1011             if (pubRawRSAHex.substr(a1[0], 2) != "02")
    +1012                 throw "malformed RSA key(code:003)"; // 1st item is not integer
    +1013 
    +1014             result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]);
    +1015 
    +1016             // 3. public key "E"
    +1017             if (pubRawRSAHex.substr(a1[1], 2) != "02")
    +1018                 throw "malformed RSA key(code:004)"; // 2nd item is not integer
     1019 
    -1020 		/**
    -1021          * parse hexadecimal string of RSA private key
    -1022 		 * @name parsePrivateRawRSAKeyHexAtObj
    -1023 		 * @memberOf KEYUTIL
    -1024 		 * @function
    -1025 		 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key
    -1026 		 * @return {Array} info associative array to add parsed RSA private key information
    -1027 		 * @since pkcs5pkey 1.0.5
    -1028 		 * @description
    -1029 		 * Following properties are added to associative array 'info'
    -1030 		 * <ul>
    -1031 		 * <li>n - hexadecimal string of public key
    -1032 		 * <li>e - hexadecimal string of public exponent
    -1033 		 * <li>d - hexadecimal string of private key
    -1034 		 * <li>p - hexadecimal string
    -1035 		 * <li>q - hexadecimal string
    -1036 		 * <li>dp - hexadecimal string
    -1037 		 * <li>dq - hexadecimal string
    -1038 		 * <li>co - hexadecimal string
    -1039 		 * </ul>
    -1040 		 */
    -1041 		parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) {
    -1042 			var keyIdx = info.keyidx;
    -1043 			
    -1044 			// 1. sequence
    -1045 			if (pkcs8PrvHex.substr(keyIdx, 2) != "30")
    -1046 				throw "malformed RSA private key(code:001)"; // not sequence
    -1047 
    -1048 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx);
    -1049 			if (a1.length != 9)
    -1050 				throw "malformed RSA private key(code:002)"; // not sequence
    -1051 
    -1052 			// 2. RSA key
    -1053 			info.key = {};
    -1054 			info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]);
    -1055 			info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]);
    -1056 			info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]);
    -1057 			info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]);
    -1058 			info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]);
    -1059 			info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]);
    -1060 			info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]);
    -1061 			info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]);
    -1062 		},
    -1063 
    -1064 		/**
    -1065          * parse hexadecimal string of ECC private key
    -1066 		 * @name parsePrivateRawECKeyHexAtObj
    -1067 		 * @memberOf KEYUTIL
    -1068 		 * @function
    -1069 		 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key
    -1070 		 * @return {Array} info associative array to add parsed ECC private key information
    -1071 		 * @since pkcs5pkey 1.0.5
    -1072 		 * @description
    -1073 		 * Following properties are added to associative array 'info'
    -1074 		 * <ul>
    -1075 		 * <li>key - hexadecimal string of ECC private key
    -1076 		 * </ul>
    -1077 		 */
    -1078 		parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) {
    -1079 			var keyIdx = info.keyidx;
    -1080 			
    -1081 			var key = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [1], "04");
    -1082 			var pubkey = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [2,0], "03").substr(2);
    -1083 
    -1084 			info.key = key;
    -1085 			info.pubkey = pubkey;
    -1086 		},
    -1087 
    -1088 		/**
    -1089          * parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
    -1090 		 * @name parsePublicPKCS8Hex
    -1091 		 * @memberOf KEYUTIL
    -1092 		 * @function
    -1093 		 * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key
    -1094 		 * @return {Hash} hash of key information
    -1095 		 * @description
    -1096          * Resulted hash has following attributes.
    -1097 		 * <ul>
    -1098 		 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li>
    -1099 		 * <li>algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null</li>
    -1100 		 * <li>key - hexadecimal string of public key</li>
    -1101 		 * </ul>
    -1102 		 */
    -1103         parsePublicPKCS8Hex: function(pkcs8PubHex) {
    -1104 			var result = {};
    -1105 			result.algparam = null;
    -1106 
    -1107             // 1. AlgID and Key bit string
    -1108 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0);
    -1109 			if (a1.length != 2)
    -1110 				throw "outer DERSequence shall have 2 elements: " + a1.length;
    +1020             result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]);
    +1021 
    +1022             return result;
    +1023         },
    +1024 
    +1025         /**
    +1026          * parse hexadecimal string of RSA private key
    +1027          * @name parsePrivateRawRSAKeyHexAtObj
    +1028          * @memberOf KEYUTIL
    +1029          * @function
    +1030          * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key
    +1031          * @return {Array} info associative array to add parsed RSA private key information
    +1032          * @since pkcs5pkey 1.0.5
    +1033          * @description
    +1034          * Following properties are added to associative array 'info'
    +1035          * <ul>
    +1036          * <li>n - hexadecimal string of public key
    +1037          * <li>e - hexadecimal string of public exponent
    +1038          * <li>d - hexadecimal string of private key
    +1039          * <li>p - hexadecimal string
    +1040          * <li>q - hexadecimal string
    +1041          * <li>dp - hexadecimal string
    +1042          * <li>dq - hexadecimal string
    +1043          * <li>co - hexadecimal string
    +1044          * </ul>
    +1045          */
    +1046         parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) {
    +1047             var keyIdx = info.keyidx;
    +1048             
    +1049             // 1. sequence
    +1050             if (pkcs8PrvHex.substr(keyIdx, 2) != "30")
    +1051                 throw "malformed RSA private key(code:001)"; // not sequence
    +1052 
    +1053             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx);
    +1054             if (a1.length != 9)
    +1055                 throw "malformed RSA private key(code:002)"; // not sequence
    +1056 
    +1057             // 2. RSA key
    +1058             info.key = {};
    +1059             info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]);
    +1060             info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]);
    +1061             info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]);
    +1062             info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]);
    +1063             info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]);
    +1064             info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]);
    +1065             info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]);
    +1066             info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]);
    +1067         },
    +1068 
    +1069         /**
    +1070          * parse hexadecimal string of ECC private key
    +1071          * @name parsePrivateRawECKeyHexAtObj
    +1072          * @memberOf KEYUTIL
    +1073          * @function
    +1074          * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key
    +1075          * @return {Array} info associative array to add parsed ECC private key information
    +1076          * @since pkcs5pkey 1.0.5
    +1077          * @description
    +1078          * Following properties are added to associative array 'info'
    +1079          * <ul>
    +1080          * <li>key - hexadecimal string of ECC private key
    +1081          * </ul>
    +1082          */
    +1083         parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) {
    +1084             var keyIdx = info.keyidx;
    +1085             
    +1086             var key = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [1], "04");
    +1087             var pubkey = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [2,0], "03").substr(2);
    +1088 
    +1089             info.key = key;
    +1090             info.pubkey = pubkey;
    +1091         },
    +1092 
    +1093         /**
    +1094          * parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
    +1095          * @name parsePublicPKCS8Hex
    +1096          * @memberOf KEYUTIL
    +1097          * @function
    +1098          * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key
    +1099          * @return {Hash} hash of key information
    +1100          * @description
    +1101          * Resulted hash has following attributes.
    +1102          * <ul>
    +1103          * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li>
    +1104          * <li>algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null</li>
    +1105          * <li>key - hexadecimal string of public key</li>
    +1106          * </ul>
    +1107          */
    +1108         parsePublicPKCS8Hex: function(pkcs8PubHex) {
    +1109             var result = {};
    +1110             result.algparam = null;
     1111 
    -1112             // 2. AlgID
    -1113             var idxAlgIdTLV = a1[0];
    -1114             if (pkcs8PubHex.substr(idxAlgIdTLV, 2) != "30")
    -1115                 throw "malformed PKCS8 public key(code:001)"; // AlgId not sequence
    +1112             // 1. AlgID and Key bit string
    +1113             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0);
    +1114             if (a1.length != 2)
    +1115                 throw "outer DERSequence shall have 2 elements: " + a1.length;
     1116 
    -1117             var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxAlgIdTLV);
    -1118             if (a2.length != 2)
    -1119                 throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements
    -1120 
    -1121 			// 2.1. AlgID OID
    -1122 			if (pkcs8PubHex.substr(a2[0], 2) != "06")
    -1123 				throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID
    -1124 
    -1125 			result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]);
    -1126 
    -1127 			// 2.2. AlgID param
    -1128 			if (pkcs8PubHex.substr(a2[1], 2) == "06") { // OID for EC
    -1129 				result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]);
    -1130 			} else if (pkcs8PubHex.substr(a2[1], 2) == "30") { // SEQ for DSA
    -1131 				result.algparam = {};
    -1132 				result.algparam.p = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [0], "02");
    -1133 				result.algparam.q = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [1], "02");
    -1134 				result.algparam.g = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [2], "02");
    -1135 			}
    -1136 
    -1137 			// 3. Key
    -1138 			if (pkcs8PubHex.substr(a1[1], 2) != "03")
    -1139 				throw "malformed PKCS8 public key(code:004)"; // Key is not bit string
    -1140 
    -1141 			result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2);
    -1142             
    -1143 			// 4. return result assoc array
    -1144 			return result;
    -1145         },
    -1146 
    -1147 		/**
    -1148          * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
    -1149 		 * @name getRSAKeyFromPublicPKCS8Hex
    -1150 		 * @memberOf KEYUTIL
    -1151 		 * @function
    -1152 		 * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key
    -1153 		 * @return {RSAKey} loaded RSAKey object of RSA public key
    -1154          * @since pkcs5pkey 1.0.4
    -1155 		 * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    -1156 		 */
    -1157         getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) {
    -1158 			var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0);
    -1159 			if (a1.length != 2)
    -1160 				throw "outer DERSequence shall have 2 elements: " + a1.length;
    -1161 
    -1162             var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]);
    -1163 			if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption
    -1164 				throw "PKCS8 AlgorithmId is not rsaEncryption";
    -1165 			
    -1166 			if (pkcs8PubHex.substr(a1[1], 2) != "03")
    -1167 				throw "PKCS8 Public Key is not BITSTRING encapslated.";
    -1168 
    -1169 			var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit
    -1170 			
    -1171 			if (pkcs8PubHex.substr(idxPub, 2) != "30")
    -1172 				throw "PKCS8 Public Key is not SEQUENCE.";
    +1117             // 2. AlgID
    +1118             var idxAlgIdTLV = a1[0];
    +1119             if (pkcs8PubHex.substr(idxAlgIdTLV, 2) != "30")
    +1120                 throw "malformed PKCS8 public key(code:001)"; // AlgId not sequence
    +1121 
    +1122             var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxAlgIdTLV);
    +1123             if (a2.length != 2)
    +1124                 throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements
    +1125 
    +1126             // 2.1. AlgID OID
    +1127             if (pkcs8PubHex.substr(a2[0], 2) != "06")
    +1128                 throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID
    +1129 
    +1130             result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]);
    +1131 
    +1132             // 2.2. AlgID param
    +1133             if (pkcs8PubHex.substr(a2[1], 2) == "06") { // OID for EC
    +1134                 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]);
    +1135             } else if (pkcs8PubHex.substr(a2[1], 2) == "30") { // SEQ for DSA
    +1136                 result.algparam = {};
    +1137                 result.algparam.p = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [0], "02");
    +1138                 result.algparam.q = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [1], "02");
    +1139                 result.algparam.g = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [2], "02");
    +1140             }
    +1141 
    +1142             // 3. Key
    +1143             if (pkcs8PubHex.substr(a1[1], 2) != "03")
    +1144                 throw "malformed PKCS8 public key(code:004)"; // Key is not bit string
    +1145 
    +1146             result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2);
    +1147             
    +1148             // 4. return result assoc array
    +1149             return result;
    +1150         },
    +1151 
    +1152         /**
    +1153          * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
    +1154          * @name getRSAKeyFromPublicPKCS8Hex
    +1155          * @memberOf KEYUTIL
    +1156          * @function
    +1157          * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key
    +1158          * @return {RSAKey} loaded RSAKey object of RSA public key
    +1159          * @since pkcs5pkey 1.0.4
    +1160          * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}.
    +1161          */
    +1162         getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) {
    +1163             var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0);
    +1164             if (a1.length != 2)
    +1165                 throw "outer DERSequence shall have 2 elements: " + a1.length;
    +1166 
    +1167             var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]);
    +1168             if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption
    +1169                 throw "PKCS8 AlgorithmId is not rsaEncryption";
    +1170             
    +1171             if (pkcs8PubHex.substr(a1[1], 2) != "03")
    +1172                 throw "PKCS8 Public Key is not BITSTRING encapslated.";
     1173 
    -1174 			var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub);
    -1175 			if (a2.length != 2)
    -1176 				throw "inner DERSequence shall have 2 elements: " + a2.length;
    -1177 
    -1178 			if (pkcs8PubHex.substr(a2[0], 2) != "02") 
    -1179 				throw "N is not ASN.1 INTEGER";
    -1180 			if (pkcs8PubHex.substr(a2[1], 2) != "02") 
    -1181 				throw "E is not ASN.1 INTEGER";
    -1182 			
    -1183 			var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]);
    -1184 			var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]);
    -1185 
    -1186 			var pubKey = new RSAKey();
    -1187 			pubKey.setPublic(hN, hE);
    -1188 			
    -1189 			return pubKey;
    -1190 		},
    -1191 
    -1192 		//addAlgorithm: function(functionObject, algName, keyLen, ivLen) {
    -1193 		//}
    -1194     };
    -1195 }();
    +1174             var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit
    +1175             
    +1176             if (pkcs8PubHex.substr(idxPub, 2) != "30")
    +1177                 throw "PKCS8 Public Key is not SEQUENCE.";
    +1178 
    +1179             var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub);
    +1180             if (a2.length != 2)
    +1181                 throw "inner DERSequence shall have 2 elements: " + a2.length;
    +1182 
    +1183             if (pkcs8PubHex.substr(a2[0], 2) != "02") 
    +1184                 throw "N is not ASN.1 INTEGER";
    +1185             if (pkcs8PubHex.substr(a2[1], 2) != "02") 
    +1186                 throw "E is not ASN.1 INTEGER";
    +1187             
    +1188             var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]);
    +1189             var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]);
    +1190 
    +1191             var pubKey = new RSAKey();
    +1192             pubKey.setPublic(hN, hE);
    +1193             
    +1194             return pubKey;
    +1195         },
     1196 
    -1197 // -- MAJOR PUBLIC METHODS -------------------------------------------------------
    -1198 /**
    -1199  * get private or public key object from any arguments
    -1200  * @name getKey
    -1201  * @memberOf KEYUTIL
    -1202  * @function
    -1203  * @static
    -1204  * @param {Object} param parameter to get key object. see description in detail.
    -1205  * @param {String} passcode (OPTION) parameter to get key object. see description in detail.
    -1206  * @param {String} hextype (OPTOIN) parameter to get key object. see description in detail.
    -1207  * @return {Object} {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.ECDSA} object
    -1208  * @since keyutil 1.0.0
    -1209  * @description
    -1210  * This method gets private or public key object({@link RSAKey}, {@link KJUR.crypto.DSA} or {@link KJUR.crypto.ECDSA})
    -1211  * for RSA, DSA and ECC.
    -1212  * Arguments for this methods depends on a key format you specify.
    -1213  * Following key representations are supported.
    -1214  * <ul>
    -1215  * <li>ECC private/public key object(as is): param=KJUR.crypto.ECDSA</li>
    -1216  * <li>DSA private/public key object(as is): param=KJUR.crypto.DSA</li>
    -1217  * <li>RSA private/public key object(as is): param=RSAKey </li>
    -1218  * <li>ECC private key parameters: param={d: d, curve: curveName}</li>
    -1219  * <li>RSA private key parameters: param={n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq, co: co}<br/>
    -1220  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    -1221  * <li>DSA private key parameters: param={p: p, q: q, g: g, y: y, x: x}<br/>
    -1222  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    -1223  * <li>ECC public key parameters: param={xy: xy, curve: curveName}<br/>
    -1224  * NOTE: ECC public key 'xy' shall be concatination of "04", x-bytes-hex and y-bytes-hex.</li>
    -1225  * <li>DSA public key parameters: param={p: p, q: q, g: g, y: y}<br/>
    -1226  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    -1227  * <li>RSA public key parameters: param={n: n, e: e} </li>
    -1228  * <li>X.509 PEM certificate (RSA/DSA/ECC): param=pemString</li>
    -1229  * <li>PKCS#8 hexadecimal RSA/ECC public key: param=pemString, null, "pkcs8pub"</li>
    -1230  * <li>PKCS#8 PEM RSA/DSA/ECC public key: param=pemString</li>
    -1231  * <li>PKCS#5 plain hexadecimal RSA private key: param=hexString, null, "pkcs5prv"</li>
    -1232  * <li>PKCS#5 plain PEM DSA/RSA private key: param=pemString</li>
    -1233  * <li>PKCS#8 plain PEM RSA/ECDSA private key: param=pemString</li>
    -1234  * <li>PKCS#5 encrypted PEM RSA/DSA private key: param=pemString, passcode</li>
    -1235  * <li>PKCS#8 encrypted PEM RSA/ECDSA private key: param=pemString, passcode</li>
    -1236  * </ul>
    -1237  * Please note following limitation on encrypted keys:
    -1238  * <ul>
    -1239  * <li>Encrypted PKCS#8 only supports PBKDF2/HmacSHA1/3DES</li>
    -1240  * <li>Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC</li>
    +1197         //addAlgorithm: function(functionObject, algName, keyLen, ivLen) {
    +1198         //}
    +1199     };
    +1200 }();
    +1201 
    +1202 // -- MAJOR PUBLIC METHODS -------------------------------------------------------
    +1203 /**
    +1204  * get private or public key object from any arguments
    +1205  * @name getKey
    +1206  * @memberOf KEYUTIL
    +1207  * @function
    +1208  * @static
    +1209  * @param {Object} param parameter to get key object. see description in detail.
    +1210  * @param {String} passcode (OPTION) parameter to get key object. see description in detail.
    +1211  * @param {String} hextype (OPTOIN) parameter to get key object. see description in detail.
    +1212  * @return {Object} {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.ECDSA} object
    +1213  * @since keyutil 1.0.0
    +1214  * @description
    +1215  * This method gets private or public key object({@link RSAKey}, {@link KJUR.crypto.DSA} or {@link KJUR.crypto.ECDSA})
    +1216  * for RSA, DSA and ECC.
    +1217  * Arguments for this methods depends on a key format you specify.
    +1218  * Following key representations are supported.
    +1219  * <ul>
    +1220  * <li>ECC private/public key object(as is): param=KJUR.crypto.ECDSA</li>
    +1221  * <li>DSA private/public key object(as is): param=KJUR.crypto.DSA</li>
    +1222  * <li>RSA private/public key object(as is): param=RSAKey </li>
    +1223  * <li>ECC private key parameters: param={d: d, curve: curveName}</li>
    +1224  * <li>RSA private key parameters: param={n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq, co: co}<br/>
    +1225  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    +1226  * <li>DSA private key parameters: param={p: p, q: q, g: g, y: y, x: x}<br/>
    +1227  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    +1228  * <li>ECC public key parameters: param={xy: xy, curve: curveName}<br/>
    +1229  * NOTE: ECC public key 'xy' shall be concatination of "04", x-bytes-hex and y-bytes-hex.</li>
    +1230  * <li>DSA public key parameters: param={p: p, q: q, g: g, y: y}<br/>
    +1231  * NOTE: Each value shall be hexadecimal string of key spec.</li>
    +1232  * <li>RSA public key parameters: param={n: n, e: e} </li>
    +1233  * <li>X.509 PEM certificate (RSA/DSA/ECC): param=pemString</li>
    +1234  * <li>PKCS#8 hexadecimal RSA/ECC public key: param=pemString, null, "pkcs8pub"</li>
    +1235  * <li>PKCS#8 PEM RSA/DSA/ECC public key: param=pemString</li>
    +1236  * <li>PKCS#5 plain hexadecimal RSA private key: param=hexString, null, "pkcs5prv"</li>
    +1237  * <li>PKCS#5 plain PEM DSA/RSA private key: param=pemString</li>
    +1238  * <li>PKCS#8 plain PEM RSA/ECDSA private key: param=pemString</li>
    +1239  * <li>PKCS#5 encrypted PEM RSA/DSA private key: param=pemString, passcode</li>
    +1240  * <li>PKCS#8 encrypted PEM RSA/ECDSA private key: param=pemString, passcode</li>
     1241  * </ul>
    -1242  */
    -1243 KEYUTIL.getKey = function(param, passcode, hextype) {
    -1244     // 1. by key object
    -1245     if (typeof RSAKey != 'undefined' && param instanceof RSAKey)
    -1246 		return param;
    -1247     if (typeof KJUR.crypto.ECDSA != 'undefined' && param instanceof KJUR.crypto.ECDSA)
    -1248 		return param;
    -1249     if (typeof KJUR.crypto.DSA != 'undefined' && param instanceof KJUR.crypto.DSA)
    -1250 		return param;
    -1251 
    -1252     // 2. by key spec
    -1253     // 2.1. ECC private key
    -1254     if (param.xy !== undefined && param.curve !== undefined) {
    -1255 		return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve});
    -1256     }
    -1257     // 2.2. RSA private key
    -1258     if (param.n !== undefined && param.e !== undefined && param.d !== undefined &&
    -1259 		param.p !== undefined && param.q !== undefined &&
    -1260 		param.dp !== undefined && param.dq !== undefined && param.co !== undefined) {
    -1261 		var key = new RSAKey();
    -1262 		key.setPrivateEx(param.n, param.e, param.d, param.p, param.q,
    -1263 						 param.dp, param.dq, param.co);
    -1264 		return key;
    -1265     }
    -1266     // 2.3. DSA private key
    -1267     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
    -1268 		param.y !== undefined && param.x !== undefined) {
    -1269 		var key = new KJUR.crypto.DSA();
    -1270 		key.setPrivate(param.p, param.q, param.g, param.y, param.x);
    -1271 		return key;
    -1272     }
    -1273 
    -1274     // 2.4. ECC public key
    -1275     if (param.d !== undefined && param.curve !== undefined) {
    -1276 		return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve});
    +1242  * Please note following limitation on encrypted keys:
    +1243  * <ul>
    +1244  * <li>Encrypted PKCS#8 only supports PBKDF2/HmacSHA1/3DES</li>
    +1245  * <li>Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC</li>
    +1246  * </ul>
    +1247  */
    +1248 KEYUTIL.getKey = function(param, passcode, hextype) {
    +1249     // 1. by key object
    +1250     if (typeof RSAKey != 'undefined' && param instanceof RSAKey)
    +1251         return param;
    +1252     if (typeof KJUR.crypto.ECDSA != 'undefined' && param instanceof KJUR.crypto.ECDSA)
    +1253         return param;
    +1254     if (typeof KJUR.crypto.DSA != 'undefined' && param instanceof KJUR.crypto.DSA)
    +1255         return param;
    +1256 
    +1257     // 2. by key spec
    +1258     // 2.1. ECC private key
    +1259     if (param.xy !== undefined && param.curve !== undefined) {
    +1260         return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve});
    +1261     }
    +1262     // 2.2. RSA private key
    +1263     if (param.n !== undefined && param.e !== undefined && param.d !== undefined &&
    +1264         param.p !== undefined && param.q !== undefined &&
    +1265         param.dp !== undefined && param.dq !== undefined && param.co !== undefined) {
    +1266         var key = new RSAKey();
    +1267         key.setPrivateEx(param.n, param.e, param.d, param.p, param.q,
    +1268                          param.dp, param.dq, param.co);
    +1269         return key;
    +1270     }
    +1271     // 2.3. DSA private key
    +1272     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
    +1273         param.y !== undefined && param.x !== undefined) {
    +1274         var key = new KJUR.crypto.DSA();
    +1275         key.setPrivate(param.p, param.q, param.g, param.y, param.x);
    +1276         return key;
     1277     }
    -1278     // 2.5. RSA private key
    -1279     if (param.n !== undefined && param.e) {
    -1280 		var key = new RSAKey();
    -1281 		key.setPublic(param.n, param.e);
    -1282 		return key;
    -1283     }
    -1284     // 2.6. DSA public key
    -1285     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
    -1286 		param.y !== undefined && param.x === undefined) {
    -1287 		var key = new KJUR.crypto.DSA();
    -1288 		key.setPublic(param.p, param.q, param.g, param.y);
    -1289 		return key;
    -1290     }
    -1291 
    -1292     // 3. by cert
    -1293     if (param.indexOf("-END CERTIFICATE-", 0) != -1 ||
    -1294 		param.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
    -1295 		param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) {
    -1296 		return X509.getPublicKeyFromCertPEM(param);
    -1297     }
    -1298 
    -1299     // 4. public key by PKCS#8 hexadecimal string
    -1300     if (hextype === "pkcs8pub") {
    -1301 		return KEYUTIL.getKeyFromPublicPKCS8Hex(param);
    +1278 
    +1279     // 2.4. ECC public key
    +1280     if (param.d !== undefined && param.curve !== undefined) {
    +1281         return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve});
    +1282     }
    +1283     // 2.5. RSA private key
    +1284     if (param.n !== undefined && param.e) {
    +1285         var key = new RSAKey();
    +1286         key.setPublic(param.n, param.e);
    +1287         return key;
    +1288     }
    +1289     // 2.6. DSA public key
    +1290     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
    +1291         param.y !== undefined && param.x === undefined) {
    +1292         var key = new KJUR.crypto.DSA();
    +1293         key.setPublic(param.p, param.q, param.g, param.y);
    +1294         return key;
    +1295     }
    +1296 
    +1297     // 3. by cert
    +1298     if (param.indexOf("-END CERTIFICATE-", 0) != -1 ||
    +1299         param.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
    +1300         param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) {
    +1301         return X509.getPublicKeyFromCertPEM(param);
     1302     }
     1303 
    -1304     // 5. public key by PKCS#8 PEM string
    -1305     if (param.indexOf("-END PUBLIC KEY-") != -1) {
    -1306 		return KEYUTIL.getKeyFromPublicPKCS8PEM(param);
    +1304     // 4. public key by PKCS#8 hexadecimal string
    +1305     if (hextype === "pkcs8pub") {
    +1306         return KEYUTIL.getKeyFromPublicPKCS8Hex(param);
     1307     }
    -1308     
    -1309     // 6. private key by PKCS#5 plain hexadecimal RSA string
    -1310     if (hextype === "pkcs5prv") {
    -1311 		var key = new RSAKey();
    -1312 		key.readPrivateKeyFromASN1HexString(param);
    -1313 		return key;
    -1314     }
    -1315 
    -1316     // 7. private key by plain PKCS#5 hexadecimal RSA string
    -1317     if (hextype === "pkcs5prv") {
    -1318 		var key = new RSAKey();
    -1319 		key.readPrivateKeyFromASN1HexString(param);
    -1320 		return key;
    -1321     }
    -1322 
    -1323     // 8. private key by plain PKCS#5 PEM RSA string
    -1324     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
    -1325 		param.indexOf("4,ENCRYPTED") == -1) {
    -1326 		var key = new RSAKey();
    -1327 		key.readPrivateKeyFromPEMString(param);
    -1328 		return key;
    -1329     }
    -1330 
    -1331     // 8.2. private key by plain PKCS#5 PEM DSA string
    -1332     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
    -1333 		param.indexOf("4,ENCRYPTED") == -1) {
    -1334 
    -1335 		var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY");
    -1336 		var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
    -1337 		var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
    -1338 		var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
    -1339 		var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
    -1340 		var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
    -1341 		var key = new KJUR.crypto.DSA();
    -1342 		key.setPrivate(new BigInteger(p, 16),
    -1343 					   new BigInteger(q, 16),
    -1344 					   new BigInteger(g, 16),
    -1345 					   new BigInteger(y, 16),
    -1346 					   new BigInteger(x, 16));
    -1347 		return key;
    -1348     }
    -1349 
    -1350     // 9. private key by plain PKCS#8 PEM ECC/RSA string
    -1351     if (param.indexOf("-END PRIVATE KEY-") != -1) {
    -1352 		return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param);
    +1308 
    +1309     // 5. public key by PKCS#8 PEM string
    +1310     if (param.indexOf("-END PUBLIC KEY-") != -1) {
    +1311         return KEYUTIL.getKeyFromPublicPKCS8PEM(param);
    +1312     }
    +1313     
    +1314     // 6. private key by PKCS#5 plain hexadecimal RSA string
    +1315     if (hextype === "pkcs5prv") {
    +1316         var key = new RSAKey();
    +1317         key.readPrivateKeyFromASN1HexString(param);
    +1318         return key;
    +1319     }
    +1320 
    +1321     // 7. private key by plain PKCS#5 hexadecimal RSA string
    +1322     if (hextype === "pkcs5prv") {
    +1323         var key = new RSAKey();
    +1324         key.readPrivateKeyFromASN1HexString(param);
    +1325         return key;
    +1326     }
    +1327 
    +1328     // 8. private key by plain PKCS#5 PEM RSA string
    +1329     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
    +1330         param.indexOf("4,ENCRYPTED") == -1) {
    +1331         var key = new RSAKey();
    +1332         key.readPrivateKeyFromPEMString(param);
    +1333         return key;
    +1334     }
    +1335 
    +1336     // 8.2. private key by plain PKCS#5 PEM DSA string
    +1337     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
    +1338         param.indexOf("4,ENCRYPTED") == -1) {
    +1339 
    +1340         var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY");
    +1341         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
    +1342         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
    +1343         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
    +1344         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
    +1345         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
    +1346         var key = new KJUR.crypto.DSA();
    +1347         key.setPrivate(new BigInteger(p, 16),
    +1348                        new BigInteger(q, 16),
    +1349                        new BigInteger(g, 16),
    +1350                        new BigInteger(y, 16),
    +1351                        new BigInteger(x, 16));
    +1352         return key;
     1353     }
     1354 
    -1355     // 10. private key by encrypted PKCS#5 PEM RSA string
    -1356     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
    -1357 		param.indexOf("4,ENCRYPTED") != -1) {
    -1358 		return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode);
    -1359     }
    -1360 
    -1361     // 10.2. private key by encrypted PKCS#5 PEM ECDSA string
    -1362     if (param.indexOf("-END EC PRIVATE KEY-") != -1 &&
    -1363 		param.indexOf("4,ENCRYPTED") != -1) {
    -1364 		var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
    +1355     // 9. private key by plain PKCS#8 PEM ECC/RSA string
    +1356     if (param.indexOf("-END PRIVATE KEY-") != -1) {
    +1357         return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param);
    +1358     }
    +1359 
    +1360     // 10. private key by encrypted PKCS#5 PEM RSA string
    +1361     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
    +1362         param.indexOf("4,ENCRYPTED") != -1) {
    +1363         return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode);
    +1364     }
     1365 
    -1366 		var key = ASN1HEX.getVbyList(hKey, 0, [1], "04");
    -1367 		var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06");
    -1368 		var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2);
    -1369 		var curveName = "";
    +1366     // 10.2. private key by encrypted PKCS#5 PEM ECDSA string
    +1367     if (param.indexOf("-END EC PRIVATE KEY-") != -1 &&
    +1368         param.indexOf("4,ENCRYPTED") != -1) {
    +1369         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
     1370 
    -1371 		if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) {
    -1372 			curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex];
    -1373 		} else {
    -1374 			throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex;
    -1375 		}
    -1376 
    -1377 		var ec = new KJUR.crypto.ECDSA({'name': curveName});
    -1378 		ec.setPublicKeyHex(pubkey);
    -1379 		ec.setPrivateKeyHex(key);
    -1380 		ec.isPublic = false;
    -1381 		return ec;
    -1382     }
    -1383 
    -1384     // 10.3. private key by encrypted PKCS#5 PEM DSA string
    -1385     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
    -1386 		param.indexOf("4,ENCRYPTED") != -1) {
    -1387 		var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
    -1388 		var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
    -1389 		var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
    -1390 		var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
    -1391 		var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
    -1392 		var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
    -1393 		var key = new KJUR.crypto.DSA();
    -1394 		key.setPrivate(new BigInteger(p, 16),
    -1395 					   new BigInteger(q, 16),
    -1396 					   new BigInteger(g, 16),
    -1397 					   new BigInteger(y, 16),
    -1398 					   new BigInteger(x, 16));
    -1399 		return key;
    -1400     }
    -1401 
    -1402     // 11. private key by encrypted PKCS#8 hexadecimal RSA/ECDSA string
    -1403     if (param.indexOf("-END ENCRYPTED PRIVATE KEY-") != -1) {
    -1404 		return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode);
    +1371         var key = ASN1HEX.getVbyList(hKey, 0, [1], "04");
    +1372         var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06");
    +1373         var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2);
    +1374         var curveName = "";
    +1375 
    +1376         if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) {
    +1377             curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex];
    +1378         } else {
    +1379             throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex;
    +1380         }
    +1381 
    +1382         var ec = new KJUR.crypto.ECDSA({'name': curveName});
    +1383         ec.setPublicKeyHex(pubkey);
    +1384         ec.setPrivateKeyHex(key);
    +1385         ec.isPublic = false;
    +1386         return ec;
    +1387     }
    +1388 
    +1389     // 10.3. private key by encrypted PKCS#5 PEM DSA string
    +1390     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
    +1391         param.indexOf("4,ENCRYPTED") != -1) {
    +1392         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
    +1393         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
    +1394         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
    +1395         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
    +1396         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
    +1397         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
    +1398         var key = new KJUR.crypto.DSA();
    +1399         key.setPrivate(new BigInteger(p, 16),
    +1400                        new BigInteger(q, 16),
    +1401                        new BigInteger(g, 16),
    +1402                        new BigInteger(y, 16),
    +1403                        new BigInteger(x, 16));
    +1404         return key;
     1405     }
     1406 
    -1407     throw "not supported argument";
    -1408 };
    -1409 
    -1410 /**
    -1411  * @name generateKeypair
    -1412  * @memberOf KEYUTIL
    -1413  * @function
    -1414  * @static
    -1415  * @param {String} alg 'RSA' or 'EC'
    -1416  * @param {Object} keylenOrCurve key length for RSA or curve name for EC
    -1417  * @return {Array} associative array of keypair which has prvKeyObj and pubKeyObj parameters
    -1418  * @since keyutil 1.0.1
    -1419  * @description
    -1420  * This method generates a key pair of public key algorithm.
    -1421  * The result will be an associative array which has following
    -1422  * parameters:
    -1423  * <ul>
    -1424  * <li>prvKeyObj - RSAKey or ECDSA object of private key</li>
    -1425  * <li>pubKeyObj - RSAKey or ECDSA object of public key</li>
    -1426  * </ul>
    -1427  * NOTE1: As for RSA algoirthm, public exponent has fixed
    -1428  * value '0x10001'.
    -1429  * NOTE2: As for EC algorithm, supported names of curve are
    -1430  * secp256r1, secp256k1 and secp384r1.
    -1431  * NOTE3: DSA is not supported yet.
    -1432  * @example
    -1433  * var rsaKeypair = KEYUTIL.generateKeypair("RSA", 1024);
    -1434  * var ecKeypair = KEYUTIL.generateKeypair("EC", "secp256r1");
    -1435  *
    -1436  */
    -1437 KEYUTIL.generateKeypair = function(alg, keylenOrCurve) {
    -1438     if (alg == "RSA") {
    -1439 		var keylen = keylenOrCurve;
    -1440 		var prvKey = new RSAKey();
    -1441 		prvKey.generate(keylen, '10001');
    -1442 		prvKey.isPrivate = true;
    -1443 		prvKey.isPublic = true;
    -1444 		
    -1445 		var pubKey = new RSAKey();
    -1446 		var hN = prvKey.n.toString(16);
    -1447 		var hE = prvKey.e.toString(16);
    -1448 		pubKey.setPublic(hN, hE);
    -1449 		pubKey.isPrivate = false;
    -1450 		pubKey.isPublic = true;
    -1451 		
    -1452 		var result = {};
    -1453 		result.prvKeyObj = prvKey;
    -1454 		result.pubKeyObj = pubKey;
    -1455 		return result;
    -1456     } else if (alg == "EC") {
    -1457 		var curve = keylenOrCurve;
    -1458 		var ec = new KJUR.crypto.ECDSA({curve: curve});
    -1459 		var keypairHex = ec.generateKeyPairHex();
    -1460 
    -1461 		var prvKey = new KJUR.crypto.ECDSA({curve: curve});
    -1462 		prvKey.setPrivateKeyHex(keypairHex.ecprvhex);
    -1463 		prvKey.isPrivate = true;
    -1464 		prvKey.isPublic = false;
    +1407     // 11. private key by encrypted PKCS#8 hexadecimal RSA/ECDSA string
    +1408     if (param.indexOf("-END ENCRYPTED PRIVATE KEY-") != -1) {
    +1409         return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode);
    +1410     }
    +1411 
    +1412     throw "not supported argument";
    +1413 };
    +1414 
    +1415 /**
    +1416  * @name generateKeypair
    +1417  * @memberOf KEYUTIL
    +1418  * @function
    +1419  * @static
    +1420  * @param {String} alg 'RSA' or 'EC'
    +1421  * @param {Object} keylenOrCurve key length for RSA or curve name for EC
    +1422  * @return {Array} associative array of keypair which has prvKeyObj and pubKeyObj parameters
    +1423  * @since keyutil 1.0.1
    +1424  * @description
    +1425  * This method generates a key pair of public key algorithm.
    +1426  * The result will be an associative array which has following
    +1427  * parameters:
    +1428  * <ul>
    +1429  * <li>prvKeyObj - RSAKey or ECDSA object of private key</li>
    +1430  * <li>pubKeyObj - RSAKey or ECDSA object of public key</li>
    +1431  * </ul>
    +1432  * NOTE1: As for RSA algoirthm, public exponent has fixed
    +1433  * value '0x10001'.
    +1434  * NOTE2: As for EC algorithm, supported names of curve are
    +1435  * secp256r1, secp256k1 and secp384r1.
    +1436  * NOTE3: DSA is not supported yet.
    +1437  * @example
    +1438  * var rsaKeypair = KEYUTIL.generateKeypair("RSA", 1024);
    +1439  * var ecKeypair = KEYUTIL.generateKeypair("EC", "secp256r1");
    +1440  *
    +1441  */
    +1442 KEYUTIL.generateKeypair = function(alg, keylenOrCurve) {
    +1443     if (alg == "RSA") {
    +1444         var keylen = keylenOrCurve;
    +1445         var prvKey = new RSAKey();
    +1446         prvKey.generate(keylen, '10001');
    +1447         prvKey.isPrivate = true;
    +1448         prvKey.isPublic = true;
    +1449         
    +1450         var pubKey = new RSAKey();
    +1451         var hN = prvKey.n.toString(16);
    +1452         var hE = prvKey.e.toString(16);
    +1453         pubKey.setPublic(hN, hE);
    +1454         pubKey.isPrivate = false;
    +1455         pubKey.isPublic = true;
    +1456         
    +1457         var result = {};
    +1458         result.prvKeyObj = prvKey;
    +1459         result.pubKeyObj = pubKey;
    +1460         return result;
    +1461     } else if (alg == "EC") {
    +1462         var curve = keylenOrCurve;
    +1463         var ec = new KJUR.crypto.ECDSA({curve: curve});
    +1464         var keypairHex = ec.generateKeyPairHex();
     1465 
    -1466 		var pubKey = new KJUR.crypto.ECDSA({curve: curve});
    -1467 		pubKey.setPublicKeyHex(keypairHex.ecpubhex);
    -1468 		pubKey.isPrivate = false;
    -1469 		pubKey.isPublic = true;
    +1466         var prvKey = new KJUR.crypto.ECDSA({curve: curve});
    +1467         prvKey.setPrivateKeyHex(keypairHex.ecprvhex);
    +1468         prvKey.isPrivate = true;
    +1469         prvKey.isPublic = false;
     1470 
    -1471 		var result = {};
    -1472 		result.prvKeyObj = prvKey;
    -1473 		result.pubKeyObj = pubKey;
    -1474 		return result;
    -1475     } else {
    -1476 		throw "unknown algorithm: " + alg;
    -1477     }
    -1478 };
    -1479 
    -1480 /**
    -1481  * get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
    -1482  * @name getPEM
    -1483  * @memberOf KEYUTIL
    -1484  * @function
    -1485  * @static
    -1486  * @param {Object} keyObjOrHex key object {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.DSA} to encode to
    -1487  * @param {String} formatType (OPTION) output format type of "PKCS1PRV", "PKCS5PRV" or "PKCS8PRV" for private key
    -1488  * @param {String} passwd (OPTION) password to protect private key
    -1489  * @param {String} encAlg (OPTION) encryption algorithm for PKCS#5. currently supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
    -1490  * @since keyutil 1.0.4
    -1491  * @description
    -1492  * <dl>
    -1493  * <dt><b>NOTE1:</b>
    -1494  * <dd>
    -1495  * PKCS#5 encrypted private key protection algorithm supports DES-CBC, 
    -1496  * DES-EDE3-CBC and AES-{128,192,256}-CBC
    -1497  * <dt><b>NOTE2:</b>
    -1498  * <dd>
    -1499  * OpenSSL supports
    -1500  * </dl>
    -1501  * @example
    -1502  * KEUUTIL.getPEM(publicKey) => generates PEM PKCS#8 public key 
    -1503  * KEUUTIL.getPEM(privateKey, "PKCS1PRV") => generates PEM PKCS#1 plain private key
    -1504  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass") => generates PEM PKCS#5 encrypted private key 
    -1505  *                                                          with DES-EDE3-CBC (DEFAULT)
    -1506  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass", "DES-CBC") => generates PEM PKCS#5 encrypted 
    -1507  *                                                                 private key with DES-CBC
    -1508  * KEUUTIL.getPEM(privateKey, "PKCS8PRV") => generates PEM PKCS#8 plain private key
    -1509  * KEUUTIL.getPEM(privateKey, "PKCS8PRV", "pass") => generates PEM PKCS#8 encrypted private key
    -1510  *                                                      with PBKDF2_HmacSHA1_3DES
    -1511  */
    -1512 KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) {
    -1513     var ns1 = KJUR.asn1;
    -1514     var ns2 = KJUR.crypto;
    -1515 
    -1516     function _rsaprv2asn1obj(keyObjOrHex) {
    -1517 		var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    -1518 			"seq": [
    -1519 	            {"int": 0 },
    -1520 	            {"int": {"bigint": keyObjOrHex.n}},
    -1521 				{"int": keyObjOrHex.e},
    -1522 				{"int": {"bigint": keyObjOrHex.d}},
    -1523 				{"int": {"bigint": keyObjOrHex.p}},
    -1524 				{"int": {"bigint": keyObjOrHex.q}},
    -1525 				{"int": {"bigint": keyObjOrHex.dmp1}},
    -1526 				{"int": {"bigint": keyObjOrHex.dmq1}},
    -1527 				{"int": {"bigint": keyObjOrHex.coeff}}
    -1528 			]
    -1529 	    });
    -1530 		return asn1Obj;
    -1531     };
    -1532 
    -1533     function _ecdsaprv2asn1obj(keyObjOrHex) {
    -1534 		var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({
    -1535 			"seq": [
    -1536 	            {"int": 1 },
    -1537 	            {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
    -1538 	            {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]},
    -1539 	            {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]}
    -1540 			]
    -1541 	    });
    -1542 		return asn1Obj2;
    -1543     };
    -1544 
    -1545     function _dsaprv2asn1obj(keyObjOrHex) {
    -1546 		var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    -1547 			"seq": [
    -1548 	            {"int": 0 },
    -1549 	            {"int": {"bigint": keyObjOrHex.p}},
    -1550 	            {"int": {"bigint": keyObjOrHex.q}},
    -1551 	            {"int": {"bigint": keyObjOrHex.g}},
    -1552 	            {"int": {"bigint": keyObjOrHex.y}},
    -1553 	            {"int": {"bigint": keyObjOrHex.x}}
    -1554 			]
    -1555 	    });
    -1556 		return asn1Obj;
    -1557     };
    -1558 
    -1559     // 1. public key
    -1560 
    -1561     // x. PEM PKCS#8 public key of RSA/ECDSA/DSA public key object
    -1562     if (((typeof RSAKey != "undefined" && keyObjOrHex instanceof RSAKey) ||
    -1563 		 (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) ||
    -1564 		 (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) &&
    -1565 		keyObjOrHex.isPublic == true &&
    -1566 		(formatType === undefined || formatType == "PKCS8PUB")) {
    -1567 		var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex);
    -1568 		var asn1Hex = asn1Obj.getEncodedHex();
    -1569 		return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY");
    -1570     }
    -1571     
    -1572     // 2. private
    -1573 
    -1574     // x. PEM PKCS#1 plain private key of RSA private key object
    -1575     if (formatType == "PKCS1PRV" &&
    -1576 		typeof RSAKey != "undefined" &&
    -1577 		keyObjOrHex instanceof RSAKey &&
    -1578 		(passwd === undefined || passwd == null) &&
    -1579 		keyObjOrHex.isPrivate  == true) {
    -1580 
    -1581 		var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
    -1582         var asn1Hex = asn1Obj.getEncodedHex();
    -1583 		return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY");
    -1584     }
    +1471         var pubKey = new KJUR.crypto.ECDSA({curve: curve});
    +1472         pubKey.setPublicKeyHex(keypairHex.ecpubhex);
    +1473         pubKey.isPrivate = false;
    +1474         pubKey.isPublic = true;
    +1475 
    +1476         var result = {};
    +1477         result.prvKeyObj = prvKey;
    +1478         result.pubKeyObj = pubKey;
    +1479         return result;
    +1480     } else {
    +1481         throw "unknown algorithm: " + alg;
    +1482     }
    +1483 };
    +1484 
    +1485 /**
    +1486  * get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
    +1487  * @name getPEM
    +1488  * @memberOf KEYUTIL
    +1489  * @function
    +1490  * @static
    +1491  * @param {Object} keyObjOrHex key object {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.DSA} to encode to
    +1492  * @param {String} formatType (OPTION) output format type of "PKCS1PRV", "PKCS5PRV" or "PKCS8PRV" for private key
    +1493  * @param {String} passwd (OPTION) password to protect private key
    +1494  * @param {String} encAlg (OPTION) encryption algorithm for PKCS#5. currently supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
    +1495  * @since keyutil 1.0.4
    +1496  * @description
    +1497  * <dl>
    +1498  * <dt><b>NOTE1:</b>
    +1499  * <dd>
    +1500  * PKCS#5 encrypted private key protection algorithm supports DES-CBC, 
    +1501  * DES-EDE3-CBC and AES-{128,192,256}-CBC
    +1502  * <dt><b>NOTE2:</b>
    +1503  * <dd>
    +1504  * OpenSSL supports
    +1505  * </dl>
    +1506  * @example
    +1507  * KEUUTIL.getPEM(publicKey) => generates PEM PKCS#8 public key 
    +1508  * KEUUTIL.getPEM(privateKey, "PKCS1PRV") => generates PEM PKCS#1 plain private key
    +1509  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass") => generates PEM PKCS#5 encrypted private key 
    +1510  *                                                          with DES-EDE3-CBC (DEFAULT)
    +1511  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass", "DES-CBC") => generates PEM PKCS#5 encrypted 
    +1512  *                                                                 private key with DES-CBC
    +1513  * KEUUTIL.getPEM(privateKey, "PKCS8PRV") => generates PEM PKCS#8 plain private key
    +1514  * KEUUTIL.getPEM(privateKey, "PKCS8PRV", "pass") => generates PEM PKCS#8 encrypted private key
    +1515  *                                                      with PBKDF2_HmacSHA1_3DES
    +1516  */
    +1517 KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) {
    +1518     var ns1 = KJUR.asn1;
    +1519     var ns2 = KJUR.crypto;
    +1520 
    +1521     function _rsaprv2asn1obj(keyObjOrHex) {
    +1522         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    +1523             "seq": [
    +1524                 {"int": 0 },
    +1525                 {"int": {"bigint": keyObjOrHex.n}},
    +1526                 {"int": keyObjOrHex.e},
    +1527                 {"int": {"bigint": keyObjOrHex.d}},
    +1528                 {"int": {"bigint": keyObjOrHex.p}},
    +1529                 {"int": {"bigint": keyObjOrHex.q}},
    +1530                 {"int": {"bigint": keyObjOrHex.dmp1}},
    +1531                 {"int": {"bigint": keyObjOrHex.dmq1}},
    +1532                 {"int": {"bigint": keyObjOrHex.coeff}}
    +1533             ]
    +1534         });
    +1535         return asn1Obj;
    +1536     };
    +1537 
    +1538     function _ecdsaprv2asn1obj(keyObjOrHex) {
    +1539         var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({
    +1540             "seq": [
    +1541                 {"int": 1 },
    +1542                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
    +1543                 {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]},
    +1544                 {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]}
    +1545             ]
    +1546         });
    +1547         return asn1Obj2;
    +1548     };
    +1549 
    +1550     function _dsaprv2asn1obj(keyObjOrHex) {
    +1551         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    +1552             "seq": [
    +1553                 {"int": 0 },
    +1554                 {"int": {"bigint": keyObjOrHex.p}},
    +1555                 {"int": {"bigint": keyObjOrHex.q}},
    +1556                 {"int": {"bigint": keyObjOrHex.g}},
    +1557                 {"int": {"bigint": keyObjOrHex.y}},
    +1558                 {"int": {"bigint": keyObjOrHex.x}}
    +1559             ]
    +1560         });
    +1561         return asn1Obj;
    +1562     };
    +1563 
    +1564     // 1. public key
    +1565 
    +1566     // x. PEM PKCS#8 public key of RSA/ECDSA/DSA public key object
    +1567     if (((typeof RSAKey != "undefined" && keyObjOrHex instanceof RSAKey) ||
    +1568          (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) ||
    +1569          (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) &&
    +1570         keyObjOrHex.isPublic == true &&
    +1571         (formatType === undefined || formatType == "PKCS8PUB")) {
    +1572         var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex);
    +1573         var asn1Hex = asn1Obj.getEncodedHex();
    +1574         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY");
    +1575     }
    +1576     
    +1577     // 2. private
    +1578 
    +1579     // x. PEM PKCS#1 plain private key of RSA private key object
    +1580     if (formatType == "PKCS1PRV" &&
    +1581         typeof RSAKey != "undefined" &&
    +1582         keyObjOrHex instanceof RSAKey &&
    +1583         (passwd === undefined || passwd == null) &&
    +1584         keyObjOrHex.isPrivate  == true) {
     1585 
    -1586     // x. PEM PKCS#1 plain private key of ECDSA private key object
    -1587     if (formatType == "PKCS1PRV" &&
    -1588 		typeof RSAKey != "undefined" &&
    -1589 		keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    -1590 		(passwd === undefined || passwd == null) &&
    -1591 		keyObjOrHex.isPrivate  == true) {
    -1592 
    -1593 		var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName});
    -1594 		var asn1Hex1 = asn1Obj1.getEncodedHex();
    -1595 		var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex);
    -1596         var asn1Hex2 = asn1Obj2.getEncodedHex();
    +1586         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
    +1587         var asn1Hex = asn1Obj.getEncodedHex();
    +1588         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY");
    +1589     }
    +1590 
    +1591     // x. PEM PKCS#1 plain private key of ECDSA private key object
    +1592     if (formatType == "PKCS1PRV" &&
    +1593         typeof RSAKey != "undefined" &&
    +1594         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    +1595         (passwd === undefined || passwd == null) &&
    +1596         keyObjOrHex.isPrivate  == true) {
     1597 
    -1598 		var s = "";
    -1599 		s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS");
    -1600 		s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY");
    -1601 		return s;
    -1602     }
    -1603 
    -1604     // x. PEM PKCS#1 plain private key of DSA private key object
    -1605     if (formatType == "PKCS1PRV" &&
    -1606 		typeof KJUR.crypto.DSA != "undefined" &&
    -1607 		keyObjOrHex instanceof KJUR.crypto.DSA &&
    -1608 		(passwd === undefined || passwd == null) &&
    -1609 		keyObjOrHex.isPrivate  == true) {
    -1610 
    -1611 		var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
    -1612         var asn1Hex = asn1Obj.getEncodedHex();
    -1613 		return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY");
    -1614     }
    +1598         var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName});
    +1599         var asn1Hex1 = asn1Obj1.getEncodedHex();
    +1600         var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex);
    +1601         var asn1Hex2 = asn1Obj2.getEncodedHex();
    +1602 
    +1603         var s = "";
    +1604         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS");
    +1605         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY");
    +1606         return s;
    +1607     }
    +1608 
    +1609     // x. PEM PKCS#1 plain private key of DSA private key object
    +1610     if (formatType == "PKCS1PRV" &&
    +1611         typeof KJUR.crypto.DSA != "undefined" &&
    +1612         keyObjOrHex instanceof KJUR.crypto.DSA &&
    +1613         (passwd === undefined || passwd == null) &&
    +1614         keyObjOrHex.isPrivate  == true) {
     1615 
    -1616     // 3. private
    -1617 
    -1618     // x. PEM PKCS#5 encrypted private key of RSA private key object
    -1619     if (formatType == "PKCS5PRV" &&
    -1620 		typeof RSAKey != "undefined" &&
    -1621 		keyObjOrHex instanceof RSAKey &&
    -1622 		(passwd !== undefined && passwd != null) &&
    -1623 		keyObjOrHex.isPrivate  == true) {
    -1624 
    -1625 		var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
    -1626         var asn1Hex = asn1Obj.getEncodedHex();
    -1627 
    -1628 		if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    -1629 		return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg);
    -1630     }
    -1631 
    -1632     // x. PEM PKCS#5 encrypted private key of ECDSA private key object
    -1633     if (formatType == "PKCS5PRV" &&
    -1634 		typeof KJUR.crypto.ECDSA != "undefined" &&
    -1635 		keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    -1636 		(passwd !== undefined && passwd != null) &&
    -1637 		keyObjOrHex.isPrivate  == true) {
    -1638 
    -1639 		var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex);
    -1640         var asn1Hex = asn1Obj.getEncodedHex();
    -1641 
    -1642 		if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    -1643 		return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg);
    -1644     }
    -1645 
    -1646     // x. PEM PKCS#5 encrypted private key of DSA private key object
    -1647     if (formatType == "PKCS5PRV" &&
    -1648 		typeof KJUR.crypto.DSA != "undefined" &&
    -1649 		keyObjOrHex instanceof KJUR.crypto.DSA &&
    -1650 		(passwd !== undefined && passwd != null) &&
    -1651 		keyObjOrHex.isPrivate  == true) {
    -1652 
    -1653 		var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
    -1654         var asn1Hex = asn1Obj.getEncodedHex();
    -1655 
    -1656 		if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    -1657 		return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg);
    -1658     }
    -1659 
    -1660     // x. ======================================================================
    -1661 
    -1662     var _getEncryptedPKCS8 = function(plainKeyHex, passcode) {
    -1663 		var info = _getEencryptedPKCS8Info(plainKeyHex, passcode);
    -1664 		//alert("iv=" + info.encryptionSchemeIV);
    -1665 		//alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext);
    -1666 		var asn1Obj = new KJUR.asn1.ASN1Util.newObject({
    -1667 			"seq": [
    -1668      	        {"seq": [
    -1669 	                {"oid": {"name": "pkcs5PBES2"}},
    -1670 	                {"seq": [
    -1671 	                    {"seq": [
    -1672 	                        {"oid": {"name": "pkcs5PBKDF2"}},
    -1673 	                        {"seq": [
    -1674 	                            {"octstr": {"hex": info.pbkdf2Salt}},
    -1675 	                            {"int": info.pbkdf2Iter}
    -1676 							]}
    -1677 						]},
    -1678 	                    {"seq": [
    -1679 	                        {"oid": {"name": "des-EDE3-CBC"}},
    -1680 	                        {"octstr": {"hex": info.encryptionSchemeIV}}
    -1681 						]}
    -1682 					]}
    -1683 			    ]},
    -1684 	            {"octstr": {"hex": info.ciphertext}}
    -1685 			]
    -1686 	    });
    -1687 		return asn1Obj.getEncodedHex();
    -1688     };
    -1689 
    -1690     var _getEencryptedPKCS8Info = function(plainKeyHex, passcode) {
    -1691 		var pbkdf2Iter = 100;
    -1692 		var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8);
    -1693 		var encryptionSchemeAlg = "DES-EDE3-CBC";
    -1694 		var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8);
    -1695 		// PBKDF2 key
    -1696 		var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
    -1697 										  pbkdf2SaltWS, { "keySize": 192/32,
    -1698 														  "iterations": pbkdf2Iter });
    -1699 		// ENCRYPT
    -1700 		var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex);
    -1701 		var encryptedKeyHex = 
    -1702 			CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + "";
    -1703 
    -1704 		//alert("encryptedKeyHex=" + encryptedKeyHex);
    -1705 
    -1706 		var info = {};
    -1707 		info.ciphertext = encryptedKeyHex;
    -1708 		//alert("info.ciphertext=" + info.ciphertext);
    -1709 		info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS);
    -1710 		info.pbkdf2Iter = pbkdf2Iter;
    -1711 		info.encryptionSchemeAlg = encryptionSchemeAlg;
    -1712 		info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS);
    -1713 		return info;
    -1714     };
    -1715 
    -1716     // x. PEM PKCS#8 plain private key of RSA private key object
    -1717     if (formatType == "PKCS8PRV" &&
    -1718 		typeof RSAKey != "undefined" &&
    -1719 		keyObjOrHex instanceof RSAKey &&
    -1720 		keyObjOrHex.isPrivate  == true) {
    -1721 
    -1722 		var keyObj = _rsaprv2asn1obj(keyObjOrHex);
    -1723         var keyHex = keyObj.getEncodedHex();
    -1724 
    -1725 		var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    -1726 			"seq": [
    -1727 	            {"int": 0},
    -1728 	            {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]},
    -1729 				{"octstr": {"hex": keyHex}}
    -1730 			]
    -1731 	    });
    -1732 		var asn1Hex = asn1Obj.getEncodedHex();
    -1733 
    -1734 		if (passwd === undefined || passwd == null) {
    -1735 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    -1736 		} else {
    -1737 			var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    -1738 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    -1739 		}
    -1740     }
    -1741 
    -1742     // x. PEM PKCS#8 plain private key of ECDSA private key object
    -1743     if (formatType == "PKCS8PRV" &&
    -1744 		typeof KJUR.crypto.ECDSA != "undefined" &&
    -1745 		keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    -1746 		keyObjOrHex.isPrivate  == true) {
    -1747 
    -1748 		var keyObj = new KJUR.asn1.ASN1Util.newObject({
    -1749 			"seq": [
    -1750 	            {"int": 1},
    -1751 	            {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
    -1752 	            {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]}
    -1753 			]
    -1754 	    });
    -1755         var keyHex = keyObj.getEncodedHex();
    -1756 
    -1757 		var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    -1758 			"seq": [
    -1759 	            {"int": 0},
    -1760 	            {"seq": [
    -1761 	                {"oid": {"name": "ecPublicKey"}},
    -1762 	                {"oid": {"name": keyObjOrHex.curveName}}
    -1763 			    ]},
    -1764 	            {"octstr": {"hex": keyHex}}
    -1765 			]
    -1766 	    });
    -1767 
    -1768 		var asn1Hex = asn1Obj.getEncodedHex();
    -1769 		if (passwd === undefined || passwd == null) {
    -1770 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    -1771 		} else {
    -1772 			var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    -1773 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    -1774 		}
    -1775     }
    -1776 
    -1777     // x. PEM PKCS#8 plain private key of DSA private key object
    -1778     if (formatType == "PKCS8PRV" &&
    -1779 		typeof KJUR.crypto.DSA != "undefined" &&
    -1780 		keyObjOrHex instanceof KJUR.crypto.DSA &&
    -1781 		keyObjOrHex.isPrivate  == true) {
    -1782 
    -1783 		var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x});
    -1784         var keyHex = keyObj.getEncodedHex();
    -1785 
    -1786 		var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    -1787 			"seq": [
    -1788 	            {"int": 0},
    -1789 	            {"seq": [
    -1790 	                {"oid": {"name": "dsa"}},
    -1791 	                {"seq": [
    -1792 	                    {"int": {"bigint": keyObjOrHex.p}},
    -1793 	                    {"int": {"bigint": keyObjOrHex.q}},
    -1794 	                    {"int": {"bigint": keyObjOrHex.g}}
    -1795 					]}
    -1796 			    ]},
    -1797 	            {"octstr": {"hex": keyHex}}
    -1798 			]
    -1799 	    });
    -1800 
    -1801 		var asn1Hex = asn1Obj.getEncodedHex();
    -1802 		if (passwd === undefined || passwd == null) {
    -1803 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    -1804 		} else {
    -1805 			var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    -1806 			return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    -1807 		}
    -1808     }
    -1809 
    -1810     throw "unsupported object nor format";
    -1811 };
    -1812 
    -1813 // -- PUBLIC METHODS FOR CSR -------------------------------------------------------
    +1616         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
    +1617         var asn1Hex = asn1Obj.getEncodedHex();
    +1618         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY");
    +1619     }
    +1620 
    +1621     // 3. private
    +1622 
    +1623     // x. PEM PKCS#5 encrypted private key of RSA private key object
    +1624     if (formatType == "PKCS5PRV" &&
    +1625         typeof RSAKey != "undefined" &&
    +1626         keyObjOrHex instanceof RSAKey &&
    +1627         (passwd !== undefined && passwd != null) &&
    +1628         keyObjOrHex.isPrivate  == true) {
    +1629 
    +1630         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
    +1631         var asn1Hex = asn1Obj.getEncodedHex();
    +1632 
    +1633         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    +1634         return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg);
    +1635     }
    +1636 
    +1637     // x. PEM PKCS#5 encrypted private key of ECDSA private key object
    +1638     if (formatType == "PKCS5PRV" &&
    +1639         typeof KJUR.crypto.ECDSA != "undefined" &&
    +1640         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    +1641         (passwd !== undefined && passwd != null) &&
    +1642         keyObjOrHex.isPrivate  == true) {
    +1643 
    +1644         var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex);
    +1645         var asn1Hex = asn1Obj.getEncodedHex();
    +1646 
    +1647         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    +1648         return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg);
    +1649     }
    +1650 
    +1651     // x. PEM PKCS#5 encrypted private key of DSA private key object
    +1652     if (formatType == "PKCS5PRV" &&
    +1653         typeof KJUR.crypto.DSA != "undefined" &&
    +1654         keyObjOrHex instanceof KJUR.crypto.DSA &&
    +1655         (passwd !== undefined && passwd != null) &&
    +1656         keyObjOrHex.isPrivate  == true) {
    +1657 
    +1658         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
    +1659         var asn1Hex = asn1Obj.getEncodedHex();
    +1660 
    +1661         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
    +1662         return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg);
    +1663     }
    +1664 
    +1665     // x. ======================================================================
    +1666 
    +1667     var _getEncryptedPKCS8 = function(plainKeyHex, passcode) {
    +1668         var info = _getEencryptedPKCS8Info(plainKeyHex, passcode);
    +1669         //alert("iv=" + info.encryptionSchemeIV);
    +1670         //alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext);
    +1671         var asn1Obj = new KJUR.asn1.ASN1Util.newObject({
    +1672             "seq": [
    +1673                 {"seq": [
    +1674                     {"oid": {"name": "pkcs5PBES2"}},
    +1675                     {"seq": [
    +1676                         {"seq": [
    +1677                             {"oid": {"name": "pkcs5PBKDF2"}},
    +1678                             {"seq": [
    +1679                                 {"octstr": {"hex": info.pbkdf2Salt}},
    +1680                                 {"int": info.pbkdf2Iter}
    +1681                             ]}
    +1682                         ]},
    +1683                         {"seq": [
    +1684                             {"oid": {"name": "des-EDE3-CBC"}},
    +1685                             {"octstr": {"hex": info.encryptionSchemeIV}}
    +1686                         ]}
    +1687                     ]}
    +1688                 ]},
    +1689                 {"octstr": {"hex": info.ciphertext}}
    +1690             ]
    +1691         });
    +1692         return asn1Obj.getEncodedHex();
    +1693     };
    +1694 
    +1695     var _getEencryptedPKCS8Info = function(plainKeyHex, passcode) {
    +1696         var pbkdf2Iter = 100;
    +1697         var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8);
    +1698         var encryptionSchemeAlg = "DES-EDE3-CBC";
    +1699         var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8);
    +1700         // PBKDF2 key
    +1701         var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
    +1702                                           pbkdf2SaltWS, { "keySize": 192/32,
    +1703                                                           "iterations": pbkdf2Iter });
    +1704         // ENCRYPT
    +1705         var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex);
    +1706         var encryptedKeyHex = 
    +1707             CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + "";
    +1708 
    +1709         //alert("encryptedKeyHex=" + encryptedKeyHex);
    +1710 
    +1711         var info = {};
    +1712         info.ciphertext = encryptedKeyHex;
    +1713         //alert("info.ciphertext=" + info.ciphertext);
    +1714         info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS);
    +1715         info.pbkdf2Iter = pbkdf2Iter;
    +1716         info.encryptionSchemeAlg = encryptionSchemeAlg;
    +1717         info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS);
    +1718         return info;
    +1719     };
    +1720 
    +1721     // x. PEM PKCS#8 plain private key of RSA private key object
    +1722     if (formatType == "PKCS8PRV" &&
    +1723         typeof RSAKey != "undefined" &&
    +1724         keyObjOrHex instanceof RSAKey &&
    +1725         keyObjOrHex.isPrivate  == true) {
    +1726 
    +1727         var keyObj = _rsaprv2asn1obj(keyObjOrHex);
    +1728         var keyHex = keyObj.getEncodedHex();
    +1729 
    +1730         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    +1731             "seq": [
    +1732                 {"int": 0},
    +1733                 {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]},
    +1734                 {"octstr": {"hex": keyHex}}
    +1735             ]
    +1736         });
    +1737         var asn1Hex = asn1Obj.getEncodedHex();
    +1738 
    +1739         if (passwd === undefined || passwd == null) {
    +1740             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    +1741         } else {
    +1742             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    +1743             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    +1744         }
    +1745     }
    +1746 
    +1747     // x. PEM PKCS#8 plain private key of ECDSA private key object
    +1748     if (formatType == "PKCS8PRV" &&
    +1749         typeof KJUR.crypto.ECDSA != "undefined" &&
    +1750         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
    +1751         keyObjOrHex.isPrivate  == true) {
    +1752 
    +1753         var keyObj = new KJUR.asn1.ASN1Util.newObject({
    +1754             "seq": [
    +1755                 {"int": 1},
    +1756                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
    +1757                 {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]}
    +1758             ]
    +1759         });
    +1760         var keyHex = keyObj.getEncodedHex();
    +1761 
    +1762         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    +1763             "seq": [
    +1764                 {"int": 0},
    +1765                 {"seq": [
    +1766                     {"oid": {"name": "ecPublicKey"}},
    +1767                     {"oid": {"name": keyObjOrHex.curveName}}
    +1768                 ]},
    +1769                 {"octstr": {"hex": keyHex}}
    +1770             ]
    +1771         });
    +1772 
    +1773         var asn1Hex = asn1Obj.getEncodedHex();
    +1774         if (passwd === undefined || passwd == null) {
    +1775             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    +1776         } else {
    +1777             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    +1778             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    +1779         }
    +1780     }
    +1781 
    +1782     // x. PEM PKCS#8 plain private key of DSA private key object
    +1783     if (formatType == "PKCS8PRV" &&
    +1784         typeof KJUR.crypto.DSA != "undefined" &&
    +1785         keyObjOrHex instanceof KJUR.crypto.DSA &&
    +1786         keyObjOrHex.isPrivate  == true) {
    +1787 
    +1788         var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x});
    +1789         var keyHex = keyObj.getEncodedHex();
    +1790 
    +1791         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
    +1792             "seq": [
    +1793                 {"int": 0},
    +1794                 {"seq": [
    +1795                     {"oid": {"name": "dsa"}},
    +1796                     {"seq": [
    +1797                         {"int": {"bigint": keyObjOrHex.p}},
    +1798                         {"int": {"bigint": keyObjOrHex.q}},
    +1799                         {"int": {"bigint": keyObjOrHex.g}}
    +1800                     ]}
    +1801                 ]},
    +1802                 {"octstr": {"hex": keyHex}}
    +1803             ]
    +1804         });
    +1805 
    +1806         var asn1Hex = asn1Obj.getEncodedHex();
    +1807         if (passwd === undefined || passwd == null) {
    +1808             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
    +1809         } else {
    +1810             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
    +1811             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
    +1812         }
    +1813     }
     1814 
    -1815 /**
    -1816  * get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
    -1817  * @name getKeyFromCSRPEM
    -1818  * @memberOf KEYUTIL
    -1819  * @function
    -1820  * @param {String} csrPEM PEM formatted PKCS#10 CSR string
    -1821  * @return {Object} RSAKey/DSA/ECDSA public key object
    -1822  * @since keyutil 1.0.5
    -1823  */
    -1824 KEYUTIL.getKeyFromCSRPEM = function(csrPEM) {
    -1825 	var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST");
    -1826 	var key = KEYUTIL.getKeyFromCSRHex(csrHex);
    -1827 	return key;
    -1828 };
    -1829 
    -1830 /**
    -1831  * get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
    -1832  * @name getKeyFromCSRHex
    -1833  * @memberOf KEYUTIL
    -1834  * @function
    -1835  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
    -1836  * @return {Object} RSAKey/DSA/ECDSA public key object
    -1837  * @since keyutil 1.0.5
    -1838  */
    -1839 KEYUTIL.getKeyFromCSRHex = function(csrHex) {
    -1840 	var info = KEYUTIL.parseCSRHex(csrHex);
    -1841 	var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub");
    -1842 	return key;
    -1843 };
    -1844 
    -1845 /**
    -1846  * parse hexadecimal string of PKCS#10 CSR (certificate signing request)
    -1847  * @name parseCSRHex
    -1848  * @memberOf KEYUTIL
    -1849  * @function
    -1850  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
    -1851  * @return {Array} associative array of parsed CSR
    -1852  * @since keyutil 1.0.5
    -1853  * @description
    -1854  * Resulted associative array has following properties:
    -1855  * <ul>
    -1856  * <li>p8pubkeyhex - hexadecimal string of subject public key in PKCS#8</li>
    -1857  * </ul>
    -1858  */
    -1859 KEYUTIL.parseCSRHex = function(csrHex) {
    -1860     var result = {};
    -1861     var h = csrHex;
    -1862 
    -1863     // 1. sequence
    -1864     if (h.substr(0, 2) != "30")
    -1865         throw "malformed CSR(code:001)"; // not sequence
    -1866 
    -1867     var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(h, 0);
    -1868     if (a1.length < 1)
    -1869         throw "malformed CSR(code:002)"; // short length
    -1870 
    -1871     // 2. 2nd sequence
    -1872     if (h.substr(a1[0], 2) != "30")
    -1873         throw "malformed CSR(code:003)"; // not sequence
    -1874 
    -1875     var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(h, a1[0]);
    -1876     if (a2.length < 3)
    -1877         throw "malformed CSR(code:004)"; // 2nd seq short elem
    -1878 
    -1879     result.p8pubkeyhex = ASN1HEX.getHexOfTLV_AtObj(h, a2[2]);
    -1880 
    -1881     return result;
    -1882 };
    +1815     throw "unsupported object nor format";
    +1816 };
    +1817 
    +1818 // -- PUBLIC METHODS FOR CSR -------------------------------------------------------
    +1819 
    +1820 /**
    +1821  * get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
    +1822  * @name getKeyFromCSRPEM
    +1823  * @memberOf KEYUTIL
    +1824  * @function
    +1825  * @param {String} csrPEM PEM formatted PKCS#10 CSR string
    +1826  * @return {Object} RSAKey/DSA/ECDSA public key object
    +1827  * @since keyutil 1.0.5
    +1828  */
    +1829 KEYUTIL.getKeyFromCSRPEM = function(csrPEM) {
    +1830     var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST");
    +1831     var key = KEYUTIL.getKeyFromCSRHex(csrHex);
    +1832     return key;
    +1833 };
    +1834 
    +1835 /**
    +1836  * get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
    +1837  * @name getKeyFromCSRHex
    +1838  * @memberOf KEYUTIL
    +1839  * @function
    +1840  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
    +1841  * @return {Object} RSAKey/DSA/ECDSA public key object
    +1842  * @since keyutil 1.0.5
    +1843  */
    +1844 KEYUTIL.getKeyFromCSRHex = function(csrHex) {
    +1845     var info = KEYUTIL.parseCSRHex(csrHex);
    +1846     var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub");
    +1847     return key;
    +1848 };
    +1849 
    +1850 /**
    +1851  * parse hexadecimal string of PKCS#10 CSR (certificate signing request)
    +1852  * @name parseCSRHex
    +1853  * @memberOf KEYUTIL
    +1854  * @function
    +1855  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
    +1856  * @return {Array} associative array of parsed CSR
    +1857  * @since keyutil 1.0.5
    +1858  * @description
    +1859  * Resulted associative array has following properties:
    +1860  * <ul>
    +1861  * <li>p8pubkeyhex - hexadecimal string of subject public key in PKCS#8</li>
    +1862  * </ul>
    +1863  */
    +1864 KEYUTIL.parseCSRHex = function(csrHex) {
    +1865     var result = {};
    +1866     var h = csrHex;
    +1867 
    +1868     // 1. sequence
    +1869     if (h.substr(0, 2) != "30")
    +1870         throw "malformed CSR(code:001)"; // not sequence
    +1871 
    +1872     var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(h, 0);
    +1873     if (a1.length < 1)
    +1874         throw "malformed CSR(code:002)"; // short length
    +1875 
    +1876     // 2. 2nd sequence
    +1877     if (h.substr(a1[0], 2) != "30")
    +1878         throw "malformed CSR(code:003)"; // not sequence
    +1879 
    +1880     var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(h, a1[0]);
    +1881     if (a2.length < 3)
    +1882         throw "malformed CSR(code:004)"; // 2nd seq short elem
     1883 
    -1884 
    -1885 
    \ No newline at end of file +1884
    result.p8pubkeyhex = ASN1HEX.getHexOfTLV_AtObj(h, a2[2]); +1885 +1886 return result; +1887 }; +1888
    \ No newline at end of file diff --git a/api/symbols/src/x509-1.1.js.html b/api/symbols/src/x509-1.1.js.html index 4b69b7b4..58993b17 100755 --- a/api/symbols/src/x509-1.1.js.html +++ b/api/symbols/src/x509-1.1.js.html @@ -5,12 +5,12 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} -
      1 /*! x509-1.1.2.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license
    +	
      1 /*! x509-1.1.3.js (c) 2012-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
       2  */
       3 /* 
       4  * x509.js - X509 class to read subject public key from certificate.
       5  *
    -  6  * Copyright (c) 2010-2013 Kenji Urushima (kenji.urushima@gmail.com)
    +  6  * Copyright (c) 2010-2014 Kenji Urushima (kenji.urushima@gmail.com)
       7  *
       8  * This software is licensed under the terms of the MIT License.
       9  * http://kjur.github.com/jsrsasign/license
    @@ -23,7 +23,7 @@
      16  * @fileOverview
      17  * @name x509-1.1.js
      18  * @author Kenji Urushima kenji.urushima@gmail.com
    - 19  * @version x509 1.1.2 (2013-Oct-06)
    + 19  * @version x509 1.1.3 (2014-May-17)
      20  * @since jsrsasign 1.x.x
      21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
      22  */
    @@ -61,17 +61,17 @@
      54      * @function
      55      */
      56     this.getSerialNumberHex = function() {
    - 57 	return ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 1]);
    + 57         return ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 1]);
      58     };
      59 
      60     /**
    - 61      * get hexadecimal string of issuer field of certificate.<br/>
    + 61      * get hexadecimal string of issuer field TLV of certificate.<br/>
      62      * @name getIssuerHex
      63      * @memberOf X509#
      64      * @function
      65      */
      66     this.getIssuerHex = function() {
    - 67 	return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]);
    + 67         return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]);
      68     };
      69 
      70     /**
    @@ -81,7 +81,7 @@
      74      * @function
      75      */
      76     this.getIssuerString = function() {
    - 77 	return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]));
    + 77         return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]));
      78     };
      79 
      80     /**
    @@ -91,7 +91,7 @@
      84      * @function
      85      */
      86     this.getSubjectHex = function() {
    - 87 	return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]);
    + 87         return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]);
      88     };
      89 
      90     /**
    @@ -101,7 +101,7 @@
      94      * @function
      95      */
      96     this.getSubjectString = function() {
    - 97 	return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]));
    + 97         return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]));
      98     };
      99 
     100     /**
    @@ -111,10 +111,10 @@
     104      * @function
     105      */
     106     this.getNotBefore = function() {
    -107 	var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 0]);
    -108 	s = s.replace(/(..)/g, "%$1");
    -109 	s = decodeURIComponent(s);
    -110 	return s;
    +107         var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 0]);
    +108         s = s.replace(/(..)/g, "%$1");
    +109         s = decodeURIComponent(s);
    +110         return s;
     111     };
     112 
     113     /**
    @@ -124,10 +124,10 @@
     117      * @function
     118      */
     119     this.getNotAfter = function() {
    -120 	var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 1]);
    -121 	s = s.replace(/(..)/g, "%$1");
    -122 	s = decodeURIComponent(s);
    -123 	return s;
    +120         var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 1]);
    +121         s = s.replace(/(..)/g, "%$1");
    +122         s = decodeURIComponent(s);
    +123         return s;
     124     };
     125 
     126     // ===== read certificate public key ==========================
    @@ -141,23 +141,23 @@
     134      * @param {String} sCertPEM string for PEM formatted X.509 certificate
     135      */
     136     this.readCertPEM = function(sCertPEM) {
    -137 	var hCert = X509.pemToHex(sCertPEM);
    -138 	var a = X509.getPublicKeyHexArrayFromCertHex(hCert);
    -139 	var rsa = new RSAKey();
    -140 	rsa.setPublic(a[0], a[1]);
    -141 	this.subjectPublicKeyRSA = rsa;
    -142 	this.subjectPublicKeyRSA_hN = a[0];
    -143 	this.subjectPublicKeyRSA_hE = a[1];
    -144 	this.hex = hCert;
    +137         var hCert = X509.pemToHex(sCertPEM);
    +138         var a = X509.getPublicKeyHexArrayFromCertHex(hCert);
    +139         var rsa = new RSAKey();
    +140         rsa.setPublic(a[0], a[1]);
    +141         this.subjectPublicKeyRSA = rsa;
    +142         this.subjectPublicKeyRSA_hN = a[0];
    +143         this.subjectPublicKeyRSA_hE = a[1];
    +144         this.hex = hCert;
     145     };
     146 
     147     this.readCertPEMWithoutRSAInit = function(sCertPEM) {
    -148 	var hCert = X509.pemToHex(sCertPEM);
    -149 	var a = X509.getPublicKeyHexArrayFromCertHex(hCert);
    -150 	this.subjectPublicKeyRSA.setPublic(a[0], a[1]);
    -151 	this.subjectPublicKeyRSA_hN = a[0];
    -152 	this.subjectPublicKeyRSA_hE = a[1];
    -153 	this.hex = hCert;
    +148         var hCert = X509.pemToHex(sCertPEM);
    +149         var a = X509.getPublicKeyHexArrayFromCertHex(hCert);
    +150         this.subjectPublicKeyRSA.setPublic(a[0], a[1]);
    +151         this.subjectPublicKeyRSA_hN = a[0];
    +152         this.subjectPublicKeyRSA_hE = a[1];
    +153         this.hex = hCert;
     154     };
     155 };
     156 
    @@ -196,11 +196,11 @@
     189     var a = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, pTbsCert); 
     190     if (a.length < 1) return -1;
     191     if (hCert.substring(a[0], a[0] + 10) == "a003020102") { // v3
    -192 	if (a.length < 6) return -1;
    -193 	return a[6];
    +192         if (a.length < 6) return -1;
    +193         return a[6];
     194     } else {
    -195 	if (a.length < 5) return -1;
    -196 	return a[5];
    +195         if (a.length < 5) return -1;
    +196         return a[5];
     197     }
     198 };
     199 
    @@ -211,9 +211,9 @@
     204     var hN = ASN1HEX.getHexOfV_AtObj(hCert, a[0]);
     205     var hE = ASN1HEX.getHexOfV_AtObj(hCert, a[1]);
     206     if (hN != null && hE != null) {
    -207 	return [hN, hE];
    +207         return [hN, hE];
     208     } else {
    -209 	return [];
    +209         return [];
     210     }
     211 };
     212 
    @@ -232,8 +232,8 @@
     225     var s = "";
     226     var a = ASN1HEX.getPosArrayOfChildren_AtObj(hDN, 0);
     227     for (var i = 0; i < a.length; i++) {
    -228 	var hRDN = ASN1HEX.getHexOfTLV_AtObj(hDN, a[i]);
    -229 	s = s + "/" + X509.hex2rdn(hRDN);
    +228         var hRDN = ASN1HEX.getHexOfTLV_AtObj(hDN, a[i]);
    +229         s = s + "/" + X509.hex2rdn(hRDN);
     230     }
     231     return s;
     232 };
    @@ -273,29 +273,29 @@
     266     var info = X509.getPublicKeyInfoPropOfCertPEM(sCertPEM);
     267 
     268     if (info.algoid == "2a864886f70d010101") { // RSA
    -269 	var aRSA = KEYUTIL.parsePublicRawRSAKeyHex(info.keyhex);
    -270 	var key = new RSAKey();
    -271 	key.setPublic(aRSA.n, aRSA.e);
    -272 	return key;
    +269         var aRSA = KEYUTIL.parsePublicRawRSAKeyHex(info.keyhex);
    +270         var key = new RSAKey();
    +271         key.setPublic(aRSA.n, aRSA.e);
    +272         return key;
     273     } else if (info.algoid == "2a8648ce3d0201") { // ECC
    -274 	var curveName = KJUR.crypto.OID.oidhex2name[info.algparam];
    -275 	var key = new KJUR.crypto.ECDSA({'curve': curveName, 'info': info.keyhex});
    +274         var curveName = KJUR.crypto.OID.oidhex2name[info.algparam];
    +275         var key = new KJUR.crypto.ECDSA({'curve': curveName, 'info': info.keyhex});
     276         key.setPublicKeyHex(info.keyhex);
    -277 	return key;
    +277         return key;
     278     } else if (info.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1
    -279 	var p = ASN1HEX.getVbyList(info.algparam, 0, [0], "02");
    -280 	var q = ASN1HEX.getVbyList(info.algparam, 0, [1], "02");
    -281 	var g = ASN1HEX.getVbyList(info.algparam, 0, [2], "02");
    -282 	var y = ASN1HEX.getHexOfV_AtObj(info.keyhex, 0);
    -283 	y = y.substr(2);
    -284 	var key = new KJUR.crypto.DSA();
    -285 	key.setPublic(new BigInteger(p, 16),
    -286 		      new BigInteger(q, 16),
    -287 		      new BigInteger(g, 16),
    -288 		      new BigInteger(y, 16));
    -289 	return key;
    +279         var p = ASN1HEX.getVbyList(info.algparam, 0, [0], "02");
    +280         var q = ASN1HEX.getVbyList(info.algparam, 0, [1], "02");
    +281         var g = ASN1HEX.getVbyList(info.algparam, 0, [2], "02");
    +282         var y = ASN1HEX.getHexOfV_AtObj(info.keyhex, 0);
    +283         y = y.substr(2);
    +284         var key = new KJUR.crypto.DSA();
    +285         key.setPublic(new BigInteger(p, 16),
    +286                       new BigInteger(q, 16),
    +287                       new BigInteger(g, 16),
    +288                       new BigInteger(y, 16));
    +289         return key;
     290     } else {
    -291 	throw "unsupported key";
    +291         throw "unsupported key";
     292     }
     293 };
     294 
    @@ -324,40 +324,40 @@
     317     // 1. Certificate ASN.1
     318     var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, 0); 
     319     if (a1.length != 3)
    -320 	throw "malformed X.509 certificate PEM (code:001)"; // not 3 item of seq Cert
    +320         throw "malformed X.509 certificate PEM (code:001)"; // not 3 item of seq Cert
     321 
     322     // 2. tbsCertificate
     323     if (hCert.substr(a1[0], 2) != "30")
    -324 	throw "malformed X.509 certificate PEM (code:002)"; // tbsCert not seq 
    +324         throw "malformed X.509 certificate PEM (code:002)"; // tbsCert not seq 
     325 
     326     var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a1[0]); 
     327 
     328     // 3. subjectPublicKeyInfo
     329     if (a2.length < 7)
    -330 	throw "malformed X.509 certificate PEM (code:003)"; // no subjPubKeyInfo
    +330         throw "malformed X.509 certificate PEM (code:003)"; // no subjPubKeyInfo
     331 
     332     var a3 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a2[6]); 
     333 
     334     if (a3.length != 2)
    -335 	throw "malformed X.509 certificate PEM (code:004)"; // not AlgId and PubKey
    +335         throw "malformed X.509 certificate PEM (code:004)"; // not AlgId and PubKey
     336 
     337     // 4. AlgId
     338     var a4 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a3[0]); 
     339 
     340     if (a4.length != 2)
    -341 	throw "malformed X.509 certificate PEM (code:005)"; // not 2 item in AlgId
    +341         throw "malformed X.509 certificate PEM (code:005)"; // not 2 item in AlgId
     342 
     343     result.algoid = ASN1HEX.getHexOfV_AtObj(hCert, a4[0]);
     344 
     345     if (hCert.substr(a4[1], 2) == "06") { // EC
    -346 	result.algparam = ASN1HEX.getHexOfV_AtObj(hCert, a4[1]);
    +346         result.algparam = ASN1HEX.getHexOfV_AtObj(hCert, a4[1]);
     347     } else if (hCert.substr(a4[1], 2) == "30") { // DSA
    -348 	result.algparam = ASN1HEX.getHexOfTLV_AtObj(hCert, a4[1]);
    +348         result.algparam = ASN1HEX.getHexOfTLV_AtObj(hCert, a4[1]);
     349     }
     350 
     351     // 5. Public Key Hex
     352     if (hCert.substr(a3[1], 02) != "03")
    -353 	throw "malformed X.509 certificate PEM (code:006)"; // not bitstring
    +353         throw "malformed X.509 certificate PEM (code:006)"; // not bitstring
     354 
     355     var unusedBitAndKeyHex = ASN1HEX.getHexOfV_AtObj(hCert, a3[1]);
     356     result.keyhex = unusedBitAndKeyHex.substr(2);
    @@ -366,14 +366,14 @@
     359 };
     360 
     361 /*
    -362 X509.prototype.readCertPEM = _x509_readCertPEM;
    -363 X509.prototype.readCertPEMWithoutRSAInit = _x509_readCertPEMWithoutRSAInit;
    -364 X509.prototype.getSerialNumberHex = _x509_getSerialNumberHex;
    -365 X509.prototype.getIssuerHex = _x509_getIssuerHex;
    -366 X509.prototype.getSubjectHex = _x509_getSubjectHex;
    -367 X509.prototype.getIssuerString = _x509_getIssuerString;
    -368 X509.prototype.getSubjectString = _x509_getSubjectString;
    -369 X509.prototype.getNotBefore = _x509_getNotBefore;
    -370 X509.prototype.getNotAfter = _x509_getNotAfter;
    +362   X509.prototype.readCertPEM = _x509_readCertPEM;
    +363   X509.prototype.readCertPEMWithoutRSAInit = _x509_readCertPEMWithoutRSAInit;
    +364   X509.prototype.getSerialNumberHex = _x509_getSerialNumberHex;
    +365   X509.prototype.getIssuerHex = _x509_getIssuerHex;
    +366   X509.prototype.getSubjectHex = _x509_getSubjectHex;
    +367   X509.prototype.getIssuerString = _x509_getIssuerString;
    +368   X509.prototype.getSubjectString = _x509_getSubjectString;
    +369   X509.prototype.getNotBefore = _x509_getNotBefore;
    +370   X509.prototype.getNotAfter = _x509_getNotAfter;
     371 */
     372 
    \ No newline at end of file diff --git a/asn1-1.0.js b/asn1-1.0.js index 770348a0..afa8fae3 100644 --- a/asn1-1.0.js +++ b/asn1-1.0.js @@ -1,9 +1,9 @@ -/*! asn1-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* * asn1.js - ASN.1 DER encoder classes * - * Copyright (c) 2013 Kenji Urushima (kenji.urushima@gmail.com) + * Copyright (c) 2013-2014 Kenji Urushima (kenji.urushima@gmail.com) * * This software is licensed under the terms of the MIT License. * http://kjur.github.com/jsrsasign/license @@ -16,7 +16,7 @@ * @fileOverview * @name asn1-1.0.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version asn1 1.0.4 (2013-Oct-02) + * @version asn1 1.0.5 (2014-May-17) * @since jsrsasign 2.1 * @license MIT License */ @@ -885,25 +885,25 @@ YAHOO.lang.extend(KJUR.asn1.DERNull, KJUR.asn1.ASN1Object); */ KJUR.asn1.DERObjectIdentifier = function(params) { var itox = function(i) { - var h = i.toString(16); - if (h.length == 1) h = '0' + h; - return h; + var h = i.toString(16); + if (h.length == 1) h = '0' + h; + return h; }; var roidtox = function(roid) { - var h = ''; - var bi = new BigInteger(roid, 10); - var b = bi.toString(2); - var padLen = 7 - b.length % 7; - if (padLen == 7) padLen = 0; - var bPad = ''; - for (var i = 0; i < padLen; i++) bPad += '0'; - b = bPad + b; - for (var i = 0; i < b.length - 1; i += 7) { - var b8 = b.substr(i, 7); - if (i != b.length - 7) b8 = '1' + b8; - h += itox(parseInt(b8, 2)); - } - return h; + var h = ''; + var bi = new BigInteger(roid, 10); + var b = bi.toString(2); + var padLen = 7 - b.length % 7; + if (padLen == 7) padLen = 0; + var bPad = ''; + for (var i = 0; i < padLen; i++) bPad += '0'; + b = bPad + b; + for (var i = 0; i < b.length - 1; i += 7) { + var b8 = b.substr(i, 7); + if (i != b.length - 7) b8 = '1' + b8; + h += itox(parseInt(b8, 2)); + } + return h; } KJUR.asn1.DERObjectIdentifier.superclass.constructor.call(this); @@ -917,10 +917,10 @@ KJUR.asn1.DERObjectIdentifier = function(params) { * @param {String} newHexString hexadecimal value of OID bytes */ this.setValueHex = function(newHexString) { - this.hTLV = null; - this.isModified = true; - this.s = null; - this.hV = newHexString; + this.hTLV = null; + this.isModified = true; + this.s = null; + this.hV = newHexString; }; /** @@ -931,21 +931,21 @@ KJUR.asn1.DERObjectIdentifier = function(params) { * @param {String} oidString OID string (ex. 2.5.4.13) */ this.setValueOidString = function(oidString) { - if (! oidString.match(/^[0-9.]+$/)) { - throw "malformed oid string: " + oidString; - } - var h = ''; - var a = oidString.split('.'); - var i0 = parseInt(a[0]) * 40 + parseInt(a[1]); - h += itox(i0); - a.splice(0, 2); - for (var i = 0; i < a.length; i++) { - h += roidtox(a[i]); - } - this.hTLV = null; - this.isModified = true; - this.s = null; - this.hV = h; + if (! oidString.match(/^[0-9.]+$/)) { + throw "malformed oid string: " + oidString; + } + var h = ''; + var a = oidString.split('.'); + var i0 = parseInt(a[0]) * 40 + parseInt(a[1]); + h += itox(i0); + a.splice(0, 2); + for (var i = 0; i < a.length; i++) { + h += roidtox(a[i]); + } + this.hTLV = null; + this.isModified = true; + this.s = null; + this.hV = h; }; /** @@ -960,30 +960,30 @@ KJUR.asn1.DERObjectIdentifier = function(params) { * Otherwise raise error. */ this.setValueName = function(oidName) { - if (typeof KJUR.asn1.x509.OID.name2oidList[oidName] != "undefined") { - var oid = KJUR.asn1.x509.OID.name2oidList[oidName]; - this.setValueOidString(oid); - } else { - throw "DERObjectIdentifier oidName undefined: " + oidName; - } + if (typeof KJUR.asn1.x509.OID.name2oidList[oidName] != "undefined") { + var oid = KJUR.asn1.x509.OID.name2oidList[oidName]; + this.setValueOidString(oid); + } else { + throw "DERObjectIdentifier oidName undefined: " + oidName; + } }; this.getFreshValueHex = function() { - return this.hV; + return this.hV; }; if (typeof params != "undefined") { - if (typeof params == "string" && params.match(/^[0-2].[0-9.]+$/)) { - this.setValueOidString(params); - } else if (KJUR.asn1.x509.OID.name2oidList[params] !== undefined) { - this.setValueOidString(KJUR.asn1.x509.OID.name2oidList[params]); - } else if (typeof params['oid'] != "undefined") { - this.setValueOidString(params['oid']); - } else if (typeof params['hex'] != "undefined") { - this.setValueHex(params['hex']); - } else if (typeof params['name'] != "undefined") { - this.setValueName(params['name']); - } + if (typeof params == "string" && params.match(/^[0-2].[0-9.]+$/)) { + this.setValueOidString(params); + } else if (KJUR.asn1.x509.OID.name2oidList[params] !== undefined) { + this.setValueOidString(KJUR.asn1.x509.OID.name2oidList[params]); + } else if (typeof params['oid'] != "undefined") { + this.setValueOidString(params['oid']); + } else if (typeof params['hex'] != "undefined") { + this.setValueHex(params['hex']); + } else if (typeof params['name'] != "undefined") { + this.setValueName(params['name']); + } } }; YAHOO.lang.extend(KJUR.asn1.DERObjectIdentifier, KJUR.asn1.ASN1Object); @@ -1106,23 +1106,32 @@ KJUR.asn1.DERUTCTime = function(params) { * @param {Date} dateObject Date object to set ASN.1 value(V) */ this.setByDate = function(dateObject) { - this.hTLV = null; - this.isModified = true; - this.date = dateObject; - this.s = this.formatDate(this.date, 'utc'); - this.hV = stohex(this.s); + this.hTLV = null; + this.isModified = true; + this.date = dateObject; + this.s = this.formatDate(this.date, 'utc'); + this.hV = stohex(this.s); + }; + + this.getFreshValueHex = function() { + if (typeof this.date == "undefined" && typeof this.s == "undefined") { + this.date = new Date(); + this.s = this.formatDate(this.date, 'utc'); + this.hV = stohex(this.s); + } + return this.hV; }; if (typeof params != "undefined") { - if (typeof params['str'] != "undefined") { - this.setString(params['str']); - } else if (typeof params == "string" && params.match(/^[0-9]{12}Z$/)) { - this.setString(params); - } else if (typeof params['hex'] != "undefined") { - this.setStringHex(params['hex']); - } else if (typeof params['date'] != "undefined") { - this.setByDate(params['date']); - } + if (typeof params['str'] != "undefined") { + this.setString(params['str']); + } else if (typeof params == "string" && params.match(/^[0-9]{12}Z$/)) { + this.setString(params); + } else if (typeof params['hex'] != "undefined") { + this.setStringHex(params['hex']); + } else if (typeof params['date'] != "undefined") { + this.setByDate(params['date']); + } } }; YAHOO.lang.extend(KJUR.asn1.DERUTCTime, KJUR.asn1.DERAbstractTime); @@ -1162,23 +1171,32 @@ KJUR.asn1.DERGeneralizedTime = function(params) { * o.setByDate(date); */ this.setByDate = function(dateObject) { - this.hTLV = null; - this.isModified = true; - this.date = dateObject; - this.s = this.formatDate(this.date, 'gen'); - this.hV = stohex(this.s); + this.hTLV = null; + this.isModified = true; + this.date = dateObject; + this.s = this.formatDate(this.date, 'gen'); + this.hV = stohex(this.s); + }; + + this.getFreshValueHex = function() { + if (typeof this.date == "undefined" && typeof this.s == "undefined") { + this.date = new Date(); + this.s = this.formatDate(this.date, 'gen'); + this.hV = stohex(this.s); + } + return this.hV; }; if (typeof params != "undefined") { - if (typeof params['str'] != "undefined") { - this.setString(params['str']); - } else if (typeof params == "string" && params.match(/^[0-9]{14}Z$/)) { - this.setString(params); - } else if (typeof params['hex'] != "undefined") { - this.setStringHex(params['hex']); - } else if (typeof params['date'] != "undefined") { - this.setByDate(params['date']); - } + if (typeof params['str'] != "undefined") { + this.setString(params['str']); + } else if (typeof params == "string" && params.match(/^[0-9]{14}Z$/)) { + this.setString(params); + } else if (typeof params['hex'] != "undefined") { + this.setStringHex(params['hex']); + } else if (typeof params['date'] != "undefined") { + this.setByDate(params['date']); + } } }; YAHOO.lang.extend(KJUR.asn1.DERGeneralizedTime, KJUR.asn1.DERAbstractTime); @@ -1202,13 +1220,13 @@ KJUR.asn1.DERSequence = function(params) { KJUR.asn1.DERSequence.superclass.constructor.call(this, params); this.hT = "30"; this.getFreshValueHex = function() { - var h = ''; - for (var i = 0; i < this.asn1Array.length; i++) { - var asn1Obj = this.asn1Array[i]; - h += asn1Obj.getEncodedHex(); - } - this.hV = h; - return this.hV; + var h = ''; + for (var i = 0; i < this.asn1Array.length; i++) { + var asn1Obj = this.asn1Array[i]; + h += asn1Obj.getEncodedHex(); + } + this.hV = h; + return this.hV; }; }; YAHOO.lang.extend(KJUR.asn1.DERSequence, KJUR.asn1.DERAbstractStructured); @@ -1225,22 +1243,31 @@ YAHOO.lang.extend(KJUR.asn1.DERSequence, KJUR.asn1.DERAbstractStructured); * following properties: *
      *
    • array - specify array of ASN1Object to set elements of content
    • + *
    • sortflag - flag for sort (default: true). ASN.1 BER is not sorted in 'SET OF'.
    • *
    - * NOTE: 'params' can be omitted. + * NOTE1: 'params' can be omitted.
    + * NOTE2: sortflag is supported since 1.0.5. */ KJUR.asn1.DERSet = function(params) { KJUR.asn1.DERSet.superclass.constructor.call(this, params); this.hT = "31"; + this.sortFlag = true; // item shall be sorted only in ASN.1 DER this.getFreshValueHex = function() { - var a = new Array(); - for (var i = 0; i < this.asn1Array.length; i++) { - var asn1Obj = this.asn1Array[i]; - a.push(asn1Obj.getEncodedHex()); - } - a.sort(); - this.hV = a.join(''); - return this.hV; + var a = new Array(); + for (var i = 0; i < this.asn1Array.length; i++) { + var asn1Obj = this.asn1Array[i]; + a.push(asn1Obj.getEncodedHex()); + } + if (this.sortFlag == true) a.sort(); + this.hV = a.join(''); + return this.hV; }; + + if (typeof params != "undefined") { + if (typeof params.sortflag != "undefined" && + params.sortflag == false) + this.sortFlag = false; + } }; YAHOO.lang.extend(KJUR.asn1.DERSet, KJUR.asn1.DERAbstractStructured); @@ -1286,36 +1313,36 @@ KJUR.asn1.DERTaggedObject = function(params) { * @param {ASN1Object} asn1Object ASN.1 to encapsulate */ this.setASN1Object = function(isExplicitFlag, tagNoHex, asn1Object) { - this.hT = tagNoHex; - this.isExplicit = isExplicitFlag; - this.asn1Object = asn1Object; - if (this.isExplicit) { - this.hV = this.asn1Object.getEncodedHex(); - this.hTLV = null; - this.isModified = true; - } else { - this.hV = null; - this.hTLV = asn1Object.getEncodedHex(); - this.hTLV = this.hTLV.replace(/^../, tagNoHex); - this.isModified = false; - } + this.hT = tagNoHex; + this.isExplicit = isExplicitFlag; + this.asn1Object = asn1Object; + if (this.isExplicit) { + this.hV = this.asn1Object.getEncodedHex(); + this.hTLV = null; + this.isModified = true; + } else { + this.hV = null; + this.hTLV = asn1Object.getEncodedHex(); + this.hTLV = this.hTLV.replace(/^../, tagNoHex); + this.isModified = false; + } }; this.getFreshValueHex = function() { - return this.hV; + return this.hV; }; if (typeof params != "undefined") { - if (typeof params['tag'] != "undefined") { - this.hT = params['tag']; - } - if (typeof params['explicit'] != "undefined") { - this.isExplicit = params['explicit']; - } - if (typeof params['obj'] != "undefined") { - this.asn1Object = params['obj']; - this.setASN1Object(this.isExplicit, this.hT, this.asn1Object); - } + if (typeof params['tag'] != "undefined") { + this.hT = params['tag']; + } + if (typeof params['explicit'] != "undefined") { + this.isExplicit = params['explicit']; + } + if (typeof params['obj'] != "undefined") { + this.asn1Object = params['obj']; + this.setASN1Object(this.isExplicit, this.hT, this.asn1Object); + } } }; YAHOO.lang.extend(KJUR.asn1.DERTaggedObject, KJUR.asn1.ASN1Object); diff --git a/asn1-1.0.min.js b/asn1-1.0.min.js index 3acbce50..c4ed19fa 100644 --- a/asn1-1.0.min.js +++ b/asn1-1.0.min.js @@ -1,3 +1,3 @@ -/*! asn1-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license */ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(j,l){var e=this.zeroPadding;var k=this.localDateToUTC(j);var m=String(k.getFullYear());if(l=="utc"){m=m.substr(2,2)}var i=e(String(k.getMonth()+1),2);var n=e(String(k.getDate()),2);var f=e(String(k.getHours()),2);var g=e(String(k.getMinutes()),2);var h=e(String(k.getSeconds()),2);return m+i+n+f+g+h+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||715){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(j,l){var e=this.zeroPadding;var k=this.localDateToUTC(j);var m=String(k.getFullYear());if(l=="utc"){m=m.substr(2,2)}var i=e(String(k.getMonth()+1),2);var n=e(String(k.getDate()),2);var f=e(String(k.getHours()),2);var g=e(String(k.getMinutes()),2);var h=e(String(k.getSeconds()),2);return m+i+n+f+g+h+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||7MIT License + */ + +/** + * kjur's class library name space + * // already documented in asn1-1.0.js + * @name KJUR + * @namespace kjur's class library name space + */ + if (typeof KJUR == "undefined" || !KJUR) KJUR = {}; + +/** + * kjur's ASN.1 class library name space + * // already documented in asn1-1.0.js + * @name KJUR.asn1 + * @namespace + */ +if (typeof KJUR.asn1 == "undefined" || !KJUR.asn1) KJUR.asn1 = {}; + +/** + * kjur's ASN.1 class for Cryptographic Message Syntax(CMS) + *

    + * This name space provides + * RFC 5652 + * Cryptographic Message Syntax (CMS) SignedData generator. + * + *

    FEATURES

    + *
      + *
    • easily generate CMS SignedData
    • + *
    • APIs are very similar to BouncyCastle library ASN.1 classes. So easy to learn.
    • + *
    + * + *

    PROVIDED CLASSES

    + *
      + *
    • {@link KJUR.asn1.cms.SignedData}
    • + *
    • {@link KJUR.asn1.cms.SignerInfo}
    • + *
    • {@link KJUR.asn1.cms.AttributeList}
    • + *
    • {@link KJUR.asn1.cms.ContentInfo}
    • + *
    • {@link KJUR.asn1.cms.EncapsulatedContentInfo}
    • + *
    • {@link KJUR.asn1.cms.IssuerAndSerialNumber}
    • + *
    • {@link KJUR.asn1.cms.CMSUtil}
    • + *
    • {@link KJUR.asn1.cms.Attribute}
    • + *
    • {@link KJUR.asn1.cms.ContentType}
    • + *
    • {@link KJUR.asn1.cms.MessageDigest}
    • + *
    • {@link KJUR.asn1.cms.SigningTime}
    • + *
    + * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2. + *

    + * @name KJUR.asn1.cms + * @namespace + */ +if (typeof KJUR.asn1.cms == "undefined" || !KJUR.asn1.cms) KJUR.asn1.cms = {}; + +/** + * Attribute class for base of CMS attribute + * @name KJUR.asn1.cms.Attribute + * @class Attribute class for base of CMS attribute + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * Attributes ::= SET OF Attribute
    + * Attribute ::= SEQUENCE {
    + *    type               OBJECT IDENTIFIER,
    + *    values             AttributeSetValue }
    + * AttributeSetValue ::= SET OF ANY
    + * 
    + */ +KJUR.asn1.cms.Attribute = function(params) { + KJUR.asn1.cms.Attribute.superclass.constructor.call(this); + var valueList = []; // array of values + + this.getEncodedHex = function() { + var attrTypeASN1, attrValueASN1, seq; + attrTypeASN1 = new KJUR.asn1.DERObjectIdentifier({"oid": this.attrTypeOid}); + + attrValueASN1 = new KJUR.asn1.DERSet({"array": this.valueList}); + try { + attrValueASN1.getEncodedHex(); + } catch (ex) { + throw "fail valueSet.getEncodedHex in Attribute(1)/" + ex; + } + + seq = new KJUR.asn1.DERSequence({"array": [attrTypeASN1, attrValueASN1]}); + try { + this.hTLV = seq.getEncodedHex(); + } catch (ex) { + throw "failed seq.getEncodedHex in Attribute(2)/" + ex; + } + + return this.hTLV; + }; +}; +YAHOO.lang.extend(KJUR.asn1.cms.Attribute, KJUR.asn1.ASN1Object); + +/** + * class for CMS ContentType attribute + * @name KJUR.asn1.cms.ContentType + * @class class for CMS ContentType attribute + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.cms.Attribute + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * Attribute ::= SEQUENCE {
    + *    type               OBJECT IDENTIFIER,
    + *    values             AttributeSetValue }
    + * AttributeSetValue ::= SET OF ANY
    + * ContentType ::= OBJECT IDENTIFIER
    + * 
    + * @example + * o = new KJUR.asn1.cms.ContentType({name: 'data'}); + * o = new KJUR.asn1.cms.ContentType({oid: '1.2.840.113549.1.9.16.1.4'}); + */ +KJUR.asn1.cms.ContentType = function(params) { + KJUR.asn1.cms.ContentType.superclass.constructor.call(this); + this.attrTypeOid = "1.2.840.113549.1.9.3"; + var contentTypeASN1 = null; + + if (typeof params != "undefined") { + var contentTypeASN1 = new KJUR.asn1.DERObjectIdentifier(params); + this.valueList = [contentTypeASN1]; + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.ContentType, KJUR.asn1.cms.Attribute); + +/** + * class for CMS MessageDigest attribute + * @name KJUR.asn1.cms.MessageDigest + * @class class for CMS MessageDigest attribute + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.cms.Attribute + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * Attribute ::= SEQUENCE {
    + *    type               OBJECT IDENTIFIER,
    + *    values             AttributeSetValue }
    + * AttributeSetValue ::= SET OF ANY
    + * MessageDigest ::= OCTET STRING
    + * 
    + * @example + * o = new KJUR.asn1.cms.MessageDigest({hex: 'a1a2a3a4...'}); + */ +KJUR.asn1.cms.MessageDigest = function(params) { + KJUR.asn1.cms.MessageDigest.superclass.constructor.call(this); + this.attrTypeOid = "1.2.840.113549.1.9.4"; + + if (typeof params != "undefined") { + if (params.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo && + typeof params.hashAlg == "string") { + var dataHex = params.eciObj.eContentValueHex; + var hashAlg = params.hashAlg; + var hashValueHex = KJUR.crypto.Util.hashHex(dataHex, hashAlg); + var dAttrValue1 = new KJUR.asn1.DEROctetString({hex: hashValueHex}); + dAttrValue1.getEncodedHex(); + this.valueList = [dAttrValue1]; + } else { + var dAttrValue1 = new KJUR.asn1.DEROctetString(params); + dAttrValue1.getEncodedHex(); + this.valueList = [dAttrValue1]; + } + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.MessageDigest, KJUR.asn1.cms.Attribute); + +/** + * class for CMS SigningTime attribute + * @name KJUR.asn1.cms.SigningTime + * @class class for CMS SigningTime attribute + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.cms.Attribute + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * Attribute ::= SEQUENCE {
    + *    type               OBJECT IDENTIFIER,
    + *    values             AttributeSetValue }
    + * AttributeSetValue ::= SET OF ANY
    + * SigningTime  ::= Time
    + * Time ::= CHOICE {
    + *    utcTime UTCTime,
    + *    generalTime GeneralizedTime }
    + * 
    + * @example + * o = new KJUR.asn1.cms.SigningTime(); // current time UTCTime by default + * o = new KJUR.asn1.cms.SigningTime({type: 'gen'}); // current time GeneralizedTime + * o = new KJUR.asn1.cms.SigningTime({str: '20140517093800Z'}); // specified GeneralizedTime + * o = new KJUR.asn1.cms.SigningTime({str: '140517093800Z'}); // specified UTCTime + */ +KJUR.asn1.cms.SigningTime = function(params) { + KJUR.asn1.cms.SigningTime.superclass.constructor.call(this); + this.attrTypeOid = "1.2.840.113549.1.9.5"; + + if (typeof params != "undefined") { + var asn1 = new KJUR.asn1.x509.Time(params); + try { + asn1.getEncodedHex(); + } catch (ex) { + throw "SigningTime.getEncodedHex() failed/" + ex; + } + this.valueList = [asn1]; + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.SigningTime, KJUR.asn1.cms.Attribute); + +// not implemented yet +KJUR.asn1.cms.SigningCertificate = function(params) { + KJUR.asn1.cms.SigningCertificate.superclass.constructor.call(this); + this.attrTypeOid = "1.2.840.113549.1.9.16.2.12"; + + if (typeof params != "undefined") { + var contentTypeASN1 = new KJUR.asn1.DEROctetString(params); + try { + contentTypeASN1.getEncodedHex(); + } catch (ex) { + throw "SigningCertificate.getEncodedHex() failed/" + ex; + } + this.valueList = [contentTypeASN1]; + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificate, KJUR.asn1.cms.Attribute); + +/** + * class for IssuerAndSerialNumber ASN.1 structure for CMS + * @name KJUR.asn1.cms.IssuerAndSerialNumber + * @class class for CMS IssuerAndSerialNumber ASN.1 structure for CMS + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * IssuerAndSerialNumber ::= SEQUENCE {
    + *    issuer Name,
    + *    serialNumber CertificateSerialNumber }
    + * CertificateSerialNumber ::= INTEGER
    + * 
    + * @example + * // specify by X500Name and DERInteger + * o = new KJUR.asn1.cms.IssuerAndSerialNumber( + * {issuer: {str: '/C=US/O=T1'}, serial {int: 3}}); + */ +KJUR.asn1.cms.IssuerAndSerialNumber = function(params) { + KJUR.asn1.cms.IssuerAndSerialNumber.superclass.constructor.call(this); + var dIssuer = null; + var dSerial = null; + + this.getEncodedHex = function() { + var seq = new KJUR.asn1.DERSequence({"array": [this.dIssuer, + this.dSerial]}); + this.hTLV = seq.getEncodedHex(); + return this.hTLV; + }; + + if (typeof params != "undefined") { + if (params.issuer && params.serial) { + if (params.issuer instanceof KJUR.asn1.x509.X500Name) { + this.dIssuer = params.issuer; + } else { + this.dIssuer = new KJUR.asn1.x509.X500Name(params.issuer); + } + if (params.serial instanceof KJUR.asn1.DERInteger) { + this.dSerial = params.serial; + } else { + this.dSerial = new KJUR.asn1.DERInteger(params.serial); + } + } + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.IssuerAndSerialNumber, KJUR.asn1.ASN1Object); + +/** + * class for Attributes ASN.1 structure for CMS + * @name KJUR.asn1.cms.AttributeList + * @class class for Attributes ASN.1 structure for CMS + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * Attributes ::= SET OF Attribute
    + * Attribute ::= SEQUENCE {
    + *    type               OBJECT IDENTIFIER,
    + *    values             AttributeSetValue }
    + * 
    + * @example + * // specify by X500Name and DERInteger + * o = new KJUR.asn1.cms.AttributeList({sorted: false}); // ASN.1 BER unsorted SET OF + * o = new KJUR.asn1.cms.AttributeList(); // ASN.1 DER sorted by default + * o.clear(); // clear list of Attributes + * n = o.length(); // get number of Attribute + * o.add(new KJUR.asn1.cms.SigningTime()); // add SigningTime attribute + * hex = o.getEncodedHex(); // get hex encoded ASN.1 data + */ +KJUR.asn1.cms.AttributeList = function(params) { + KJUR.asn1.cms.AttributeList.superclass.constructor.call(this); + this.list = new Array(); + this.sortFlag = true; + + this.add = function(item) { + if (item instanceof KJUR.asn1.cms.Attribute) { + this.list.push(item); + } + }; + + this.length = function() { + return this.list.length; + }; + + this.clear = function() { + this.list = new Array(); + this.hTLV = null; + this.hV = null; + }; + + this.getEncodedHex = function() { + if (typeof this.hTLV == "string") return this.hTLV; + var set = new KJUR.asn1.DERSet({array: this.list, sortflag: this.sortFlag}); + this.hTLV = set.getEncodedHex(); + return this.hTLV; + }; + + if (typeof params != "undefined") { + if (typeof params.sortflag != "undefined" && + params.sortflag == false) + this.sortFlag = false; + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.AttributeList, KJUR.asn1.ASN1Object); + +/** + * class for SignerInfo ASN.1 structure of CMS SignedData + * @name KJUR.asn1.cms.SignerInfo + * @class class for Attributes ASN.1 structure of CMS SigndData + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * SignerInfo ::= SEQUENCE {
    + *    version CMSVersion,
    + *    sid SignerIdentifier,
    + *    digestAlgorithm DigestAlgorithmIdentifier,
    + *    signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
    + *    signatureAlgorithm SignatureAlgorithmIdentifier,
    + *    signature SignatureValue,
    + *    unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
    + * 
    + * @example + * o = new KJUR.asn1.cms.SignerInfo(); + * o.setSignerIdentifier(certPEMstring); + * o.dSignedAttrs.add(new KJUR.asn1.cms.ContentType({name: 'data'})); + * o.dSignedAttrs.add(new KJUR.asn1.cms.MessageDigest({hex: 'a1b2...'})); + * o.dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); + * o.sign(privteKeyParam, "SHA1withRSA"); + */ +KJUR.asn1.cms.SignerInfo = function(params) { + KJUR.asn1.cms.SignerInfo.superclass.constructor.call(this); + var nA = KJUR.asn1; + var nC = KJUR.asn1.cms; + var nX = KJUR.asn1.x509; + + this.dCMSVersion = new nA.DERInteger({'int': 1}); + this.dSignerIdentifier = null; + this.dDigestAlgorithm = null; + this.dSignedAttrs = new nC.AttributeList(); + this.dSigAlg = null; + this.dSig = null; + this.dUnsignedAttrs = new nC.AttributeList(); + + this.setSignerIdentifier = function(params) { + if (typeof params == "string" && + params.indexOf("CERTIFICATE") != -1 && + params.indexOf("BEGIN") != -1 && + params.indexOf("END") != -1) { + var certPEM = params; + var x = new X509(); + x.hex = X509.pemToHex(certPEM); + + var issuerTLVHex = x.getIssuerHex(); + var dIssuer = new nX.X500Name(); + dIssuer.hTLV = issuerTLVHex; + + var serialVHex = x.getSerialNumberHex(); + var dSerial = new nA.DERInteger({hex: serialVHex}); + + //alert(issuerTLVHex + "--" + serialVHex); + this.dSignerIdentifier = + new nC.IssuerAndSerialNumber({issuer: dIssuer, serial: dSerial}); + } + }; + + /** + * set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData + * @name setForContentAndHash + * @memberOf KJUR.asn1.cms.SignerInfo + * @param {Array} params JSON parameter to set content related field + * @description + * This method will specify following fields by a parameters: + *
      + *
    • add ContentType signed attribute by encapContentInfo
    • + *
    • add MessageDigest signed attribute by encapContentInfo and hashAlg
    • + *
    • add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData
    • + *
    • set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo
    • + *
    + * Argument 'params' is an associative array having following elements: + *
      + *
    • eciObj - {@link KJUR.asn1.cms.EncapsulatedContentInfo} object
    • + *
    • sdObj - {@link KJUR.asn1.cms.SignedData} object (Option) to set DigestAlgorithms
    • + *
    • hashAlg - string of hash algorithm name which is used for MessageDigest attribute
    • + *
    + * some of elements can be omited. + * @example + * sd = new KJUR.asn1.cms.SignedData(); + * signerInfo.setForContentAndHash({sdObj: sd, + * eciObj: sd.dEncapContentInfo, + * hashAlg: 'sha256'}); + */ + this.setForContentAndHash = function(params) { + if (typeof params != "undefined") { + if (params.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo) { + this.dSignedAttrs.add(new nC.ContentType({oid: '1.2.840.113549.1.7.1'})); + this.dSignedAttrs.add(new nC.MessageDigest({eciObj: params.eciObj, + hashAlg: params.hashAlg})); + } + if (typeof params.sdObj != "undefined" && + params.sdObj instanceof KJUR.asn1.cms.SignedData) { + if (params.sdObj.digestAlgNameList.join(":").indexOf(params.hashAlg) == -1) { + params.sdObj.digestAlgNameList.push(params.hashAlg); + } + } + if (typeof params.hashAlg == "string") { + this.dDigestAlgorithm = new nX.AlgorithmIdentifier({name: params.hashAlg}); + } + } + }; + + this.sign = function(keyParam, sigAlg) { + // set algorithm + this.dSigAlg = new nX.AlgorithmIdentifier({name: sigAlg}); + + // set signature + var data = this.dSignedAttrs.getEncodedHex(); + var prvKey = KEYUTIL.getKey(keyParam); + var sig = new KJUR.crypto.Signature({alg: sigAlg}); + sig.init(prvKey); + sig.updateHex(data); + var sigValHex = sig.sign(); + this.dSig = new nA.DEROctetString({hex: sigValHex}); + }; + + this.getEncodedHex = function() { + if (this.dSignedAttrs.length() == 0) { + throw "SignedAttrs length = 0 (empty)"; + } + var sa = new nA.DERTaggedObject({obj: this.dSignedAttrs, tag: 'a0', explicit: false}); + var ua = null;; + if (this.dUnsignedAttrs.length() > 0) { + ua = new nA.DERTaggedObject({obj: this.dUnsignedAttrs, tag: 'a1', explicit: false}); + } + + var items = [ + this.dCMSVersion, + this.dSignerIdentifier, + this.dDigestAlgorithm, + sa, + this.dSigAlg, + this.dSig, + ]; + if (ua != null) items.push(ua); + + var seq = new nA.DERSequence({array: items}); + this.hTLV = seq.getEncodedHex(); + return this.hTLV; + }; +}; +YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo, KJUR.asn1.ASN1Object); + +/** + * class for EncapsulatedContentInfo ASN.1 structure for CMS + * @name KJUR.asn1.cms.EncapsulatedContentInfo + * @class class for EncapsulatedContentInfo ASN.1 structure for CMS + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * EncapsulatedContentInfo ::= SEQUENCE {
    + *    eContentType ContentType,
    + *    eContent [0] EXPLICIT OCTET STRING OPTIONAL }
    + * ContentType ::= OBJECT IDENTIFIER
    + * 
    + * @example + * o = new KJUR.asn1.cms.EncapsulatedContentInfo(); + * o.setContentType('1.2.3.4.5'); // specify eContentType by OID + * o.setContentType('data'); // specify eContentType by name + * o.setContentValueHex('a1a2a4...'); // specify eContent data by hex string + * o.setContentValueStr('apple'); // specify eContent data by UTF-8 string + * // for detached contents (i.e. data not concluded in eContent) + * o.isDetached = true; // false as default + */ +KJUR.asn1.cms.EncapsulatedContentInfo = function(params) { + KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this); + var nA = KJUR.asn1; + var nC = KJUR.asn1.cms; + var nX = KJUR.asn1.x509; + this.dEContentType = new nA.DERObjectIdentifier({name: 'data'}); + this.dEContent = null; + this.isDetached = false; + this.eContentValueHex = null; + + this.setContentType = function(nameOrOid) { + if (nameOrOid.match(/^[0-2][.][0-9.]+$/)) { + this.dEContentType = new nA.DERObjectIdentifier({oid: nameOrOid}); + } else { + this.dEContentType = new nA.DERObjectIdentifier({name: nameOrOid}); + } + }; + + this.setContentValue = function(params) { + if (typeof params != "undefined") { + if (typeof params.hex == "string") { + this.eContentValueHex = params.hex; + } else if (typeof params.str == "string") { + this.eContentValueHex = utf8tohex(params.str); + } + } + }; + + this.setContentValueHex = function(valueHex) { + this.eContentValueHex = valueHex; + }; + + this.setContentValueStr = function(valueStr) { + this.eContentValueHex = utf8tohex(valueStr); + }; + + this.getEncodedHex = function() { + if (typeof this.eContentValueHex != "string") { + throw "eContentValue not yet set"; + } + + var dValue = new nA.DEROctetString({hex: this.eContentValueHex}); + this.dEContent = new nA.DERTaggedObject({obj: dValue, + tag: 'a0', + explicit: true}); + + var a = [this.dEContentType]; + if (! this.isDetached) a.push(this.dEContent); + var seq = new nA.DERSequence({array: a}); + this.hTLV = seq.getEncodedHex(); + return this.hTLV; + }; +}; +YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo, KJUR.asn1.ASN1Object); + +// - type +// - obj +/** + * class for ContentInfo ASN.1 structure for CMS + * @name KJUR.asn1.cms.ContentInfo + * @class class for ContentInfo ASN.1 structure for CMS + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * @description + *
    + * ContentInfo ::= SEQUENCE {
    + *    contentType ContentType,
    + *    content [0] EXPLICIT ANY DEFINED BY contentType }
    + * ContentType ::= OBJECT IDENTIFIER
    + * 
    + * @example + * a = [new KJUR.asn1.DERInteger({int: 1}), + * new KJUR.asn1.DERInteger({int: 2})]; + * seq = new KJUR.asn1.DERSequence({array: a}); + * o = new KJUR.asn1.cms.ContentInfo({type: 'data', obj: seq}); + */ +KJUR.asn1.cms.ContentInfo = function(params) { + KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this); + var nA = KJUR.asn1; + var nC = KJUR.asn1.cms; + var nX = KJUR.asn1.x509; + + this.dContentType = null; + this.dContent = null; + + this.setContentType = function(params) { + if (typeof params == "string") { + this.dContentType = nX.OID.name2obj(params); + } + }; + + this.getEncodedHex = function() { + var dContent0 = new nA.DERTaggedObject({obj: this.dContent, tag: 'a0', explicit: true}); + var seq = new nA.DERSequence({array: [this.dContentType, dContent0]}); + this.hTLV = seq.getEncodedHex(); + return this.hTLV; + }; + + if (typeof params != "undefined") { + if (params.type) this.setContentType(params.type); + if (params.obj && params.obj instanceof nA.ASN1Object) this.dContent = params.obj; + } +}; +YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo, KJUR.asn1.ASN1Object); + +/** + * class for SignerInfo ASN.1 structure of CMS SignedData + * @name KJUR.asn1.cms.SignedData + * @class class for Attributes ASN.1 structure of CMS SigndData + * @param {Array} params associative array of parameters + * @extends KJUR.asn1.ASN1Object + * @since jsrsasign 4.2.4 asn1cms 1.0.0 + * + * @description + *
    + * SignedData ::= SEQUENCE {
    + *    version CMSVersion,
    + *    digestAlgorithms DigestAlgorithmIdentifiers,
    + *    encapContentInfo EncapsulatedContentInfo,
    + *    certificates [0] IMPLICIT CertificateSet OPTIONAL,
    + *    crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
    + *    signerInfos SignerInfos }
    + * SignerInfos ::= SET OF SignerInfo
    + * CertificateSet ::= SET OF CertificateChoices
    + * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
    + * CertificateSet ::= SET OF CertificateChoices
    + * RevocationInfoChoices ::= SET OF RevocationInfoChoice
    + * 
    + * + * @example + * sd = new KJUR.asn1.cms.SignedData(); + * sd.dEncapContentInfo.setContentValueStr("test string"); + * sd.signerInfoList[0].setForContentAndHash({sdObj: sd, + * eciObj: sd.dEncapContentInfo, + * hashAlg: 'sha256'}); + * sd.signerInfoList[0].dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); + * sd.signerInfoList[0].setSignerIdentifier(certPEM); + * sd.signerInfoList[0].sign(prvP8PEM, "SHA256withRSA"); + * hex = sd.getContentInfoEncodedHex(); + */ +KJUR.asn1.cms.SignedData = function(params) { + KJUR.asn1.cms.SignedData.superclass.constructor.call(this); + var nA = KJUR.asn1; + var nC = KJUR.asn1.cms; + var nX = KJUR.asn1.x509; + + this.dCMSVersion = new nA.DERInteger({'int': 1}); + this.digestAlgNameList = []; + this.dEncapContentInfo = new nC.EncapsulatedContentInfo(); + this.certificateList = []; + this.crlList = []; + this.signerInfoList = [new nC.SignerInfo()]; + + this.addCertificatesByPEM = function(certPEM) { + var hex = KEYUTIL.getHexFromPEM(certPEM); + var o = new nA.ASN1Object(); + o.hTLV = hex; + this.certificateList.push(o); + }; + + this.getEncodedHex = function() { + if (typeof this.hTLV == "string") return this.hTLV; + + var digestAlgList = []; + for (var i = 0; i < this.digestAlgNameList.length; i++) { + var o = new nX.AlgorithmIdentifier({name: this.digestAlgNameList[i]}); + digestAlgList.push(o); + } + + var dDigestAlgs = new nA.DERSet({array: digestAlgList}); + var dSignerInfos = new nA.DERSet({array: this.signerInfoList}); + + var a = [this.dCMSVersion, + dDigestAlgs, + this.dEncapContentInfo]; + + if (this.certificateList.length > 0) { + var o1 = new nA.DERSet({array: this.certificateList}); + var o2 = new nA.DERTaggedObject({obj: o1, + tag: 'a0', + explicit: false}); + a.push(o2); + } + + a.push(dSignerInfos); + + var seq = new nA.DERSequence({array: a}); + this.hTLV = seq.getEncodedHex(); + return this.hTLV; + }; + + this.getContentInfoEncodedHex = function() { + this.getEncodedHex(); + var ci = new nC.ContentInfo({type: 'signed-data', obj: this}); + var ciHex = ci.getEncodedHex(); + return ciHex; + }; + + this.getPEM = function() { + var hex = this.getContentInfoEncodedHex(); + var pem = nA.ASN1Util.getPEMStringFromHex(hex, "CMS"); + return pem; + }; +}; +YAHOO.lang.extend(KJUR.asn1.cms.SignedData, KJUR.asn1.ASN1Object); + +/** + * CMS utiliteis class + * @name KJUR.asn1.cms.CMSUtil + * @class CMS utilities class + */ +KJUR.asn1.cms.CMSUtil = new function() { +}; +/** + * generate SignedData object specified by JSON parameters + * @name newSignedData + * @memberOf KJUR.asn1.cms.CMSUtil + * @function + * @param {Array} param JSON parameter to generate CMS SignedData + * @return {KJUR.asn1.cms.SignedData} object just generated + * @description + * This method provides more easy way to genereate + * CMS SignedData ASN.1 structure by JSON data. + * @example + * var sd = KJUR.asn1.cms.CMSUtil.newSignedData({ + * content: {str: "jsrsasign"}, + * certs: [certPEM], + * signerInfos: [{ + * hashAlg: 'sha256', + * sAttr: { + * SigningTime: {} + * }, + * signerCert: certPEM, + * sigAlg: 'SHA256withRSA', + * signerPrvKey: prvPEM + * }] + * }); + */ +KJUR.asn1.cms.CMSUtil.newSignedData = function(param) { + var nC = KJUR.asn1.cms; + var sd = new nC.SignedData(); + + sd.dEncapContentInfo.setContentValue(param.content); + + if (typeof param.certs == "object") { + for (var i = 0; i < param.certs.length; i++) { + sd.addCertificatesByPEM(param.certs[i]); + } + } + + sd.signerInfoList = []; + for (var i = 0; i < param.signerInfos.length; i++) { + var siParam = param.signerInfos[i]; + var si = new nC.SignerInfo(); + si.setSignerIdentifier(siParam.signerCert); + + si.setForContentAndHash({sdObj: sd, + eciObj: sd.dEncapContentInfo, + hashAlg: siParam.hashAlg}); + + for (attrName in siParam.sAttr) { + if (attrName == "SigningTime") { + var attr = new nC.SigningTime(siParam.sAttr[attrName]); + si.dSignedAttrs.add(attr); + } + } + + si.sign(siParam.signerPrvKey, siParam.sigAlg); + sd.signerInfoList.push(si); + } + + return sd; +}; + diff --git a/asn1cms-1.0.min.js b/asn1cms-1.0.min.js new file mode 100755 index 00000000..35cdb123 --- /dev/null +++ b/asn1cms-1.0.min.js @@ -0,0 +1,3 @@ +/*! asn1cms-1.0.0.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cms=="undefined"||!KJUR.asn1.cms){KJUR.asn1.cms={}}KJUR.asn1.cms.Attribute=function(b){KJUR.asn1.cms.Attribute.superclass.constructor.call(this);var a=[];this.getEncodedHex=function(){var f,e,c;f=new KJUR.asn1.DERObjectIdentifier({oid:this.attrTypeOid});e=new KJUR.asn1.DERSet({array:this.valueList});try{e.getEncodedHex()}catch(d){throw"fail valueSet.getEncodedHex in Attribute(1)/"+d}c=new KJUR.asn1.DERSequence({array:[f,e]});try{this.hTLV=c.getEncodedHex()}catch(d){throw"failed seq.getEncodedHex in Attribute(2)/"+d}return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.Attribute,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentType=function(b){KJUR.asn1.cms.ContentType.superclass.constructor.call(this);this.attrTypeOid="1.2.840.113549.1.9.3";var a=null;if(typeof b!="undefined"){var a=new KJUR.asn1.DERObjectIdentifier(b);this.valueList=[a]}};YAHOO.lang.extend(KJUR.asn1.cms.ContentType,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.MessageDigest=function(e){KJUR.asn1.cms.MessageDigest.superclass.constructor.call(this);this.attrTypeOid="1.2.840.113549.1.9.4";if(typeof e!="undefined"){if(e.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo&&typeof e.hashAlg=="string"){var b=e.eciObj.eContentValueHex;var a=e.hashAlg;var c=KJUR.crypto.Util.hashHex(b,a);var d=new KJUR.asn1.DEROctetString({hex:c});d.getEncodedHex();this.valueList=[d]}else{var d=new KJUR.asn1.DEROctetString(e);d.getEncodedHex();this.valueList=[d]}}};YAHOO.lang.extend(KJUR.asn1.cms.MessageDigest,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningTime=function(c){KJUR.asn1.cms.SigningTime.superclass.constructor.call(this);this.attrTypeOid="1.2.840.113549.1.9.5";if(typeof c!="undefined"){var a=new KJUR.asn1.x509.Time(c);try{a.getEncodedHex()}catch(b){throw"SigningTime.getEncodedHex() failed/"+b}this.valueList=[a]}};YAHOO.lang.extend(KJUR.asn1.cms.SigningTime,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningCertificate=function(c){KJUR.asn1.cms.SigningCertificate.superclass.constructor.call(this);this.attrTypeOid="1.2.840.113549.1.9.16.2.12";if(typeof c!="undefined"){var a=new KJUR.asn1.DEROctetString(c);try{a.getEncodedHex()}catch(b){throw"SigningCertificate.getEncodedHex() failed/"+b}this.valueList=[a]}};YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificate,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.IssuerAndSerialNumber=function(b){KJUR.asn1.cms.IssuerAndSerialNumber.superclass.constructor.call(this);var c=null;var a=null;this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.dIssuer,this.dSerial]});this.hTLV=d.getEncodedHex();return this.hTLV};if(typeof b!="undefined"){if(b.issuer&&b.serial){if(b.issuer instanceof KJUR.asn1.x509.X500Name){this.dIssuer=b.issuer}else{this.dIssuer=new KJUR.asn1.x509.X500Name(b.issuer)}if(b.serial instanceof KJUR.asn1.DERInteger){this.dSerial=b.serial}else{this.dSerial=new KJUR.asn1.DERInteger(b.serial)}}}};YAHOO.lang.extend(KJUR.asn1.cms.IssuerAndSerialNumber,KJUR.asn1.ASN1Object);KJUR.asn1.cms.AttributeList=function(a){KJUR.asn1.cms.AttributeList.superclass.constructor.call(this);this.list=new Array();this.sortFlag=true;this.add=function(b){if(b instanceof KJUR.asn1.cms.Attribute){this.list.push(b)}};this.length=function(){return this.list.length};this.clear=function(){this.list=new Array();this.hTLV=null;this.hV=null};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}var b=new KJUR.asn1.DERSet({array:this.list,sortflag:this.sortFlag});this.hTLV=b.getEncodedHex();return this.hTLV};if(typeof a!="undefined"){if(typeof a.sortflag!="undefined"&&a.sortflag==false){this.sortFlag=false}}};YAHOO.lang.extend(KJUR.asn1.cms.AttributeList,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerInfo=function(c){KJUR.asn1.cms.SignerInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dCMSVersion=new a.DERInteger({"int":1});this.dSignerIdentifier=null;this.dDigestAlgorithm=null;this.dSignedAttrs=new b.AttributeList();this.dSigAlg=null;this.dSig=null;this.dUnsignedAttrs=new b.AttributeList();this.setSignerIdentifier=function(i){if(typeof i=="string"&&i.indexOf("CERTIFICATE")!=-1&&i.indexOf("BEGIN")!=-1&&i.indexOf("END")!=-1){var g=i;var e=new X509();e.hex=X509.pemToHex(g);var k=e.getIssuerHex();var j=new d.X500Name();j.hTLV=k;var f=e.getSerialNumberHex();var h=new a.DERInteger({hex:f});this.dSignerIdentifier=new b.IssuerAndSerialNumber({issuer:j,serial:h})}};this.setForContentAndHash=function(e){if(typeof e!="undefined"){if(e.eciObj instanceof KJUR.asn1.cms.EncapsulatedContentInfo){this.dSignedAttrs.add(new b.ContentType({oid:"1.2.840.113549.1.7.1"}));this.dSignedAttrs.add(new b.MessageDigest({eciObj:e.eciObj,hashAlg:e.hashAlg}))}if(typeof e.sdObj!="undefined"&&e.sdObj instanceof KJUR.asn1.cms.SignedData){if(e.sdObj.digestAlgNameList.join(":").indexOf(e.hashAlg)==-1){e.sdObj.digestAlgNameList.push(e.hashAlg)}}if(typeof e.hashAlg=="string"){this.dDigestAlgorithm=new d.AlgorithmIdentifier({name:e.hashAlg})}}};this.sign=function(j,f){this.dSigAlg=new d.AlgorithmIdentifier({name:f});var g=this.dSignedAttrs.getEncodedHex();var e=KEYUTIL.getKey(j);var i=new KJUR.crypto.Signature({alg:f});i.init(e);i.updateHex(g);var h=i.sign();this.dSig=new a.DEROctetString({hex:h})};this.getEncodedHex=function(){if(this.dSignedAttrs.length()==0){throw"SignedAttrs length = 0 (empty)"}var e=new a.DERTaggedObject({obj:this.dSignedAttrs,tag:"a0",explicit:false});var h=null;if(this.dUnsignedAttrs.length()>0){h=new a.DERTaggedObject({obj:this.dUnsignedAttrs,tag:"a1",explicit:false})}var g=[this.dCMSVersion,this.dSignerIdentifier,this.dDigestAlgorithm,e,this.dSigAlg,this.dSig,];if(h!=null){g.push(h)}var f=new a.DERSequence({array:g});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(c){KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dEContentType=new a.DERObjectIdentifier({name:"data"});this.dEContent=null;this.isDetached=false;this.eContentValueHex=null;this.setContentType=function(e){if(e.match(/^[0-2][.][0-9.]+$/)){this.dEContentType=new a.DERObjectIdentifier({oid:e})}else{this.dEContentType=new a.DERObjectIdentifier({name:e})}};this.setContentValue=function(e){if(typeof e!="undefined"){if(typeof e.hex=="string"){this.eContentValueHex=e.hex}else{if(typeof e.str=="string"){this.eContentValueHex=utf8tohex(e.str)}}}};this.setContentValueHex=function(e){this.eContentValueHex=e};this.setContentValueStr=function(e){this.eContentValueHex=utf8tohex(e)};this.getEncodedHex=function(){if(typeof this.eContentValueHex!="string"){throw"eContentValue not yet set"}var g=new a.DEROctetString({hex:this.eContentValueHex});this.dEContent=new a.DERTaggedObject({obj:g,tag:"a0",explicit:true});var e=[this.dEContentType];if(!this.isDetached){e.push(this.dEContent)}var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(c){KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dContentType=null;this.dContent=null;this.setContentType=function(e){if(typeof e=="string"){this.dContentType=d.OID.name2obj(e)}};this.getEncodedHex=function(){var f=new a.DERTaggedObject({obj:this.dContent,tag:"a0",explicit:true});var e=new a.DERSequence({array:[this.dContentType,f]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof c!="undefined"){if(c.type){this.setContentType(c.type)}if(c.obj&&c.obj instanceof a.ASN1Object){this.dContent=c.obj}}};YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(c){KJUR.asn1.cms.SignedData.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dCMSVersion=new a.DERInteger({"int":1});this.digestAlgNameList=[];this.dEncapContentInfo=new b.EncapsulatedContentInfo();this.certificateList=[];this.crlList=[];this.signerInfoList=[new b.SignerInfo()];this.addCertificatesByPEM=function(e){var f=KEYUTIL.getHexFromPEM(e);var g=new a.ASN1Object();g.hTLV=f;this.certificateList.push(g)};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}var m=[];for(var j=0;j0){var g=new a.DERSet({array:this.certificateList});var f=new a.DERTaggedObject({obj:g,tag:"a0",explicit:false});k.push(f)}k.push(n);var l=new a.DERSequence({array:k});this.hTLV=l.getEncodedHex();return this.hTLV};this.getContentInfoEncodedHex=function(){this.getEncodedHex();var e=new b.ContentInfo({type:"signed-data",obj:this});var f=e.getEncodedHex();return f};this.getPEM=function(){var e=this.getContentInfoEncodedHex();var f=a.ASN1Util.getPEMStringFromHex(e,"CMS");return f}};YAHOO.lang.extend(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(g){var f=KJUR.asn1.cms;var e=new f.SignedData();e.dEncapContentInfo.setContentValue(g.content);if(typeof g.certs=="object"){for(var c=0;cMIT License */ @@ -1148,9 +1148,10 @@ KJUR.asn1.x509.X500Name = function(params) { }; this.getEncodedHex = function() { + if (typeof this.hTLV == "string") return this.hTLV; var o = new KJUR.asn1.DERSequence({"array": this.asn1Array}); - this.TLV = o.getEncodedHex(); - return this.TLV; + this.hTLV = o.getEncodedHex(); + return this.hTLV; }; if (typeof params != "undefined") { @@ -1422,14 +1423,20 @@ KJUR.asn1.x509.Time = function(params) { } this.getEncodedHex = function() { - if (this.timeParams == null) { - throw "timeParams shall be specified. ({'str':'130403235959Z'}}"; - } var o = null; - if (this.type == "utc") { - o = new KJUR.asn1.DERUTCTime(this.timeParams); + + if (this.timeParams != null) { + if (this.type == "utc") { + o = new KJUR.asn1.DERUTCTime(this.timeParams); + } else { + o = new KJUR.asn1.DERGeneralizedTime(this.timeParams); + } } else { - o = new KJUR.asn1.DERGeneralizedTime(this.timeParams); + if (this.type == "utc") { + o = new KJUR.asn1.DERUTCTime(); + } else { + o = new KJUR.asn1.DERGeneralizedTime(); + } } this.TLV = o.getEncodedHex(); return this.TLV; @@ -1437,8 +1444,13 @@ KJUR.asn1.x509.Time = function(params) { this.type = "utc"; if (typeof params != "undefined") { - if (typeof params['type'] != "undefined") { - this.type = params['type']; + if (typeof params.type != "undefined") { + this.type = params.type; + } else { + if (typeof params.str != "undefined") { + if (params.str.match(/^[0-9]{12}Z$/)) this.type = "utc"; + if (params.str.match(/^[0-9]{14}Z$/)) this.type = "gen"; + } } this.timeParams = params; } @@ -1701,10 +1713,18 @@ KJUR.asn1.x509.OID = new function(params) { 'ST': '2.5.4.8', 'L': '2.5.4.7', 'CN': '2.5.4.3', + 'DN': '2.5.4.49', + 'DC': '0.9.2342.19200300.100.1.25', }; this.name2oidList = { - 'sha384': '2.16.840.1.101.3.4.2.2', - 'sha224': '2.16.840.1.101.3.4.2.4', + 'sha1': '1.3.14.3.2.26', + 'sha256': '2.16.840.1.101.3.4.2.1', + 'sha384': '2.16.840.1.101.3.4.2.2', + 'sha512': '2.16.840.1.101.3.4.2.3', + 'sha224': '2.16.840.1.101.3.4.2.4', + 'md5': '1.2.840.113549.2.5', + 'md2': '1.3.14.7.2.2.1', + 'ripemd160': '1.3.36.3.2.1', 'MD2withRSA': '1.2.840.113549.1.1.2', 'MD4withRSA': '1.2.840.113549.1.1.3', @@ -1721,29 +1741,29 @@ KJUR.asn1.x509.OID = new function(params) { 'SHA384withECDSA': '1.2.840.10045.4.3.3', 'SHA512withECDSA': '1.2.840.10045.4.3.4', - 'dsa': '1.2.840.10040.4.1', + 'dsa': '1.2.840.10040.4.1', 'SHA1withDSA': '1.2.840.10040.4.3', 'SHA224withDSA': '2.16.840.1.101.3.4.3.1', 'SHA256withDSA': '2.16.840.1.101.3.4.3.2', 'rsaEncryption': '1.2.840.113549.1.1.1', - 'subjectKeyIdentifier': '2.5.29.14', + 'subjectKeyIdentifier': '2.5.29.14', 'countryName': '2.5.4.6', 'organization': '2.5.4.10', - 'organizationalUnit': '2.5.4.11', - 'stateOrProvinceName': '2.5.4.8', - 'locality': '2.5.4.7', + 'organizationalUnit': '2.5.4.11', + 'stateOrProvinceName': '2.5.4.8', + 'locality': '2.5.4.7', 'commonName': '2.5.4.3', - 'keyUsage': '2.5.29.15', + 'keyUsage': '2.5.29.15', 'basicConstraints': '2.5.29.19', - 'cRLDistributionPoints': '2.5.29.31', - 'certificatePolicies': '2.5.29.32', - 'authorityKeyIdentifier': '2.5.29.35', + 'cRLDistributionPoints':'2.5.29.31', + 'certificatePolicies': '2.5.29.32', + 'authorityKeyIdentifier':'2.5.29.35', 'extKeyUsage': '2.5.29.37', - 'anyExtendedKeyUsage': '2.5.29.37.0', + 'anyExtendedKeyUsage': '2.5.29.37.0', 'serverAuth': '1.3.6.1.5.5.7.3.1', 'clientAuth': '1.3.6.1.5.5.7.3.2', 'codeSigning': '1.3.6.1.5.5.7.3.3', @@ -1760,6 +1780,14 @@ KJUR.asn1.x509.OID = new function(params) { 'pkcs5PBKDF2': '1.2.840.113549.1.5.12', 'des-EDE3-CBC': '1.2.840.113549.3.7', + + 'data': '1.2.840.113549.1.7.1', // CMS data + 'signed-data': '1.2.840.113549.1.7.2', // CMS signed-data + 'enveloped-data': '1.2.840.113549.1.7.3', // CMS enveloped-data + 'digested-data': '1.2.840.113549.1.7.5', // CMS digested-data + 'encrypted-data': '1.2.840.113549.1.7.6', // CMS encrypted-data + 'authenticated-data': '1.2.840.113549.1.9.16.1.2', // CMS authenticated-data + 'tstinfo': '1.2.840.113549.1.9.16.1.4', // RFC3161 TSTInfo }; this.objCache = {}; @@ -1932,23 +1960,23 @@ KJUR.asn1.x509.X509Util.newCertPEM = function(param) { } } - // set signature - if (param.cakey === undefined && param.sighex === undefined) - throw "param cakey and sighex undefined."; + // set signature + if (param.cakey === undefined && param.sighex === undefined) + throw "param cakey and sighex undefined."; var caKey = null; - var cert = null; + var cert = null; if (param.cakey) { caKey = KEYUTIL.getKey.apply(null, param.cakey); - cert = new ns1.Certificate({'tbscertobj': o, 'prvkeyobj': caKey}); - cert.sign(); - } - - if (param.sighex) { - cert = new ns1.Certificate({'tbscertobj': o}); - cert.setSignatureHex(param.sighex); - } + cert = new ns1.Certificate({'tbscertobj': o, 'prvkeyobj': caKey}); + cert.sign(); + } + + if (param.sighex) { + cert = new ns1.Certificate({'tbscertobj': o}); + cert.setSignatureHex(param.sighex); + } return cert.getPEMString(); }; diff --git a/asn1x509-1.0.min.js b/asn1x509-1.0.min.js index b407befe..512981b0 100644 --- a/asn1x509-1.0.min.js +++ b/asn1x509-1.0.min.js @@ -1,3 +1,3 @@ -/*! asn1x509-1.0.8.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1x509-1.0.9.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(g){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var b=null;var d=null;var f=null;var c=null;var a=null;var e=null;this.setRsaPrvKeyByPEMandPass=function(i,k){var h=PKCS5PKEY.getDecryptedKeyHex(i,k);var j=new RSAKey();j.readPrivateKeyFromASN1HexString(h);this.prvKey=j};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA"});sig.init(this.prvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var h=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=h.getEncodedHex();this.isModified=false};this.setSignatureHex=function(h){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;this.hexSig=h;this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var i=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=i.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var j=this.getEncodedHex();var h=CryptoJS.enc.Hex.parse(j);var i=CryptoJS.enc.Base64.stringify(h);var k=i.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+k+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof g!="undefined"){if(typeof g.tbscertobj!="undefined"){this.asn1TBSCert=g.tbscertobj}if(typeof g.prvkeyobj!="undefined"){this.prvKey=g.prvkeyobj}else{if(typeof g.rsaprvkey!="undefined"){this.prvKey=g.rsaprvkey}else{if((typeof g.rsaprvpem!="undefined")&&(typeof g.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(g.rsaprvpem,g.rsaprvpas)}}}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.setSubjectPublicKeyByGetKey=function(c){var b=KEYUTIL.getKey(c);this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.appendExtensionByName=function(d,b){if(d.toLowerCase()=="basicconstraints"){var c=new KJUR.asn1.x509.BasicConstraints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="keyusage"){var c=new KJUR.asn1.x509.KeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="crldistributionpoints"){var c=new KJUR.asn1.x509.CRLDistributionPoints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="extkeyusage"){var c=new KJUR.asn1.x509.ExtKeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="authoritykeyidentifier"){var c=new KJUR.asn1.x509.AuthorityKeyIdentifier(b);this.appendExtension(c)}else{throw"unsupported extension name: "+d}}}}}};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d - + jsrsasign - RSA Signing and Verification in JavaScript @@ -18,7 +18,7 @@ Fork Me on GitHub

    jsrsasign

    -

    opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate and CRL

    +

    opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL and CMS SignedData

    Download this project as a .zip file @@ -54,6 +54,14 @@

    FEATURES

    NEWS

    +
    2014-May-18: +
    Release 4.5.0 is now available. +
      +
    • RFC 5652 CMS SignedData generation
    • +
    • simple CMS SignedData generator tool
    • +
    + +
    2014-Apr-19:
    Release 4.2.2 is now available. -
    2013-Oct-02: -
    Release 4.1.6 is now available. -
      -
    • DSA signature algorithm support (However Signature and KEYUTIL class don't support yet)
    • -
    • KEYUTIL.generateKeypair method added
    • -
    • ASN1Util.jsonToASN1HEX method added
    • -
    • HmacSHA384 support
    • -
    - -
    2013-Sep-23: -
    Release 4.1.3 is now available. -
      -
    • ASNUtil.newObject update for tagged object
    • -
    • PKCS5PKEY class was moved to KEYUTIL class and KEYUTIL class has more generic getKey() method.
    • -
    - -
    2013-Sep-12: -
    Release 4.1.2 is now available. - - -
    2013-Aug-25: -
    Release 4.1.0 is now available. -
      -
    • RSAPSS support in Signature class.
    • -
    • add useful init() method for Signature class
    • -
    • add ECDSA support and getKey methods to PKCS5PKEY class
    • -
    - -
    2013-Aug-17: -
    Release 4.0.5 is now available. -
      -
    • Message authentication code (MAC) class added.
    • -
    - -
    2013-Jul-23: -
    Release 4.0.2 is now available. -
      -
    • RSAPSS signing and validation fix by Davegithub.com/davedoesdev)
    • -
    - -
    2013-Jul-18: -
    Release 4.0.0 is now available. -
      -
    • ECC key generation and ECDSA signing and verification support
    • -
    • Currently supports secp256r1, secp256k1 and secp384r1 curves
    • -
    • You can specify other curves such like secp192r1 or NIST P-521 however -it can't be signed nor verified properly with other curves. -I appreciate if you fix the bugs.
    • -
    - -
    2013-May-29: -
    Release 3.1.3 is now available. - - -
    2013-May-27: -
    Release 3.1.2 is now available. -
      -
    • add some methods to 'pkcs5pkey.js' to load encrypted PKCS#8 PEM private key.
    • -
    - -
    2013-May-20: -
    Release 3.1.1 is now available. -
      -
    • add some methods to 'pkcs5pkey.js' to generate encrypted PKCS#5 PEM private key.
    • -
    - -
    2013-May-16: -
    Release 3.1.0 is now available. -
      -
    • CRL class added to issue CRL.
    • -
    -
    Old news is here. @@ -164,6 +94,8 @@

    ONLINE TOOL & DEMO

  • JavaScript Certification Authority
  • Encrypted PKCS#5 Private Key Viewer
  • Online Certificate Viewer
  • +
  • Fake certificate converter from CSR for factorable.net checking
  • +
  • Simple CMS SignedData generator
    • @@ -343,7 +275,7 @@

      DEPENDENCY

      Published with GitHub Pages

      -Copyright © 2010-2013 Kenji Urushima. All rights reserved. +Copyright © 2010-2014 Kenji Urushima. All rights reserved.
      diff --git a/index_alg.html b/index_alg.html new file mode 100755 index 00000000..4dfedc79 --- /dev/null +++ b/index_alg.html @@ -0,0 +1,134 @@ + + + + + + + + + + +jsjws - supported algorithm table + + + + +
      +
      +

      jsrsasign: supported algorithm table

      +TOP | +DOWNLOADS | +TUTORIALS | +API REFERENCE | +DEMOS | +
      +
      + + +
      +
      + + +
      for jsrsasign 4.2.0: LAST UPDATE: 2013-Oct-07
      +

      +Here is the list of supported algortihms in jsrsasign. +

      + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      FunctionAlgorithmNote
      Signature algorithmRSA, RSAPSS, ECDSA, DSA +based on +Tom Wu's Lib(RSA), +David Halls's contribution(RSAPSS), +BitCoinJS(ECDSA) and +OpenPGP.js(DSA). +
      Message authentication codeHmac{MD5,SHA1,SHA224,SHA256,SHA384,SHA512} +based on CryptoJS +
      Message digestMD5,SHA{1,224,256,384,512},RIPEMD160 +based on CryptoJS and +SJCL +
      Named curves of elliptic curve cryptographysecp256r1,secp256k1,secp384r1 +based on BitCoinJS and +Tom Wu's Lib +
      key protection algorithm for PKCS#8 encrypted private keyPBKDF2/HmacSHA1/3DES +based on CryptoJS +
      key protection algorithm for PKCS#5 encrypted private keyDES-CBC, DES-EDE3-CBC, AES-{128,192,256}-CBCbased on CryptoJS
      + +Back to TOP. + + + +
      +
      + + + + + + diff --git a/index_oldnews.html b/index_oldnews.html new file mode 100755 index 00000000..b3046799 --- /dev/null +++ b/index_oldnews.html @@ -0,0 +1,219 @@ + + + + + + + + + + jsrsasign Old News + + + + +
      +
      +

      jsrsasign Old News Archive

      + TOP | + DOWNLOADS | + TUTORIALS | + API REFERENCE | + DEMOS | +
      +
      + + +
      +
      + + +

      Old News

      + +
      +
      2013-Oct-02: +
      Release 4.1.6 is now available. +
        +
      • DSA signature algorithm support (However Signature and KEYUTIL class don't support yet)
      • +
      • KEYUTIL.generateKeypair method added
      • +
      • ASN1Util.jsonToASN1HEX method added
      • +
      • HmacSHA384 support
      • +
      + +
      2013-Sep-23: +
      Release 4.1.3 is now available. +
        +
      • ASNUtil.newObject update for tagged object
      • +
      • PKCS5PKEY class was moved to KEYUTIL class and KEYUTIL class has more generic getKey() method.
      • +
      + +
      2013-Sep-12: +
      Release 4.1.2 is now available. + + +
      2013-Aug-25: +
      Release 4.1.0 is now available. +
        +
      • RSAPSS support in Signature class.
      • +
      • add useful init() method for Signature class
      • +
      • add ECDSA support and getKey methods to PKCS5PKEY class
      • +
      + +
      2013-Aug-17: +
      Release 4.0.5 is now available. +
        +
      • Message authentication code (MAC) class added.
      • +
      + +
      2013-Jul-23: +
      Release 4.0.2 is now available. +
        +
      • RSAPSS signing and validation fix by Davegithub.com/davedoesdev)
      • +
      + +
      2013-Jul-18: +
      Release 4.0.0 is now available. +
        +
      • ECC key generation and ECDSA signing and verification support
      • +
      • Currently supports secp256r1, secp256k1 and secp384r1 curves
      • +
      • You can specify other curves such like secp192r1 or NIST P-521 however +it can't be signed nor verified properly with other curves. +I appreciate if you fix the bugs.
      • +
      + +
      2013-May-29: +
      Release 3.1.3 is now available. + + +
      2013-May-27: +
      Release 3.1.2 is now available. +
        +
      • add some methods to 'pkcs5pkey.js' to load encrypted PKCS#8 PEM private key.
      • +
      + +
      2013-May-20: +
      Release 3.1.1 is now available. +
        +
      • add some methods to 'pkcs5pkey.js' to generate encrypted PKCS#5 PEM private key.
      • +
      + +
      2013-May-16: +
      Release 3.1.0 is now available. +
        +
      • CRL class added to issue CRL.
      • +
      + +
      2013-May-13: +
      Release 3.0.5 is now available. +
        +
      • method getRSAKeyFromPlainPKCS8PEM added to PKCS5PKEY class to load +unencrypted PEM formatted PKCS#8 private key.
      • +
      + +
      2013-May-13: +
      Release 3.0.4 is now available. +
        +
      • hash algorithm script rsasign-1.2.js uses was changed from Paul Johnstons's to CryptJS.
      • +
      • static hash method md5,sha1,sha256,sha512,ripemd160 added to KJUR.crypto.Util
      • +
      + +
      2013-May-12: +
      Release 3.0.3 is now available. +
        +
      • ExtKeyUsage class added to asn1x509.js.
      • +
      + +
      2013-May-12: +
      Release 3.0.2 is now available. +
        +
      • Signature class now supports signature verification.
      • +
      + +
      2013-May-12: +
      Release 3.0.1 is now available. +
        +
      • MessageDigest/Signature class now supports MD5, SHA224, SHA256, SHA384, SHA512, RIPEMD160 +algorithms
      • +
      • QUnit unit test codes also be published. This may be useful +for examples. +
      + +
      2013-May-10: +
      Release 3.0.0 is now available. +
        +
      • New feature: ASN.1 encoder class, MessageDigest, Signature class like Java JCE, certificate issuance.
      • +
      • Merged contribution by David Halls. Thank you Dave!. Now jsrsasign supports PKCS#1 PSS and OAEP
      • +
      • 'JavaScript Certification Authority' sample tool added. +
      + +
      2013-Apr-14: +
      Release 2.0.0 is now available. +
        +
      • Now support reading passcode encrypted PKCS#5 RSA private key in pkcs5pkey.js. See + PKCS#5 sample.
      • +
      + +
      2013-Apr-14: +
      Release 1.3.1 is now available. +
        +
      • add readPrivateKeyFromASN1HexString method to rsapem-1.1.js
      • +
      + +
      2012-May-11: +
      Release 1.3 is now available. +
        +
      • enhanced X509 class support for getting basic certificate fields.
      • +
      • enhanced ASN1HEX class to refer decendant ASN.1 data
      • +
      • API document added.
      • +
      + +
      2012-May-03: +
      Release 1.2.1 is released. Minified scripts are added. + +
      2012-Apr-30: +
      Release 1.2 is available for fixing critical zero padding bug and supporting some other hash functions. + +
      + +

      Old News Summary

      +
        +
      • Release 3.0.0: May 10, 2013 - ASN.1 encoder, MessageDigest and Signature class like Java JCE, PKCS#1 PSS and OAEP support
      • +
      • Release 2.0.0: Apr 14, 2013 - encrypted PKCS#5 private key support
      • +
      • Release 1.3.1: Apr 14, 2013 - add readPrivateKeyFromASN1HexString method to rsapem-1.1.js
      • +
      • Release 1.3: Mar 11, 2012 - X509 and ASN1HEX class enhancement
      • +
      • Release 1.2.1: Mar 3, 2012 - minified scripts (*.min.js) added
      • +
      • Release 1.2: Apr 30, 2012 - Critical zero padding bug fix and some other hash support
      • +
      • Release 1.1: Sep 25, 2010 - Web contents update
      • +
      • Release 1.0: Jun 03, 2010 - Initial release at +old site +(www9.atwiki.jp/kurushima/pub/jsrsa/) +. +
      • +
      + +Back to TOP. + + + +
      +
      + + + + + + diff --git a/jsrsasign-4.5.0-all-min.js b/jsrsasign-4.5.0-all-min.js new file mode 100644 index 00000000..a1da6bf6 --- /dev/null +++ b/jsrsasign-4.5.0-all-min.js @@ -0,0 +1,252 @@ +/* + * jsrsasign 4.2.2 (c) 2010-2014 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +/* +yahoo-min.js +Copyright (c) 2011, Yahoo! Inc. All rights reserved. +Code licensed under the BSD License: +http://developer.yahoo.com/yui/license.html +version: 2.9.0 +*/ +if(typeof YAHOO=="undefined"||!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var b=arguments,g=null,e,c,f;for(e=0;e":">",'"':""","'":"'","/":"/","`":"`"},d=["toString","valueOf"],e={isArray:function(j){return a.toString.apply(j)===c;},isBoolean:function(j){return typeof j==="boolean";},isFunction:function(j){return(typeof j==="function")||a.toString.apply(j)===h;},isNull:function(j){return j===null;},isNumber:function(j){return typeof j==="number"&&isFinite(j);},isObject:function(j){return(j&&(typeof j==="object"||f.isFunction(j)))||false;},isString:function(j){return typeof j==="string";},isUndefined:function(j){return typeof j==="undefined";},_IEEnumFix:(YAHOO.env.ua.ie)?function(l,k){var j,n,m;for(j=0;j"'\/`]/g,function(k){return g[k];});},extend:function(m,n,l){if(!n||!m){throw new Error("extend failed, please check that "+"all dependencies are included.");}var k=function(){},j;k.prototype=n.prototype;m.prototype=new k();m.prototype.constructor=m;m.superclass=n.prototype;if(n.prototype.constructor==a.constructor){n.prototype.constructor=n;}if(l){for(j in l){if(f.hasOwnProperty(l,j)){m.prototype[j]=l[j];}}f._IEEnumFix(m.prototype,l);}},augmentObject:function(n,m){if(!m||!n){throw new Error("Absorb failed, verify dependencies.");}var j=arguments,l,o,k=j[2];if(k&&k!==true){for(l=2;l0)?f.dump(j[l],p-1):t);}else{r.push(j[l]);}r.push(q);}if(r.length>1){r.pop();}r.push("]");}else{r.push("{");for(l in j){if(f.hasOwnProperty(j,l)){r.push(l+m);if(f.isObject(j[l])){r.push((p>0)?f.dump(j[l],p-1):t);}else{r.push(j[l]);}r.push(q);}}if(r.length>1){r.pop();}r.push("}");}return r.join("");},substitute:function(x,y,E,l){var D,C,B,G,t,u,F=[],p,z=x.length,A="dump",r=" ",q="{",m="}",n,w;for(;;){D=x.lastIndexOf(q,z);if(D<0){break;}C=x.indexOf(m,D);if(D+1>C){break;}p=x.substring(D+1,C);G=p;u=null;B=G.indexOf(r);if(B>-1){u=G.substring(B+1);G=G.substring(0,B);}t=y[G];if(E){t=E(G,t,u);}if(f.isObject(t)){if(f.isArray(t)){t=f.dump(t,parseInt(u,10));}else{u=u||"";n=u.indexOf(A);if(n>-1){u=u.substring(4);}w=t.toString();if(w===i||n>-1){t=f.dump(t,parseInt(u,10));}else{t=w;}}}else{if(!f.isString(t)&&!f.isNumber(t)){t="~-"+F.length+"-~";F[F.length]=p;}}x=x.substring(0,D)+t+x.substring(C+1);if(l===false){z=D-1;}}for(D=F.length-1;D>=0;D=D-1){x=x.replace(new RegExp("~-"+D+"-~"),"{"+F[D]+"}","g");}return x;},trim:function(j){try{return j.replace(/^\s+|\s+$/g,"");}catch(k){return j; +}},merge:function(){var n={},k=arguments,j=k.length,m;for(m=0;m>>2]>>>(24-(r%4)*8))&255;q[(n+r)>>>2]|=o<<(24-((n+r)%4)*8)}}else{for(var r=0;r>>2]=p[r>>>2]}}this.sigBytes+=s;return this},clamp:function(){var o=this.words;var n=this.sigBytes;o[n>>>2]&=4294967295<<(32-(n%4)*8);o.length=e.ceil(n/4)},clone:function(){var n=j.clone.call(this);n.words=this.words.slice(0);return n},random:function(p){var o=[];for(var n=0;n>>2]>>>(24-(n%4)*8))&255;q.push((s>>>4).toString(16));q.push((s&15).toString(16))}return q.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>3]|=parseInt(p.substr(o,2),16)<<(24-(o%8)*4)}return new l.init(q,n/2)}};var d=m.Latin1={stringify:function(q){var r=q.words;var p=q.sigBytes;var n=[];for(var o=0;o>>2]>>>(24-(o%4)*8))&255;n.push(String.fromCharCode(s))}return n.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>2]|=(p.charCodeAt(o)&255)<<(24-(o%4)*8)}return new l.init(q,n)}};var c=m.Utf8={stringify:function(n){try{return decodeURIComponent(escape(d.stringify(n)))}catch(o){throw new Error("Malformed UTF-8 data")}},parse:function(n){return d.parse(unescape(encodeURIComponent(n)))}};var i=b.BufferedBlockAlgorithm=j.extend({reset:function(){this._data=new l.init();this._nDataBytes=0},_append:function(n){if(typeof n=="string"){n=c.parse(n)}this._data.concat(n);this._nDataBytes+=n.sigBytes},_process:function(w){var q=this._data;var x=q.words;var n=q.sigBytes;var t=this.blockSize;var v=t*4;var u=n/v;if(w){u=e.ceil(u)}else{u=e.max((u|0)-this._minBufferSize,0)}var s=u*t;var r=e.min(s*4,n);if(s){for(var p=0;pe&&(b=a.finalize(b));b.clamp();for(var f=this._oKey=b.clone(),g=this._iKey=b.clone(),h=f.words,j=g.words,d=0;db;){var d;a:{d=l;for(var w=k.sqrt(d),r=2;r<=w;r++)if(!(d%r)){d=!1;break a}d=!0}d&&(8>b&&(s[b]=u(k.pow(l,0.5))),t[b]=u(k.pow(l,1/3)),b++);l++}var n=[],h=h.SHA256=j.extend({_doReset:function(){this._hash=new v.init(s.slice(0))},_doProcessBlock:function(q,h){for(var a=this._hash.words,c=a[0],d=a[1],b=a[2],k=a[3],f=a[4],g=a[5],j=a[6],l=a[7],e=0;64>e;e++){if(16>e)n[e]= +q[h+e]|0;else{var m=n[e-15],p=n[e-2];n[e]=((m<<25|m>>>7)^(m<<14|m>>>18)^m>>>3)+n[e-7]+((p<<15|p>>>17)^(p<<13|p>>>19)^p>>>10)+n[e-16]}m=l+((f<<26|f>>>6)^(f<<21|f>>>11)^(f<<7|f>>>25))+(f&g^~f&j)+t[e]+n[e];p=((c<<30|c>>>2)^(c<<19|c>>>13)^(c<<10|c>>>22))+(c&d^c&b^d&b);l=j;j=g;g=f;f=k+m|0;k=b;b=d;d=c;c=m+p|0}a[0]=a[0]+c|0;a[1]=a[1]+d|0;a[2]=a[2]+b|0;a[3]=a[3]+k|0;a[4]=a[4]+f|0;a[5]=a[5]+g|0;a[6]=a[6]+j|0;a[7]=a[7]+l|0},_doFinalize:function(){var d=this._data,b=d.words,a=8*this._nDataBytes,c=8*d.sigBytes; +b[c>>>5]|=128<<24-c%32;b[(c+64>>>9<<4)+14]=k.floor(a/4294967296);b[(c+64>>>9<<4)+15]=a;d.sigBytes=4*b.length;this._process();return this._hash},clone:function(){var b=j.clone.call(this);b._hash=this._hash.clone();return b}});g.SHA256=j._createHelper(h);g.HmacSHA256=j._createHmacHelper(h)})(Math); +/* +CryptoJS v3.1.2 sha224-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var b=CryptoJS,d=b.lib.WordArray,a=b.algo,c=a.SHA256,a=a.SHA224=c.extend({_doReset:function(){this._hash=new d.init([3238371032,914150663,812702999,4144912697,4290775857,1750603025,1694076839,3204075428])},_doFinalize:function(){var a=c._doFinalize.call(this);a.sigBytes-=4;return a}});b.SHA224=c._createHelper(a);b.HmacSHA224=c._createHmacHelper(a)})(); +/* +CryptoJS v3.1.2 sha512-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){function a(){return d.create.apply(d,arguments)}for(var n=CryptoJS,r=n.lib.Hasher,e=n.x64,d=e.Word,T=e.WordArray,e=n.algo,ea=[a(1116352408,3609767458),a(1899447441,602891725),a(3049323471,3964484399),a(3921009573,2173295548),a(961987163,4081628472),a(1508970993,3053834265),a(2453635748,2937671579),a(2870763221,3664609560),a(3624381080,2734883394),a(310598401,1164996542),a(607225278,1323610764),a(1426881987,3590304994),a(1925078388,4068182383),a(2162078206,991336113),a(2614888103,633803317), +a(3248222580,3479774868),a(3835390401,2666613458),a(4022224774,944711139),a(264347078,2341262773),a(604807628,2007800933),a(770255983,1495990901),a(1249150122,1856431235),a(1555081692,3175218132),a(1996064986,2198950837),a(2554220882,3999719339),a(2821834349,766784016),a(2952996808,2566594879),a(3210313671,3203337956),a(3336571891,1034457026),a(3584528711,2466948901),a(113926993,3758326383),a(338241895,168717936),a(666307205,1188179964),a(773529912,1546045734),a(1294757372,1522805485),a(1396182291, +2643833823),a(1695183700,2343527390),a(1986661051,1014477480),a(2177026350,1206759142),a(2456956037,344077627),a(2730485921,1290863460),a(2820302411,3158454273),a(3259730800,3505952657),a(3345764771,106217008),a(3516065817,3606008344),a(3600352804,1432725776),a(4094571909,1467031594),a(275423344,851169720),a(430227734,3100823752),a(506948616,1363258195),a(659060556,3750685593),a(883997877,3785050280),a(958139571,3318307427),a(1322822218,3812723403),a(1537002063,2003034995),a(1747873779,3602036899), +a(1955562222,1575990012),a(2024104815,1125592928),a(2227730452,2716904306),a(2361852424,442776044),a(2428436474,593698344),a(2756734187,3733110249),a(3204031479,2999351573),a(3329325298,3815920427),a(3391569614,3928383900),a(3515267271,566280711),a(3940187606,3454069534),a(4118630271,4000239992),a(116418474,1914138554),a(174292421,2731055270),a(289380356,3203993006),a(460393269,320620315),a(685471733,587496836),a(852142971,1086792851),a(1017036298,365543100),a(1126000580,2618297676),a(1288033470, +3409855158),a(1501505948,4234509866),a(1607167915,987167468),a(1816402316,1246189591)],v=[],w=0;80>w;w++)v[w]=a();e=e.SHA512=r.extend({_doReset:function(){this._hash=new T.init([new d.init(1779033703,4089235720),new d.init(3144134277,2227873595),new d.init(1013904242,4271175723),new d.init(2773480762,1595750129),new d.init(1359893119,2917565137),new d.init(2600822924,725511199),new d.init(528734635,4215389547),new d.init(1541459225,327033209)])},_doProcessBlock:function(a,d){for(var f=this._hash.words, +F=f[0],e=f[1],n=f[2],r=f[3],G=f[4],H=f[5],I=f[6],f=f[7],w=F.high,J=F.low,X=e.high,K=e.low,Y=n.high,L=n.low,Z=r.high,M=r.low,$=G.high,N=G.low,aa=H.high,O=H.low,ba=I.high,P=I.low,ca=f.high,Q=f.low,k=w,g=J,z=X,x=K,A=Y,y=L,U=Z,B=M,l=$,h=N,R=aa,C=O,S=ba,D=P,V=ca,E=Q,m=0;80>m;m++){var s=v[m];if(16>m)var j=s.high=a[d+2*m]|0,b=s.low=a[d+2*m+1]|0;else{var j=v[m-15],b=j.high,p=j.low,j=(b>>>1|p<<31)^(b>>>8|p<<24)^b>>>7,p=(p>>>1|b<<31)^(p>>>8|b<<24)^(p>>>7|b<<25),u=v[m-2],b=u.high,c=u.low,u=(b>>>19|c<<13)^(b<< +3|c>>>29)^b>>>6,c=(c>>>19|b<<13)^(c<<3|b>>>29)^(c>>>6|b<<26),b=v[m-7],W=b.high,t=v[m-16],q=t.high,t=t.low,b=p+b.low,j=j+W+(b>>>0

      >>0?1:0),b=b+c,j=j+u+(b>>>0>>0?1:0),b=b+t,j=j+q+(b>>>0>>0?1:0);s.high=j;s.low=b}var W=l&R^~l&S,t=h&C^~h&D,s=k&z^k&A^z&A,T=g&x^g&y^x&y,p=(k>>>28|g<<4)^(k<<30|g>>>2)^(k<<25|g>>>7),u=(g>>>28|k<<4)^(g<<30|k>>>2)^(g<<25|k>>>7),c=ea[m],fa=c.high,da=c.low,c=E+((h>>>14|l<<18)^(h>>>18|l<<14)^(h<<23|l>>>9)),q=V+((l>>>14|h<<18)^(l>>>18|h<<14)^(l<<23|h>>>9))+(c>>>0>>0?1: +0),c=c+t,q=q+W+(c>>>0>>0?1:0),c=c+da,q=q+fa+(c>>>0>>0?1:0),c=c+b,q=q+j+(c>>>0>>0?1:0),b=u+T,s=p+s+(b>>>0>>0?1:0),V=S,E=D,S=R,D=C,R=l,C=h,h=B+c|0,l=U+q+(h>>>0>>0?1:0)|0,U=A,B=y,A=z,y=x,z=k,x=g,g=c+b|0,k=q+s+(g>>>0>>0?1:0)|0}J=F.low=J+g;F.high=w+k+(J>>>0>>0?1:0);K=e.low=K+x;e.high=X+z+(K>>>0>>0?1:0);L=n.low=L+y;n.high=Y+A+(L>>>0>>0?1:0);M=r.low=M+B;r.high=Z+U+(M>>>0>>0?1:0);N=G.low=N+h;G.high=$+l+(N>>>0>>0?1:0);O=H.low=O+C;H.high=aa+R+(O>>>0>>0?1:0);P=I.low=P+D; +I.high=ba+S+(P>>>0>>0?1:0);Q=f.low=Q+E;f.high=ca+V+(Q>>>0>>0?1:0)},_doFinalize:function(){var a=this._data,d=a.words,f=8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+128>>>10<<5)+30]=Math.floor(f/4294967296);d[(e+128>>>10<<5)+31]=f;a.sigBytes=4*d.length;this._process();return this._hash.toX32()},clone:function(){var a=r.clone.call(this);a._hash=this._hash.clone();return a},blockSize:32});n.SHA512=r._createHelper(e);n.HmacSHA512=r._createHmacHelper(e)})(); +/* +CryptoJS v3.1.2 sha384-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var c=CryptoJS,a=c.x64,b=a.Word,e=a.WordArray,a=c.algo,d=a.SHA512,a=a.SHA384=d.extend({_doReset:function(){this._hash=new e.init([new b.init(3418070365,3238371032),new b.init(1654270250,914150663),new b.init(2438529370,812702999),new b.init(355462360,4144912697),new b.init(1731405415,4290775857),new b.init(2394180231,1750603025),new b.init(3675008525,1694076839),new b.init(1203062813,3204075428)])},_doFinalize:function(){var a=d._doFinalize.call(this);a.sigBytes-=16;return a}});c.SHA384= +d._createHelper(a);c.HmacSHA384=d._createHmacHelper(a)})(); +/* +CryptoJS v3.1.2 md5-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(E){function h(a,f,g,j,p,h,k){a=a+(f&g|~f&j)+p+k;return(a<>>32-h)+f}function k(a,f,g,j,p,h,k){a=a+(f&j|g&~j)+p+k;return(a<>>32-h)+f}function l(a,f,g,j,h,k,l){a=a+(f^g^j)+h+l;return(a<>>32-k)+f}function n(a,f,g,j,h,k,l){a=a+(g^(f|~j))+h+l;return(a<>>32-k)+f}for(var r=CryptoJS,q=r.lib,F=q.WordArray,s=q.Hasher,q=r.algo,a=[],t=0;64>t;t++)a[t]=4294967296*E.abs(E.sin(t+1))|0;q=q.MD5=s.extend({_doReset:function(){this._hash=new F.init([1732584193,4023233417,2562383102,271733878])}, +_doProcessBlock:function(m,f){for(var g=0;16>g;g++){var j=f+g,p=m[j];m[j]=(p<<8|p>>>24)&16711935|(p<<24|p>>>8)&4278255360}var g=this._hash.words,j=m[f+0],p=m[f+1],q=m[f+2],r=m[f+3],s=m[f+4],t=m[f+5],u=m[f+6],v=m[f+7],w=m[f+8],x=m[f+9],y=m[f+10],z=m[f+11],A=m[f+12],B=m[f+13],C=m[f+14],D=m[f+15],b=g[0],c=g[1],d=g[2],e=g[3],b=h(b,c,d,e,j,7,a[0]),e=h(e,b,c,d,p,12,a[1]),d=h(d,e,b,c,q,17,a[2]),c=h(c,d,e,b,r,22,a[3]),b=h(b,c,d,e,s,7,a[4]),e=h(e,b,c,d,t,12,a[5]),d=h(d,e,b,c,u,17,a[6]),c=h(c,d,e,b,v,22,a[7]), +b=h(b,c,d,e,w,7,a[8]),e=h(e,b,c,d,x,12,a[9]),d=h(d,e,b,c,y,17,a[10]),c=h(c,d,e,b,z,22,a[11]),b=h(b,c,d,e,A,7,a[12]),e=h(e,b,c,d,B,12,a[13]),d=h(d,e,b,c,C,17,a[14]),c=h(c,d,e,b,D,22,a[15]),b=k(b,c,d,e,p,5,a[16]),e=k(e,b,c,d,u,9,a[17]),d=k(d,e,b,c,z,14,a[18]),c=k(c,d,e,b,j,20,a[19]),b=k(b,c,d,e,t,5,a[20]),e=k(e,b,c,d,y,9,a[21]),d=k(d,e,b,c,D,14,a[22]),c=k(c,d,e,b,s,20,a[23]),b=k(b,c,d,e,x,5,a[24]),e=k(e,b,c,d,C,9,a[25]),d=k(d,e,b,c,r,14,a[26]),c=k(c,d,e,b,w,20,a[27]),b=k(b,c,d,e,B,5,a[28]),e=k(e,b, +c,d,q,9,a[29]),d=k(d,e,b,c,v,14,a[30]),c=k(c,d,e,b,A,20,a[31]),b=l(b,c,d,e,t,4,a[32]),e=l(e,b,c,d,w,11,a[33]),d=l(d,e,b,c,z,16,a[34]),c=l(c,d,e,b,C,23,a[35]),b=l(b,c,d,e,p,4,a[36]),e=l(e,b,c,d,s,11,a[37]),d=l(d,e,b,c,v,16,a[38]),c=l(c,d,e,b,y,23,a[39]),b=l(b,c,d,e,B,4,a[40]),e=l(e,b,c,d,j,11,a[41]),d=l(d,e,b,c,r,16,a[42]),c=l(c,d,e,b,u,23,a[43]),b=l(b,c,d,e,x,4,a[44]),e=l(e,b,c,d,A,11,a[45]),d=l(d,e,b,c,D,16,a[46]),c=l(c,d,e,b,q,23,a[47]),b=n(b,c,d,e,j,6,a[48]),e=n(e,b,c,d,v,10,a[49]),d=n(d,e,b,c, +C,15,a[50]),c=n(c,d,e,b,t,21,a[51]),b=n(b,c,d,e,A,6,a[52]),e=n(e,b,c,d,r,10,a[53]),d=n(d,e,b,c,y,15,a[54]),c=n(c,d,e,b,p,21,a[55]),b=n(b,c,d,e,w,6,a[56]),e=n(e,b,c,d,D,10,a[57]),d=n(d,e,b,c,u,15,a[58]),c=n(c,d,e,b,B,21,a[59]),b=n(b,c,d,e,s,6,a[60]),e=n(e,b,c,d,z,10,a[61]),d=n(d,e,b,c,q,15,a[62]),c=n(c,d,e,b,x,21,a[63]);g[0]=g[0]+b|0;g[1]=g[1]+c|0;g[2]=g[2]+d|0;g[3]=g[3]+e|0},_doFinalize:function(){var a=this._data,f=a.words,g=8*this._nDataBytes,j=8*a.sigBytes;f[j>>>5]|=128<<24-j%32;var h=E.floor(g/ +4294967296);f[(j+64>>>9<<4)+15]=(h<<8|h>>>24)&16711935|(h<<24|h>>>8)&4278255360;f[(j+64>>>9<<4)+14]=(g<<8|g>>>24)&16711935|(g<<24|g>>>8)&4278255360;a.sigBytes=4*(f.length+1);this._process();a=this._hash;f=a.words;for(g=0;4>g;g++)j=f[g],f[g]=(j<<8|j>>>24)&16711935|(j<<24|j>>>8)&4278255360;return a},clone:function(){var a=s.clone.call(this);a._hash=this._hash.clone();return a}});r.MD5=s._createHelper(q);r.HmacMD5=s._createHmacHelper(q)})(Math); +/* +CryptoJS v3.1.2 enc-base64-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var h=CryptoJS,j=h.lib.WordArray;h.enc.Base64={stringify:function(b){var e=b.words,f=b.sigBytes,c=this._map;b.clamp();b=[];for(var a=0;a>>2]>>>24-8*(a%4)&255)<<16|(e[a+1>>>2]>>>24-8*((a+1)%4)&255)<<8|e[a+2>>>2]>>>24-8*((a+2)%4)&255,g=0;4>g&&a+0.75*g>>6*(3-g)&63));if(e=c.charAt(64))for(;b.length%4;)b.push(e);return b.join("")},parse:function(b){var e=b.length,f=this._map,c=f.charAt(64);c&&(c=b.indexOf(c),-1!=c&&(e=c));for(var c=[],a=0,d=0;d< +e;d++)if(d%4){var g=f.indexOf(b.charAt(d-1))<<2*(d%4),h=f.indexOf(b.charAt(d))>>>6-2*(d%4);c[a>>>2]|=(g|h)<<24-8*(a%4);a++}return j.create(c,a)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}})(); +/* +CryptoJS v3.1.2 cipher-core-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +CryptoJS.lib.Cipher||function(u){var g=CryptoJS,f=g.lib,k=f.Base,l=f.WordArray,q=f.BufferedBlockAlgorithm,r=g.enc.Base64,v=g.algo.EvpKDF,n=f.Cipher=q.extend({cfg:k.extend(),createEncryptor:function(a,b){return this.create(this._ENC_XFORM_MODE,a,b)},createDecryptor:function(a,b){return this.create(this._DEC_XFORM_MODE,a,b)},init:function(a,b,c){this.cfg=this.cfg.extend(c);this._xformMode=a;this._key=b;this.reset()},reset:function(){q.reset.call(this);this._doReset()},process:function(a){this._append(a); +return this._process()},finalize:function(a){a&&this._append(a);return this._doFinalize()},keySize:4,ivSize:4,_ENC_XFORM_MODE:1,_DEC_XFORM_MODE:2,_createHelper:function(a){return{encrypt:function(b,c,d){return("string"==typeof c?s:j).encrypt(a,b,c,d)},decrypt:function(b,c,d){return("string"==typeof c?s:j).decrypt(a,b,c,d)}}}});f.StreamCipher=n.extend({_doFinalize:function(){return this._process(!0)},blockSize:1});var m=g.mode={},t=function(a,b,c){var d=this._iv;d?this._iv=u:d=this._prevBlock;for(var e= +0;e>>2]&255}};f.BlockCipher=n.extend({cfg:n.cfg.extend({mode:m,padding:h}),reset:function(){n.reset.call(this);var a=this.cfg,b=a.iv,a=a.mode;if(this._xformMode==this._ENC_XFORM_MODE)var c=a.createEncryptor;else c=a.createDecryptor,this._minBufferSize=1; +this._mode=c.call(a,this,b&&b.words)},_doProcessBlock:function(a,b){this._mode.processBlock(a,b)},_doFinalize:function(){var a=this.cfg.padding;if(this._xformMode==this._ENC_XFORM_MODE){a.pad(this._data,this.blockSize);var b=this._process(!0)}else b=this._process(!0),a.unpad(b);return b},blockSize:4});var p=f.CipherParams=k.extend({init:function(a){this.mixIn(a)},toString:function(a){return(a||this.formatter).stringify(this)}}),m=(g.format={}).OpenSSL={stringify:function(a){var b=a.ciphertext;a=a.salt; +return(a?l.create([1398893684,1701076831]).concat(a).concat(b):b).toString(r)},parse:function(a){a=r.parse(a);var b=a.words;if(1398893684==b[0]&&1701076831==b[1]){var c=l.create(b.slice(2,4));b.splice(0,4);a.sigBytes-=16}return p.create({ciphertext:a,salt:c})}},j=f.SerializableCipher=k.extend({cfg:k.extend({format:m}),encrypt:function(a,b,c,d){d=this.cfg.extend(d);var e=a.createEncryptor(c,d);b=e.finalize(b);e=e.cfg;return p.create({ciphertext:b,key:c,iv:e.iv,algorithm:a,mode:e.mode,padding:e.padding, +blockSize:a.blockSize,formatter:d.format})},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);return a.createDecryptor(c,d).finalize(b.ciphertext)},_parse:function(a,b){return"string"==typeof a?b.parse(a,this):a}}),g=(g.kdf={}).OpenSSL={execute:function(a,b,c,d){d||(d=l.random(8));a=v.create({keySize:b+c}).compute(a,d);c=l.create(a.words.slice(b),4*c);a.sigBytes=4*b;return p.create({key:a,iv:c,salt:d})}},s=f.PasswordBasedCipher=j.extend({cfg:j.cfg.extend({kdf:g}),encrypt:function(a, +b,c,d){d=this.cfg.extend(d);c=d.kdf.execute(c,a.keySize,a.ivSize);d.iv=c.iv;a=j.encrypt.call(this,a,b,c.key,d);a.mixIn(c);return a},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);c=d.kdf.execute(c,a.keySize,a.ivSize,b.salt);d.iv=c.iv;return j.decrypt.call(this,a,b,c.key,d)}})}(); +/* +CryptoJS v3.1.2 aes-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){for(var q=CryptoJS,x=q.lib.BlockCipher,r=q.algo,j=[],y=[],z=[],A=[],B=[],C=[],s=[],u=[],v=[],w=[],g=[],k=0;256>k;k++)g[k]=128>k?k<<1:k<<1^283;for(var n=0,l=0,k=0;256>k;k++){var f=l^l<<1^l<<2^l<<3^l<<4,f=f>>>8^f&255^99;j[n]=f;y[f]=n;var t=g[n],D=g[t],E=g[D],b=257*g[f]^16843008*f;z[n]=b<<24|b>>>8;A[n]=b<<16|b>>>16;B[n]=b<<8|b>>>24;C[n]=b;b=16843009*E^65537*D^257*t^16843008*n;s[f]=b<<24|b>>>8;u[f]=b<<16|b>>>16;v[f]=b<<8|b>>>24;w[f]=b;n?(n=t^g[g[g[E^t]]],l^=g[g[l]]):n=l=1}var F=[0,1,2,4,8, +16,32,64,128,27,54],r=r.AES=x.extend({_doReset:function(){for(var c=this._key,e=c.words,a=c.sigBytes/4,c=4*((this._nRounds=a+6)+1),b=this._keySchedule=[],h=0;h>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255]):(d=d<<8|d>>>24,d=j[d>>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255],d^=F[h/a|0]<<24);b[h]=b[h-a]^d}e=this._invKeySchedule=[];for(a=0;aa||4>=h?d:s[j[d>>>24]]^u[j[d>>>16&255]]^v[j[d>>> +8&255]]^w[j[d&255]]},encryptBlock:function(c,e){this._doCryptBlock(c,e,this._keySchedule,z,A,B,C,j)},decryptBlock:function(c,e){var a=c[e+1];c[e+1]=c[e+3];c[e+3]=a;this._doCryptBlock(c,e,this._invKeySchedule,s,u,v,w,y);a=c[e+1];c[e+1]=c[e+3];c[e+3]=a},_doCryptBlock:function(c,e,a,b,h,d,j,m){for(var n=this._nRounds,f=c[e]^a[0],g=c[e+1]^a[1],k=c[e+2]^a[2],p=c[e+3]^a[3],l=4,t=1;t>>24]^h[g>>>16&255]^d[k>>>8&255]^j[p&255]^a[l++],r=b[g>>>24]^h[k>>>16&255]^d[p>>>8&255]^j[f&255]^a[l++],s= +b[k>>>24]^h[p>>>16&255]^d[f>>>8&255]^j[g&255]^a[l++],p=b[p>>>24]^h[f>>>16&255]^d[g>>>8&255]^j[k&255]^a[l++],f=q,g=r,k=s;q=(m[f>>>24]<<24|m[g>>>16&255]<<16|m[k>>>8&255]<<8|m[p&255])^a[l++];r=(m[g>>>24]<<24|m[k>>>16&255]<<16|m[p>>>8&255]<<8|m[f&255])^a[l++];s=(m[k>>>24]<<24|m[p>>>16&255]<<16|m[f>>>8&255]<<8|m[g&255])^a[l++];p=(m[p>>>24]<<24|m[f>>>16&255]<<16|m[g>>>8&255]<<8|m[k&255])^a[l++];c[e]=q;c[e+1]=r;c[e+2]=s;c[e+3]=p},keySize:8});q.AES=x._createHelper(r)})(); +/* +CryptoJS v3.1.2 tripledes-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){function j(b,c){var a=(this._lBlock>>>b^this._rBlock)&c;this._rBlock^=a;this._lBlock^=a<>>b^this._lBlock)&c;this._lBlock^=a;this._rBlock^=a<a;a++){var f=q[a]-1;c[a]=b[f>>>5]>>>31-f%32&1}b=this._subKeys=[];for(f=0;16>f;f++){for(var d=b[f]=[],e=r[f],a=0;24>a;a++)d[a/6|0]|=c[(p[a]-1+e)%28]<<31-a%6,d[4+(a/6|0)]|=c[28+(p[a+24]-1+e)%28]<<31-a%6;d[0]=d[0]<<1|d[0]>>>31;for(a=1;7>a;a++)d[a]>>>= +4*(a-1)+3;d[7]=d[7]<<5|d[7]>>>27}c=this._invSubKeys=[];for(a=0;16>a;a++)c[a]=b[15-a]},encryptBlock:function(b,c){this._doCryptBlock(b,c,this._subKeys)},decryptBlock:function(b,c){this._doCryptBlock(b,c,this._invSubKeys)},_doCryptBlock:function(b,c,a){this._lBlock=b[c];this._rBlock=b[c+1];j.call(this,4,252645135);j.call(this,16,65535);l.call(this,2,858993459);l.call(this,8,16711935);j.call(this,1,1431655765);for(var f=0;16>f;f++){for(var d=a[f],e=this._lBlock,h=this._rBlock,g=0,k=0;8>k;k++)g|=s[k][((h^ +d[k])&t[k])>>>0];this._lBlock=h;this._rBlock=e^g}a=this._lBlock;this._lBlock=this._rBlock;this._rBlock=a;j.call(this,1,1431655765);l.call(this,8,16711935);l.call(this,2,858993459);j.call(this,16,65535);j.call(this,4,252645135);b[c]=this._lBlock;b[c+1]=this._rBlock},keySize:2,ivSize:2,blockSize:2});h.DES=e._createHelper(m);g=g.TripleDES=e.extend({_doReset:function(){var b=this._key.words;this._des1=m.createEncryptor(n.create(b.slice(0,2)));this._des2=m.createEncryptor(n.create(b.slice(2,4)));this._des3= +m.createEncryptor(n.create(b.slice(4,6)))},encryptBlock:function(b,c){this._des1.encryptBlock(b,c);this._des2.decryptBlock(b,c);this._des3.encryptBlock(b,c)},decryptBlock:function(b,c){this._des3.decryptBlock(b,c);this._des2.encryptBlock(b,c);this._des1.decryptBlock(b,c)},keySize:6,ivSize:2,blockSize:2});h.TripleDES=e._createHelper(g)})(); +/* +CryptoJS v3.1.2 sha1-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var k=CryptoJS,b=k.lib,m=b.WordArray,l=b.Hasher,d=[],b=k.algo.SHA1=l.extend({_doReset:function(){this._hash=new m.init([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(n,p){for(var a=this._hash.words,e=a[0],f=a[1],h=a[2],j=a[3],b=a[4],c=0;80>c;c++){if(16>c)d[c]=n[p+c]|0;else{var g=d[c-3]^d[c-8]^d[c-14]^d[c-16];d[c]=g<<1|g>>>31}g=(e<<5|e>>>27)+b+d[c];g=20>c?g+((f&h|~f&j)+1518500249):40>c?g+((f^h^j)+1859775393):60>c?g+((f&h|f&j|h&j)-1894007588):g+((f^h^ +j)-899497514);b=j;j=h;h=f<<30|f>>>2;f=e;e=g}a[0]=a[0]+e|0;a[1]=a[1]+f|0;a[2]=a[2]+h|0;a[3]=a[3]+j|0;a[4]=a[4]+b|0},_doFinalize:function(){var b=this._data,d=b.words,a=8*this._nDataBytes,e=8*b.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=Math.floor(a/4294967296);d[(e+64>>>9<<4)+15]=a;b.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var b=l.clone.call(this);b._hash=this._hash.clone();return b}});k.SHA1=l._createHelper(b);k.HmacSHA1=l._createHmacHelper(b)})(); +/* +CryptoJS v3.1.2 ripemd160-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +/* + +(c) 2012 by Cedric Mesnil. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + + - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +(function(){var q=CryptoJS,d=q.lib,n=d.WordArray,p=d.Hasher,d=q.algo,x=n.create([0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8,3,10,14,4,9,15,8,1,2,7,0,6,13,11,5,12,1,9,11,10,0,8,12,4,13,3,7,15,14,5,6,2,4,0,5,9,7,12,2,10,14,1,3,8,11,6,15,13]),y=n.create([5,14,7,0,9,2,11,4,13,6,15,8,1,10,3,12,6,11,3,7,0,13,5,10,14,15,8,12,4,9,1,2,15,5,1,3,7,14,6,9,11,8,12,2,10,0,4,13,8,6,4,1,3,11,15,0,5,12,2,13,9,7,10,14,12,15,10,4,1,5,8,7,6,2,13,14,0,3,9,11]),z=n.create([11,14,15,12, +5,8,7,9,11,13,14,15,6,7,9,8,7,6,8,13,11,9,7,15,7,12,15,9,11,7,13,12,11,13,6,7,14,9,13,15,14,8,13,6,5,12,7,5,11,12,14,15,14,15,9,8,9,14,5,6,8,6,5,12,9,15,5,11,6,8,13,12,5,12,13,14,11,8,5,6]),A=n.create([8,9,9,11,13,15,15,5,7,7,8,11,14,14,12,6,9,13,15,7,12,8,9,11,7,7,12,7,6,15,13,11,9,7,15,11,8,6,6,14,12,13,5,14,13,13,7,5,15,5,8,11,14,14,6,14,6,9,12,9,12,5,15,8,8,5,12,9,12,5,14,6,8,13,6,5,15,13,11,11]),B=n.create([0,1518500249,1859775393,2400959708,2840853838]),C=n.create([1352829926,1548603684,1836072691, +2053994217,0]),d=d.RIPEMD160=p.extend({_doReset:function(){this._hash=n.create([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(e,v){for(var b=0;16>b;b++){var c=v+b,f=e[c];e[c]=(f<<8|f>>>24)&16711935|(f<<24|f>>>8)&4278255360}var c=this._hash.words,f=B.words,d=C.words,n=x.words,q=y.words,p=z.words,w=A.words,t,g,h,j,r,u,k,l,m,s;u=t=c[0];k=g=c[1];l=h=c[2];m=j=c[3];s=r=c[4];for(var a,b=0;80>b;b+=1)a=t+e[v+n[b]]|0,a=16>b?a+((g^h^j)+f[0]):32>b?a+((g&h|~g&j)+f[1]):48>b? +a+(((g|~h)^j)+f[2]):64>b?a+((g&j|h&~j)+f[3]):a+((g^(h|~j))+f[4]),a|=0,a=a<>>32-p[b],a=a+r|0,t=r,r=j,j=h<<10|h>>>22,h=g,g=a,a=u+e[v+q[b]]|0,a=16>b?a+((k^(l|~m))+d[0]):32>b?a+((k&m|l&~m)+d[1]):48>b?a+(((k|~l)^m)+d[2]):64>b?a+((k&l|~k&m)+d[3]):a+((k^l^m)+d[4]),a|=0,a=a<>>32-w[b],a=a+s|0,u=s,s=m,m=l<<10|l>>>22,l=k,k=a;a=c[1]+h+m|0;c[1]=c[2]+j+s|0;c[2]=c[3]+r+u|0;c[3]=c[4]+t+k|0;c[4]=c[0]+g+l|0;c[0]=a},_doFinalize:function(){var e=this._data,d=e.words,b=8*this._nDataBytes,c=8*e.sigBytes; +d[c>>>5]|=128<<24-c%32;d[(c+64>>>9<<4)+14]=(b<<8|b>>>24)&16711935|(b<<24|b>>>8)&4278255360;e.sigBytes=4*(d.length+1);this._process();e=this._hash;d=e.words;for(b=0;5>b;b++)c=d[b],d[b]=(c<<8|c>>>24)&16711935|(c<<24|c>>>8)&4278255360;return e},clone:function(){var d=p.clone.call(this);d._hash=this._hash.clone();return d}});q.RIPEMD160=p._createHelper(d);q.HmacRIPEMD160=p._createHmacHelper(d)})(Math); +/* +CryptoJS v3.1.2 pbkdf2-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var b=CryptoJS,a=b.lib,d=a.Base,m=a.WordArray,a=b.algo,q=a.HMAC,l=a.PBKDF2=d.extend({cfg:d.extend({keySize:4,hasher:a.SHA1,iterations:1}),init:function(a){this.cfg=this.cfg.extend(a)},compute:function(a,b){for(var c=this.cfg,f=q.create(c.hasher,a),g=m.create(),d=m.create([1]),l=g.words,r=d.words,n=c.keySize,c=c.iterations;l.length>6)+b64map.charAt(e&63)}if(b+1==d.length){e=parseInt(d.substring(b,b+1),16);a+=b64map.charAt(e<<2)}else{if(b+2==d.length){e=parseInt(d.substring(b,b+2),16);a+=b64map.charAt(e>>2)+b64map.charAt((e&3)<<4)}}if(b64pad){while((a.length&3)>0){a+=b64pad}}return a}function b64tohex(f){var d="";var e;var b=0;var c;var a;for(e=0;e>2);c=a&3;b=1}else{if(b==1){d+=int2char((c<<2)|(a>>4));c=a&15;b=2}else{if(b==2){d+=int2char(c);d+=int2char(a>>2);c=a&3;b=3}else{d+=int2char((c<<2)|(a>>4));d+=int2char(a&15);b=0}}}}if(b==1){d+=int2char(c<<2)}return d}function b64toBA(e){var d=b64tohex(e);var c;var b=new Array();for(c=0;2*c=0){var d=a*this[f++]+b[e]+h;h=Math.floor(d/67108864);b[e++]=d&67108863}return h}function am2(f,q,r,e,o,a){var k=q&32767,p=q>>15;while(--a>=0){var d=this[f]&32767;var g=this[f++]>>15;var b=p*d+g*k;d=k*d+((b&32767)<<15)+r[e]+(o&1073741823);o=(d>>>30)+(b>>>15)+p*g+(o>>>30);r[e++]=d&1073741823}return o}function am3(f,q,r,e,o,a){var k=q&16383,p=q>>14;while(--a>=0){var d=this[f]&16383;var g=this[f++]>>14;var b=p*d+g*k;d=k*d+((b&16383)<<14)+r[e]+o;o=(d>>28)+(b>>14)+p*g;r[e++]=d&268435455}return o}if(j_lm&&(navigator.appName=="Microsoft Internet Explorer")){BigInteger.prototype.am=am2;dbits=30}else{if(j_lm&&(navigator.appName!="Netscape")){BigInteger.prototype.am=am1;dbits=26}else{BigInteger.prototype.am=am3;dbits=28}}BigInteger.prototype.DB=dbits;BigInteger.prototype.DM=((1<=0;--a){b[a]=this[a]}b.t=this.t;b.s=this.s}function bnpFromInt(a){this.t=1;this.s=(a<0)?-1:0;if(a>0){this[0]=a}else{if(a<-1){this[0]=a+this.DV}else{this.t=0}}}function nbv(a){var b=nbi();b.fromInt(a);return b}function bnpFromString(h,c){var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==256){e=8}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{this.fromRadix(h,c);return}}}}}}this.t=0;this.s=0;var g=h.length,d=false,f=0;while(--g>=0){var a=(e==8)?h[g]&255:intAt(h,g);if(a<0){if(h.charAt(g)=="-"){d=true}continue}d=false;if(f==0){this[this.t++]=a}else{if(f+e>this.DB){this[this.t-1]|=(a&((1<<(this.DB-f))-1))<>(this.DB-f))}else{this[this.t-1]|=a<=this.DB){f-=this.DB}}if(e==8&&(h[0]&128)!=0){this.s=-1;if(f>0){this[this.t-1]|=((1<<(this.DB-f))-1)<0&&this[this.t-1]==a){--this.t}}function bnToString(c){if(this.s<0){return"-"+this.negate().toString(c)}var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{return this.toRadix(c)}}}}}var g=(1<0){if(j>j)>0){a=true;h=int2char(l)}while(f>=0){if(j>(j+=this.DB-e)}else{l=(this[f]>>(j-=e))&g;if(j<=0){j+=this.DB;--f}}if(l>0){a=true}if(a){h+=int2char(l)}}}return a?h:"0"}function bnNegate(){var a=nbi();BigInteger.ZERO.subTo(this,a);return a}function bnAbs(){return(this.s<0)?this.negate():this}function bnCompareTo(b){var d=this.s-b.s;if(d!=0){return d}var c=this.t;d=c-b.t;if(d!=0){return(this.s<0)?-d:d}while(--c>=0){if((d=this[c]-b[c])!=0){return d}}return 0}function nbits(a){var c=1,b;if((b=a>>>16)!=0){a=b;c+=16}if((b=a>>8)!=0){a=b;c+=8}if((b=a>>4)!=0){a=b;c+=4}if((b=a>>2)!=0){a=b;c+=2}if((b=a>>1)!=0){a=b;c+=1}return c}function bnBitLength(){if(this.t<=0){return 0}return this.DB*(this.t-1)+nbits(this[this.t-1]^(this.s&this.DM))}function bnpDLShiftTo(c,b){var a;for(a=this.t-1;a>=0;--a){b[a+c]=this[a]}for(a=c-1;a>=0;--a){b[a]=0}b.t=this.t+c;b.s=this.s}function bnpDRShiftTo(c,b){for(var a=c;a=0;--d){e[d+f+1]=(this[d]>>a)|h;h=(this[d]&g)<=0;--d){e[d]=0}e[f]=h;e.t=this.t+f+1;e.s=this.s;e.clamp()}function bnpRShiftTo(g,d){d.s=this.s;var e=Math.floor(g/this.DB);if(e>=this.t){d.t=0;return}var b=g%this.DB;var a=this.DB-b;var f=(1<>b;for(var c=e+1;c>b}if(b>0){d[this.t-e-1]|=(this.s&f)<>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g-=d.s}f.s=(g<0)?-1:0;if(g<-1){f[e++]=this.DV+g}else{if(g>0){f[e++]=g}}f.t=e;f.clamp()}function bnpMultiplyTo(c,e){var b=this.abs(),f=c.abs();var d=b.t;e.t=d+f.t;while(--d>=0){e[d]=0}for(d=0;d=0){d[b]=0}for(b=0;b=a.DV){d[b+a.t]-=a.DV;d[b+a.t+1]=1}}if(d.t>0){d[d.t-1]+=a.am(b,a[b],d,2*b,0,1)}d.s=0;d.clamp()}function bnpDivRemTo(n,h,g){var w=n.abs();if(w.t<=0){return}var k=this.abs();if(k.t0){w.lShiftTo(v,d);k.lShiftTo(v,g)}else{w.copyTo(d);k.copyTo(g)}var p=d.t;var b=d[p-1];if(b==0){return}var o=b*(1<1)?d[p-2]>>this.F2:0);var A=this.FV/o,z=(1<=0){g[g.t++]=1;g.subTo(f,g)}BigInteger.ONE.dlShiftTo(p,f);f.subTo(d,d);while(d.t=0){var c=(g[--u]==b)?this.DM:Math.floor(g[u]*A+(g[u-1]+x)*z);if((g[u]+=d.am(0,c,g,s,0,p))0){g.rShiftTo(v,g)}if(a<0){BigInteger.ZERO.subTo(g,g)}}function bnMod(b){var c=nbi();this.abs().divRemTo(b,null,c);if(this.s<0&&c.compareTo(BigInteger.ZERO)>0){b.subTo(c,c)}return c}function Classic(a){this.m=a}function cConvert(a){if(a.s<0||a.compareTo(this.m)>=0){return a.mod(this.m)}else{return a}}function cRevert(a){return a}function cReduce(a){a.divRemTo(this.m,null,a)}function cMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}function cSqrTo(a,b){a.squareTo(b);this.reduce(b)}Classic.prototype.convert=cConvert;Classic.prototype.revert=cRevert;Classic.prototype.reduce=cReduce;Classic.prototype.mulTo=cMulTo;Classic.prototype.sqrTo=cSqrTo;function bnpInvDigit(){if(this.t<1){return 0}var a=this[0];if((a&1)==0){return 0}var b=a&3;b=(b*(2-(a&15)*b))&15;b=(b*(2-(a&255)*b))&255;b=(b*(2-(((a&65535)*b)&65535)))&65535;b=(b*(2-a*b%this.DV))%this.DV;return(b>0)?this.DV-b:-b}function Montgomery(a){this.m=a;this.mp=a.invDigit();this.mpl=this.mp&32767;this.mph=this.mp>>15;this.um=(1<<(a.DB-15))-1;this.mt2=2*a.t}function montConvert(a){var b=nbi();a.abs().dlShiftTo(this.m.t,b);b.divRemTo(this.m,null,b);if(a.s<0&&b.compareTo(BigInteger.ZERO)>0){this.m.subTo(b,b)}return b}function montRevert(a){var b=nbi();a.copyTo(b);this.reduce(b);return b}function montReduce(a){while(a.t<=this.mt2){a[a.t++]=0}for(var c=0;c>15)*this.mpl)&this.um)<<15))&a.DM;b=c+this.m.t;a[b]+=this.m.am(0,d,a,c,0,this.m.t);while(a[b]>=a.DV){a[b]-=a.DV;a[++b]++}}a.clamp();a.drShiftTo(this.m.t,a);if(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function montSqrTo(a,b){a.squareTo(b);this.reduce(b)}function montMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Montgomery.prototype.convert=montConvert;Montgomery.prototype.revert=montRevert;Montgomery.prototype.reduce=montReduce;Montgomery.prototype.mulTo=montMulTo;Montgomery.prototype.sqrTo=montSqrTo;function bnpIsEven(){return((this.t>0)?(this[0]&1):this.s)==0}function bnpExp(h,j){if(h>4294967295||h<1){return BigInteger.ONE}var f=nbi(),a=nbi(),d=j.convert(this),c=nbits(h)-1;d.copyTo(f);while(--c>=0){j.sqrTo(f,a);if((h&(1<0){j.mulTo(a,d,f)}else{var b=f;f=a;a=b}}return j.revert(f)}function bnModPowInt(b,a){var c;if(b<256||a.isEven()){c=new Classic(a)}else{c=new Montgomery(a)}return this.exp(b,c)}BigInteger.prototype.copyTo=bnpCopyTo;BigInteger.prototype.fromInt=bnpFromInt;BigInteger.prototype.fromString=bnpFromString;BigInteger.prototype.clamp=bnpClamp;BigInteger.prototype.dlShiftTo=bnpDLShiftTo;BigInteger.prototype.drShiftTo=bnpDRShiftTo;BigInteger.prototype.lShiftTo=bnpLShiftTo;BigInteger.prototype.rShiftTo=bnpRShiftTo;BigInteger.prototype.subTo=bnpSubTo;BigInteger.prototype.multiplyTo=bnpMultiplyTo;BigInteger.prototype.squareTo=bnpSquareTo;BigInteger.prototype.divRemTo=bnpDivRemTo;BigInteger.prototype.invDigit=bnpInvDigit;BigInteger.prototype.isEven=bnpIsEven;BigInteger.prototype.exp=bnpExp;BigInteger.prototype.toString=bnToString;BigInteger.prototype.negate=bnNegate;BigInteger.prototype.abs=bnAbs;BigInteger.prototype.compareTo=bnCompareTo;BigInteger.prototype.bitLength=bnBitLength;BigInteger.prototype.mod=bnMod;BigInteger.prototype.modPowInt=bnModPowInt;BigInteger.ZERO=nbv(0);BigInteger.ONE=nbv(1); +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function bnClone(){var a=nbi();this.copyTo(a);return a}function bnIntValue(){if(this.s<0){if(this.t==1){return this[0]-this.DV}else{if(this.t==0){return -1}}}else{if(this.t==1){return this[0]}else{if(this.t==0){return 0}}}return((this[1]&((1<<(32-this.DB))-1))<>24}function bnShortValue(){return(this.t==0)?this.s:(this[0]<<16)>>16}function bnpChunkSize(a){return Math.floor(Math.LN2*this.DB/Math.log(a))}function bnSigNum(){if(this.s<0){return -1}else{if(this.t<=0||(this.t==1&&this[0]<=0)){return 0}else{return 1}}}function bnpToRadix(c){if(c==null){c=10}if(this.signum()==0||c<2||c>36){return"0"}var f=this.chunkSize(c);var e=Math.pow(c,f);var i=nbv(e),j=nbi(),h=nbi(),g="";this.divRemTo(i,j,h);while(j.signum()>0){g=(e+h.intValue()).toString(c).substr(1)+g;j.divRemTo(i,j,h)}return h.intValue().toString(c)+g}function bnpFromRadix(m,h){this.fromInt(0);if(h==null){h=10}var f=this.chunkSize(h);var g=Math.pow(h,f),e=false,a=0,l=0;for(var c=0;c=f){this.dMultiply(g);this.dAddOffset(l,0);a=0;l=0}}if(a>0){this.dMultiply(Math.pow(h,a));this.dAddOffset(l,0)}if(e){BigInteger.ZERO.subTo(this,this)}}function bnpFromNumber(f,e,h){if("number"==typeof e){if(f<2){this.fromInt(1)}else{this.fromNumber(f,h);if(!this.testBit(f-1)){this.bitwiseTo(BigInteger.ONE.shiftLeft(f-1),op_or,this)}if(this.isEven()){this.dAddOffset(1,0)}while(!this.isProbablePrime(e)){this.dAddOffset(2,0);if(this.bitLength()>f){this.subTo(BigInteger.ONE.shiftLeft(f-1),this)}}}}else{var d=new Array(),g=f&7;d.length=(f>>3)+1;e.nextBytes(d);if(g>0){d[0]&=((1<0){if(e>e)!=(this.s&this.DM)>>e){c[a++]=f|(this.s<<(this.DB-e))}while(b>=0){if(e<8){f=(this[b]&((1<>(e+=this.DB-8)}else{f=(this[b]>>(e-=8))&255;if(e<=0){e+=this.DB;--b}}if((f&128)!=0){f|=-256}if(a==0&&(this.s&128)!=(f&128)){++a}if(a>0||f!=this.s){c[a++]=f}}}return c}function bnEquals(b){return(this.compareTo(b)==0)}function bnMin(b){return(this.compareTo(b)<0)?this:b}function bnMax(b){return(this.compareTo(b)>0)?this:b}function bnpBitwiseTo(c,h,e){var d,g,b=Math.min(c.t,this.t);for(d=0;d>=16;b+=16}if((a&255)==0){a>>=8;b+=8}if((a&15)==0){a>>=4;b+=4}if((a&3)==0){a>>=2;b+=2}if((a&1)==0){++b}return b}function bnGetLowestSetBit(){for(var a=0;a=this.t){return(this.s!=0)}return((this[a]&(1<<(b%this.DB)))!=0)}function bnpChangeBit(c,b){var a=BigInteger.ONE.shiftLeft(c);this.bitwiseTo(a,b,a);return a}function bnSetBit(a){return this.changeBit(a,op_or)}function bnClearBit(a){return this.changeBit(a,op_andnot)}function bnFlipBit(a){return this.changeBit(a,op_xor)}function bnpAddTo(d,f){var e=0,g=0,b=Math.min(d.t,this.t);while(e>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g+=d.s}f.s=(g<0)?-1:0;if(g>0){f[e++]=g}else{if(g<-1){f[e++]=this.DV+g}}f.t=e;f.clamp()}function bnAdd(b){var c=nbi();this.addTo(b,c);return c}function bnSubtract(b){var c=nbi();this.subTo(b,c);return c}function bnMultiply(b){var c=nbi();this.multiplyTo(b,c);return c}function bnSquare(){var a=nbi();this.squareTo(a);return a}function bnDivide(b){var c=nbi();this.divRemTo(b,c,null);return c}function bnRemainder(b){var c=nbi();this.divRemTo(b,null,c);return c}function bnDivideAndRemainder(b){var d=nbi(),c=nbi();this.divRemTo(b,d,c);return new Array(d,c)}function bnpDMultiply(a){this[this.t]=this.am(0,a-1,this,0,0,this.t);++this.t;this.clamp()}function bnpDAddOffset(b,a){if(b==0){return}while(this.t<=a){this[this.t++]=0}this[a]+=b;while(this[a]>=this.DV){this[a]-=this.DV;if(++a>=this.t){this[this.t++]=0}++this[a]}}function NullExp(){}function nNop(a){return a}function nMulTo(a,c,b){a.multiplyTo(c,b)}function nSqrTo(a,b){a.squareTo(b)}NullExp.prototype.convert=nNop;NullExp.prototype.revert=nNop;NullExp.prototype.mulTo=nMulTo;NullExp.prototype.sqrTo=nSqrTo;function bnPow(a){return this.exp(a,new NullExp())}function bnpMultiplyLowerTo(b,f,e){var d=Math.min(this.t+b.t,f);e.s=0;e.t=d;while(d>0){e[--d]=0}var c;for(c=e.t-this.t;d=0){d[c]=0}for(c=Math.max(e-this.t,0);c2*this.m.t){return a.mod(this.m)}else{if(a.compareTo(this.m)<0){return a}else{var b=nbi();a.copyTo(b);this.reduce(b);return b}}}function barrettRevert(a){return a}function barrettReduce(a){a.drShiftTo(this.m.t-1,this.r2);if(a.t>this.m.t+1){a.t=this.m.t+1;a.clamp()}this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3);this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);while(a.compareTo(this.r2)<0){a.dAddOffset(1,this.m.t+1)}a.subTo(this.r2,a);while(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function barrettSqrTo(a,b){a.squareTo(b);this.reduce(b)}function barrettMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Barrett.prototype.convert=barrettConvert;Barrett.prototype.revert=barrettRevert;Barrett.prototype.reduce=barrettReduce;Barrett.prototype.mulTo=barrettMulTo;Barrett.prototype.sqrTo=barrettSqrTo;function bnModPow(q,f){var o=q.bitLength(),h,b=nbv(1),v;if(o<=0){return b}else{if(o<18){h=1}else{if(o<48){h=3}else{if(o<144){h=4}else{if(o<768){h=5}else{h=6}}}}}if(o<8){v=new Classic(f)}else{if(f.isEven()){v=new Barrett(f)}else{v=new Montgomery(f)}}var p=new Array(),d=3,s=h-1,a=(1<1){var A=nbi();v.sqrTo(p[1],A);while(d<=a){p[d]=nbi();v.mulTo(A,p[d-2],p[d]);d+=2}}var l=q.t-1,x,u=true,c=nbi(),y;o=nbits(q[l])-1;while(l>=0){if(o>=s){x=(q[l]>>(o-s))&a}else{x=(q[l]&((1<<(o+1))-1))<<(s-o);if(l>0){x|=q[l-1]>>(this.DB+o-s)}}d=h;while((x&1)==0){x>>=1;--d}if((o-=d)<0){o+=this.DB;--l}if(u){p[x].copyTo(b);u=false}else{while(d>1){v.sqrTo(b,c);v.sqrTo(c,b);d-=2}if(d>0){v.sqrTo(b,c)}else{y=b;b=c;c=y}v.mulTo(c,p[x],b)}while(l>=0&&(q[l]&(1<0){b.rShiftTo(f,b);h.rShiftTo(f,h)}while(b.signum()>0){if((d=b.getLowestSetBit())>0){b.rShiftTo(d,b)}if((d=h.getLowestSetBit())>0){h.rShiftTo(d,h)}if(b.compareTo(h)>=0){b.subTo(h,b);b.rShiftTo(1,b)}else{h.subTo(b,h);h.rShiftTo(1,h)}}if(f>0){h.lShiftTo(f,h)}return h}function bnpModInt(e){if(e<=0){return 0}var c=this.DV%e,b=(this.s<0)?e-1:0;if(this.t>0){if(c==0){b=this[0]%e}else{for(var a=this.t-1;a>=0;--a){b=(c*b+this[a])%e}}}return b}function bnModInverse(f){var j=f.isEven();if((this.isEven()&&j)||f.signum()==0){return BigInteger.ZERO}var i=f.clone(),h=this.clone();var g=nbv(1),e=nbv(0),l=nbv(0),k=nbv(1);while(i.signum()!=0){while(i.isEven()){i.rShiftTo(1,i);if(j){if(!g.isEven()||!e.isEven()){g.addTo(this,g);e.subTo(f,e)}g.rShiftTo(1,g)}else{if(!e.isEven()){e.subTo(f,e)}}e.rShiftTo(1,e)}while(h.isEven()){h.rShiftTo(1,h);if(j){if(!l.isEven()||!k.isEven()){l.addTo(this,l);k.subTo(f,k)}l.rShiftTo(1,l)}else{if(!k.isEven()){k.subTo(f,k)}}k.rShiftTo(1,k)}if(i.compareTo(h)>=0){i.subTo(h,i);if(j){g.subTo(l,g)}e.subTo(k,e)}else{h.subTo(i,h);if(j){l.subTo(g,l)}k.subTo(e,k)}}if(h.compareTo(BigInteger.ONE)!=0){return BigInteger.ZERO}if(k.compareTo(f)>=0){return k.subtract(f)}if(k.signum()<0){k.addTo(f,k)}else{return k}if(k.signum()<0){return k.add(f)}else{return k}}var lowprimes=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];var lplim=(1<<26)/lowprimes[lowprimes.length-1];function bnIsProbablePrime(e){var d,b=this.abs();if(b.t==1&&b[0]<=lowprimes[lowprimes.length-1]){for(d=0;d>1;if(f>lowprimes.length){f=lowprimes.length}var b=nbi();for(var e=0;e>8)&255;rng_pool[rng_pptr++]^=(a>>16)&255;rng_pool[rng_pptr++]^=(a>>24)&255;if(rng_pptr>=rng_psize){rng_pptr-=rng_psize}}function rng_seed_time(){rng_seed_int(new Date().getTime())}if(rng_pool==null){rng_pool=new Array();rng_pptr=0;var t;if(navigator.appName=="Netscape"&&navigator.appVersion<"5"&&window.crypto){var z=window.crypto.random(32);for(t=0;t>>8;rng_pool[rng_pptr++]=t&255}rng_pptr=0;rng_seed_time()}function rng_get_byte(){if(rng_state==null){rng_seed_time();rng_state=prng_newstate();rng_state.init(rng_pool);for(rng_pptr=0;rng_pptr=0&&h>0){var f=e.charCodeAt(d--);if(f<128){g[--h]=f}else{if((f>127)&&(f<2048)){g[--h]=(f&63)|128;g[--h]=(f>>6)|192}else{g[--h]=(f&63)|128;g[--h]=((f>>6)&63)|128;g[--h]=(f>>12)|224}}}g[--h]=0;var b=new SecureRandom();var a=new Array();while(h>2){a[0]=0;while(a[0]==0){b.nextBytes(a)}g[--h]=a[0]}g[--h]=2;g[--h]=0;return new BigInteger(g)}function oaep_mgf1_arr(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255])));d+=1}return b}var SHA1_SIZE=20;function oaep_pad(l,a,c){if(l.length+2*SHA1_SIZE+2>a){throw"Message too long for RSA"}var h="",d;for(d=0;d0&&a.length>0){this.n=parseBigInt(b,16);this.e=parseInt(a,16)}else{alert("Invalid RSA public key")}}}function RSADoPublic(a){return a.modPowInt(this.e,this.n)}function RSAEncrypt(d){var a=pkcs1pad2(d,(this.n.bitLength()+7)>>3);if(a==null){return null}var e=this.doPublic(a);if(e==null){return null}var b=e.toString(16);if((b.length&1)==0){return b}else{return"0"+b}}function RSAEncryptOAEP(e,d){var a=oaep_pad(e,(this.n.bitLength()+7)>>3,d);if(a==null){return null}var f=this.doPublic(a);if(f==null){return null}var b=f.toString(16);if((b.length&1)==0){return b}else{return"0"+b}}RSAKey.prototype.doPublic=RSADoPublic;RSAKey.prototype.setPublic=RSASetPublic;RSAKey.prototype.encrypt=RSAEncrypt;RSAKey.prototype.encryptOAEP=RSAEncryptOAEP;RSAKey.prototype.type="RSA"; +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function pkcs1unpad2(g,j){var a=g.toByteArray();var f=0;while(f=a.length){return null}}var e="";while(++f191)&&(h<224)){e+=String.fromCharCode(((h&31)<<6)|(a[f+1]&63));++f}else{e+=String.fromCharCode(((h&15)<<12)|((a[f+1]&63)<<6)|(a[f+2]&63));f+=2}}}return e}function oaep_mgf1_str(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}var SHA1_SIZE=20;function oaep_unpad(l,b,e){l=l.toByteArray();var f;for(f=0;f0&&a.length>0){this.n=parseBigInt(c,16);this.e=parseInt(a,16);this.d=parseBigInt(b,16)}else{alert("Invalid RSA private key")}}}function RSASetPrivateEx(g,d,e,c,b,a,h,f){this.isPrivate=true;if(g==null){throw"RSASetPrivateEx N == null"}if(d==null){throw"RSASetPrivateEx E == null"}if(g.length==0){throw"RSASetPrivateEx N.length == 0"}if(d.length==0){throw"RSASetPrivateEx E.length == 0"}if(g!=null&&d!=null&&g.length>0&&d.length>0){this.n=parseBigInt(g,16);this.e=parseInt(d,16);this.d=parseBigInt(e,16);this.p=parseBigInt(c,16);this.q=parseBigInt(b,16);this.dmp1=parseBigInt(a,16);this.dmq1=parseBigInt(h,16);this.coeff=parseBigInt(f,16)}else{alert("Invalid RSA private key in RSASetPrivateEx")}}function RSAGenerate(b,i){var a=new SecureRandom();var f=b>>1;this.e=parseInt(i,16);var c=new BigInteger(i,16);for(;;){for(;;){this.p=new BigInteger(b-f,1,a);if(this.p.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.p.isProbablePrime(10)){break}}for(;;){this.q=new BigInteger(f,1,a);if(this.q.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.q.isProbablePrime(10)){break}}if(this.p.compareTo(this.q)<=0){var h=this.p;this.p=this.q;this.q=h}var g=this.p.subtract(BigInteger.ONE);var d=this.q.subtract(BigInteger.ONE);var e=g.multiply(d);if(e.gcd(c).compareTo(BigInteger.ONE)==0){this.n=this.p.multiply(this.q);this.d=c.modInverse(e);this.dmp1=this.d.mod(g);this.dmq1=this.d.mod(d);this.coeff=this.q.modInverse(this.p);break}}}function RSADoPrivate(a){if(this.p==null||this.q==null){return a.modPow(this.d,this.n)}var c=a.mod(this.p).modPow(this.dmp1,this.p);var b=a.mod(this.q).modPow(this.dmq1,this.q);while(c.compareTo(b)<0){c=c.add(this.p)}return c.subtract(b).multiply(this.coeff).mod(this.p).multiply(this.q).add(b)}function RSADecrypt(b){var d=parseBigInt(b,16);var a=this.doPrivate(d);if(a==null){return null}return pkcs1unpad2(a,(this.n.bitLength()+7)>>3)}function RSADecryptOAEP(d,b){var e=parseBigInt(d,16);var a=this.doPrivate(e);if(a==null){return null}return oaep_unpad(a,(this.n.bitLength()+7)>>3,b)}RSAKey.prototype.doPrivate=RSADoPrivate;RSAKey.prototype.setPrivate=RSASetPrivate;RSAKey.prototype.setPrivateEx=RSASetPrivateEx;RSAKey.prototype.generate=RSAGenerate;RSAKey.prototype.decrypt=RSADecrypt;RSAKey.prototype.decryptOAEP=RSADecryptOAEP; +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function ECFieldElementFp(b,a){this.x=a;this.q=b}function feFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.x.equals(a.x))}function feFpToBigInteger(){return this.x}function feFpNegate(){return new ECFieldElementFp(this.q,this.x.negate().mod(this.q))}function feFpAdd(a){return new ECFieldElementFp(this.q,this.x.add(a.toBigInteger()).mod(this.q))}function feFpSubtract(a){return new ECFieldElementFp(this.q,this.x.subtract(a.toBigInteger()).mod(this.q))}function feFpMultiply(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger()).mod(this.q))}function feFpSquare(){return new ECFieldElementFp(this.q,this.x.square().mod(this.q))}function feFpDivide(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger().modInverse(this.q)).mod(this.q))}ECFieldElementFp.prototype.equals=feFpEquals;ECFieldElementFp.prototype.toBigInteger=feFpToBigInteger;ECFieldElementFp.prototype.negate=feFpNegate;ECFieldElementFp.prototype.add=feFpAdd;ECFieldElementFp.prototype.subtract=feFpSubtract;ECFieldElementFp.prototype.multiply=feFpMultiply;ECFieldElementFp.prototype.square=feFpSquare;ECFieldElementFp.prototype.divide=feFpDivide;function ECPointFp(c,a,d,b){this.curve=c;this.x=a;this.y=d;if(b==null){this.z=BigInteger.ONE}else{this.z=b}this.zinv=null}function pointFpGetX(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.x.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpGetY(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.y.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpEquals(a){if(a==this){return true}if(this.isInfinity()){return a.isInfinity()}if(a.isInfinity()){return this.isInfinity()}var c,b;c=a.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(a.z)).mod(this.curve.q);if(!c.equals(BigInteger.ZERO)){return false}b=a.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(a.z)).mod(this.curve.q);return b.equals(BigInteger.ZERO)}function pointFpIsInfinity(){if((this.x==null)&&(this.y==null)){return true}return this.z.equals(BigInteger.ZERO)&&!this.y.toBigInteger().equals(BigInteger.ZERO)}function pointFpNegate(){return new ECPointFp(this.curve,this.x,this.y.negate(),this.z)}function pointFpAdd(l){if(this.isInfinity()){return l}if(l.isInfinity()){return this}var p=l.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(l.z)).mod(this.curve.q);var o=l.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(l.z)).mod(this.curve.q);if(BigInteger.ZERO.equals(o)){if(BigInteger.ZERO.equals(p)){return this.twice()}return this.curve.getInfinity()}var j=new BigInteger("3");var e=this.x.toBigInteger();var n=this.y.toBigInteger();var c=l.x.toBigInteger();var k=l.y.toBigInteger();var m=o.square();var i=m.multiply(o);var d=e.multiply(m);var g=p.square().multiply(this.z);var a=g.subtract(d.shiftLeft(1)).multiply(l.z).subtract(i).multiply(o).mod(this.curve.q);var h=d.multiply(j).multiply(p).subtract(n.multiply(i)).subtract(g.multiply(p)).multiply(l.z).add(p.multiply(i)).mod(this.curve.q);var f=i.multiply(this.z).multiply(l.z).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(a),this.curve.fromBigInteger(h),f)}function pointFpTwice(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var g=new BigInteger("3");var c=this.x.toBigInteger();var h=this.y.toBigInteger();var e=h.multiply(this.z);var j=e.multiply(h).mod(this.curve.q);var i=this.curve.a.toBigInteger();var k=c.square().multiply(g);if(!BigInteger.ZERO.equals(i)){k=k.add(this.z.square().multiply(i))}k=k.mod(this.curve.q);var b=k.square().subtract(c.shiftLeft(3).multiply(j)).shiftLeft(1).multiply(e).mod(this.curve.q);var f=k.multiply(g).multiply(c).subtract(j.shiftLeft(1)).shiftLeft(2).multiply(j).subtract(k.square().multiply(k)).mod(this.curve.q);var d=e.square().multiply(e).shiftLeft(3).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(b),this.curve.fromBigInteger(f),d)}function pointFpMultiply(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add(a?this:l)}}return d}function pointFpMultiplyTwo(c,a,b){var d;if(c.bitLength()>b.bitLength()){d=c.bitLength()-1}else{d=b.bitLength()-1}var f=this.curve.getInfinity();var e=this.add(a);while(d>=0){f=f.twice();if(c.testBit(d)){if(b.testBit(d)){f=f.add(e)}else{f=f.add(this)}}else{if(b.testBit(d)){f=f.add(a)}}--d}return f}ECPointFp.prototype.getX=pointFpGetX;ECPointFp.prototype.getY=pointFpGetY;ECPointFp.prototype.equals=pointFpEquals;ECPointFp.prototype.isInfinity=pointFpIsInfinity;ECPointFp.prototype.negate=pointFpNegate;ECPointFp.prototype.add=pointFpAdd;ECPointFp.prototype.twice=pointFpTwice;ECPointFp.prototype.multiply=pointFpMultiply;ECPointFp.prototype.multiplyTwo=pointFpMultiplyTwo;function ECCurveFp(e,d,c){this.q=e;this.a=this.fromBigInteger(d);this.b=this.fromBigInteger(c);this.infinity=new ECPointFp(this,null,null)}function curveFpGetQ(){return this.q}function curveFpGetA(){return this.a}function curveFpGetB(){return this.b}function curveFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.a.equals(a.a)&&this.b.equals(a.b))}function curveFpGetInfinity(){return this.infinity}function curveFpFromBigInteger(a){return new ECFieldElementFp(this.q,a)}function curveFpDecodePointHex(d){switch(parseInt(d.substr(0,2),16)){case 0:return this.infinity;case 2:case 3:return null;case 4:case 6:case 7:var a=(d.length-2)/2;var c=d.substr(2,a);var b=d.substr(a+2,a);return new ECPointFp(this,this.fromBigInteger(new BigInteger(c,16)),this.fromBigInteger(new BigInteger(b,16)));default:return null}}ECCurveFp.prototype.getQ=curveFpGetQ;ECCurveFp.prototype.getA=curveFpGetA;ECCurveFp.prototype.getB=curveFpGetB;ECCurveFp.prototype.equals=curveFpEquals;ECCurveFp.prototype.getInfinity=curveFpGetInfinity;ECCurveFp.prototype.fromBigInteger=curveFpFromBigInteger;ECCurveFp.prototype.decodePointHex=curveFpDecodePointHex; +/*! (c) Stefan Thomas | https://github.com/bitcoinjs/bitcoinjs-lib + */ +ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBigInteger().bitLength()+7)/8)};ECPointFp.prototype.getEncoded=function(c){var d=function(h,f){var g=h.toByteArrayUnsigned();if(fg.length){g.unshift(0)}}return g};var a=this.getX().toBigInteger();var e=this.getY().toBigInteger();var b=d(a,32);if(c){if(e.isEven()){b.unshift(2)}else{b.unshift(3)}}else{b.unshift(4);b=b.concat(d(e,32))}return b};ECPointFp.decodeFrom=function(g,c){var f=c[0];var e=c.length-1;var d=c.slice(1,1+e/2);var b=c.slice(1+e/2,1+e);d.unshift(0);b.unshift(0);var a=new BigInteger(d);var h=new BigInteger(b);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.decodeFromHex=function(g,c){var f=c.substr(0,2);var e=c.length-2;var d=c.substr(2,e/2);var b=c.substr(2+e/2,e/2);var a=new BigInteger(d,16);var h=new BigInteger(b,16);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.prototype.add2D=function(c){if(this.isInfinity()){return c}if(c.isInfinity()){return this}if(this.x.equals(c.x)){if(this.y.equals(c.y)){return this.twice()}return this.curve.getInfinity()}var g=c.x.subtract(this.x);var e=c.y.subtract(this.y);var a=e.divide(g);var d=a.square().subtract(this.x).subtract(c.x);var f=a.multiply(this.x.subtract(d)).subtract(this.y);return new ECPointFp(this.curve,d,f)};ECPointFp.prototype.twice2D=function(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var b=this.curve.fromBigInteger(BigInteger.valueOf(2));var e=this.curve.fromBigInteger(BigInteger.valueOf(3));var a=this.x.square().multiply(e).add(this.curve.a).divide(this.y.multiply(b));var c=a.square().subtract(this.x.multiply(b));var d=a.multiply(this.x.subtract(c)).subtract(this.y);return new ECPointFp(this.curve,c,d)};ECPointFp.prototype.multiply2D=function(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add2D(a?this:l)}}return d};ECPointFp.prototype.isOnCurve=function(){var d=this.getX().toBigInteger();var i=this.getY().toBigInteger();var f=this.curve.getA().toBigInteger();var c=this.curve.getB().toBigInteger();var h=this.curve.getQ();var e=i.multiply(i).mod(h);var g=d.multiply(d).multiply(d).add(f.multiply(d)).add(c).mod(h);return e.equals(g)};ECPointFp.prototype.toString=function(){return"("+this.getX().toBigInteger().toString()+","+this.getY().toBigInteger().toString()+")"};ECPointFp.prototype.validate=function(){var c=this.curve.getQ();if(this.isInfinity()){throw new Error("Point is at infinity.")}var a=this.getX().toBigInteger();var b=this.getY().toBigInteger();if(a.compareTo(BigInteger.ONE)<0||a.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("x coordinate out of bounds")}if(b.compareTo(BigInteger.ONE)<0||b.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("y coordinate out of bounds")}if(!this.isOnCurve()){throw new Error("Point is not on the curve.")}if(this.multiply(c).isInfinity()){throw new Error("Point is not a scalar multiple of G.")}return true}; +/*! asn1-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(j,l){var e=this.zeroPadding;var k=this.localDateToUTC(j);var m=String(k.getFullYear());if(l=="utc"){m=m.substr(2,2)}var i=e(String(k.getMonth()+1),2);var n=e(String(k.getDate()),2);var f=e(String(k.getHours()),2);var g=e(String(k.getMinutes()),2);var h=e(String(k.getSeconds()),2);return m+i+n+f+g+h+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||7=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};this.getNthChildIndex_AtObj=function(d,b,e){var c=this.getPosArrayOfChildren_AtObj(d,b);return c[e]};this.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=this.getPosArrayOfChildren_AtObj(e,d);return this.getDecendantIndexByNthList(e,b[f],c)};this.getDecendantHexTLVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfTLV_AtObj(d,a)};this.getDecendantHexVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfV_AtObj(d,a)}};ASN1HEX.getVbyList=function(d,c,b,e){var a=this.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return this.getHexOfV_AtObj(d,a)}; +/*! asn1x509-1.0.9.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(g){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var b=null;var d=null;var f=null;var c=null;var a=null;var e=null;this.setRsaPrvKeyByPEMandPass=function(i,k){var h=PKCS5PKEY.getDecryptedKeyHex(i,k);var j=new RSAKey();j.readPrivateKeyFromASN1HexString(h);this.prvKey=j};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA"});sig.init(this.prvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var h=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=h.getEncodedHex();this.isModified=false};this.setSignatureHex=function(h){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;this.hexSig=h;this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var i=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=i.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var j=this.getEncodedHex();var h=CryptoJS.enc.Hex.parse(j);var i=CryptoJS.enc.Base64.stringify(h);var k=i.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+k+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof g!="undefined"){if(typeof g.tbscertobj!="undefined"){this.asn1TBSCert=g.tbscertobj}if(typeof g.prvkeyobj!="undefined"){this.prvKey=g.prvkeyobj}else{if(typeof g.rsaprvkey!="undefined"){this.prvKey=g.rsaprvkey}else{if((typeof g.rsaprvpem!="undefined")&&(typeof g.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(g.rsaprvpem,g.rsaprvpas)}}}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.setSubjectPublicKeyByGetKey=function(c){var b=KEYUTIL.getKey(c);this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.appendExtensionByName=function(d,b){if(d.toLowerCase()=="basicconstraints"){var c=new KJUR.asn1.x509.BasicConstraints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="keyusage"){var c=new KJUR.asn1.x509.KeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="crldistributionpoints"){var c=new KJUR.asn1.x509.CRLDistributionPoints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="extkeyusage"){var c=new KJUR.asn1.x509.ExtKeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="authoritykeyidentifier"){var c=new KJUR.asn1.x509.AuthorityKeyIdentifier(b);this.appendExtension(c)}else{throw"unsupported extension name: "+d}}}}}};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d0){h=new a.DERTaggedObject({obj:this.dUnsignedAttrs,tag:"a1",explicit:false})}var g=[this.dCMSVersion,this.dSignerIdentifier,this.dDigestAlgorithm,e,this.dSigAlg,this.dSig,];if(h!=null){g.push(h)}var f=new a.DERSequence({array:g});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(c){KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dEContentType=new a.DERObjectIdentifier({name:"data"});this.dEContent=null;this.isDetached=false;this.eContentValueHex=null;this.setContentType=function(e){if(e.match(/^[0-2][.][0-9.]+$/)){this.dEContentType=new a.DERObjectIdentifier({oid:e})}else{this.dEContentType=new a.DERObjectIdentifier({name:e})}};this.setContentValue=function(e){if(typeof e!="undefined"){if(typeof e.hex=="string"){this.eContentValueHex=e.hex}else{if(typeof e.str=="string"){this.eContentValueHex=utf8tohex(e.str)}}}};this.setContentValueHex=function(e){this.eContentValueHex=e};this.setContentValueStr=function(e){this.eContentValueHex=utf8tohex(e)};this.getEncodedHex=function(){if(typeof this.eContentValueHex!="string"){throw"eContentValue not yet set"}var g=new a.DEROctetString({hex:this.eContentValueHex});this.dEContent=new a.DERTaggedObject({obj:g,tag:"a0",explicit:true});var e=[this.dEContentType];if(!this.isDetached){e.push(this.dEContent)}var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(c){KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dContentType=null;this.dContent=null;this.setContentType=function(e){if(typeof e=="string"){this.dContentType=d.OID.name2obj(e)}};this.getEncodedHex=function(){var f=new a.DERTaggedObject({obj:this.dContent,tag:"a0",explicit:true});var e=new a.DERSequence({array:[this.dContentType,f]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof c!="undefined"){if(c.type){this.setContentType(c.type)}if(c.obj&&c.obj instanceof a.ASN1Object){this.dContent=c.obj}}};YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(c){KJUR.asn1.cms.SignedData.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dCMSVersion=new a.DERInteger({"int":1});this.digestAlgNameList=[];this.dEncapContentInfo=new b.EncapsulatedContentInfo();this.certificateList=[];this.crlList=[];this.signerInfoList=[new b.SignerInfo()];this.addCertificatesByPEM=function(e){var f=KEYUTIL.getHexFromPEM(e);var g=new a.ASN1Object();g.hTLV=f;this.certificateList.push(g)};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}var m=[];for(var j=0;j0){var g=new a.DERSet({array:this.certificateList});var f=new a.DERTaggedObject({obj:g,tag:"a0",explicit:false});k.push(f)}k.push(n);var l=new a.DERSequence({array:k});this.hTLV=l.getEncodedHex();return this.hTLV};this.getContentInfoEncodedHex=function(){this.getEncodedHex();var e=new b.ContentInfo({type:"signed-data",obj:this});var f=e.getEncodedHex();return f};this.getPEM=function(){var e=this.getContentInfoEncodedHex();var f=a.ASN1Util.getPEMStringFromHex(e,"CMS");return f}};YAHOO.lang.extend(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(g){var f=KJUR.asn1.cms;var e=new f.SignedData();e.dEncapContentInfo.setContentValue(g.content);if(typeof g.certs=="object"){for(var c=0;cd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--p){q=q.twice2D();q.z=BigInteger.ONE;if(o.testBit(p)){if(n.testBit(p)){q=q.add2D(t)}else{q=q.add2D(s)}}else{if(n.testBit(p)){q=q.add2D(r)}}}return q}this.getBigRandom=function(i){return new BigInteger(i.bitLength(),a).mod(i.subtract(BigInteger.ONE)).add(BigInteger.ONE)};this.setNamedCurve=function(i){this.ecparams=KJUR.crypto.ECParameterDB.getByName(i);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=i};this.setPrivateKeyHex=function(i){this.isPrivate=true;this.prvKeyHex=i};this.setPublicKeyHex=function(i){this.isPublic=true;this.pubKeyHex=i};this.generateKeyPairHex=function(){var k=this.ecparams.n;var n=this.getBigRandom(k);var l=this.ecparams.G.multiply(n);var q=l.getX().toBigInteger();var o=l.getY().toBigInteger();var i=this.ecparams.keylen/4;var m=("0000000000"+n.toString(16)).slice(-i);var r=("0000000000"+q.toString(16)).slice(-i);var p=("0000000000"+o.toString(16)).slice(-i);var j="04"+r+p;this.setPrivateKeyHex(m);this.setPublicKeyHex(j);return{ecprvhex:m,ecpubhex:j}};this.signWithMessageHash=function(i){return this.signHex(i,this.prvKeyHex)};this.signHex=function(o,j){var t=new BigInteger(j,16);var l=this.ecparams.n;var q=new BigInteger(o,16);do{var m=this.getBigRandom(l);var u=this.ecparams.G;var p=u.multiply(m);var i=p.getX().toBigInteger().mod(l)}while(i.compareTo(BigInteger.ZERO)<=0);var v=m.modInverse(l).multiply(q.add(t.multiply(i))).mod(l);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(i,v)};this.sign=function(m,u){var q=u;var j=this.ecparams.n;var p=BigInteger.fromByteArrayUnsigned(m);do{var l=this.getBigRandom(j);var t=this.ecparams.G;var o=t.multiply(l);var i=o.getX().toBigInteger().mod(j)}while(i.compareTo(BigInteger.ZERO)<=0);var v=l.modInverse(j).multiply(p.add(q.multiply(i))).mod(j);return this.serializeSig(i,v)};this.verifyWithMessageHash=function(j,i){return this.verifyHex(j,i,this.pubKeyHex)};this.verifyHex=function(m,i,p){var l,j;var o=KJUR.crypto.ECDSA.parseSigHex(i);l=o.r;j=o.s;var k;k=ECPointFp.decodeFromHex(this.ecparams.curve,p);var n=new BigInteger(m,16);return this.verifyRaw(n,l,j,k)};this.verify=function(o,p,j){var l,i;if(Bitcoin.Util.isArray(p)){var n=this.parseSig(p);l=n.r;i=n.s}else{if("object"===typeof p&&p.r&&p.s){l=p.r;i=p.s}else{throw"Invalid value for signature"}}var k;if(j instanceof ECPointFp){k=j}else{if(Bitcoin.Util.isArray(j)){k=ECPointFp.decodeFrom(this.ecparams.curve,j)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var m=BigInteger.fromByteArrayUnsigned(o);return this.verifyRaw(m,l,i,k)};this.verifyRaw=function(o,i,w,m){var l=this.ecparams.n;var u=this.ecparams.G;if(i.compareTo(BigInteger.ONE)<0||i.compareTo(l)>=0){return false}if(w.compareTo(BigInteger.ONE)<0||w.compareTo(l)>=0){return false}var p=w.modInverse(l);var k=o.multiply(p).mod(l);var j=i.multiply(p).mod(l);var q=u.multiply(k).add(m.multiply(j));var t=q.getX().toBigInteger().mod(l);return t.equals(i)};this.serializeSig=function(k,j){var l=k.toByteArraySigned();var i=j.toByteArraySigned();var m=[];m.push(2);m.push(l.length);m=m.concat(l);m.push(2);m.push(i.length);m=m.concat(i);m.unshift(m.length);m.unshift(48);return m};this.parseSig=function(n){var m;if(n[0]!=48){throw new Error("Signature not a valid DERSequence")}m=2;if(n[m]!=2){throw new Error("First element in signature must be a DERInteger")}var l=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];if(n[m]!=2){throw new Error("Second element in signature must be a DERInteger")}var i=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];var k=BigInteger.fromByteArrayUnsigned(l);var j=BigInteger.fromByteArrayUnsigned(i);return{r:k,s:j}};this.parseSigCompact=function(m){if(m.length!==65){throw"Signature has the wrong length"}var j=m[0]-27;if(j<0||j>7){throw"Invalid signature type"}var o=this.ecparams.n;var l=BigInteger.fromByteArrayUnsigned(m.slice(1,33)).mod(o);var k=BigInteger.fromByteArrayUnsigned(m.slice(33,65)).mod(o);return{r:l,s:k,i:j}};if(h!==undefined){if(h.curve!==undefined){this.curveName=h.curve}}if(this.curveName===undefined){this.curveName=e}this.setNamedCurve(this.curveName);if(h!==undefined){if(h.prv!==undefined){this.setPrivateKeyHex(h.prv)}if(h.pub!==undefined){this.setPublicKeyHex(h.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(c){if(c.substr(0,2)!="30"){throw"signature is not a ASN.1 sequence"}var b=ASN1HEX.getPosArrayOfChildren_AtObj(c,0);if(b.length!=2){throw"number of signature ASN.1 sequence elements seem wrong"}var g=b[0];var f=b[1];if(c.substr(g,2)!="02"){throw"1st item of sequene of signature is not ASN.1 integer"}if(c.substr(f,2)!="02"){throw"2nd item of sequene of signature is not ASN.1 integer"}var e=ASN1HEX.getHexOfV_AtObj(c,g);var d=ASN1HEX.getHexOfV_AtObj(c,f);return{r:e,s:d}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(c){var d=KJUR.crypto.ECDSA.parseSigHexInHexRS(c);var b=d.r;var a=d.s;if(b.substr(0,2)=="00"&&(((b.length/2)*8)%(16*8))==8){b=b.substr(2)}if(a.substr(0,2)=="00"&&(((a.length/2)*8)%(16*8))==8){a=a.substr(2)}if((((b.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig r length error"}if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig s length error"}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA concatinated r-s sig length error"}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(e,c){var b=new KJUR.asn1.DERInteger({bigint:e});var a=new KJUR.asn1.DERInteger({bigint:c});var d=new KJUR.asn1.DERSequence({array:[b,a]});return d.getEncodedHex()}; +/*! ecparam-1.0.0.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){throw"invalid DSA signature"}var I=J.modInverse(u);var A=D.multiply(I).mod(u);var v=K.multiply(I).mod(u);var F=G.modPow(A,z).multiply(H.modPow(v,z)).mod(z).mod(u);return F.compareTo(K)==0};this.parseASN1Signature=function(u){try{var y=new BigInteger(ASN1HEX.getVbyList(u,0,[0],"02"),16);var v=new BigInteger(ASN1HEX.getVbyList(u,0,[1],"02"),16);return[y,v]}catch(w){throw"malformed DSA signature"}};function d(E,w,B,v,u,C){var z=KJUR.crypto.Util.hashString(w,E.toLowerCase());var z=z.substr(0,u.bitLength()/4);var A=new BigInteger(z,16);var y=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var F=(B.modPow(y,v)).mod(u);var D=(y.modInverse(u).multiply(A.add(C.multiply(F)))).mod(u);var G=new Array();G[0]=F;G[1]=D;return G}function r(v){var u=openpgp.config.config.prefer_hash_algorithm;switch(Math.round(v.bitLength()/8)){case 20:if(u!=2&&u>11&&u!=10&&u<8){return 2}return u;case 28:if(u>11&&u<8){return 11}return u;case 32:if(u>10&&u<8){return 8}return u;default:util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");return null}}this.select_hash_algorithm=r;function m(I,K,J,B,z,u,F,G){var C=KJUR.crypto.Util.hashString(B,I.toLowerCase());var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){util.print_error("invalid DSA Signature");return null}var H=J.modInverse(u);var A=D.multiply(H).mod(u);var v=K.multiply(H).mod(u);var E=F.modPow(A,z).multiply(G.modPow(v,z)).mod(z).mod(u);return E.compareTo(K)==0}function a(z){var A=new BigInteger(z,primeCenterie);var y=j(q,512);var u=t(p,q,z);var v;do{v=new BigInteger(q.bitCount(),rand)}while(x.compareTo(BigInteger.ZERO)!=1&&x.compareTo(q)!=-1);var w=g.modPow(x,p);return{x:v,q:A,p:y,g:u,y:w}}function j(y,z,w){if(z%64!=0){return false}var u;var v;do{u=w(bitcount,true);v=u.subtract(BigInteger.ONE);u=u.subtract(v.remainder(y))}while(!u.isProbablePrime(primeCenterie)||u.bitLength()!=l);return u}function t(B,z,A,w){var u=B.subtract(BigInteger.ONE);var y=u.divide(z);var v;do{v=w(A)}while(v.compareTo(u)!=-1&&v.compareTo(BigInteger.ONE)!=1);return v.modPow(y,B)}function o(w,y,u){var v;do{v=u(y,false)}while(v.compareTo(w)!=-1&&v.compareTo(BigInteger.ZERO)!=1);return v}function i(v,w){k=o(v);var u=g.modPow(k,w).mod(v);return u}function h(B,w,y,v,z,u){var A=B(v);s=(w.modInverse(z).multiply(A.add(u.multiply(y)))).mod(z);return s}this.sign=d;this.verify=m;function n(w,u){if(u.compareTo(w)<=0){return}var v=u.subtract(w);var y=e(v.bitLength());while(y>v){y=e(v.bitLength())}return w.add(y)}function e(w){if(w<0){return null}var u=Math.floor((w+7)/8);var v=c(u);if(w%8>0){v=String.fromCharCode((Math.pow(2,w%8)-1)&v.charCodeAt(0))+v.substring(1)}return new BigInteger(f(v),16)}function c(w){var u="";for(var v=0;v=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); +/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b}; +/*! rsapem-1.1.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +function _rsapem_pemToBase64(b){var a=b;a=a.replace("-----BEGIN RSA PRIVATE KEY-----","");a=a.replace("-----END RSA PRIVATE KEY-----","");a=a.replace(/[ \n]+/g,"");return a}function _rsapem_getPosArrayOfChildrenFromHex(d){var j=new Array();var k=ASN1HEX.getStartPosOfV_AtObj(d,0);var f=ASN1HEX.getPosOfNextSibling_AtObj(d,k);var h=ASN1HEX.getPosOfNextSibling_AtObj(d,f);var b=ASN1HEX.getPosOfNextSibling_AtObj(d,h);var l=ASN1HEX.getPosOfNextSibling_AtObj(d,b);var e=ASN1HEX.getPosOfNextSibling_AtObj(d,l);var g=ASN1HEX.getPosOfNextSibling_AtObj(d,e);var c=ASN1HEX.getPosOfNextSibling_AtObj(d,g);var i=ASN1HEX.getPosOfNextSibling_AtObj(d,c);j.push(k,f,h,b,l,e,g,c,i);return j}function _rsapem_getHexValueArrayOfChildrenFromHex(i){var o=_rsapem_getPosArrayOfChildrenFromHex(i);var r=ASN1HEX.getHexOfV_AtObj(i,o[0]);var f=ASN1HEX.getHexOfV_AtObj(i,o[1]);var j=ASN1HEX.getHexOfV_AtObj(i,o[2]);var k=ASN1HEX.getHexOfV_AtObj(i,o[3]);var c=ASN1HEX.getHexOfV_AtObj(i,o[4]);var b=ASN1HEX.getHexOfV_AtObj(i,o[5]);var h=ASN1HEX.getHexOfV_AtObj(i,o[6]);var g=ASN1HEX.getHexOfV_AtObj(i,o[7]);var l=ASN1HEX.getHexOfV_AtObj(i,o[8]);var m=new Array();m.push(r,f,j,k,c,b,h,g,l);return m}function _rsapem_readPrivateKeyFromASN1HexString(c){var b=_rsapem_getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}function _rsapem_readPrivateKeyFromPEMString(e){var c=_rsapem_pemToBase64(e);var d=b64tohex(c);var b=_rsapem_getHexValueArrayOfChildrenFromHex(d);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}RSAKey.prototype.readPrivateKeyFromPEMString=_rsapem_readPrivateKeyFromPEMString;RSAKey.prototype.readPrivateKeyFromASN1HexString=_rsapem_readPrivateKeyFromASN1HexString; +/*! rsasign-1.2.7.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license + */ +var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}function _rsasign_signStringPSS(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)}function _rsasign_signWithMessageHashPSS(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dthis.n.bitLength()){return 0}var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(k){return KJUR.crypto.Util.hashString(k,d)};var c=a(f);return(h==c)}function _rsasign_verifyWithMessageHash(e,a){a=a.replace(_RE_HEXDECONLY,"");a=a.replace(/[ \n]+/g,"");var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)}function _rsasign_verifyStringPSS(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)}function _rsasign_verifyWithMessageHashPSS(f,s,l,c){var k=new BigInteger(s,16);if(k.bitLength()>this.n.bitLength()){return false}var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;qg.length){g.unshift(0)}}return g};var a=this.getX().toBigInteger();var e=this.getY().toBigInteger();var b=d(a,32);if(c){if(e.isEven()){b.unshift(2)}else{b.unshift(3)}}else{b.unshift(4);b=b.concat(d(e,32))}return b};ECPointFp.decodeFrom=function(g,c){var f=c[0];var e=c.length-1;var d=c.slice(1,1+e/2);var b=c.slice(1+e/2,1+e);d.unshift(0);b.unshift(0);var a=new BigInteger(d);var h=new BigInteger(b);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.decodeFromHex=function(g,c){var f=c.substr(0,2);var e=c.length-2;var d=c.substr(2,e/2);var b=c.substr(2+e/2,e/2);var a=new BigInteger(d,16);var h=new BigInteger(b,16);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.prototype.add2D=function(c){if(this.isInfinity()){return c}if(c.isInfinity()){return this}if(this.x.equals(c.x)){if(this.y.equals(c.y)){return this.twice()}return this.curve.getInfinity()}var g=c.x.subtract(this.x);var e=c.y.subtract(this.y);var a=e.divide(g);var d=a.square().subtract(this.x).subtract(c.x);var f=a.multiply(this.x.subtract(d)).subtract(this.y);return new ECPointFp(this.curve,d,f)};ECPointFp.prototype.twice2D=function(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var b=this.curve.fromBigInteger(BigInteger.valueOf(2));var e=this.curve.fromBigInteger(BigInteger.valueOf(3));var a=this.x.square().multiply(e).add(this.curve.a).divide(this.y.multiply(b));var c=a.square().subtract(this.x.multiply(b));var d=a.multiply(this.x.subtract(c)).subtract(this.y);return new ECPointFp(this.curve,c,d)};ECPointFp.prototype.multiply2D=function(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add2D(a?this:l)}}return d};ECPointFp.prototype.isOnCurve=function(){var d=this.getX().toBigInteger();var i=this.getY().toBigInteger();var f=this.curve.getA().toBigInteger();var c=this.curve.getB().toBigInteger();var h=this.curve.getQ();var e=i.multiply(i).mod(h);var g=d.multiply(d).multiply(d).add(f.multiply(d)).add(c).mod(h);return e.equals(g)};ECPointFp.prototype.toString=function(){return"("+this.getX().toBigInteger().toString()+","+this.getY().toBigInteger().toString()+")"};ECPointFp.prototype.validate=function(){var c=this.curve.getQ();if(this.isInfinity()){throw new Error("Point is at infinity.")}var a=this.getX().toBigInteger();var b=this.getY().toBigInteger();if(a.compareTo(BigInteger.ONE)<0||a.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("x coordinate out of bounds")}if(b.compareTo(BigInteger.ONE)<0||b.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("y coordinate out of bounds")}if(!this.isOnCurve()){throw new Error("Point is not on the curve.")}if(this.multiply(c).isInfinity()){throw new Error("Point is not a scalar multiple of G.")}return true}; -/*! asn1-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license */ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(j,l){var e=this.zeroPadding;var k=this.localDateToUTC(j);var m=String(k.getFullYear());if(l=="utc"){m=m.substr(2,2)}var i=e(String(k.getMonth()+1),2);var n=e(String(k.getDate()),2);var f=e(String(k.getHours()),2);var g=e(String(k.getMinutes()),2);var h=e(String(k.getSeconds()),2);return m+i+n+f+g+h+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||715){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(j,l){var e=this.zeroPadding;var k=this.localDateToUTC(j);var m=String(k.getFullYear());if(l=="utc"){m=m.substr(2,2)}var i=e(String(k.getMonth()+1),2);var n=e(String(k.getDate()),2);var f=e(String(k.getHours()),2);var g=e(String(k.getMinutes()),2);var h=e(String(k.getSeconds()),2);return m+i+n+f+g+h+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||7=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};this.getNthChildIndex_AtObj=function(d,b,e){var c=this.getPosArrayOfChildren_AtObj(d,b);return c[e]};this.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=this.getPosArrayOfChildren_AtObj(e,d);return this.getDecendantIndexByNthList(e,b[f],c)};this.getDecendantHexTLVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfTLV_AtObj(d,a)};this.getDecendantHexVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfV_AtObj(d,a)}};ASN1HEX.getVbyList=function(d,c,b,e){var a=this.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return this.getHexOfV_AtObj(d,a)}; -/*! asn1x509-1.0.8.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1x509-1.0.9.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(g){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var b=null;var d=null;var f=null;var c=null;var a=null;var e=null;this.setRsaPrvKeyByPEMandPass=function(i,k){var h=PKCS5PKEY.getDecryptedKeyHex(i,k);var j=new RSAKey();j.readPrivateKeyFromASN1HexString(h);this.prvKey=j};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA"});sig.init(this.prvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var h=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=h.getEncodedHex();this.isModified=false};this.setSignatureHex=function(h){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;this.hexSig=h;this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var i=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=i.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var j=this.getEncodedHex();var h=CryptoJS.enc.Hex.parse(j);var i=CryptoJS.enc.Base64.stringify(h);var k=i.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+k+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof g!="undefined"){if(typeof g.tbscertobj!="undefined"){this.asn1TBSCert=g.tbscertobj}if(typeof g.prvkeyobj!="undefined"){this.prvKey=g.prvkeyobj}else{if(typeof g.rsaprvkey!="undefined"){this.prvKey=g.rsaprvkey}else{if((typeof g.rsaprvpem!="undefined")&&(typeof g.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(g.rsaprvpem,g.rsaprvpas)}}}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.setSubjectPublicKeyByGetKey=function(c){var b=KEYUTIL.getKey(c);this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.appendExtensionByName=function(d,b){if(d.toLowerCase()=="basicconstraints"){var c=new KJUR.asn1.x509.BasicConstraints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="keyusage"){var c=new KJUR.asn1.x509.KeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="crldistributionpoints"){var c=new KJUR.asn1.x509.CRLDistributionPoints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="extkeyusage"){var c=new KJUR.asn1.x509.ExtKeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="authoritykeyidentifier"){var c=new KJUR.asn1.x509.AuthorityKeyIdentifier(b);this.appendExtension(c)}else{throw"unsupported extension name: "+d}}}}}};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d0){h=new a.DERTaggedObject({obj:this.dUnsignedAttrs,tag:"a1",explicit:false})}var g=[this.dCMSVersion,this.dSignerIdentifier,this.dDigestAlgorithm,e,this.dSigAlg,this.dSig,];if(h!=null){g.push(h)}var f=new a.DERSequence({array:g});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(c){KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dEContentType=new a.DERObjectIdentifier({name:"data"});this.dEContent=null;this.isDetached=false;this.eContentValueHex=null;this.setContentType=function(e){if(e.match(/^[0-2][.][0-9.]+$/)){this.dEContentType=new a.DERObjectIdentifier({oid:e})}else{this.dEContentType=new a.DERObjectIdentifier({name:e})}};this.setContentValue=function(e){if(typeof e!="undefined"){if(typeof e.hex=="string"){this.eContentValueHex=e.hex}else{if(typeof e.str=="string"){this.eContentValueHex=utf8tohex(e.str)}}}};this.setContentValueHex=function(e){this.eContentValueHex=e};this.setContentValueStr=function(e){this.eContentValueHex=utf8tohex(e)};this.getEncodedHex=function(){if(typeof this.eContentValueHex!="string"){throw"eContentValue not yet set"}var g=new a.DEROctetString({hex:this.eContentValueHex});this.dEContent=new a.DERTaggedObject({obj:g,tag:"a0",explicit:true});var e=[this.dEContentType];if(!this.isDetached){e.push(this.dEContent)}var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(c){KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dContentType=null;this.dContent=null;this.setContentType=function(e){if(typeof e=="string"){this.dContentType=d.OID.name2obj(e)}};this.getEncodedHex=function(){var f=new a.DERTaggedObject({obj:this.dContent,tag:"a0",explicit:true});var e=new a.DERSequence({array:[this.dContentType,f]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof c!="undefined"){if(c.type){this.setContentType(c.type)}if(c.obj&&c.obj instanceof a.ASN1Object){this.dContent=c.obj}}};YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(c){KJUR.asn1.cms.SignedData.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dCMSVersion=new a.DERInteger({"int":1});this.digestAlgNameList=[];this.dEncapContentInfo=new b.EncapsulatedContentInfo();this.certificateList=[];this.crlList=[];this.signerInfoList=[new b.SignerInfo()];this.addCertificatesByPEM=function(e){var f=KEYUTIL.getHexFromPEM(e);var g=new a.ASN1Object();g.hTLV=f;this.certificateList.push(g)};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}var m=[];for(var j=0;j0){var g=new a.DERSet({array:this.certificateList});var f=new a.DERTaggedObject({obj:g,tag:"a0",explicit:false});k.push(f)}k.push(n);var l=new a.DERSequence({array:k});this.hTLV=l.getEncodedHex();return this.hTLV};this.getContentInfoEncodedHex=function(){this.getEncodedHex();var e=new b.ContentInfo({type:"signed-data",obj:this});var f=e.getEncodedHex();return f};this.getPEM=function(){var e=this.getContentInfoEncodedHex();var f=a.ASN1Util.getPEMStringFromHex(e,"CMS");return f}};YAHOO.lang.extend(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(g){var f=KJUR.asn1.cms;var e=new f.SignedData();e.dEncapContentInfo.setContentValue(g.content);if(typeof g.certs=="object"){for(var c=0;c=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); -/*! keyutil-1.0.6.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ -var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("BEGIN "+u)==-1){throw"can't find PEM header: "+u}r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","");var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b}; +var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b}; /*! rsapem-1.1.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license */ function _rsapem_pemToBase64(b){var a=b;a=a.replace("-----BEGIN RSA PRIVATE KEY-----","");a=a.replace("-----END RSA PRIVATE KEY-----","");a=a.replace(/[ \n]+/g,"");return a}function _rsapem_getPosArrayOfChildrenFromHex(d){var j=new Array();var k=ASN1HEX.getStartPosOfV_AtObj(d,0);var f=ASN1HEX.getPosOfNextSibling_AtObj(d,k);var h=ASN1HEX.getPosOfNextSibling_AtObj(d,f);var b=ASN1HEX.getPosOfNextSibling_AtObj(d,h);var l=ASN1HEX.getPosOfNextSibling_AtObj(d,b);var e=ASN1HEX.getPosOfNextSibling_AtObj(d,l);var g=ASN1HEX.getPosOfNextSibling_AtObj(d,e);var c=ASN1HEX.getPosOfNextSibling_AtObj(d,g);var i=ASN1HEX.getPosOfNextSibling_AtObj(d,c);j.push(k,f,h,b,l,e,g,c,i);return j}function _rsapem_getHexValueArrayOfChildrenFromHex(i){var o=_rsapem_getPosArrayOfChildrenFromHex(i);var r=ASN1HEX.getHexOfV_AtObj(i,o[0]);var f=ASN1HEX.getHexOfV_AtObj(i,o[1]);var j=ASN1HEX.getHexOfV_AtObj(i,o[2]);var k=ASN1HEX.getHexOfV_AtObj(i,o[3]);var c=ASN1HEX.getHexOfV_AtObj(i,o[4]);var b=ASN1HEX.getHexOfV_AtObj(i,o[5]);var h=ASN1HEX.getHexOfV_AtObj(i,o[6]);var g=ASN1HEX.getHexOfV_AtObj(i,o[7]);var l=ASN1HEX.getHexOfV_AtObj(i,o[8]);var m=new Array();m.push(r,f,j,k,c,b,h,g,l);return m}function _rsapem_readPrivateKeyFromASN1HexString(c){var b=_rsapem_getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}function _rsapem_readPrivateKeyFromPEMString(e){var c=_rsapem_pemToBase64(e);var d=b64tohex(c);var b=_rsapem_getHexValueArrayOfChildrenFromHex(d);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}RSAKey.prototype.readPrivateKeyFromPEMString=_rsapem_readPrivateKeyFromPEMString;RSAKey.prototype.readPrivateKeyFromASN1HexString=_rsapem_readPrivateKeyFromASN1HexString; /*! rsasign-1.2.7.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license */ var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}function _rsasign_signStringPSS(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)}function _rsasign_signWithMessageHashPSS(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dthis.n.bitLength()){return 0}var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(k){return KJUR.crypto.Util.hashString(k,d)};var c=a(f);return(h==c)}function _rsasign_verifyWithMessageHash(e,a){a=a.replace(_RE_HEXDECONLY,"");a=a.replace(/[ \n]+/g,"");var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)}function _rsasign_verifyStringPSS(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)}function _rsasign_verifyWithMessageHashPSS(f,s,l,c){var k=new BigInteger(s,16);if(k.bitLength()>this.n.bitLength()){return false}var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;qMIT License */ @@ -106,131 +106,131 @@ var KEYUTIL = function() { // ***************************************************************** // shared key decryption ------------------------------------------ var decryptAES = function(dataHex, keyHex, ivHex) { - return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); + return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); }; var decrypt3DES = function(dataHex, keyHex, ivHex) { - return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); + return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); }; var decryptDES = function(dataHex, keyHex, ivHex) { - return decryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex); + return decryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex); }; var decryptGeneral = function(f, dataHex, keyHex, ivHex) { - var data = CryptoJS.enc.Hex.parse(dataHex); - var key = CryptoJS.enc.Hex.parse(keyHex); - var iv = CryptoJS.enc.Hex.parse(ivHex); - var encrypted = {}; - encrypted.key = key; - encrypted.iv = iv; - encrypted.ciphertext = data; - var decrypted = f.decrypt(encrypted, key, { iv: iv }); - return CryptoJS.enc.Hex.stringify(decrypted); + var data = CryptoJS.enc.Hex.parse(dataHex); + var key = CryptoJS.enc.Hex.parse(keyHex); + var iv = CryptoJS.enc.Hex.parse(ivHex); + var encrypted = {}; + encrypted.key = key; + encrypted.iv = iv; + encrypted.ciphertext = data; + var decrypted = f.decrypt(encrypted, key, { iv: iv }); + return CryptoJS.enc.Hex.stringify(decrypted); }; // shared key decryption ------------------------------------------ var encryptAES = function(dataHex, keyHex, ivHex) { - return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); + return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); }; var encrypt3DES = function(dataHex, keyHex, ivHex) { - return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); + return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); }; var encryptDES = function(dataHex, keyHex, ivHex) { - return encryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex); + return encryptGeneral(CryptoJS.DES, dataHex, keyHex, ivHex); }; var encryptGeneral = function(f, dataHex, keyHex, ivHex) { - var data = CryptoJS.enc.Hex.parse(dataHex); - var key = CryptoJS.enc.Hex.parse(keyHex); - var iv = CryptoJS.enc.Hex.parse(ivHex); - var encryptedHex = f.encrypt(data, key, { iv: iv }); + var data = CryptoJS.enc.Hex.parse(dataHex); + var key = CryptoJS.enc.Hex.parse(keyHex); + var iv = CryptoJS.enc.Hex.parse(ivHex); + var encryptedHex = f.encrypt(data, key, { iv: iv }); var encryptedWA = CryptoJS.enc.Hex.parse(encryptedHex.toString()); var encryptedB64 = CryptoJS.enc.Base64.stringify(encryptedWA); - return encryptedB64; + return encryptedB64; }; // other methods and properties ---------------------------------------- var ALGLIST = { - 'AES-256-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 32, ivlen: 16 }, - 'AES-192-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 24, ivlen: 16 }, - 'AES-128-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 16, ivlen: 16 }, - 'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 }, - 'DES-CBC': { 'proc': decryptDES, 'eproc': encryptDES, keylen: 8, ivlen: 8 } + 'AES-256-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 32, ivlen: 16 }, + 'AES-192-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 24, ivlen: 16 }, + 'AES-128-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 16, ivlen: 16 }, + 'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 }, + 'DES-CBC': { 'proc': decryptDES, 'eproc': encryptDES, keylen: 8, ivlen: 8 } }; var getFuncByName = function(algName) { - return ALGLIST[algName]['proc']; + return ALGLIST[algName]['proc']; }; var _generateIvSaltHex = function(numBytes) { - var wa = CryptoJS.lib.WordArray.random(numBytes); - var hex = CryptoJS.enc.Hex.stringify(wa); - return hex; + var wa = CryptoJS.lib.WordArray.random(numBytes); + var hex = CryptoJS.enc.Hex.stringify(wa); + return hex; }; var _parsePKCS5PEM = function(sPKCS5PEM) { - var info = {}; - if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) { - info.cipher = RegExp.$1; - info.ivsalt = RegExp.$2; - } - if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) { - info.type = RegExp.$1; - } - var i1 = -1; - var lenNEWLINE = 0; - if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) { - i1 = sPKCS5PEM.indexOf("\r\n\r\n"); - lenNEWLINE = 2; - } - if (sPKCS5PEM.indexOf("\n\n") != -1) { - i1 = sPKCS5PEM.indexOf("\n\n"); - lenNEWLINE = 1; - } - var i2 = sPKCS5PEM.indexOf("-----END"); - if (i1 != -1 && i2 != -1) { - var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE); - s = s.replace(/\s+/g, ''); - info.data = s; - } - return info; + var info = {}; + if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) { + info.cipher = RegExp.$1; + info.ivsalt = RegExp.$2; + } + if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) { + info.type = RegExp.$1; + } + var i1 = -1; + var lenNEWLINE = 0; + if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) { + i1 = sPKCS5PEM.indexOf("\r\n\r\n"); + lenNEWLINE = 2; + } + if (sPKCS5PEM.indexOf("\n\n") != -1) { + i1 = sPKCS5PEM.indexOf("\n\n"); + lenNEWLINE = 1; + } + var i2 = sPKCS5PEM.indexOf("-----END"); + if (i1 != -1 && i2 != -1) { + var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE); + s = s.replace(/\s+/g, ''); + info.data = s; + } + return info; }; var _getKeyAndUnusedIvByPasscodeAndIvsalt = function(algName, passcode, ivsaltHex) { - //alert("ivsaltHex(2) = " + ivsaltHex); - var saltHex = ivsaltHex.substring(0, 16); - //alert("salt = " + saltHex); - - var salt = CryptoJS.enc.Hex.parse(saltHex); - var data = CryptoJS.enc.Utf8.parse(passcode); - //alert("salt = " + salt); - //alert("data = " + data); - - var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen']; - var hHexValueJoined = ''; - var hLastValue = null; - //alert("nRequiredBytes = " + nRequiredBytes); - for (;;) { - var h = CryptoJS.algo.MD5.create(); - if (hLastValue != null) { - h.update(hLastValue); - } - h.update(data); - h.update(salt); - hLastValue = h.finalize(); - hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue); - //alert("joined = " + hHexValueJoined); - if (hHexValueJoined.length >= nRequiredBytes * 2) { - break; - } - } - var result = {}; - result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2); - result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2); - return result; + //alert("ivsaltHex(2) = " + ivsaltHex); + var saltHex = ivsaltHex.substring(0, 16); + //alert("salt = " + saltHex); + + var salt = CryptoJS.enc.Hex.parse(saltHex); + var data = CryptoJS.enc.Utf8.parse(passcode); + //alert("salt = " + salt); + //alert("data = " + data); + + var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen']; + var hHexValueJoined = ''; + var hLastValue = null; + //alert("nRequiredBytes = " + nRequiredBytes); + for (;;) { + var h = CryptoJS.algo.MD5.create(); + if (hLastValue != null) { + h.update(hLastValue); + } + h.update(data); + h.update(salt); + hLastValue = h.finalize(); + hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue); + //alert("joined = " + hHexValueJoined); + if (hHexValueJoined.length >= nRequiredBytes * 2) { + break; + } + } + var result = {}; + result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2); + result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2); + return result; }; /* @@ -241,11 +241,11 @@ var KEYUTIL = function() { * @param {String} hexadecimal string of decrypted private key */ var _decryptKeyB64 = function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64); - var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA); - var f = ALGLIST[sharedKeyAlgName]['proc']; - var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex); - return decryptedKeyHex; + var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64); + var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA); + var f = ALGLIST[sharedKeyAlgName]['proc']; + var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex); + return decryptedKeyHex; }; /* @@ -256,9 +256,9 @@ var KEYUTIL = function() { * @param {String} base64 string of encrypted private key */ var _encryptKeyHex = function(privateKeyHex, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - var f = ALGLIST[sharedKeyAlgName]['eproc']; - var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex); - return encryptedKeyB64; + var f = ALGLIST[sharedKeyAlgName]['eproc']; + var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex); + return encryptedKeyB64; }; // ***************************************************************** @@ -266,558 +266,563 @@ var KEYUTIL = function() { // ***************************************************************** return { // -- UTILITY METHODS ------------------------------------------------------------ - /** + /** * decrypt private key by shared key - * @name version - * @memberOf KEYUTIL - * @property {String} version - * @description version string of KEYUTIL class - */ - version: "1.0.0", - - /** + * @name version + * @memberOf KEYUTIL + * @property {String} version + * @description version string of KEYUTIL class + */ + version: "1.0.0", + + /** * get hexacedimal string of PEM format - * @name getHexFromPEM - * @memberOf KEYUTIL - * @function - * @param {String} sPEM PEM formatted string - * @param {String} sHead PEM header string without BEGIN/END - * @return {String} hexadecimal string data of PEM contents - * @since pkcs5pkey 1.0.5 - */ + * @name getHexFromPEM + * @memberOf KEYUTIL + * @function + * @param {String} sPEM PEM formatted string + * @param {String} sHead PEM header string without BEGIN/END + * @return {String} hexadecimal string data of PEM contents + * @since pkcs5pkey 1.0.5 + */ getHexFromPEM: function(sPEM, sHead) { - var s = sPEM; - if (s.indexOf("BEGIN " + sHead) == -1) { - throw "can't find PEM header: " + sHead; - } - s = s.replace("-----BEGIN " + sHead + "-----", ""); - s = s.replace("-----END " + sHead + "-----", ""); - var sB64 = s.replace(/\s+/g, ''); + var s = sPEM; + if (s.indexOf("-----BEGIN ") == -1) { + throw "can't find PEM header: " + sHead; + } + if (typeof sHead == "string" && sHead != "") { + s = s.replace("-----BEGIN " + sHead + "-----", ""); + s = s.replace("-----END " + sHead + "-----", ""); + } else { + s = s.replace(/-----BEGIN [^-]+-----/, ''); + s = s.replace(/-----END [^-]+-----/, ''); + } + var sB64 = s.replace(/\s+/g, ''); var dataHex = b64tohex(sB64); - return dataHex; - }, + return dataHex; + }, - /** + /** * decrypt private key by shared key - * @name getDecryptedKeyHexByKeyIV - * @memberOf KEYUTIL - * @function - * @param {String} encryptedKeyHex hexadecimal string of encrypted private key - * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') - * @param {String} sharedKeyHex hexadecimal string of symmetric key - * @param {String} ivHex hexadecimal string of initial vector(IV). - * @return {String} hexadecimal string of decrypted privated key - */ - getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) { - var f1 = getFuncByName(algName); - return f1(encryptedKeyHex, sharedKeyHex, ivHex); - }, - - /** + * @name getDecryptedKeyHexByKeyIV + * @memberOf KEYUTIL + * @function + * @param {String} encryptedKeyHex hexadecimal string of encrypted private key + * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') + * @param {String} sharedKeyHex hexadecimal string of symmetric key + * @param {String} ivHex hexadecimal string of initial vector(IV). + * @return {String} hexadecimal string of decrypted privated key + */ + getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) { + var f1 = getFuncByName(algName); + return f1(encryptedKeyHex, sharedKeyHex, ivHex); + }, + + /** * parse PEM formatted passcode protected PKCS#5 private key - * @name parsePKCS5PEM - * @memberOf KEYUTIL - * @function - * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key - * @return {Hash} hash of key information - * @description + * @name parsePKCS5PEM + * @memberOf KEYUTIL + * @function + * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key + * @return {Hash} hash of key information + * @description * Resulted hash has following attributes. - *

        - *
      • cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')
      • - *
      • ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.
      • - *
      • type - asymmetric key algorithm name of private key described in PEM header.
      • - *
      • data - base64 encoded encrypted private key.
      • - *
      + *
        + *
      • cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')
      • + *
      • ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.
      • + *
      • type - asymmetric key algorithm name of private key described in PEM header.
      • + *
      • data - base64 encoded encrypted private key.
      • + *
      * - */ + */ parsePKCS5PEM: function(sPKCS5PEM) { - return _parsePKCS5PEM(sPKCS5PEM); - }, + return _parsePKCS5PEM(sPKCS5PEM); + }, - /** + /** * the same function as OpenSSL EVP_BytsToKey to generate shared key and IV - * @name getKeyAndUnusedIvByPasscodeAndIvsalt - * @memberOf KEYUTIL - * @function - * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') - * @param {String} passcode passcode to decrypt private key (ex. 'password') - * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt - * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..}) - */ - getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) { - return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex); - }, + * @name getKeyAndUnusedIvByPasscodeAndIvsalt + * @memberOf KEYUTIL + * @function + * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') + * @param {String} passcode passcode to decrypt private key (ex. 'password') + * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt + * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..}) + */ + getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) { + return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex); + }, decryptKeyB64: function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); + return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); }, - /** + /** * decrypt PEM formatted protected PKCS#5 private key with passcode - * @name getDecryptedKeyHex - * @memberOf KEYUTIL - * @function - * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key - * @param {String} passcode passcode to decrypt private key (ex. 'password') - * @return {String} hexadecimal string of decrypted RSA priavte key - */ - getDecryptedKeyHex: function(sEncryptedPEM, passcode) { - // 1. parse pem - var info = _parsePKCS5PEM(sEncryptedPEM); - var publicKeyAlgName = info.type; - var sharedKeyAlgName = info.cipher; - var ivsaltHex = info.ivsalt; - var privateKeyB64 = info.data; - //alert("ivsaltHex = " + ivsaltHex); - - // 2. generate shared key - var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); - var sharedKeyHex = sharedKeyInfo.keyhex; - //alert("sharedKeyHex = " + sharedKeyHex); - - // 3. decrypt private key + * @name getDecryptedKeyHex + * @memberOf KEYUTIL + * @function + * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key + * @param {String} passcode passcode to decrypt private key (ex. 'password') + * @return {String} hexadecimal string of decrypted RSA priavte key + */ + getDecryptedKeyHex: function(sEncryptedPEM, passcode) { + // 1. parse pem + var info = _parsePKCS5PEM(sEncryptedPEM); + var publicKeyAlgName = info.type; + var sharedKeyAlgName = info.cipher; + var ivsaltHex = info.ivsalt; + var privateKeyB64 = info.data; + //alert("ivsaltHex = " + ivsaltHex); + + // 2. generate shared key + var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); + var sharedKeyHex = sharedKeyInfo.keyhex; + //alert("sharedKeyHex = " + sharedKeyHex); + + // 3. decrypt private key var decryptedKey = _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); - return decryptedKey; - }, + return decryptedKey; + }, - /** + /** * (DEPRECATED) read PEM formatted encrypted PKCS#5 private key and returns RSAKey object - * @name getRSAKeyFromEncryptedPKCS5PEM - * @memberOf KEYUTIL - * @function - * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key - * @param {String} passcode passcode to decrypt private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromEncryptedPKCS5PEM + * @memberOf KEYUTIL + * @function + * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key + * @param {String} passcode passcode to decrypt private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.2 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ - getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) { - var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode); - var rsaKey = new RSAKey(); - rsaKey.readPrivateKeyFromASN1HexString(hPKey); - return rsaKey; - }, - - /* + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ + getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) { + var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode); + var rsaKey = new RSAKey(); + rsaKey.readPrivateKeyFromASN1HexString(hPKey); + return rsaKey; + }, + + /* * get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key - * @name getEncryptedPKCS5PEMFromPrvKeyHex - * @memberOf KEYUTIL - * @function - * @param {String} pemHeadAlg algorithm name in the pem header (i.e. RSA,EC or DSA) - * @param {String} hPrvKey hexadecimal string of plain private key - * @param {String} passcode pass code to protect private key (ex. password) - * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC) - * @param {String} ivsaltHex hexadecimal string of IV and salt - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name getEncryptedPKCS5PEMFromPrvKeyHex + * @memberOf KEYUTIL + * @function + * @param {String} pemHeadAlg algorithm name in the pem header (i.e. RSA,EC or DSA) + * @param {String} hPrvKey hexadecimal string of plain private key + * @param {String} passcode pass code to protect private key (ex. password) + * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC) + * @param {String} ivsaltHex hexadecimal string of IV and salt + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @description - *
      - * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded - * ASN.1 object of plain RSA private key. - * Following arguments can be omitted. - *
        - *
      • alg - AES-256-CBC will be used if omitted.
      • - *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • - *
      - * NOTE1: DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC algorithm are supported. - * @example - * var pem = + * @description + *
      + * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded + * ASN.1 object of plain RSA private key. + * Following arguments can be omitted. + *
        + *
      • alg - AES-256-CBC will be used if omitted.
      • + *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • + *
      + * NOTE1: DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC algorithm are supported. + * @example + * var pem = * KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password"); - * var pem2 = + * var pem2 = * KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC"); - * var pem3 = + * var pem3 = * KEYUTIL.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02..."); - */ - getEncryptedPKCS5PEMFromPrvKeyHex: function(pemHeadAlg, hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { - var sPEM = ""; - - // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) - if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { - sharedKeyAlgName = "AES-256-CBC"; - } - if (typeof ALGLIST[sharedKeyAlgName] == "undefined") - throw "KEYUTIL unsupported algorithm: " + sharedKeyAlgName; - - // 2. set ivsaltHex if undefined - if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { - var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; - var randIV = _generateIvSaltHex(ivlen); - ivsaltHex = randIV.toUpperCase(); - } - - // 3. get shared key + */ + getEncryptedPKCS5PEMFromPrvKeyHex: function(pemHeadAlg, hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { + var sPEM = ""; + + // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) + if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { + sharedKeyAlgName = "AES-256-CBC"; + } + if (typeof ALGLIST[sharedKeyAlgName] == "undefined") + throw "KEYUTIL unsupported algorithm: " + sharedKeyAlgName; + + // 2. set ivsaltHex if undefined + if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { + var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; + var randIV = _generateIvSaltHex(ivlen); + ivsaltHex = randIV.toUpperCase(); + } + + // 3. get shared key //alert("ivsalthex=" + ivsaltHex); - var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); - var sharedKeyHex = sharedKeyInfo.keyhex; - // alert("sharedKeyHex = " + sharedKeyHex); + var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); + var sharedKeyHex = sharedKeyInfo.keyhex; + // alert("sharedKeyHex = " + sharedKeyHex); // 3. get encrypted Key in Base64 var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex); - var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); - var sPEM = "-----BEGIN " + pemHeadAlg + " PRIVATE KEY-----\r\n"; - sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; - sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; - sPEM += "\r\n"; - sPEM += pemBody; - sPEM += "\r\n-----END " + pemHeadAlg + " PRIVATE KEY-----\r\n"; + var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); + var sPEM = "-----BEGIN " + pemHeadAlg + " PRIVATE KEY-----\r\n"; + sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; + sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; + sPEM += "\r\n"; + sPEM += pemBody; + sPEM += "\r\n-----END " + pemHeadAlg + " PRIVATE KEY-----\r\n"; - return sPEM; + return sPEM; }, - /** + /** * (DEPRECATED) get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key - * @name getEncryptedPKCS5PEMFromRSAKey - * @memberOf KEYUTIL - * @function - * @param {RSAKey} pKey RSAKey object of private key - * @param {String} passcode pass code to protect private key (ex. password) - * @param {String} alg algorithm name to protect private key (default AES-256-CBC) - * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name getEncryptedPKCS5PEMFromRSAKey + * @memberOf KEYUTIL + * @function + * @param {RSAKey} pKey RSAKey object of private key + * @param {String} passcode pass code to protect private key (ex. password) + * @param {String} alg algorithm name to protect private key (default AES-256-CBC) + * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getPEM#}. - * @description - *
      - * generate PEM formatted encrypted PKCS#5 private key by - * {@link RSAKey} object of RSA private key and passcode. - * Following argument can be omitted. - *
        - *
      • alg - AES-256-CBC will be used if omitted.
      • - *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • - *
      - * @example - * var pkey = new RSAKey(); - * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' - * var pem = KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pkey, "password"); - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getPEM#}. + * @description + *
      + * generate PEM formatted encrypted PKCS#5 private key by + * {@link RSAKey} object of RSA private key and passcode. + * Following argument can be omitted. + *
        + *
      • alg - AES-256-CBC will be used if omitted.
      • + *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • + *
      + * @example + * var pkey = new RSAKey(); + * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' + * var pem = KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pkey, "password"); + */ getEncryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) { - var version = new KJUR.asn1.DERInteger({'int': 0}); - var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); - var e = new KJUR.asn1.DERInteger({'int': pKey.e}); - var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); - var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); - var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); - var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); - var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); - var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); - var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); - var hex = seq.getEncodedHex(); - return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", hex, passcode, alg, ivsaltHex); + var version = new KJUR.asn1.DERInteger({'int': 0}); + var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); + var e = new KJUR.asn1.DERInteger({'int': pKey.e}); + var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); + var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); + var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); + var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); + var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); + var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); + var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); + var hex = seq.getEncodedHex(); + return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", hex, passcode, alg, ivsaltHex); }, - /** + /** * generate RSAKey and PEM formatted encrypted PKCS#5 private key - * @name newEncryptedPKCS5PEM - * @memberOf KEYUTIL - * @function - * @param {String} passcode pass code to protect private key (ex. password) - * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) - * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) - * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC) - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name newEncryptedPKCS5PEM + * @memberOf KEYUTIL + * @function + * @param {String} passcode pass code to protect private key (ex. password) + * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) + * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) + * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC) + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @example - * var pem1 = KEYUTIL.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC - * var pem2 = KEYUTIL.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC - * var pem3 = KEYUTIL.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC - */ - newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { - if (typeof keyLen == "undefined" || keyLen == null) { - keyLen = 1024; - } - if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { - hPublicExponent = '10001'; - } - var pKey = new RSAKey(); - pKey.generate(keyLen, hPublicExponent); - var pem = null; - if (typeof alg == "undefined" || alg == null) { - pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode); - } else { - pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg); - } - return pem; + * @example + * var pem1 = KEYUTIL.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC + * var pem2 = KEYUTIL.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC + * var pem3 = KEYUTIL.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC + */ + newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { + if (typeof keyLen == "undefined" || keyLen == null) { + keyLen = 1024; + } + if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { + hPublicExponent = '10001'; + } + var pKey = new RSAKey(); + pKey.generate(keyLen, hPublicExponent); + var pem = null; + if (typeof alg == "undefined" || alg == null) { + pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode); + } else { + pem = this.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg); + } + return pem; }, - // === PKCS8 =============================================================== + // === PKCS8 =============================================================== - /** + /** * (DEPRECATED) read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPlainPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromPlainPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.1 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) { if (pkcs8PEM.match(/ENCRYPTED/)) throw "pem shall be not ENCRYPTED"; var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY"); var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); - return rsaKey; + return rsaKey; }, - /** + /** * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPlainPKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromPlainPKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.3 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) { - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); - if (a1.length != 3) - throw "outer DERSequence shall have 3 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); + if (a1.length != 3) + throw "outer DERSequence shall have 3 elements: " + a1.length; var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); - if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption - throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; + if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption + throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; var algIdTLV = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); - var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); - var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); + var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); + var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); //alert(p5KeyHex); - var rsaKey = new RSAKey(); - rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); - return rsaKey; + var rsaKey = new RSAKey(); + rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); + return rsaKey; }, - /** + /** * generate PBKDF2 key hexstring with specified passcode and information - * @name parseHexOfEncryptedPKCS8 - * @memberOf KEYUTIL - * @function - * @param {String} passcode passcode to decrypto private key - * @return {Array} info associative array of PKCS#8 parameters + * @name parseHexOfEncryptedPKCS8 + * @memberOf KEYUTIL + * @function + * @param {String} passcode passcode to decrypto private key + * @return {Array} info associative array of PKCS#8 parameters * @since pkcs5pkey 1.0.3 - * @description - * The associative array which is returned by this method has following properties: - *
        - *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • - *
      • info.pkbdf2Iter - iteration count
      • - *
      • info.ciphertext - hexadecimal string of encrypted private key
      • - *
      • info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
      • - *
      • info.encryptionSchemeIV - initial vector for encryption algorithm
      • - *
      - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ + * @description + * The associative array which is returned by this method has following properties: + *
        + *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • + *
      • info.pkbdf2Iter - iteration count
      • + *
      • info.ciphertext - hexadecimal string of encrypted private key
      • + *
      • info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
      • + *
      • info.encryptionSchemeIV - initial vector for encryption algorithm
      • + *
      + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ parseHexOfEncryptedPKCS8: function(sHEX) { var info = {}; - - var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); - if (a0.length != 2) - throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; + + var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); + if (a0.length != 2) + throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; - // 1. ciphertext - info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); + // 1. ciphertext + info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); - // 2. pkcs5PBES2 - var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); - if (a0_0.length != 2) - throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; + // 2. pkcs5PBES2 + var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); + if (a0_0.length != 2) + throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; - // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") - throw "this only supports pkcs5PBES2"; + // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") + throw "this only supports pkcs5PBES2"; - // 2.2 pkcs5PBES2 param + // 2.2 pkcs5PBES2 param var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); - if (a0_0.length != 2) - throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; - - // 2.2.1 encryptionScheme - var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); - if (a0_0_1_1.length != 2) - throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") - throw "this only supports TripleDES"; - info.encryptionSchemeAlg = "TripleDES"; - - // 2.2.1.1 IV of encryptionScheme - info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); - - // 2.2.2 keyDerivationFunc - var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); - if (a0_0_1_0.length != 2) - throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") - throw "this only supports pkcs5PBKDF2"; - - // 2.2.2.1 pkcs5PBKDF2 param - var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); - if (a0_0_1_0_1.length < 2) - throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; - - // 2.2.2.1.1 PBKDF2 salt - info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); - - // 2.2.2.1.2 PBKDF2 iter - var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); - try { - info.pbkdf2Iter = parseInt(iterNumHex, 16); - } catch(ex) { - throw "malformed format pbkdf2Iter: " + iterNumHex; - } - - return info; - }, - - /** + if (a0_0.length != 2) + throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; + + // 2.2.1 encryptionScheme + var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); + if (a0_0_1_1.length != 2) + throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") + throw "this only supports TripleDES"; + info.encryptionSchemeAlg = "TripleDES"; + + // 2.2.1.1 IV of encryptionScheme + info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); + + // 2.2.2 keyDerivationFunc + var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); + if (a0_0_1_0.length != 2) + throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") + throw "this only supports pkcs5PBKDF2"; + + // 2.2.2.1 pkcs5PBKDF2 param + var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); + if (a0_0_1_0_1.length < 2) + throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; + + // 2.2.2.1.1 PBKDF2 salt + info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); + + // 2.2.2.1.2 PBKDF2 iter + var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); + try { + info.pbkdf2Iter = parseInt(iterNumHex, 16); + } catch(ex) { + throw "malformed format pbkdf2Iter: " + iterNumHex; + } + + return info; + }, + + /** * generate PBKDF2 key hexstring with specified passcode and information - * @name getPBKDF2KeyHexFromParam - * @memberOf KEYUTIL - * @function - * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file - * @param {String} passcode passcode to decrypto private key - * @return {String} hexadecimal string of PBKDF2 key + * @name getPBKDF2KeyHexFromParam + * @memberOf KEYUTIL + * @function + * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file + * @param {String} passcode passcode to decrypto private key + * @return {String} hexadecimal string of PBKDF2 key * @since pkcs5pkey 1.0.3 - * @description - * As for info, this uses following properties: - *
        - *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • - *
      • info.pkbdf2Iter - iteration count
      • - *
      - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ - getPBKDF2KeyHexFromParam: function(info, passcode) { - var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); - var pbkdf2Iter = info.pbkdf2Iter; - var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, - pbkdf2SaltWS, - { keySize: 192/32, iterations: pbkdf2Iter }); - var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); - return pbkdf2KeyHex; - }, - - /** + * @description + * As for info, this uses following properties: + *
        + *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • + *
      • info.pkbdf2Iter - iteration count
      • + *
      + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ + getPBKDF2KeyHexFromParam: function(info, passcode) { + var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); + var pbkdf2Iter = info.pbkdf2Iter; + var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, + pbkdf2SaltWS, + { keySize: 192/32, iterations: pbkdf2Iter }); + var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); + return pbkdf2KeyHex; + }, + + /** * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key - * @name getPlainPKCS8HexFromEncryptedPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key - * @param {String} passcode passcode to decrypto private key - * @return {String} hexadecimal string of plain PKCS#8 private key + * @name getPlainPKCS8HexFromEncryptedPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key + * @param {String} passcode passcode to decrypto private key + * @return {String} hexadecimal string of plain PKCS#8 private key * @since pkcs5pkey 1.0.3 - * @description - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ - getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - // 1. derHex - PKCS#8 private key encrypted by PBKDF2 + * @description + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ + getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { + // 1. derHex - PKCS#8 private key encrypted by PBKDF2 var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY"); - // 2. info - PKCS#5 PBES info - var info = this.parseHexOfEncryptedPKCS8(derHex); - // 3. hKey - PBKDF2 key - var pbkdf2KeyHex = KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode); - // 4. decrypt ciphertext by PBKDF2 key - var encrypted = {}; - encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); - var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); - var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); - var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); - var decHex = CryptoJS.enc.Hex.stringify(decWS); - return decHex; - }, - - /** + // 2. info - PKCS#5 PBES info + var info = this.parseHexOfEncryptedPKCS8(derHex); + // 3. hKey - PBKDF2 key + var pbkdf2KeyHex = KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode); + // 4. decrypt ciphertext by PBKDF2 key + var encrypted = {}; + encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); + var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); + var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); + var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); + var decHex = CryptoJS.enc.Hex.stringify(decWS); + return decHex; + }, + + /** * (DEPRECATED) read PEM formatted encrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromEncryptedPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key - * @param {String} passcode passcode to decrypto private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromEncryptedPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key + * @param {String} passcode passcode to decrypto private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.3 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - * @description - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + * @description + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); - var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); - return rsaKey; + var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); + var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); + return rsaKey; }, - /** + /** * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key - * @name getKeyFromEncryptedPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key - * @param {String} passcode passcode string to decrypt key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ + * @name getKeyFromEncryptedPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key + * @param {String} passcode passcode string to decrypt key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); - var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); - return key; + var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); + var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); + return key; }, - /** + /** * parse hexadecimal string of plain PKCS#8 private key - * @name parsePlainPrivatePKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key - * @return {Array} associative array of parsed key - * @since pkcs5pkey 1.0.5 - * @description - * Resulted associative array has following properties: - *
        - *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • - *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • - *
      • keyidx - string starting index of key in pkcs8PrvHex
      • - *
      - */ - parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { - var result = {}; - result.algparam = null; - - // 1. sequence - if (pkcs8PrvHex.substr(0, 2) != "30") - throw "malformed plain PKCS8 private key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); - if (a1.length != 3) - throw "malformed plain PKCS8 private key(code:002)"; - - // 2. AlgID + * @name parsePlainPrivatePKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key + * @return {Array} associative array of parsed key + * @since pkcs5pkey 1.0.5 + * @description + * Resulted associative array has following properties: + *
        + *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • + *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • + *
      • keyidx - string starting index of key in pkcs8PrvHex
      • + *
      + */ + parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { + var result = {}; + result.algparam = null; + + // 1. sequence + if (pkcs8PrvHex.substr(0, 2) != "30") + throw "malformed plain PKCS8 private key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); + if (a1.length != 3) + throw "malformed plain PKCS8 private key(code:002)"; + + // 2. AlgID if (pkcs8PrvHex.substr(a1[1], 2) != "30") throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence @@ -825,289 +830,289 @@ var KEYUTIL = function() { if (a2.length != 2) throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements - // 2.1. AlgID OID - if (pkcs8PrvHex.substr(a2[0], 2) != "06") - throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID + // 2.1. AlgID OID + if (pkcs8PrvHex.substr(a2[0], 2) != "06") + throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID - result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); + result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); - // 2.2. AlgID param - if (pkcs8PrvHex.substr(a2[1], 2) == "06") { - result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); - } + // 2.2. AlgID param + if (pkcs8PrvHex.substr(a2[1], 2) == "06") { + result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); + } - // 3. Key index - if (pkcs8PrvHex.substr(a1[2], 2) != "04") - throw "malformed PKCS8 private key(code:006)"; // not octet string + // 3. Key index + if (pkcs8PrvHex.substr(a1[2], 2) != "04") + throw "malformed PKCS8 private key(code:006)"; // not octet string - result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); + result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); - return result; + return result; }, - /** + /** * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key - * @name getKeyFromPlainPrivatePKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ - getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { - var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); - var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); - return key; - }, - - /** + * @name getKeyFromPlainPrivatePKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ + getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { + var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); + var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); + return key; + }, + + /** * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key - * @name getKeyFromPlainPrivatePKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ - getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { - var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); - - if (p8.algoid == "2a864886f70d010101") { // RSA - this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); - var k = p8.key; - var key = new RSAKey(); - key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); - return key; - } else if (p8.algoid == "2a8648ce3d0201") { // ECC - this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); - if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) - throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; - var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; - var key = new KJUR.crypto.ECDSA({'curve': curveName}); - key.setPublicKeyHex(p8.pubkey); - key.setPrivateKeyHex(p8.key); - key.isPublic = false; - return key; - } else if (p8.algoid == "2a8648ce380401") { // DSA - var hP = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,0], "02"); - var hQ = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,1], "02"); - var hG = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,2], "02"); - var hX = ASN1HEX.getVbyList(prvKeyHex, 0, [2,0], "02"); - var biP = new BigInteger(hP, 16); - var biQ = new BigInteger(hQ, 16); - var biG = new BigInteger(hG, 16); - var biX = new BigInteger(hX, 16); - var key = new KJUR.crypto.DSA(); - key.setPrivate(biP, biQ, biG, null, biX); - return key; - } else { - throw "unsupported private key algorithm"; - } - }, - - // === PKCS8 RSA Public Key ================================================ - /** + * @name getKeyFromPlainPrivatePKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ + getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { + var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); + + if (p8.algoid == "2a864886f70d010101") { // RSA + this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); + var k = p8.key; + var key = new RSAKey(); + key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); + return key; + } else if (p8.algoid == "2a8648ce3d0201") { // ECC + this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); + if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) + throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; + var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; + var key = new KJUR.crypto.ECDSA({'curve': curveName}); + key.setPublicKeyHex(p8.pubkey); + key.setPrivateKeyHex(p8.key); + key.isPublic = false; + return key; + } else if (p8.algoid == "2a8648ce380401") { // DSA + var hP = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,0], "02"); + var hQ = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,1], "02"); + var hG = ASN1HEX.getVbyList(prvKeyHex, 0, [1,1,2], "02"); + var hX = ASN1HEX.getVbyList(prvKeyHex, 0, [2,0], "02"); + var biP = new BigInteger(hP, 16); + var biQ = new BigInteger(hQ, 16); + var biG = new BigInteger(hG, 16); + var biX = new BigInteger(hX, 16); + var key = new KJUR.crypto.DSA(); + key.setPrivate(biP, biQ, biG, null, biX); + return key; + } else { + throw "unsupported private key algorithm"; + } + }, + + // === PKCS8 RSA Public Key ================================================ + /** * (DEPRECATED) read PEM formatted PKCS#8 public key and returns RSAKey object - * @name getRSAKeyFromPublicPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key - * @return {RSAKey} loaded RSAKey object of RSA public key + * @name getRSAKeyFromPublicPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key + * @return {RSAKey} loaded RSAKey object of RSA public key * @since pkcs5pkey 1.0.4 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex); - return rsaKey; - }, + return rsaKey; + }, - /** + /** * (DEPRECATED) get RSAKey/ECDSA public key object from PEM PKCS#8 public key - * @name getKeyFromPublicPKCS8PEM - * @memberOf KEYUTIL - * @function - * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @name getKeyFromPublicPKCS8PEM + * @memberOf KEYUTIL + * @function + * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex); - return key; - }, + return key; + }, - /** + /** * (DEPRECATED) get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key - * @name getKeyFromPublicPKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key - * @return {Object} RSAKey or KJUR.crypto.{ECDSA,DSA} private key object - * @since pkcs5pkey 1.0.5 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @name getKeyFromPublicPKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key + * @return {Object} RSAKey or KJUR.crypto.{ECDSA,DSA} private key object + * @since pkcs5pkey 1.0.5 + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { - var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); - - if (p8.algoid == "2a864886f70d010101") { // RSA - var aRSA = this.parsePublicRawRSAKeyHex(p8.key); - var key = new RSAKey(); - key.setPublic(aRSA.n, aRSA.e); - return key; - } else if (p8.algoid == "2a8648ce3d0201") { // ECC - if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) - throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; - var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; - var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); - return key; - } else if (p8.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1 - var param = p8.algparam; + var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); + + if (p8.algoid == "2a864886f70d010101") { // RSA + var aRSA = this.parsePublicRawRSAKeyHex(p8.key); + var key = new RSAKey(); + key.setPublic(aRSA.n, aRSA.e); + return key; + } else if (p8.algoid == "2a8648ce3d0201") { // ECC + if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) + throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; + var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; + var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); + return key; + } else if (p8.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1 + var param = p8.algparam; var y = ASN1HEX.getHexOfV_AtObj(p8.key, 0); - var key = new KJUR.crypto.DSA(); - key.setPublic(new BigInteger(param.p, 16), - new BigInteger(param.q, 16), - new BigInteger(param.g, 16), - new BigInteger(y, 16)); - return key; - } else { - throw "unsupported public key algorithm"; - } - }, - - /** + var key = new KJUR.crypto.DSA(); + key.setPublic(new BigInteger(param.p, 16), + new BigInteger(param.q, 16), + new BigInteger(param.g, 16), + new BigInteger(y, 16)); + return key; + } else { + throw "unsupported public key algorithm"; + } + }, + + /** * parse hexadecimal string of plain PKCS#8 private key - * @name parsePublicRawRSAKeyHex - * @memberOf KEYUTIL - * @function - * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key - * @return {Array} associative array of parsed key - * @since pkcs5pkey 1.0.5 - * @description - * Resulted associative array has following properties: - *
        - *
      • n - hexadecimal string of public key - *
      • e - hexadecimal string of public exponent - *
      - */ - parsePublicRawRSAKeyHex: function(pubRawRSAHex) { - var result = {}; - - // 1. Sequence - if (pubRawRSAHex.substr(0, 2) != "30") - throw "malformed RSA key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); - if (a1.length != 2) - throw "malformed RSA key(code:002)"; // not 2 items in seq - - // 2. public key "N" - if (pubRawRSAHex.substr(a1[0], 2) != "02") - throw "malformed RSA key(code:003)"; // 1st item is not integer - - result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); - - // 3. public key "E" - if (pubRawRSAHex.substr(a1[1], 2) != "02") - throw "malformed RSA key(code:004)"; // 2nd item is not integer - - result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); - - return result; - }, - - /** + * @name parsePublicRawRSAKeyHex + * @memberOf KEYUTIL + * @function + * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key + * @return {Array} associative array of parsed key + * @since pkcs5pkey 1.0.5 + * @description + * Resulted associative array has following properties: + *
        + *
      • n - hexadecimal string of public key + *
      • e - hexadecimal string of public exponent + *
      + */ + parsePublicRawRSAKeyHex: function(pubRawRSAHex) { + var result = {}; + + // 1. Sequence + if (pubRawRSAHex.substr(0, 2) != "30") + throw "malformed RSA key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); + if (a1.length != 2) + throw "malformed RSA key(code:002)"; // not 2 items in seq + + // 2. public key "N" + if (pubRawRSAHex.substr(a1[0], 2) != "02") + throw "malformed RSA key(code:003)"; // 1st item is not integer + + result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); + + // 3. public key "E" + if (pubRawRSAHex.substr(a1[1], 2) != "02") + throw "malformed RSA key(code:004)"; // 2nd item is not integer + + result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); + + return result; + }, + + /** * parse hexadecimal string of RSA private key - * @name parsePrivateRawRSAKeyHexAtObj - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key - * @return {Array} info associative array to add parsed RSA private key information - * @since pkcs5pkey 1.0.5 - * @description - * Following properties are added to associative array 'info' - *
        - *
      • n - hexadecimal string of public key - *
      • e - hexadecimal string of public exponent - *
      • d - hexadecimal string of private key - *
      • p - hexadecimal string - *
      • q - hexadecimal string - *
      • dp - hexadecimal string - *
      • dq - hexadecimal string - *
      • co - hexadecimal string - *
      - */ - parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { - var keyIdx = info.keyidx; - - // 1. sequence - if (pkcs8PrvHex.substr(keyIdx, 2) != "30") - throw "malformed RSA private key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); - if (a1.length != 9) - throw "malformed RSA private key(code:002)"; // not sequence - - // 2. RSA key - info.key = {}; - info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); - info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); - info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); - info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); - info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); - info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); - info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); - info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); - }, - - /** + * @name parsePrivateRawRSAKeyHexAtObj + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key + * @return {Array} info associative array to add parsed RSA private key information + * @since pkcs5pkey 1.0.5 + * @description + * Following properties are added to associative array 'info' + *
        + *
      • n - hexadecimal string of public key + *
      • e - hexadecimal string of public exponent + *
      • d - hexadecimal string of private key + *
      • p - hexadecimal string + *
      • q - hexadecimal string + *
      • dp - hexadecimal string + *
      • dq - hexadecimal string + *
      • co - hexadecimal string + *
      + */ + parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { + var keyIdx = info.keyidx; + + // 1. sequence + if (pkcs8PrvHex.substr(keyIdx, 2) != "30") + throw "malformed RSA private key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); + if (a1.length != 9) + throw "malformed RSA private key(code:002)"; // not sequence + + // 2. RSA key + info.key = {}; + info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); + info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); + info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); + info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); + info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); + info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); + info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); + info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); + }, + + /** * parse hexadecimal string of ECC private key - * @name parsePrivateRawECKeyHexAtObj - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key - * @return {Array} info associative array to add parsed ECC private key information - * @since pkcs5pkey 1.0.5 - * @description - * Following properties are added to associative array 'info' - *
        - *
      • key - hexadecimal string of ECC private key - *
      - */ - parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { - var keyIdx = info.keyidx; - - var key = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [1], "04"); - var pubkey = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [2,0], "03").substr(2); - - info.key = key; - info.pubkey = pubkey; - }, - - /** + * @name parsePrivateRawECKeyHexAtObj + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key + * @return {Array} info associative array to add parsed ECC private key information + * @since pkcs5pkey 1.0.5 + * @description + * Following properties are added to associative array 'info' + *
        + *
      • key - hexadecimal string of ECC private key + *
      + */ + parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { + var keyIdx = info.keyidx; + + var key = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [1], "04"); + var pubkey = ASN1HEX.getVbyList(pkcs8PrvHex, keyIdx, [2,0], "03").substr(2); + + info.key = key; + info.pubkey = pubkey; + }, + + /** * parse hexadecimal string of PKCS#8 RSA/EC/DSA public key - * @name parsePublicPKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key - * @return {Hash} hash of key information - * @description + * @name parsePublicPKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key + * @return {Hash} hash of key information + * @description * Resulted hash has following attributes. - *
        - *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • - *
      • algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null
      • - *
      • key - hexadecimal string of public key
      • - *
      - */ + *
        + *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • + *
      • algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null
      • + *
      • key - hexadecimal string of public key
      • + *
      + */ parsePublicPKCS8Hex: function(pkcs8PubHex) { - var result = {}; - result.algparam = null; + var result = {}; + result.algparam = null; // 1. AlgID and Key bit string - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); - if (a1.length != 2) - throw "outer DERSequence shall have 2 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); + if (a1.length != 2) + throw "outer DERSequence shall have 2 elements: " + a1.length; // 2. AlgID var idxAlgIdTLV = a1[0]; @@ -1118,79 +1123,79 @@ var KEYUTIL = function() { if (a2.length != 2) throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements - // 2.1. AlgID OID - if (pkcs8PubHex.substr(a2[0], 2) != "06") - throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID + // 2.1. AlgID OID + if (pkcs8PubHex.substr(a2[0], 2) != "06") + throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID - result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); + result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); - // 2.2. AlgID param - if (pkcs8PubHex.substr(a2[1], 2) == "06") { // OID for EC - result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); - } else if (pkcs8PubHex.substr(a2[1], 2) == "30") { // SEQ for DSA - result.algparam = {}; - result.algparam.p = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [0], "02"); - result.algparam.q = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [1], "02"); - result.algparam.g = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [2], "02"); - } + // 2.2. AlgID param + if (pkcs8PubHex.substr(a2[1], 2) == "06") { // OID for EC + result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); + } else if (pkcs8PubHex.substr(a2[1], 2) == "30") { // SEQ for DSA + result.algparam = {}; + result.algparam.p = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [0], "02"); + result.algparam.q = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [1], "02"); + result.algparam.g = ASN1HEX.getVbyList(pkcs8PubHex, a2[1], [2], "02"); + } - // 3. Key - if (pkcs8PubHex.substr(a1[1], 2) != "03") - throw "malformed PKCS8 public key(code:004)"; // Key is not bit string + // 3. Key + if (pkcs8PubHex.substr(a1[1], 2) != "03") + throw "malformed PKCS8 public key(code:004)"; // Key is not bit string - result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); + result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); - // 4. return result assoc array - return result; + // 4. return result assoc array + return result; }, - /** + /** * (DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPublicPKCS8Hex - * @memberOf KEYUTIL - * @function - * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key - * @return {RSAKey} loaded RSAKey object of RSA public key + * @name getRSAKeyFromPublicPKCS8Hex + * @memberOf KEYUTIL + * @function + * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key + * @return {RSAKey} loaded RSAKey object of RSA public key * @since pkcs5pkey 1.0.4 - * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. - */ + * @deprecated From jsrsasign 4.2.1 please use {@link KEYUTIL.getKey#}. + */ getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); - if (a1.length != 2) - throw "outer DERSequence shall have 2 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); + if (a1.length != 2) + throw "outer DERSequence shall have 2 elements: " + a1.length; var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]); - if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption - throw "PKCS8 AlgorithmId is not rsaEncryption"; - - if (pkcs8PubHex.substr(a1[1], 2) != "03") - throw "PKCS8 Public Key is not BITSTRING encapslated."; - - var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit - - if (pkcs8PubHex.substr(idxPub, 2) != "30") - throw "PKCS8 Public Key is not SEQUENCE."; - - var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); - if (a2.length != 2) - throw "inner DERSequence shall have 2 elements: " + a2.length; - - if (pkcs8PubHex.substr(a2[0], 2) != "02") - throw "N is not ASN.1 INTEGER"; - if (pkcs8PubHex.substr(a2[1], 2) != "02") - throw "E is not ASN.1 INTEGER"; - - var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); - var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); - - var pubKey = new RSAKey(); - pubKey.setPublic(hN, hE); - - return pubKey; - }, - - //addAlgorithm: function(functionObject, algName, keyLen, ivLen) { - //} + if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption + throw "PKCS8 AlgorithmId is not rsaEncryption"; + + if (pkcs8PubHex.substr(a1[1], 2) != "03") + throw "PKCS8 Public Key is not BITSTRING encapslated."; + + var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit + + if (pkcs8PubHex.substr(idxPub, 2) != "30") + throw "PKCS8 Public Key is not SEQUENCE."; + + var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); + if (a2.length != 2) + throw "inner DERSequence shall have 2 elements: " + a2.length; + + if (pkcs8PubHex.substr(a2[0], 2) != "02") + throw "N is not ASN.1 INTEGER"; + if (pkcs8PubHex.substr(a2[1], 2) != "02") + throw "E is not ASN.1 INTEGER"; + + var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); + var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); + + var pubKey = new RSAKey(); + pubKey.setPublic(hN, hE); + + return pubKey; + }, + + //addAlgorithm: function(functionObject, algName, keyLen, ivLen) { + //} }; }(); @@ -1243,165 +1248,165 @@ var KEYUTIL = function() { KEYUTIL.getKey = function(param, passcode, hextype) { // 1. by key object if (typeof RSAKey != 'undefined' && param instanceof RSAKey) - return param; + return param; if (typeof KJUR.crypto.ECDSA != 'undefined' && param instanceof KJUR.crypto.ECDSA) - return param; + return param; if (typeof KJUR.crypto.DSA != 'undefined' && param instanceof KJUR.crypto.DSA) - return param; + return param; // 2. by key spec // 2.1. ECC private key if (param.xy !== undefined && param.curve !== undefined) { - return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve}); + return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve}); } // 2.2. RSA private key if (param.n !== undefined && param.e !== undefined && param.d !== undefined && - param.p !== undefined && param.q !== undefined && - param.dp !== undefined && param.dq !== undefined && param.co !== undefined) { - var key = new RSAKey(); - key.setPrivateEx(param.n, param.e, param.d, param.p, param.q, - param.dp, param.dq, param.co); - return key; + param.p !== undefined && param.q !== undefined && + param.dp !== undefined && param.dq !== undefined && param.co !== undefined) { + var key = new RSAKey(); + key.setPrivateEx(param.n, param.e, param.d, param.p, param.q, + param.dp, param.dq, param.co); + return key; } // 2.3. DSA private key if (param.p !== undefined && param.q !== undefined && param.g !== undefined && - param.y !== undefined && param.x !== undefined) { - var key = new KJUR.crypto.DSA(); - key.setPrivate(param.p, param.q, param.g, param.y, param.x); - return key; + param.y !== undefined && param.x !== undefined) { + var key = new KJUR.crypto.DSA(); + key.setPrivate(param.p, param.q, param.g, param.y, param.x); + return key; } // 2.4. ECC public key if (param.d !== undefined && param.curve !== undefined) { - return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve}); + return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve}); } // 2.5. RSA private key if (param.n !== undefined && param.e) { - var key = new RSAKey(); - key.setPublic(param.n, param.e); - return key; + var key = new RSAKey(); + key.setPublic(param.n, param.e); + return key; } // 2.6. DSA public key if (param.p !== undefined && param.q !== undefined && param.g !== undefined && - param.y !== undefined && param.x === undefined) { - var key = new KJUR.crypto.DSA(); - key.setPublic(param.p, param.q, param.g, param.y); - return key; + param.y !== undefined && param.x === undefined) { + var key = new KJUR.crypto.DSA(); + key.setPublic(param.p, param.q, param.g, param.y); + return key; } // 3. by cert if (param.indexOf("-END CERTIFICATE-", 0) != -1 || - param.indexOf("-END X509 CERTIFICATE-", 0) != -1 || - param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) { - return X509.getPublicKeyFromCertPEM(param); + param.indexOf("-END X509 CERTIFICATE-", 0) != -1 || + param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) { + return X509.getPublicKeyFromCertPEM(param); } // 4. public key by PKCS#8 hexadecimal string if (hextype === "pkcs8pub") { - return KEYUTIL.getKeyFromPublicPKCS8Hex(param); + return KEYUTIL.getKeyFromPublicPKCS8Hex(param); } // 5. public key by PKCS#8 PEM string if (param.indexOf("-END PUBLIC KEY-") != -1) { - return KEYUTIL.getKeyFromPublicPKCS8PEM(param); + return KEYUTIL.getKeyFromPublicPKCS8PEM(param); } // 6. private key by PKCS#5 plain hexadecimal RSA string if (hextype === "pkcs5prv") { - var key = new RSAKey(); - key.readPrivateKeyFromASN1HexString(param); - return key; + var key = new RSAKey(); + key.readPrivateKeyFromASN1HexString(param); + return key; } // 7. private key by plain PKCS#5 hexadecimal RSA string if (hextype === "pkcs5prv") { - var key = new RSAKey(); - key.readPrivateKeyFromASN1HexString(param); - return key; + var key = new RSAKey(); + key.readPrivateKeyFromASN1HexString(param); + return key; } // 8. private key by plain PKCS#5 PEM RSA string if (param.indexOf("-END RSA PRIVATE KEY-") != -1 && - param.indexOf("4,ENCRYPTED") == -1) { - var key = new RSAKey(); - key.readPrivateKeyFromPEMString(param); - return key; + param.indexOf("4,ENCRYPTED") == -1) { + var key = new RSAKey(); + key.readPrivateKeyFromPEMString(param); + return key; } // 8.2. private key by plain PKCS#5 PEM DSA string if (param.indexOf("-END DSA PRIVATE KEY-") != -1 && - param.indexOf("4,ENCRYPTED") == -1) { - - var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY"); - var p = ASN1HEX.getVbyList(hKey, 0, [1], "02"); - var q = ASN1HEX.getVbyList(hKey, 0, [2], "02"); - var g = ASN1HEX.getVbyList(hKey, 0, [3], "02"); - var y = ASN1HEX.getVbyList(hKey, 0, [4], "02"); - var x = ASN1HEX.getVbyList(hKey, 0, [5], "02"); - var key = new KJUR.crypto.DSA(); - key.setPrivate(new BigInteger(p, 16), - new BigInteger(q, 16), - new BigInteger(g, 16), - new BigInteger(y, 16), - new BigInteger(x, 16)); - return key; + param.indexOf("4,ENCRYPTED") == -1) { + + var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY"); + var p = ASN1HEX.getVbyList(hKey, 0, [1], "02"); + var q = ASN1HEX.getVbyList(hKey, 0, [2], "02"); + var g = ASN1HEX.getVbyList(hKey, 0, [3], "02"); + var y = ASN1HEX.getVbyList(hKey, 0, [4], "02"); + var x = ASN1HEX.getVbyList(hKey, 0, [5], "02"); + var key = new KJUR.crypto.DSA(); + key.setPrivate(new BigInteger(p, 16), + new BigInteger(q, 16), + new BigInteger(g, 16), + new BigInteger(y, 16), + new BigInteger(x, 16)); + return key; } // 9. private key by plain PKCS#8 PEM ECC/RSA string if (param.indexOf("-END PRIVATE KEY-") != -1) { - return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param); + return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param); } // 10. private key by encrypted PKCS#5 PEM RSA string if (param.indexOf("-END RSA PRIVATE KEY-") != -1 && - param.indexOf("4,ENCRYPTED") != -1) { - return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode); + param.indexOf("4,ENCRYPTED") != -1) { + return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode); } // 10.2. private key by encrypted PKCS#5 PEM ECDSA string if (param.indexOf("-END EC PRIVATE KEY-") != -1 && - param.indexOf("4,ENCRYPTED") != -1) { - var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode); - - var key = ASN1HEX.getVbyList(hKey, 0, [1], "04"); - var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06"); - var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2); - var curveName = ""; - - if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) { - curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex]; - } else { - throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex; - } - - var ec = new KJUR.crypto.ECDSA({'name': curveName}); - ec.setPublicKeyHex(pubkey); - ec.setPrivateKeyHex(key); - ec.isPublic = false; - return ec; + param.indexOf("4,ENCRYPTED") != -1) { + var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode); + + var key = ASN1HEX.getVbyList(hKey, 0, [1], "04"); + var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06"); + var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2); + var curveName = ""; + + if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) { + curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex]; + } else { + throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex; + } + + var ec = new KJUR.crypto.ECDSA({'name': curveName}); + ec.setPublicKeyHex(pubkey); + ec.setPrivateKeyHex(key); + ec.isPublic = false; + return ec; } // 10.3. private key by encrypted PKCS#5 PEM DSA string if (param.indexOf("-END DSA PRIVATE KEY-") != -1 && - param.indexOf("4,ENCRYPTED") != -1) { - var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode); - var p = ASN1HEX.getVbyList(hKey, 0, [1], "02"); - var q = ASN1HEX.getVbyList(hKey, 0, [2], "02"); - var g = ASN1HEX.getVbyList(hKey, 0, [3], "02"); - var y = ASN1HEX.getVbyList(hKey, 0, [4], "02"); - var x = ASN1HEX.getVbyList(hKey, 0, [5], "02"); - var key = new KJUR.crypto.DSA(); - key.setPrivate(new BigInteger(p, 16), - new BigInteger(q, 16), - new BigInteger(g, 16), - new BigInteger(y, 16), - new BigInteger(x, 16)); - return key; + param.indexOf("4,ENCRYPTED") != -1) { + var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode); + var p = ASN1HEX.getVbyList(hKey, 0, [1], "02"); + var q = ASN1HEX.getVbyList(hKey, 0, [2], "02"); + var g = ASN1HEX.getVbyList(hKey, 0, [3], "02"); + var y = ASN1HEX.getVbyList(hKey, 0, [4], "02"); + var x = ASN1HEX.getVbyList(hKey, 0, [5], "02"); + var key = new KJUR.crypto.DSA(); + key.setPrivate(new BigInteger(p, 16), + new BigInteger(q, 16), + new BigInteger(g, 16), + new BigInteger(y, 16), + new BigInteger(x, 16)); + return key; } // 11. private key by encrypted PKCS#8 hexadecimal RSA/ECDSA string if (param.indexOf("-END ENCRYPTED PRIVATE KEY-") != -1) { - return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode); + return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode); } throw "not supported argument"; @@ -1436,44 +1441,44 @@ KEYUTIL.getKey = function(param, passcode, hextype) { */ KEYUTIL.generateKeypair = function(alg, keylenOrCurve) { if (alg == "RSA") { - var keylen = keylenOrCurve; - var prvKey = new RSAKey(); - prvKey.generate(keylen, '10001'); - prvKey.isPrivate = true; - prvKey.isPublic = true; - - var pubKey = new RSAKey(); - var hN = prvKey.n.toString(16); - var hE = prvKey.e.toString(16); - pubKey.setPublic(hN, hE); - pubKey.isPrivate = false; - pubKey.isPublic = true; - - var result = {}; - result.prvKeyObj = prvKey; - result.pubKeyObj = pubKey; - return result; + var keylen = keylenOrCurve; + var prvKey = new RSAKey(); + prvKey.generate(keylen, '10001'); + prvKey.isPrivate = true; + prvKey.isPublic = true; + + var pubKey = new RSAKey(); + var hN = prvKey.n.toString(16); + var hE = prvKey.e.toString(16); + pubKey.setPublic(hN, hE); + pubKey.isPrivate = false; + pubKey.isPublic = true; + + var result = {}; + result.prvKeyObj = prvKey; + result.pubKeyObj = pubKey; + return result; } else if (alg == "EC") { - var curve = keylenOrCurve; - var ec = new KJUR.crypto.ECDSA({curve: curve}); - var keypairHex = ec.generateKeyPairHex(); - - var prvKey = new KJUR.crypto.ECDSA({curve: curve}); - prvKey.setPrivateKeyHex(keypairHex.ecprvhex); - prvKey.isPrivate = true; - prvKey.isPublic = false; - - var pubKey = new KJUR.crypto.ECDSA({curve: curve}); - pubKey.setPublicKeyHex(keypairHex.ecpubhex); - pubKey.isPrivate = false; - pubKey.isPublic = true; - - var result = {}; - result.prvKeyObj = prvKey; - result.pubKeyObj = pubKey; - return result; + var curve = keylenOrCurve; + var ec = new KJUR.crypto.ECDSA({curve: curve}); + var keypairHex = ec.generateKeyPairHex(); + + var prvKey = new KJUR.crypto.ECDSA({curve: curve}); + prvKey.setPrivateKeyHex(keypairHex.ecprvhex); + prvKey.isPrivate = true; + prvKey.isPublic = false; + + var pubKey = new KJUR.crypto.ECDSA({curve: curve}); + pubKey.setPublicKeyHex(keypairHex.ecpubhex); + pubKey.isPrivate = false; + pubKey.isPublic = true; + + var result = {}; + result.prvKeyObj = prvKey; + result.pubKeyObj = pubKey; + return result; } else { - throw "unknown algorithm: " + alg; + throw "unknown algorithm: " + alg; } }; @@ -1514,297 +1519,297 @@ KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) { var ns2 = KJUR.crypto; function _rsaprv2asn1obj(keyObjOrHex) { - var asn1Obj = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 0 }, - {"int": {"bigint": keyObjOrHex.n}}, - {"int": keyObjOrHex.e}, - {"int": {"bigint": keyObjOrHex.d}}, - {"int": {"bigint": keyObjOrHex.p}}, - {"int": {"bigint": keyObjOrHex.q}}, - {"int": {"bigint": keyObjOrHex.dmp1}}, - {"int": {"bigint": keyObjOrHex.dmq1}}, - {"int": {"bigint": keyObjOrHex.coeff}} - ] - }); - return asn1Obj; + var asn1Obj = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 0 }, + {"int": {"bigint": keyObjOrHex.n}}, + {"int": keyObjOrHex.e}, + {"int": {"bigint": keyObjOrHex.d}}, + {"int": {"bigint": keyObjOrHex.p}}, + {"int": {"bigint": keyObjOrHex.q}}, + {"int": {"bigint": keyObjOrHex.dmp1}}, + {"int": {"bigint": keyObjOrHex.dmq1}}, + {"int": {"bigint": keyObjOrHex.coeff}} + ] + }); + return asn1Obj; }; function _ecdsaprv2asn1obj(keyObjOrHex) { - var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 1 }, - {"octstr": {"hex": keyObjOrHex.prvKeyHex}}, - {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]}, - {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]} - ] - }); - return asn1Obj2; + var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 1 }, + {"octstr": {"hex": keyObjOrHex.prvKeyHex}}, + {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]}, + {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]} + ] + }); + return asn1Obj2; }; function _dsaprv2asn1obj(keyObjOrHex) { - var asn1Obj = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 0 }, - {"int": {"bigint": keyObjOrHex.p}}, - {"int": {"bigint": keyObjOrHex.q}}, - {"int": {"bigint": keyObjOrHex.g}}, - {"int": {"bigint": keyObjOrHex.y}}, - {"int": {"bigint": keyObjOrHex.x}} - ] - }); - return asn1Obj; + var asn1Obj = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 0 }, + {"int": {"bigint": keyObjOrHex.p}}, + {"int": {"bigint": keyObjOrHex.q}}, + {"int": {"bigint": keyObjOrHex.g}}, + {"int": {"bigint": keyObjOrHex.y}}, + {"int": {"bigint": keyObjOrHex.x}} + ] + }); + return asn1Obj; }; // 1. public key // x. PEM PKCS#8 public key of RSA/ECDSA/DSA public key object if (((typeof RSAKey != "undefined" && keyObjOrHex instanceof RSAKey) || - (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) || - (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) && - keyObjOrHex.isPublic == true && - (formatType === undefined || formatType == "PKCS8PUB")) { - var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex); - var asn1Hex = asn1Obj.getEncodedHex(); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY"); + (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) || + (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) && + keyObjOrHex.isPublic == true && + (formatType === undefined || formatType == "PKCS8PUB")) { + var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex); + var asn1Hex = asn1Obj.getEncodedHex(); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY"); } // 2. private // x. PEM PKCS#1 plain private key of RSA private key object if (formatType == "PKCS1PRV" && - typeof RSAKey != "undefined" && - keyObjOrHex instanceof RSAKey && - (passwd === undefined || passwd == null) && - keyObjOrHex.isPrivate == true) { + typeof RSAKey != "undefined" && + keyObjOrHex instanceof RSAKey && + (passwd === undefined || passwd == null) && + keyObjOrHex.isPrivate == true) { - var asn1Obj = _rsaprv2asn1obj(keyObjOrHex); + var asn1Obj = _rsaprv2asn1obj(keyObjOrHex); var asn1Hex = asn1Obj.getEncodedHex(); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY"); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY"); } // x. PEM PKCS#1 plain private key of ECDSA private key object if (formatType == "PKCS1PRV" && - typeof RSAKey != "undefined" && - keyObjOrHex instanceof KJUR.crypto.ECDSA && - (passwd === undefined || passwd == null) && - keyObjOrHex.isPrivate == true) { - - var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName}); - var asn1Hex1 = asn1Obj1.getEncodedHex(); - var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex); + typeof RSAKey != "undefined" && + keyObjOrHex instanceof KJUR.crypto.ECDSA && + (passwd === undefined || passwd == null) && + keyObjOrHex.isPrivate == true) { + + var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName}); + var asn1Hex1 = asn1Obj1.getEncodedHex(); + var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex); var asn1Hex2 = asn1Obj2.getEncodedHex(); - var s = ""; - s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS"); - s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY"); - return s; + var s = ""; + s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS"); + s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY"); + return s; } // x. PEM PKCS#1 plain private key of DSA private key object if (formatType == "PKCS1PRV" && - typeof KJUR.crypto.DSA != "undefined" && - keyObjOrHex instanceof KJUR.crypto.DSA && - (passwd === undefined || passwd == null) && - keyObjOrHex.isPrivate == true) { + typeof KJUR.crypto.DSA != "undefined" && + keyObjOrHex instanceof KJUR.crypto.DSA && + (passwd === undefined || passwd == null) && + keyObjOrHex.isPrivate == true) { - var asn1Obj = _dsaprv2asn1obj(keyObjOrHex); + var asn1Obj = _dsaprv2asn1obj(keyObjOrHex); var asn1Hex = asn1Obj.getEncodedHex(); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY"); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY"); } // 3. private // x. PEM PKCS#5 encrypted private key of RSA private key object if (formatType == "PKCS5PRV" && - typeof RSAKey != "undefined" && - keyObjOrHex instanceof RSAKey && - (passwd !== undefined && passwd != null) && - keyObjOrHex.isPrivate == true) { + typeof RSAKey != "undefined" && + keyObjOrHex instanceof RSAKey && + (passwd !== undefined && passwd != null) && + keyObjOrHex.isPrivate == true) { - var asn1Obj = _rsaprv2asn1obj(keyObjOrHex); + var asn1Obj = _rsaprv2asn1obj(keyObjOrHex); var asn1Hex = asn1Obj.getEncodedHex(); - if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; - return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg); + if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; + return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg); } // x. PEM PKCS#5 encrypted private key of ECDSA private key object if (formatType == "PKCS5PRV" && - typeof KJUR.crypto.ECDSA != "undefined" && - keyObjOrHex instanceof KJUR.crypto.ECDSA && - (passwd !== undefined && passwd != null) && - keyObjOrHex.isPrivate == true) { + typeof KJUR.crypto.ECDSA != "undefined" && + keyObjOrHex instanceof KJUR.crypto.ECDSA && + (passwd !== undefined && passwd != null) && + keyObjOrHex.isPrivate == true) { - var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex); + var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex); var asn1Hex = asn1Obj.getEncodedHex(); - if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; - return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg); + if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; + return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg); } // x. PEM PKCS#5 encrypted private key of DSA private key object if (formatType == "PKCS5PRV" && - typeof KJUR.crypto.DSA != "undefined" && - keyObjOrHex instanceof KJUR.crypto.DSA && - (passwd !== undefined && passwd != null) && - keyObjOrHex.isPrivate == true) { + typeof KJUR.crypto.DSA != "undefined" && + keyObjOrHex instanceof KJUR.crypto.DSA && + (passwd !== undefined && passwd != null) && + keyObjOrHex.isPrivate == true) { - var asn1Obj = _dsaprv2asn1obj(keyObjOrHex); + var asn1Obj = _dsaprv2asn1obj(keyObjOrHex); var asn1Hex = asn1Obj.getEncodedHex(); - if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; - return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg); + if (encAlg === undefined) encAlg = "DES-EDE3-CBC"; + return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg); } // x. ====================================================================== var _getEncryptedPKCS8 = function(plainKeyHex, passcode) { - var info = _getEencryptedPKCS8Info(plainKeyHex, passcode); - //alert("iv=" + info.encryptionSchemeIV); - //alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext); - var asn1Obj = new KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"seq": [ - {"oid": {"name": "pkcs5PBES2"}}, - {"seq": [ - {"seq": [ - {"oid": {"name": "pkcs5PBKDF2"}}, - {"seq": [ - {"octstr": {"hex": info.pbkdf2Salt}}, - {"int": info.pbkdf2Iter} - ]} - ]}, - {"seq": [ - {"oid": {"name": "des-EDE3-CBC"}}, - {"octstr": {"hex": info.encryptionSchemeIV}} - ]} - ]} - ]}, - {"octstr": {"hex": info.ciphertext}} - ] - }); - return asn1Obj.getEncodedHex(); + var info = _getEencryptedPKCS8Info(plainKeyHex, passcode); + //alert("iv=" + info.encryptionSchemeIV); + //alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext); + var asn1Obj = new KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"seq": [ + {"oid": {"name": "pkcs5PBES2"}}, + {"seq": [ + {"seq": [ + {"oid": {"name": "pkcs5PBKDF2"}}, + {"seq": [ + {"octstr": {"hex": info.pbkdf2Salt}}, + {"int": info.pbkdf2Iter} + ]} + ]}, + {"seq": [ + {"oid": {"name": "des-EDE3-CBC"}}, + {"octstr": {"hex": info.encryptionSchemeIV}} + ]} + ]} + ]}, + {"octstr": {"hex": info.ciphertext}} + ] + }); + return asn1Obj.getEncodedHex(); }; var _getEencryptedPKCS8Info = function(plainKeyHex, passcode) { - var pbkdf2Iter = 100; - var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8); - var encryptionSchemeAlg = "DES-EDE3-CBC"; - var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8); - // PBKDF2 key - var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, - pbkdf2SaltWS, { "keySize": 192/32, - "iterations": pbkdf2Iter }); - // ENCRYPT - var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex); - var encryptedKeyHex = - CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + ""; - - //alert("encryptedKeyHex=" + encryptedKeyHex); - - var info = {}; - info.ciphertext = encryptedKeyHex; - //alert("info.ciphertext=" + info.ciphertext); - info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS); - info.pbkdf2Iter = pbkdf2Iter; - info.encryptionSchemeAlg = encryptionSchemeAlg; - info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS); - return info; + var pbkdf2Iter = 100; + var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8); + var encryptionSchemeAlg = "DES-EDE3-CBC"; + var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8); + // PBKDF2 key + var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, + pbkdf2SaltWS, { "keySize": 192/32, + "iterations": pbkdf2Iter }); + // ENCRYPT + var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex); + var encryptedKeyHex = + CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + ""; + + //alert("encryptedKeyHex=" + encryptedKeyHex); + + var info = {}; + info.ciphertext = encryptedKeyHex; + //alert("info.ciphertext=" + info.ciphertext); + info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS); + info.pbkdf2Iter = pbkdf2Iter; + info.encryptionSchemeAlg = encryptionSchemeAlg; + info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS); + return info; }; // x. PEM PKCS#8 plain private key of RSA private key object if (formatType == "PKCS8PRV" && - typeof RSAKey != "undefined" && - keyObjOrHex instanceof RSAKey && - keyObjOrHex.isPrivate == true) { + typeof RSAKey != "undefined" && + keyObjOrHex instanceof RSAKey && + keyObjOrHex.isPrivate == true) { - var keyObj = _rsaprv2asn1obj(keyObjOrHex); + var keyObj = _rsaprv2asn1obj(keyObjOrHex); var keyHex = keyObj.getEncodedHex(); - var asn1Obj = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 0}, - {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]}, - {"octstr": {"hex": keyHex}} - ] - }); - var asn1Hex = asn1Obj.getEncodedHex(); - - if (passwd === undefined || passwd == null) { - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); - } else { - var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); - } + var asn1Obj = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 0}, + {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]}, + {"octstr": {"hex": keyHex}} + ] + }); + var asn1Hex = asn1Obj.getEncodedHex(); + + if (passwd === undefined || passwd == null) { + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); + } else { + var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); + } } // x. PEM PKCS#8 plain private key of ECDSA private key object if (formatType == "PKCS8PRV" && - typeof KJUR.crypto.ECDSA != "undefined" && - keyObjOrHex instanceof KJUR.crypto.ECDSA && - keyObjOrHex.isPrivate == true) { - - var keyObj = new KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 1}, - {"octstr": {"hex": keyObjOrHex.prvKeyHex}}, - {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]} - ] - }); + typeof KJUR.crypto.ECDSA != "undefined" && + keyObjOrHex instanceof KJUR.crypto.ECDSA && + keyObjOrHex.isPrivate == true) { + + var keyObj = new KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 1}, + {"octstr": {"hex": keyObjOrHex.prvKeyHex}}, + {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]} + ] + }); var keyHex = keyObj.getEncodedHex(); - var asn1Obj = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 0}, - {"seq": [ - {"oid": {"name": "ecPublicKey"}}, - {"oid": {"name": keyObjOrHex.curveName}} - ]}, - {"octstr": {"hex": keyHex}} - ] - }); - - var asn1Hex = asn1Obj.getEncodedHex(); - if (passwd === undefined || passwd == null) { - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); - } else { - var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); - } + var asn1Obj = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 0}, + {"seq": [ + {"oid": {"name": "ecPublicKey"}}, + {"oid": {"name": keyObjOrHex.curveName}} + ]}, + {"octstr": {"hex": keyHex}} + ] + }); + + var asn1Hex = asn1Obj.getEncodedHex(); + if (passwd === undefined || passwd == null) { + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); + } else { + var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); + } } // x. PEM PKCS#8 plain private key of DSA private key object if (formatType == "PKCS8PRV" && - typeof KJUR.crypto.DSA != "undefined" && - keyObjOrHex instanceof KJUR.crypto.DSA && - keyObjOrHex.isPrivate == true) { + typeof KJUR.crypto.DSA != "undefined" && + keyObjOrHex instanceof KJUR.crypto.DSA && + keyObjOrHex.isPrivate == true) { - var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x}); + var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x}); var keyHex = keyObj.getEncodedHex(); - var asn1Obj = KJUR.asn1.ASN1Util.newObject({ - "seq": [ - {"int": 0}, - {"seq": [ - {"oid": {"name": "dsa"}}, - {"seq": [ - {"int": {"bigint": keyObjOrHex.p}}, - {"int": {"bigint": keyObjOrHex.q}}, - {"int": {"bigint": keyObjOrHex.g}} - ]} - ]}, - {"octstr": {"hex": keyHex}} - ] - }); - - var asn1Hex = asn1Obj.getEncodedHex(); - if (passwd === undefined || passwd == null) { - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); - } else { - var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); - return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); - } + var asn1Obj = KJUR.asn1.ASN1Util.newObject({ + "seq": [ + {"int": 0}, + {"seq": [ + {"oid": {"name": "dsa"}}, + {"seq": [ + {"int": {"bigint": keyObjOrHex.p}}, + {"int": {"bigint": keyObjOrHex.q}}, + {"int": {"bigint": keyObjOrHex.g}} + ]} + ]}, + {"octstr": {"hex": keyHex}} + ] + }); + + var asn1Hex = asn1Obj.getEncodedHex(); + if (passwd === undefined || passwd == null) { + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY"); + } else { + var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd); + return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY"); + } } throw "unsupported object nor format"; @@ -1822,9 +1827,9 @@ KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) { * @since keyutil 1.0.5 */ KEYUTIL.getKeyFromCSRPEM = function(csrPEM) { - var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST"); - var key = KEYUTIL.getKeyFromCSRHex(csrHex); - return key; + var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST"); + var key = KEYUTIL.getKeyFromCSRHex(csrHex); + return key; }; /** @@ -1837,9 +1842,9 @@ KEYUTIL.getKeyFromCSRPEM = function(csrPEM) { * @since keyutil 1.0.5 */ KEYUTIL.getKeyFromCSRHex = function(csrHex) { - var info = KEYUTIL.parseCSRHex(csrHex); - var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub"); - return key; + var info = KEYUTIL.parseCSRHex(csrHex); + var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub"); + return key; }; /** @@ -1880,5 +1885,3 @@ KEYUTIL.parseCSRHex = function(csrHex) { return result; }; - - diff --git a/keyutil-1.0.min.js b/keyutil-1.0.min.js index 997c3151..9d3f1278 100644 --- a/keyutil-1.0.min.js +++ b/keyutil-1.0.min.js @@ -1,3 +1,3 @@ -/*! keyutil-1.0.6.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ -var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("BEGIN "+u)==-1){throw"can't find PEM header: "+u}r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","");var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b}; \ No newline at end of file +var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b}; \ No newline at end of file diff --git a/pkcs5pkey-1.0.js b/pkcs5pkey-1.0.js index 35881e06..7fc1e970 100644 --- a/pkcs5pkey-1.0.js +++ b/pkcs5pkey-1.0.js @@ -1,9 +1,9 @@ -/*! pkcs5pkey-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! pkcs5pkey-1.0.6.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* * pkcs5pkey.js - reading passcode protected PKCS#5 PEM formatted RSA private key * - * Copyright (c) 2013 Kenji Urushima (kenji.urushima@gmail.com) + * Copyright (c) 2013-2014 Kenji Urushima (kenji.urushima@gmail.com) * * This software is licensed under the terms of the MIT License. * http://kjur.github.com/jsrsasign/license @@ -15,7 +15,7 @@ * @fileOverview * @name pkcs5pkey-1.0.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version pkcs5pkey 1.0.5 (2013-Aug-20) + * @version pkcs5pkey 1.0.6 (2014-Apr-16) * @since jsrsasign 2.0.0 * @license MIT License */ @@ -88,123 +88,123 @@ var PKCS5PKEY = function() { // ***************************************************************** // shared key decryption ------------------------------------------ var decryptAES = function(dataHex, keyHex, ivHex) { - return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); + return decryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); }; var decrypt3DES = function(dataHex, keyHex, ivHex) { - return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); + return decryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); }; var decryptGeneral = function(f, dataHex, keyHex, ivHex) { - var data = CryptoJS.enc.Hex.parse(dataHex); - var key = CryptoJS.enc.Hex.parse(keyHex); - var iv = CryptoJS.enc.Hex.parse(ivHex); - var encrypted = {}; - encrypted.key = key; - encrypted.iv = iv; - encrypted.ciphertext = data; - var decrypted = f.decrypt(encrypted, key, { iv: iv }); - return CryptoJS.enc.Hex.stringify(decrypted); + var data = CryptoJS.enc.Hex.parse(dataHex); + var key = CryptoJS.enc.Hex.parse(keyHex); + var iv = CryptoJS.enc.Hex.parse(ivHex); + var encrypted = {}; + encrypted.key = key; + encrypted.iv = iv; + encrypted.ciphertext = data; + var decrypted = f.decrypt(encrypted, key, { iv: iv }); + return CryptoJS.enc.Hex.stringify(decrypted); }; // shared key decryption ------------------------------------------ var encryptAES = function(dataHex, keyHex, ivHex) { - return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); + return encryptGeneral(CryptoJS.AES, dataHex, keyHex, ivHex); }; var encrypt3DES = function(dataHex, keyHex, ivHex) { - return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); + return encryptGeneral(CryptoJS.TripleDES, dataHex, keyHex, ivHex); }; var encryptGeneral = function(f, dataHex, keyHex, ivHex) { - var data = CryptoJS.enc.Hex.parse(dataHex); - var key = CryptoJS.enc.Hex.parse(keyHex); - var iv = CryptoJS.enc.Hex.parse(ivHex); - var msg = {}; - var encryptedHex = f.encrypt(data, key, { iv: iv }); + var data = CryptoJS.enc.Hex.parse(dataHex); + var key = CryptoJS.enc.Hex.parse(keyHex); + var iv = CryptoJS.enc.Hex.parse(ivHex); + var msg = {}; + var encryptedHex = f.encrypt(data, key, { iv: iv }); var encryptedWA = CryptoJS.enc.Hex.parse(encryptedHex.toString()); var encryptedB64 = CryptoJS.enc.Base64.stringify(encryptedWA); - return encryptedB64; + return encryptedB64; }; // other methods and properties ---------------------------------------- var ALGLIST = { - 'AES-256-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 32, ivlen: 16 }, - 'AES-192-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 24, ivlen: 16 }, - 'AES-128-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 16, ivlen: 16 }, - 'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 } + 'AES-256-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 32, ivlen: 16 }, + 'AES-192-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 24, ivlen: 16 }, + 'AES-128-CBC': { 'proc': decryptAES, 'eproc': encryptAES, keylen: 16, ivlen: 16 }, + 'DES-EDE3-CBC': { 'proc': decrypt3DES, 'eproc': encrypt3DES, keylen: 24, ivlen: 8 } }; var getFuncByName = function(algName) { - return ALGLIST[algName]['proc']; + return ALGLIST[algName]['proc']; }; var _generateIvSaltHex = function(numBytes) { - var wa = CryptoJS.lib.WordArray.random(numBytes); - var hex = CryptoJS.enc.Hex.stringify(wa); - return hex; + var wa = CryptoJS.lib.WordArray.random(numBytes); + var hex = CryptoJS.enc.Hex.stringify(wa); + return hex; }; var _parsePKCS5PEM = function(sPKCS5PEM) { - var info = {}; - if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) { - info.cipher = RegExp.$1; - info.ivsalt = RegExp.$2; - } - if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) { - info.type = RegExp.$1; - } - var i1 = -1; - var lenNEWLINE = 0; - if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) { - i1 = sPKCS5PEM.indexOf("\r\n\r\n"); - lenNEWLINE = 2; - } - if (sPKCS5PEM.indexOf("\n\n") != -1) { - i1 = sPKCS5PEM.indexOf("\n\n"); - lenNEWLINE = 1; - } - var i2 = sPKCS5PEM.indexOf("-----END"); - if (i1 != -1 && i2 != -1) { - var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE); - s = s.replace(/\s+/g, ''); - info.data = s; - } - return info; + var info = {}; + if (sPKCS5PEM.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)", "m"))) { + info.cipher = RegExp.$1; + info.ivsalt = RegExp.$2; + } + if (sPKCS5PEM.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))) { + info.type = RegExp.$1; + } + var i1 = -1; + var lenNEWLINE = 0; + if (sPKCS5PEM.indexOf("\r\n\r\n") != -1) { + i1 = sPKCS5PEM.indexOf("\r\n\r\n"); + lenNEWLINE = 2; + } + if (sPKCS5PEM.indexOf("\n\n") != -1) { + i1 = sPKCS5PEM.indexOf("\n\n"); + lenNEWLINE = 1; + } + var i2 = sPKCS5PEM.indexOf("-----END"); + if (i1 != -1 && i2 != -1) { + var s = sPKCS5PEM.substring(i1 + lenNEWLINE * 2, i2 - lenNEWLINE); + s = s.replace(/\s+/g, ''); + info.data = s; + } + return info; }; var _getKeyAndUnusedIvByPasscodeAndIvsalt = function(algName, passcode, ivsaltHex) { - //alert("ivsaltHex(2) = " + ivsaltHex); - var saltHex = ivsaltHex.substring(0, 16); - //alert("salt = " + saltHex); - - var salt = CryptoJS.enc.Hex.parse(saltHex); - var data = CryptoJS.enc.Utf8.parse(passcode); - //alert("salt = " + salt); - //alert("data = " + data); - - var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen']; - var hHexValueJoined = ''; - var hLastValue = null; - //alert("nRequiredBytes = " + nRequiredBytes); - for (;;) { - var h = CryptoJS.algo.MD5.create(); - if (hLastValue != null) { - h.update(hLastValue); - } - h.update(data); - h.update(salt); - hLastValue = h.finalize(); - hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue); - //alert("joined = " + hHexValueJoined); - if (hHexValueJoined.length >= nRequiredBytes * 2) { - break; - } - } - var result = {}; - result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2); - result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2); - return result; + //alert("ivsaltHex(2) = " + ivsaltHex); + var saltHex = ivsaltHex.substring(0, 16); + //alert("salt = " + saltHex); + + var salt = CryptoJS.enc.Hex.parse(saltHex); + var data = CryptoJS.enc.Utf8.parse(passcode); + //alert("salt = " + salt); + //alert("data = " + data); + + var nRequiredBytes = ALGLIST[algName]['keylen'] + ALGLIST[algName]['ivlen']; + var hHexValueJoined = ''; + var hLastValue = null; + //alert("nRequiredBytes = " + nRequiredBytes); + for (;;) { + var h = CryptoJS.algo.MD5.create(); + if (hLastValue != null) { + h.update(hLastValue); + } + h.update(data); + h.update(salt); + hLastValue = h.finalize(); + hHexValueJoined = hHexValueJoined + CryptoJS.enc.Hex.stringify(hLastValue); + //alert("joined = " + hHexValueJoined); + if (hHexValueJoined.length >= nRequiredBytes * 2) { + break; + } + } + var result = {}; + result.keyhex = hHexValueJoined.substr(0, ALGLIST[algName]['keylen'] * 2); + result.ivhex = hHexValueJoined.substr(ALGLIST[algName]['keylen'] * 2, ALGLIST[algName]['ivlen'] * 2); + return result; }; /* @@ -215,11 +215,11 @@ var PKCS5PKEY = function() { * @param {String} hexadecimal string of decrypted private key */ var _decryptKeyB64 = function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64); - var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA); - var f = ALGLIST[sharedKeyAlgName]['proc']; - var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex); - return decryptedKeyHex; + var privateKeyWA = CryptoJS.enc.Base64.parse(privateKeyB64); + var privateKeyHex = CryptoJS.enc.Hex.stringify(privateKeyWA); + var f = ALGLIST[sharedKeyAlgName]['proc']; + var decryptedKeyHex = f(privateKeyHex, sharedKeyHex, ivsaltHex); + return decryptedKeyHex; }; /* @@ -230,561 +230,561 @@ var PKCS5PKEY = function() { * @param {String} base64 string of encrypted private key */ var _encryptKeyHex = function(privateKeyHex, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - var f = ALGLIST[sharedKeyAlgName]['eproc']; - var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex); - return encryptedKeyB64; + var f = ALGLIST[sharedKeyAlgName]['eproc']; + var encryptedKeyB64 = f(privateKeyHex, sharedKeyHex, ivsaltHex); + return encryptedKeyB64; }; // ***************************************************************** // *** PUBLIC PROPERTIES AND METHODS ******************************* // ***************************************************************** return { - // -- UTILITY METHODS ------------------------------------------------------------ - /** + // -- UTILITY METHODS ------------------------------------------ + /** * decrypt private key by shared key - * @name version - * @memberOf PKCS5PKEY - * @property {String} version - * @description version string of PKCS5PKEY class - */ - version: "1.0.5", - - /** + * @name version + * @memberOf PKCS5PKEY + * @property {String} version + * @description version string of PKCS5PKEY class + */ + version: "1.0.5", + + /** * get hexacedimal string of PEM format - * @name getHexFromPEM - * @memberOf PKCS5PKEY - * @function - * @param {String} sPEM PEM formatted string - * @param {String} sHead PEM header string without BEGIN/END - * @return {String} hexadecimal string data of PEM contents - * @since pkcs5pkey 1.0.5 - */ + * @name getHexFromPEM + * @memberOf PKCS5PKEY + * @function + * @param {String} sPEM PEM formatted string + * @param {String} sHead PEM header string without BEGIN/END + * @return {String} hexadecimal string data of PEM contents + * @since pkcs5pkey 1.0.5 + */ getHexFromPEM: function(sPEM, sHead) { - var s = sPEM; - if (s.indexOf("BEGIN " + sHead) == -1) { - throw "can't find PEM header: " + sHead; - } - s = s.replace("-----BEGIN " + sHead + "-----", ""); - s = s.replace("-----END " + sHead + "-----", ""); - var sB64 = s.replace(/\s+/g, ''); + var s = sPEM; + if (s.indexOf("BEGIN " + sHead) == -1) { + throw "can't find PEM header: " + sHead; + } + s = s.replace("-----BEGIN " + sHead + "-----", ""); + s = s.replace("-----END " + sHead + "-----", ""); + var sB64 = s.replace(/\s+/g, ''); var dataHex = b64tohex(sB64); - return dataHex; - }, + return dataHex; + }, - /** + /** * decrypt private key by shared key - * @name getDecryptedKeyHexByKeyIV - * @memberOf PKCS5PKEY - * @function - * @param {String} encryptedKeyHex hexadecimal string of encrypted private key - * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') - * @param {String} sharedKeyHex hexadecimal string of symmetric key - * @param {String} ivHex hexadecimal string of initial vector(IV). - * @return {String} hexadecimal string of decrypted privated key - */ - getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) { - var f1 = getFuncByName(algName); - return f1(encryptedKeyHex, sharedKeyHex, ivHex); - }, - - /** + * @name getDecryptedKeyHexByKeyIV + * @memberOf PKCS5PKEY + * @function + * @param {String} encryptedKeyHex hexadecimal string of encrypted private key + * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') + * @param {String} sharedKeyHex hexadecimal string of symmetric key + * @param {String} ivHex hexadecimal string of initial vector(IV). + * @return {String} hexadecimal string of decrypted privated key + */ + getDecryptedKeyHexByKeyIV: function(encryptedKeyHex, algName, sharedKeyHex, ivHex) { + var f1 = getFuncByName(algName); + return f1(encryptedKeyHex, sharedKeyHex, ivHex); + }, + + /** * parse PEM formatted passcode protected PKCS#5 private key - * @name parsePKCS5PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key - * @return {Hash} hash of key information - * @description + * @name parsePKCS5PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key + * @return {Hash} hash of key information + * @description * Resulted hash has following attributes. - *
        - *
      • cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')
      • - *
      • ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.
      • - *
      • type - asymmetric key algorithm name of private key described in PEM header.
      • - *
      • data - base64 encoded encrypted private key.
      • - *
      + *
        + *
      • cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')
      • + *
      • ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.
      • + *
      • type - asymmetric key algorithm name of private key described in PEM header.
      • + *
      • data - base64 encoded encrypted private key.
      • + *
      * - */ + */ parsePKCS5PEM: function(sPKCS5PEM) { - return _parsePKCS5PEM(sPKCS5PEM); - }, + return _parsePKCS5PEM(sPKCS5PEM); + }, - /** + /** * the same function as OpenSSL EVP_BytsToKey to generate shared key and IV - * @name getKeyAndUnusedIvByPasscodeAndIvsalt - * @memberOf PKCS5PKEY - * @function - * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') - * @param {String} passcode passcode to decrypt private key (ex. 'password') - * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt - * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..}) - */ - getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) { - return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex); - }, + * @name getKeyAndUnusedIvByPasscodeAndIvsalt + * @memberOf PKCS5PKEY + * @function + * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') + * @param {String} passcode passcode to decrypt private key (ex. 'password') + * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt + * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..}) + */ + getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) { + return _getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, ivsaltHex); + }, decryptKeyB64: function(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex) { - return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); + return _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); }, - /** + /** * decrypt PEM formatted protected PKCS#5 private key with passcode - * @name getDecryptedKeyHex - * @memberOf PKCS5PKEY - * @function - * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key - * @param {String} passcode passcode to decrypt private key (ex. 'password') - * @return {String} hexadecimal string of decrypted RSA priavte key - */ - getDecryptedKeyHex: function(sEncryptedPEM, passcode) { - // 1. parse pem - var info = _parsePKCS5PEM(sEncryptedPEM); - var publicKeyAlgName = info.type; - var sharedKeyAlgName = info.cipher; - var ivsaltHex = info.ivsalt; - var privateKeyB64 = info.data; - //alert("ivsaltHex = " + ivsaltHex); - - // 2. generate shared key - var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); - var sharedKeyHex = sharedKeyInfo.keyhex; - //alert("sharedKeyHex = " + sharedKeyHex); - - // 3. decrypt private key + * @name getDecryptedKeyHex + * @memberOf PKCS5PKEY + * @function + * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key + * @param {String} passcode passcode to decrypt private key (ex. 'password') + * @return {String} hexadecimal string of decrypted RSA priavte key + */ + getDecryptedKeyHex: function(sEncryptedPEM, passcode) { + // 1. parse pem + var info = _parsePKCS5PEM(sEncryptedPEM); + var publicKeyAlgName = info.type; + var sharedKeyAlgName = info.cipher; + var ivsaltHex = info.ivsalt; + var privateKeyB64 = info.data; + //alert("ivsaltHex = " + ivsaltHex); + + // 2. generate shared key + var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); + var sharedKeyHex = sharedKeyInfo.keyhex; + //alert("sharedKeyHex = " + sharedKeyHex); + + // 3. decrypt private key var decryptedKey = _decryptKeyB64(privateKeyB64, sharedKeyAlgName, sharedKeyHex, ivsaltHex); - return decryptedKey; - }, + return decryptedKey; + }, - /** + /** * read PEM formatted encrypted PKCS#5 private key and returns RSAKey object - * @name getRSAKeyFromEncryptedPKCS5PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key - * @param {String} passcode passcode to decrypt private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromEncryptedPKCS5PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} sEncryptedP5PEM PEM formatted encrypted PKCS#5 private key + * @param {String} passcode passcode to decrypt private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.2 - */ - getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) { - var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode); - var rsaKey = new RSAKey(); - rsaKey.readPrivateKeyFromASN1HexString(hPKey); - return rsaKey; - }, - - /** + */ + getRSAKeyFromEncryptedPKCS5PEM: function(sEncryptedP5PEM, passcode) { + var hPKey = this.getDecryptedKeyHex(sEncryptedP5PEM, passcode); + var rsaKey = new RSAKey(); + rsaKey.readPrivateKeyFromASN1HexString(hPKey); + return rsaKey; + }, + + /** * get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key - * @name getEryptedPKCS5PEMFromPrvKeyHex - * @memberOf PKCS5PKEY - * @function - * @param {String} hPrvKey hexadecimal string of plain private key - * @param {String} passcode pass code to protect private key (ex. password) - * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC) - * @param {String} ivsaltHex hexadecimal string of IV and salt - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name getEryptedPKCS5PEMFromPrvKeyHex + * @memberOf PKCS5PKEY + * @function + * @param {String} hPrvKey hexadecimal string of plain private key + * @param {String} passcode pass code to protect private key (ex. password) + * @param {String} sharedKeyAlgName algorithm name to protect private key (ex. AES-256-CBC) + * @param {String} ivsaltHex hexadecimal string of IV and salt + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @description - *
      - * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded - * ASN.1 object of plain RSA private key. - * Following arguments can be omitted. - *
        - *
      • alg - AES-256-CBC will be used if omitted.
      • - *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • - *
      - * @example - * var pem = + * @description + *
      + * generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded + * ASN.1 object of plain RSA private key. + * Following arguments can be omitted. + *
        + *
      • alg - AES-256-CBC will be used if omitted.
      • + *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • + *
      + * @example + * var pem = * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password"); - * var pem2 = + * var pem2 = * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC"); - * var pem3 = + * var pem3 = * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02..."); - */ - getEryptedPKCS5PEMFromPrvKeyHex: function(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { - var sPEM = ""; - - // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) - if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { - sharedKeyAlgName = "AES-256-CBC"; - } - if (typeof ALGLIST[sharedKeyAlgName] == "undefined") - throw "PKCS5PKEY unsupported algorithm: " + sharedKeyAlgName; - - // 2. set ivsaltHex if undefined - if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { - var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; - var randIV = _generateIvSaltHex(ivlen); - ivsaltHex = randIV.toUpperCase(); - } - - // 3. get shared key + */ + getEryptedPKCS5PEMFromPrvKeyHex: function(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { + var sPEM = ""; + + // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) + if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { + sharedKeyAlgName = "AES-256-CBC"; + } + if (typeof ALGLIST[sharedKeyAlgName] == "undefined") + throw "PKCS5PKEY unsupported algorithm: " + sharedKeyAlgName; + + // 2. set ivsaltHex if undefined + if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { + var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; + var randIV = _generateIvSaltHex(ivlen); + ivsaltHex = randIV.toUpperCase(); + } + + // 3. get shared key //alert("ivsalthex=" + ivsaltHex); - var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); - var sharedKeyHex = sharedKeyInfo.keyhex; - // alert("sharedKeyHex = " + sharedKeyHex); + var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); + var sharedKeyHex = sharedKeyInfo.keyhex; + // alert("sharedKeyHex = " + sharedKeyHex); // 3. get encrypted Key in Base64 var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex); - var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); - var sPEM = "-----BEGIN RSA PRIVATE KEY-----\r\n"; - sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; - sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; - sPEM += "\r\n"; - sPEM += pemBody; - sPEM += "\r\n-----END RSA PRIVATE KEY-----\r\n"; - - return sPEM; + var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); + var sPEM = "-----BEGIN RSA PRIVATE KEY-----\r\n"; + sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; + sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; + sPEM += "\r\n"; + sPEM += pemBody; + sPEM += "\r\n-----END RSA PRIVATE KEY-----\r\n"; + + return sPEM; }, - /** + /** * get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key - * @name getEryptedPKCS5PEMFromRSAKey - * @memberOf PKCS5PKEY - * @function - * @param {RSAKey} pKey RSAKey object of private key - * @param {String} passcode pass code to protect private key (ex. password) - * @param {String} alg algorithm name to protect private key (default AES-256-CBC) - * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name getEryptedPKCS5PEMFromRSAKey + * @memberOf PKCS5PKEY + * @function + * @param {RSAKey} pKey RSAKey object of private key + * @param {String} passcode pass code to protect private key (ex. password) + * @param {String} alg algorithm name to protect private key (default AES-256-CBC) + * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @description - *
      - * generate PEM formatted encrypted PKCS#5 private key by - * {@link RSAKey} object of RSA private key and passcode. - * Following argument can be omitted. - *
        - *
      • alg - AES-256-CBC will be used if omitted.
      • - *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • - *
      - * @example - * var pkey = new RSAKey(); - * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' - * var pem = PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pkey, "password"); - */ + * @description + *
      + * generate PEM formatted encrypted PKCS#5 private key by + * {@link RSAKey} object of RSA private key and passcode. + * Following argument can be omitted. + *
        + *
      • alg - AES-256-CBC will be used if omitted.
      • + *
      • ivsaltHex - automatically generate IV and salt which length depends on algorithm
      • + *
      + * @example + * var pkey = new RSAKey(); + * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' + * var pem = PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pkey, "password"); + */ getEryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) { - var version = new KJUR.asn1.DERInteger({'int': 0}); - var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); - var e = new KJUR.asn1.DERInteger({'int': pKey.e}); - var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); - var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); - var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); - var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); - var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); - var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); - var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); - var hex = seq.getEncodedHex(); - return this.getEryptedPKCS5PEMFromPrvKeyHex(hex, passcode, alg, ivsaltHex); + var version = new KJUR.asn1.DERInteger({'int': 0}); + var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); + var e = new KJUR.asn1.DERInteger({'int': pKey.e}); + var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); + var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); + var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); + var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); + var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); + var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); + var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); + var hex = seq.getEncodedHex(); + return this.getEryptedPKCS5PEMFromPrvKeyHex(hex, passcode, alg, ivsaltHex); }, - /** + /** * generate RSAKey and PEM formatted encrypted PKCS#5 private key - * @name newEncryptedPKCS5PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} passcode pass code to protect private key (ex. password) - * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) - * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) - * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC) - * @return {String} string of PEM formatted encrypted PKCS#5 private key + * @name newEncryptedPKCS5PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} passcode pass code to protect private key (ex. password) + * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) + * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) + * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC) + * @return {String} string of PEM formatted encrypted PKCS#5 private key * @since pkcs5pkey 1.0.2 - * @example - * var pem1 = PKCS5PKEY.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC - * var pem2 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC - * var pem3 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC - */ - newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { - if (typeof keyLen == "undefined" || keyLen == null) { - keyLen = 1024; - } - if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { - hPublicExponent = '10001'; - } - var pKey = new RSAKey(); - pKey.generate(keyLen, hPublicExponent); - var pem = null; - if (typeof alg == "undefined" || alg == null) { - pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode); - } else { - pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode, alg); - } - return pem; + * @example + * var pem1 = PKCS5PKEY.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC + * var pem2 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC + * var pem3 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC + */ + newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { + if (typeof keyLen == "undefined" || keyLen == null) { + keyLen = 1024; + } + if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { + hPublicExponent = '10001'; + } + var pKey = new RSAKey(); + pKey.generate(keyLen, hPublicExponent); + var pem = null; + if (typeof alg == "undefined" || alg == null) { + pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode); + } else { + pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode, alg); + } + return pem; }, - // === PKCS8 =============================================================== + // === PKCS8 =============================================================== - /** + /** * read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPlainPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromPlainPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.1 - */ + */ getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) { if (pkcs8PEM.match(/ENCRYPTED/)) throw "pem shall be not ENCRYPTED"; var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY"); var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); - return rsaKey; + return rsaKey; }, - /** + /** * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPlainPKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromPlainPKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.3 - */ + */ getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) { - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); - if (a1.length != 3) - throw "outer DERSequence shall have 3 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); + if (a1.length != 3) + throw "outer DERSequence shall have 3 elements: " + a1.length; var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); - if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption - throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; + if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption + throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; var algIdTLV = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); - var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); - var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); + var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); + var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); //alert(p5KeyHex); - var rsaKey = new RSAKey(); - rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); - return rsaKey; + var rsaKey = new RSAKey(); + rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); + return rsaKey; }, - /** + /** * generate PBKDF2 key hexstring with specified passcode and information - * @name parseHexOfEncryptedPKCS8 - * @memberOf PKCS5PKEY - * @function - * @param {String} passcode passcode to decrypto private key - * @return {Array} info associative array of PKCS#8 parameters + * @name parseHexOfEncryptedPKCS8 + * @memberOf PKCS5PKEY + * @function + * @param {String} passcode passcode to decrypto private key + * @return {Array} info associative array of PKCS#8 parameters * @since pkcs5pkey 1.0.3 - * @description - * The associative array which is returned by this method has following properties: - *
        - *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • - *
      • info.pkbdf2Iter - iteration count
      • - *
      • info.ciphertext - hexadecimal string of encrypted private key
      • - *
      • info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
      • - *
      • info.encryptionSchemeIV - initial vector for encryption algorithm
      • - *
      - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ + * @description + * The associative array which is returned by this method has following properties: + *
        + *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • + *
      • info.pkbdf2Iter - iteration count
      • + *
      • info.ciphertext - hexadecimal string of encrypted private key
      • + *
      • info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
      • + *
      • info.encryptionSchemeIV - initial vector for encryption algorithm
      • + *
      + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ parseHexOfEncryptedPKCS8: function(sHEX) { var info = {}; - - var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); - if (a0.length != 2) - throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; + + var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); + if (a0.length != 2) + throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; - // 1. ciphertext - info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); + // 1. ciphertext + info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); - // 2. pkcs5PBES2 - var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); - if (a0_0.length != 2) - throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; + // 2. pkcs5PBES2 + var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); + if (a0_0.length != 2) + throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; - // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") - throw "this only supports pkcs5PBES2"; + // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") + throw "this only supports pkcs5PBES2"; - // 2.2 pkcs5PBES2 param + // 2.2 pkcs5PBES2 param var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); - if (a0_0.length != 2) - throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; - - // 2.2.1 encryptionScheme - var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); - if (a0_0_1_1.length != 2) - throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") - throw "this only supports TripleDES"; - info.encryptionSchemeAlg = "TripleDES"; - - // 2.2.1.1 IV of encryptionScheme - info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); - - // 2.2.2 keyDerivationFunc - var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); - if (a0_0_1_0.length != 2) - throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; - if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") - throw "this only supports pkcs5PBKDF2"; - - // 2.2.2.1 pkcs5PBKDF2 param - var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); - if (a0_0_1_0_1.length < 2) - throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; - - // 2.2.2.1.1 PBKDF2 salt - info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); - - // 2.2.2.1.2 PBKDF2 iter - var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); - try { - info.pbkdf2Iter = parseInt(iterNumHex, 16); - } catch(ex) { - throw "malformed format pbkdf2Iter: " + iterNumHex; - } - - return info; - }, - - /** + if (a0_0.length != 2) + throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; + + // 2.2.1 encryptionScheme + var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); + if (a0_0_1_1.length != 2) + throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") + throw "this only supports TripleDES"; + info.encryptionSchemeAlg = "TripleDES"; + + // 2.2.1.1 IV of encryptionScheme + info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); + + // 2.2.2 keyDerivationFunc + var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); + if (a0_0_1_0.length != 2) + throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; + if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") + throw "this only supports pkcs5PBKDF2"; + + // 2.2.2.1 pkcs5PBKDF2 param + var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); + if (a0_0_1_0_1.length < 2) + throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; + + // 2.2.2.1.1 PBKDF2 salt + info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); + + // 2.2.2.1.2 PBKDF2 iter + var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); + try { + info.pbkdf2Iter = parseInt(iterNumHex, 16); + } catch(ex) { + throw "malformed format pbkdf2Iter: " + iterNumHex; + } + + return info; + }, + + /** * generate PBKDF2 key hexstring with specified passcode and information - * @name getPBKDF2KeyHexFromParam - * @memberOf PKCS5PKEY - * @function - * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file - * @param {String} passcode passcode to decrypto private key - * @return {String} hexadecimal string of PBKDF2 key + * @name getPBKDF2KeyHexFromParam + * @memberOf PKCS5PKEY + * @function + * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file + * @param {String} passcode passcode to decrypto private key + * @return {String} hexadecimal string of PBKDF2 key * @since pkcs5pkey 1.0.3 - * @description - * As for info, this uses following properties: - *
        - *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • - *
      • info.pkbdf2Iter - iteration count
      • - *
      - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ - getPBKDF2KeyHexFromParam: function(info, passcode) { - var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); - var pbkdf2Iter = info.pbkdf2Iter; - var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, - pbkdf2SaltWS, - { keySize: 192/32, iterations: pbkdf2Iter }); - var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); - return pbkdf2KeyHex; - }, - - /** + * @description + * As for info, this uses following properties: + *
        + *
      • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
      • + *
      • info.pkbdf2Iter - iteration count
      • + *
      + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ + getPBKDF2KeyHexFromParam: function(info, passcode) { + var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); + var pbkdf2Iter = info.pbkdf2Iter; + var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, + pbkdf2SaltWS, + { keySize: 192/32, iterations: pbkdf2Iter }); + var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); + return pbkdf2KeyHex; + }, + + /** * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key - * @name getPlainPKCS8HexFromEncryptedPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key - * @param {String} passcode passcode to decrypto private key - * @return {String} hexadecimal string of plain PKCS#8 private key + * @name getPlainPKCS8HexFromEncryptedPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key + * @param {String} passcode passcode to decrypto private key + * @return {String} hexadecimal string of plain PKCS#8 private key * @since pkcs5pkey 1.0.3 - * @description - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ - getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - // 1. derHex - PKCS#8 private key encrypted by PBKDF2 + * @description + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ + getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { + // 1. derHex - PKCS#8 private key encrypted by PBKDF2 var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY"); - // 2. info - PKCS#5 PBES info - var info = this.parseHexOfEncryptedPKCS8(derHex); - // 3. hKey - PBKDF2 key - var pbkdf2KeyHex = PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode); - // 4. decrypt ciphertext by PBKDF2 key - var encrypted = {}; - encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); - var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); - var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); - var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); - var decHex = CryptoJS.enc.Hex.stringify(decWS); - return decHex; - }, - - /** + // 2. info - PKCS#5 PBES info + var info = this.parseHexOfEncryptedPKCS8(derHex); + // 3. hKey - PBKDF2 key + var pbkdf2KeyHex = PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode); + // 4. decrypt ciphertext by PBKDF2 key + var encrypted = {}; + encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); + var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); + var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); + var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); + var decHex = CryptoJS.enc.Hex.stringify(decWS); + return decHex; + }, + + /** * read PEM formatted encrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromEncryptedPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key - * @param {String} passcode passcode to decrypto private key - * @return {RSAKey} loaded RSAKey object of RSA private key + * @name getRSAKeyFromEncryptedPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key + * @param {String} passcode passcode to decrypto private key + * @return {RSAKey} loaded RSAKey object of RSA private key * @since pkcs5pkey 1.0.3 - * @description - * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. - *
        - *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • - *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • - *
      - * @example - * // to convert plain PKCS#5 private key to encrypted PKCS#8 private - * // key with PBKDF2 with TripleDES - * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem - */ + * @description + * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. + *
        + *
      • keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
      • + *
      • encryptionScheme = des-EDE3-CBC(i.e. TripleDES
      • + *
      + * @example + * // to convert plain PKCS#5 private key to encrypted PKCS#8 private + * // key with PBKDF2 with TripleDES + * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem + */ getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); - var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); - return rsaKey; + var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); + var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); + return rsaKey; }, - /** + /** * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key - * @name getKeyFromEncryptedPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key - * @param {String} passcode passcode string to decrypt key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ + * @name getKeyFromEncryptedPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key + * @param {String} passcode passcode string to decrypt key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { - var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); - var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); - return key; + var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); + var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); + return key; }, - /** + /** * parse hexadecimal string of plain PKCS#8 private key - * @name parsePlainPrivatePKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key - * @return {Array} associative array of parsed key - * @since pkcs5pkey 1.0.5 - * @description - * Resulted associative array has following properties: - *
        - *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • - *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • - *
      • keyidx - string starting index of key in pkcs8PrvHex
      • - *
      - */ - parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { - var result = {}; - result.algparam = null; - - // 1. sequence - if (pkcs8PrvHex.substr(0, 2) != "30") - throw "malformed plain PKCS8 private key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); - if (a1.length != 3) - throw "malformed plain PKCS8 private key(code:002)"; - - // 2. AlgID + * @name parsePlainPrivatePKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key + * @return {Array} associative array of parsed key + * @since pkcs5pkey 1.0.5 + * @description + * Resulted associative array has following properties: + *
        + *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • + *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • + *
      • keyidx - string starting index of key in pkcs8PrvHex
      • + *
      + */ + parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { + var result = {}; + result.algparam = null; + + // 1. sequence + if (pkcs8PrvHex.substr(0, 2) != "30") + throw "malformed plain PKCS8 private key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); + if (a1.length != 3) + throw "malformed plain PKCS8 private key(code:002)"; + + // 2. AlgID if (pkcs8PrvHex.substr(a1[1], 2) != "30") throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence @@ -792,270 +792,270 @@ var PKCS5PKEY = function() { if (a2.length != 2) throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements - // 2.1. AlgID OID - if (pkcs8PrvHex.substr(a2[0], 2) != "06") - throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID + // 2.1. AlgID OID + if (pkcs8PrvHex.substr(a2[0], 2) != "06") + throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID - result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); + result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); - // 2.2. AlgID param - if (pkcs8PrvHex.substr(a2[1], 2) == "06") { - result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); - } + // 2.2. AlgID param + if (pkcs8PrvHex.substr(a2[1], 2) == "06") { + result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); + } - // 3. Key index - if (pkcs8PrvHex.substr(a1[2], 2) != "04") - throw "malformed PKCS8 private key(code:006)"; // not octet string + // 3. Key index + if (pkcs8PrvHex.substr(a1[2], 2) != "04") + throw "malformed PKCS8 private key(code:006)"; // not octet string - result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); + result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); - return result; + return result; }, - /** + /** * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key - * @name getKeyFromPlainPrivatePKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ - getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { - var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); - var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); - return key; - }, - - /** + * @name getKeyFromPlainPrivatePKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ + getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { + var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); + var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); + return key; + }, + + /** * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key - * @name getKeyFromPlainPrivatePKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ - getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { - var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); - - if (p8.algoid == "2a864886f70d010101") { // RSA - this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); - var k = p8.key; - var key = new RSAKey(); - key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); - return key; - } else if (p8.algoid == "2a8648ce3d0201") { // ECC - this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); - if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) - throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; - var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; - var key = new KJUR.crypto.ECDSA({'curve': curveName, 'prv': p8.key}); - return key; - } else { - throw "unsupported private key algorithm"; - } - }, - - // === PKCS8 RSA Public Key ================================================ - /** + * @name getKeyFromPlainPrivatePKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ + getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { + var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); + + if (p8.algoid == "2a864886f70d010101") { // RSA + this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); + var k = p8.key; + var key = new RSAKey(); + key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); + return key; + } else if (p8.algoid == "2a8648ce3d0201") { // ECC + this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); + if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) + throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; + var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; + var key = new KJUR.crypto.ECDSA({'curve': curveName, 'prv': p8.key}); + return key; + } else { + throw "unsupported private key algorithm"; + } + }, + + // === PKCS8 RSA Public Key ================================================ + /** * read PEM formatted PKCS#8 public key and returns RSAKey object - * @name getRSAKeyFromPublicPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key - * @return {RSAKey} loaded RSAKey object of RSA public key + * @name getRSAKeyFromPublicPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key + * @return {RSAKey} loaded RSAKey object of RSA public key * @since pkcs5pkey 1.0.4 - */ + */ getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex); - return rsaKey; - }, + return rsaKey; + }, - /** + /** * get RSAKey/ECDSA public key object from PEM PKCS#8 public key - * @name getKeyFromPublicPKCS8PEM - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ + * @name getKeyFromPublicPKCS8PEM + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex); - return key; - }, + return key; + }, - /** + /** * get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key - * @name getKeyFromPublicPKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key - * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object - * @since pkcs5pkey 1.0.5 - */ + * @name getKeyFromPublicPKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key + * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object + * @since pkcs5pkey 1.0.5 + */ getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { - var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); - - if (p8.algoid == "2a864886f70d010101") { // RSA - var aRSA = this.parsePublicRawRSAKeyHex(p8.key); - var key = new RSAKey(); - key.setPublic(aRSA.n, aRSA.e); - return key; - } else if (p8.algoid == "2a8648ce3d0201") { // ECC - if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) - throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; - var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; - var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); - return key; - } else { - throw "unsupported public key algorithm"; - } - }, - - /** + var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); + + if (p8.algoid == "2a864886f70d010101") { // RSA + var aRSA = this.parsePublicRawRSAKeyHex(p8.key); + var key = new RSAKey(); + key.setPublic(aRSA.n, aRSA.e); + return key; + } else if (p8.algoid == "2a8648ce3d0201") { // ECC + if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) + throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; + var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; + var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); + return key; + } else { + throw "unsupported public key algorithm"; + } + }, + + /** * parse hexadecimal string of plain PKCS#8 private key - * @name parsePublicRawRSAKeyHex - * @memberOf PKCS5PKEY - * @function - * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key - * @return {Array} associative array of parsed key - * @since pkcs5pkey 1.0.5 - * @description - * Resulted associative array has following properties: - *
        - *
      • n - hexadecimal string of public key - *
      • e - hexadecimal string of public exponent - *
      - */ - parsePublicRawRSAKeyHex: function(pubRawRSAHex) { - var result = {}; - - // 1. Sequence - if (pubRawRSAHex.substr(0, 2) != "30") - throw "malformed RSA key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); - if (a1.length != 2) - throw "malformed RSA key(code:002)"; // not 2 items in seq - - // 2. public key "N" - if (pubRawRSAHex.substr(a1[0], 2) != "02") - throw "malformed RSA key(code:003)"; // 1st item is not integer - - result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); - - // 3. public key "E" - if (pubRawRSAHex.substr(a1[1], 2) != "02") - throw "malformed RSA key(code:004)"; // 2nd item is not integer - - result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); - - return result; - }, - - /** + * @name parsePublicRawRSAKeyHex + * @memberOf PKCS5PKEY + * @function + * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key + * @return {Array} associative array of parsed key + * @since pkcs5pkey 1.0.5 + * @description + * Resulted associative array has following properties: + *
        + *
      • n - hexadecimal string of public key + *
      • e - hexadecimal string of public exponent + *
      + */ + parsePublicRawRSAKeyHex: function(pubRawRSAHex) { + var result = {}; + + // 1. Sequence + if (pubRawRSAHex.substr(0, 2) != "30") + throw "malformed RSA key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); + if (a1.length != 2) + throw "malformed RSA key(code:002)"; // not 2 items in seq + + // 2. public key "N" + if (pubRawRSAHex.substr(a1[0], 2) != "02") + throw "malformed RSA key(code:003)"; // 1st item is not integer + + result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); + + // 3. public key "E" + if (pubRawRSAHex.substr(a1[1], 2) != "02") + throw "malformed RSA key(code:004)"; // 2nd item is not integer + + result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); + + return result; + }, + + /** * parse hexadecimal string of RSA private key - * @name parsePrivateRawRSAKeyHexAtObj - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key - * @return {Array} info associative array to add parsed RSA private key information - * @since pkcs5pkey 1.0.5 - * @description - * Following properties are added to associative array 'info' - *
        - *
      • n - hexadecimal string of public key - *
      • e - hexadecimal string of public exponent - *
      • d - hexadecimal string of private key - *
      • p - hexadecimal string - *
      • q - hexadecimal string - *
      • dp - hexadecimal string - *
      • dq - hexadecimal string - *
      • co - hexadecimal string - *
      - */ - parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { - var keyIdx = info.keyidx; - - // 1. sequence - if (pkcs8PrvHex.substr(keyIdx, 2) != "30") - throw "malformed RSA private key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); - if (a1.length != 9) - throw "malformed RSA private key(code:002)"; // not sequence - - // 2. RSA key - info.key = {}; - info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); - info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); - info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); - info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); - info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); - info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); - info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); - info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); - }, - - /** + * @name parsePrivateRawRSAKeyHexAtObj + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key + * @return {Array} info associative array to add parsed RSA private key information + * @since pkcs5pkey 1.0.5 + * @description + * Following properties are added to associative array 'info' + *
        + *
      • n - hexadecimal string of public key + *
      • e - hexadecimal string of public exponent + *
      • d - hexadecimal string of private key + *
      • p - hexadecimal string + *
      • q - hexadecimal string + *
      • dp - hexadecimal string + *
      • dq - hexadecimal string + *
      • co - hexadecimal string + *
      + */ + parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { + var keyIdx = info.keyidx; + + // 1. sequence + if (pkcs8PrvHex.substr(keyIdx, 2) != "30") + throw "malformed RSA private key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); + if (a1.length != 9) + throw "malformed RSA private key(code:002)"; // not sequence + + // 2. RSA key + info.key = {}; + info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); + info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); + info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); + info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); + info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); + info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); + info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); + info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); + }, + + /** * parse hexadecimal string of ECC private key - * @name parsePrivateRawECKeyHexAtObj - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key - * @return {Array} info associative array to add parsed ECC private key information - * @since pkcs5pkey 1.0.5 - * @description - * Following properties are added to associative array 'info' - *
        - *
      • key - hexadecimal string of ECC private key - *
      - */ - parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { - var keyIdx = info.keyidx; - - // 1. sequence - if (pkcs8PrvHex.substr(keyIdx, 2) != "30") - throw "malformed ECC private key(code:001)"; // not sequence - - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); - if (a1.length != 3) - throw "malformed ECC private key(code:002)"; // not sequence - - // 2. EC private key - if (pkcs8PrvHex.substr(a1[1], 2) != "04") - throw "malformed ECC private key(code:003)"; // not octetstring - - info.key = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); - }, - - /** + * @name parsePrivateRawECKeyHexAtObj + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key + * @return {Array} info associative array to add parsed ECC private key information + * @since pkcs5pkey 1.0.5 + * @description + * Following properties are added to associative array 'info' + *
        + *
      • key - hexadecimal string of ECC private key + *
      + */ + parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { + var keyIdx = info.keyidx; + + // 1. sequence + if (pkcs8PrvHex.substr(keyIdx, 2) != "30") + throw "malformed ECC private key(code:001)"; // not sequence + + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); + if (a1.length != 3) + throw "malformed ECC private key(code:002)"; // not sequence + + // 2. EC private key + if (pkcs8PrvHex.substr(a1[1], 2) != "04") + throw "malformed ECC private key(code:003)"; // not octetstring + + info.key = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); + }, + + /** * parse hexadecimal string of PKCS#8 public key - * @name parsePublicPKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key - * @return {Hash} hash of key information - * @description + * @name parsePublicPKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key + * @return {Hash} hash of key information + * @description * Resulted hash has following attributes. - *
        - *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • - *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • - *
      • key - hexadecimal string of public key
      • - *
      - */ + *
        + *
      • algoid - hexadecimal string of OID of asymmetric key algorithm
      • + *
      • algparam - hexadecimal string of OID of ECC curve name or null
      • + *
      • key - hexadecimal string of public key
      • + *
      + */ parsePublicPKCS8Hex: function(pkcs8PubHex) { - var result = {}; - result.algparam = null; + var result = {}; + result.algparam = null; // 1. AlgID and Key bit string - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); - if (a1.length != 2) - throw "outer DERSequence shall have 2 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); + if (a1.length != 2) + throw "outer DERSequence shall have 2 elements: " + a1.length; // 2. AlgID var idxAlgIdTLV = a1[0]; @@ -1066,72 +1066,69 @@ var PKCS5PKEY = function() { if (a2.length != 2) throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements - // 2.1. AlgID OID - if (pkcs8PubHex.substr(a2[0], 2) != "06") - throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID + // 2.1. AlgID OID + if (pkcs8PubHex.substr(a2[0], 2) != "06") + throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID - result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); + result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); - // 2.2. AlgID param - if (pkcs8PubHex.substr(a2[1], 2) == "06") { - result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); - } + // 2.2. AlgID param + if (pkcs8PubHex.substr(a2[1], 2) == "06") { + result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); + } - // 3. Key - if (pkcs8PubHex.substr(a1[1], 2) != "03") - throw "malformed PKCS8 public key(code:004)"; // Key is not bit string + // 3. Key + if (pkcs8PubHex.substr(a1[1], 2) != "03") + throw "malformed PKCS8 public key(code:004)"; // Key is not bit string - result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); + result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); - // 4. return result assoc array - return result; + // 4. return result assoc array + return result; }, - /** + /** * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object - * @name getRSAKeyFromPublicPKCS8Hex - * @memberOf PKCS5PKEY - * @function - * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key - * @return {RSAKey} loaded RSAKey object of RSA public key + * @name getRSAKeyFromPublicPKCS8Hex + * @memberOf PKCS5PKEY + * @function + * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key + * @return {RSAKey} loaded RSAKey object of RSA public key * @since pkcs5pkey 1.0.4 - */ + */ getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { - var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); - if (a1.length != 2) - throw "outer DERSequence shall have 2 elements: " + a1.length; + var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); + if (a1.length != 2) + throw "outer DERSequence shall have 2 elements: " + a1.length; var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]); - if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption - throw "PKCS8 AlgorithmId is not rsaEncryption"; - - if (pkcs8PubHex.substr(a1[1], 2) != "03") - throw "PKCS8 Public Key is not BITSTRING encapslated."; - - var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit - - if (pkcs8PubHex.substr(idxPub, 2) != "30") - throw "PKCS8 Public Key is not SEQUENCE."; - - var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); - if (a2.length != 2) - throw "inner DERSequence shall have 2 elements: " + a2.length; - - if (pkcs8PubHex.substr(a2[0], 2) != "02") - throw "N is not ASN.1 INTEGER"; - if (pkcs8PubHex.substr(a2[1], 2) != "02") - throw "E is not ASN.1 INTEGER"; - - var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); - var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); - - var pubKey = new RSAKey(); - pubKey.setPublic(hN, hE); - - return pubKey; - }, - - //addAlgorithm: function(functionObject, algName, keyLen, ivLen) { - //} + if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption + throw "PKCS8 AlgorithmId is not rsaEncryption"; + + if (pkcs8PubHex.substr(a1[1], 2) != "03") + throw "PKCS8 Public Key is not BITSTRING encapslated."; + + var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit + + if (pkcs8PubHex.substr(idxPub, 2) != "30") + throw "PKCS8 Public Key is not SEQUENCE."; + + var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); + if (a2.length != 2) + throw "inner DERSequence shall have 2 elements: " + a2.length; + + if (pkcs8PubHex.substr(a2[0], 2) != "02") + throw "N is not ASN.1 INTEGER"; + if (pkcs8PubHex.substr(a2[1], 2) != "02") + throw "E is not ASN.1 INTEGER"; + + var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); + var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); + + var pubKey = new RSAKey(); + pubKey.setPublic(hN, hE); + + return pubKey; + }, }; }(); diff --git a/test/qunit-do-asn1.html b/test/qunit-do-asn1.html index 1ffd2a67..3b8edd1b 100755 --- a/test/qunit-do-asn1.html +++ b/test/qunit-do-asn1.html @@ -156,7 +156,7 @@ }); test("UTCTime Test", function() { - expect(4); + expect(5); var d1 = new KJUR.asn1.DERUTCTime(); d1.setString('130430125959Z'); @@ -172,10 +172,14 @@ var d4 = new KJUR.asn1.DERUTCTime({'date':new Date(Date.UTC(2015, 0, 31, 0, 0, 0, 0))}); equal(d4.s, "150131000000Z", "constructor date argument"); + + var d5 = new KJUR.asn1.DERUTCTime(); + var d5hex = d5.getEncodedHex() + equal(d5hex.substr(0, 4), "170d", "now[0,4]=170d"); }); test("GeneralizedTime Test", function() { - expect(4); + expect(5); var d1 = new KJUR.asn1.DERGeneralizedTime(); d1.setString('20130430125959Z'); equal(d1.getEncodedHex(), "180f32303133303433303132353935395a", @@ -192,6 +196,10 @@ var date4 = new Date(Date.UTC(2015, 0, 31, 0, 0, 0, 0)); var d4 = new KJUR.asn1.DERGeneralizedTime({'date': date4}); equal(d4.s, "20150131000000Z", "constructor date argument"); + + var d5 = new KJUR.asn1.DERGeneralizedTime(); + var d5hex = d5.getEncodedHex() + equal(d5hex.substr(0, 4), "180f", "now[0,4]=180f"); }); test("Sequence Test", function() { diff --git a/test/qunit-do-asn1cms.html b/test/qunit-do-asn1cms.html new file mode 100755 index 00000000..20f6b130 --- /dev/null +++ b/test/qunit-do-asn1cms.html @@ -0,0 +1,329 @@ + + + + +QUnit for ASN1 Encoder Class 'asn1cms.js' + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      +
      test markup
      +
      +QUnit TEST +asn1 | +asn1x509 | +APIDOCS | +
      + + + diff --git a/test/qunit-do-asn1x509.html b/test/qunit-do-asn1x509.html index 18394019..f2cc75f9 100755 --- a/test/qunit-do-asn1x509.html +++ b/test/qunit-do-asn1x509.html @@ -143,13 +143,19 @@ }); test("Time class test", function() { - expect(2); + expect(4); var o1 = new KJUR.asn1.x509.Time({'str':'130430235959Z'}); // UTC equal(o1.getEncodedHex(), "170d3133303433303233353935395a", "constructor default timestr"); var o2 = new KJUR.asn1.x509.Time({'str':'20130430235959Z', 'type': 'gen'}); // Gen equal(o2.getEncodedHex(), "180f32303133303433303233353935395a", "constructor default timestr"); + + var o3 = new KJUR.asn1.x509.Time({'str':'20130430235959Z'}); // Gen + equal(o3.getEncodedHex(), "180f32303133303433303233353935395a", "constructor default timestr (auto gen)"); + + var o4 = new KJUR.asn1.x509.Time(); // auto UTC + equal(o4.getEncodedHex().substr(0, 4), "170d", "constructor default timestr (empty)=170d..."); }); test("AlgorithmIdentifier class test", function() { diff --git a/test/qunit-do-keyutil.html b/test/qunit-do-keyutil.html index 285d0a3d..fced8fa9 100755 --- a/test/qunit-do-keyutil.html +++ b/test/qunit-do-keyutil.html @@ -224,7 +224,10 @@ var s = "-----BEGIN AAA TEST-----\r\n" + "YWFh\r\n" + "-----END AAA TEST-----\r\n"; - equal(KEYUTIL.getHexFromPEM(s, "AAA TEST"), "616161", "aaa"); + + expect(2); + equal(KEYUTIL.getHexFromPEM(s, "AAA TEST"), "616161", "(s, AAA TEST)-aaa"); + equal(KEYUTIL.getHexFromPEM(s), "616161", "no sHead (s)-aaa"); }); test("parseHexOfEncryptedPKCS8", function() { diff --git a/test/qunit-do-x509-kid.html b/test/qunit-do-x509-kid.html new file mode 100755 index 00000000..fde7903d --- /dev/null +++ b/test/qunit-do-x509-kid.html @@ -0,0 +1,99 @@ + + + +QUnit for X.509 Certificate 'x509.js' + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      +
      test markup
      + +

      © 2010 Kenji Urushima

      + + diff --git a/tool_ca.html b/tool_ca.html index e6987303..2e1e9b3e 100755 --- a/tool_ca.html +++ b/tool_ca.html @@ -9,31 +9,7 @@ JS Certification Authority :) - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + +
      +
      +

      CMS SignedData generator

      +

      Simple RFC 5652 CMS SignedData generator in pure JavaScript

      +TOP | +DOWNLOADS | +TUTORIALS | +API REFERENCE | +DEMOS | +
      +
      + + +
      +
      + + +
      + +

      (Step1) Fill signer's private key and certificate

      +As for private key, any PKCS#5 and PKCS#8 PEM formatted +RSA/ECDSA/DSA key are supported. + +
      SIGNER'S PRIVATE KEY:
      + + +
      SIGNER'S X.509 CERTIFICATE:
      + + + + +

      (Step2) Fill CMS SignedData properties

      + + + + + + + + + + +
      signed content
      hash algorithm for MessageDigest attribute + +
      signature algorithm for MessageDigest attribute + +
      add SigingTime signed attribute?
      + +

      (Step3) Press "Sign" button

      + + + +

      Generated CMS SignedData

      + + +
      +This PEM formatted CMS signed data can be verified by OpenSSL command +as following. + +
      +% openssl cms -verify -in cms.pem -signer signer.cer -no_signer_cert_verify -inform PEM -binary +
      +
      + + + +
      +
      + + + + + + diff --git a/x509-1.1.js b/x509-1.1.js index dfea97e5..9d6a8f5d 100644 --- a/x509-1.1.js +++ b/x509-1.1.js @@ -1,9 +1,9 @@ -/*! x509-1.1.2.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! x509-1.1.3.js (c) 2012-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* * x509.js - X509 class to read subject public key from certificate. * - * Copyright (c) 2010-2013 Kenji Urushima (kenji.urushima@gmail.com) + * Copyright (c) 2010-2014 Kenji Urushima (kenji.urushima@gmail.com) * * This software is licensed under the terms of the MIT License. * http://kjur.github.com/jsrsasign/license @@ -16,7 +16,7 @@ * @fileOverview * @name x509-1.1.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version x509 1.1.2 (2013-Oct-06) + * @version x509 1.1.3 (2014-May-17) * @since jsrsasign 1.x.x * @license MIT License */ @@ -54,17 +54,17 @@ function X509() { * @function */ this.getSerialNumberHex = function() { - return ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 1]); + return ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 1]); }; /** - * get hexadecimal string of issuer field of certificate.
      + * get hexadecimal string of issuer field TLV of certificate.
      * @name getIssuerHex * @memberOf X509# * @function */ this.getIssuerHex = function() { - return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]); + return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3]); }; /** @@ -74,7 +74,7 @@ function X509() { * @function */ this.getIssuerString = function() { - return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3])); + return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 3])); }; /** @@ -84,7 +84,7 @@ function X509() { * @function */ this.getSubjectHex = function() { - return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]); + return ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5]); }; /** @@ -94,7 +94,7 @@ function X509() { * @function */ this.getSubjectString = function() { - return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5])); + return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex, 0, [0, 5])); }; /** @@ -104,10 +104,10 @@ function X509() { * @function */ this.getNotBefore = function() { - var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 0]); - s = s.replace(/(..)/g, "%$1"); - s = decodeURIComponent(s); - return s; + var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 0]); + s = s.replace(/(..)/g, "%$1"); + s = decodeURIComponent(s); + return s; }; /** @@ -117,10 +117,10 @@ function X509() { * @function */ this.getNotAfter = function() { - var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 1]); - s = s.replace(/(..)/g, "%$1"); - s = decodeURIComponent(s); - return s; + var s = ASN1HEX.getDecendantHexVByNthList(this.hex, 0, [0, 4, 1]); + s = s.replace(/(..)/g, "%$1"); + s = decodeURIComponent(s); + return s; }; // ===== read certificate public key ========================== @@ -134,23 +134,23 @@ function X509() { * @param {String} sCertPEM string for PEM formatted X.509 certificate */ this.readCertPEM = function(sCertPEM) { - var hCert = X509.pemToHex(sCertPEM); - var a = X509.getPublicKeyHexArrayFromCertHex(hCert); - var rsa = new RSAKey(); - rsa.setPublic(a[0], a[1]); - this.subjectPublicKeyRSA = rsa; - this.subjectPublicKeyRSA_hN = a[0]; - this.subjectPublicKeyRSA_hE = a[1]; - this.hex = hCert; + var hCert = X509.pemToHex(sCertPEM); + var a = X509.getPublicKeyHexArrayFromCertHex(hCert); + var rsa = new RSAKey(); + rsa.setPublic(a[0], a[1]); + this.subjectPublicKeyRSA = rsa; + this.subjectPublicKeyRSA_hN = a[0]; + this.subjectPublicKeyRSA_hE = a[1]; + this.hex = hCert; }; this.readCertPEMWithoutRSAInit = function(sCertPEM) { - var hCert = X509.pemToHex(sCertPEM); - var a = X509.getPublicKeyHexArrayFromCertHex(hCert); - this.subjectPublicKeyRSA.setPublic(a[0], a[1]); - this.subjectPublicKeyRSA_hN = a[0]; - this.subjectPublicKeyRSA_hE = a[1]; - this.hex = hCert; + var hCert = X509.pemToHex(sCertPEM); + var a = X509.getPublicKeyHexArrayFromCertHex(hCert); + this.subjectPublicKeyRSA.setPublic(a[0], a[1]); + this.subjectPublicKeyRSA_hN = a[0]; + this.subjectPublicKeyRSA_hE = a[1]; + this.hex = hCert; }; }; @@ -189,11 +189,11 @@ X509.getSubjectPublicKeyInfoPosFromCertHex = function(hCert) { var a = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, pTbsCert); if (a.length < 1) return -1; if (hCert.substring(a[0], a[0] + 10) == "a003020102") { // v3 - if (a.length < 6) return -1; - return a[6]; + if (a.length < 6) return -1; + return a[6]; } else { - if (a.length < 5) return -1; - return a[5]; + if (a.length < 5) return -1; + return a[5]; } }; @@ -204,9 +204,9 @@ X509.getPublicKeyHexArrayFromCertHex = function(hCert) { var hN = ASN1HEX.getHexOfV_AtObj(hCert, a[0]); var hE = ASN1HEX.getHexOfV_AtObj(hCert, a[1]); if (hN != null && hE != null) { - return [hN, hE]; + return [hN, hE]; } else { - return []; + return []; } }; @@ -225,8 +225,8 @@ X509.hex2dn = function(hDN) { var s = ""; var a = ASN1HEX.getPosArrayOfChildren_AtObj(hDN, 0); for (var i = 0; i < a.length; i++) { - var hRDN = ASN1HEX.getHexOfTLV_AtObj(hDN, a[i]); - s = s + "/" + X509.hex2rdn(hRDN); + var hRDN = ASN1HEX.getHexOfTLV_AtObj(hDN, a[i]); + s = s + "/" + X509.hex2rdn(hRDN); } return s; }; @@ -266,29 +266,29 @@ X509.getPublicKeyFromCertPEM = function(sCertPEM) { var info = X509.getPublicKeyInfoPropOfCertPEM(sCertPEM); if (info.algoid == "2a864886f70d010101") { // RSA - var aRSA = KEYUTIL.parsePublicRawRSAKeyHex(info.keyhex); - var key = new RSAKey(); - key.setPublic(aRSA.n, aRSA.e); - return key; + var aRSA = KEYUTIL.parsePublicRawRSAKeyHex(info.keyhex); + var key = new RSAKey(); + key.setPublic(aRSA.n, aRSA.e); + return key; } else if (info.algoid == "2a8648ce3d0201") { // ECC - var curveName = KJUR.crypto.OID.oidhex2name[info.algparam]; - var key = new KJUR.crypto.ECDSA({'curve': curveName, 'info': info.keyhex}); + var curveName = KJUR.crypto.OID.oidhex2name[info.algparam]; + var key = new KJUR.crypto.ECDSA({'curve': curveName, 'info': info.keyhex}); key.setPublicKeyHex(info.keyhex); - return key; + return key; } else if (info.algoid == "2a8648ce380401") { // DSA 1.2.840.10040.4.1 - var p = ASN1HEX.getVbyList(info.algparam, 0, [0], "02"); - var q = ASN1HEX.getVbyList(info.algparam, 0, [1], "02"); - var g = ASN1HEX.getVbyList(info.algparam, 0, [2], "02"); - var y = ASN1HEX.getHexOfV_AtObj(info.keyhex, 0); - y = y.substr(2); - var key = new KJUR.crypto.DSA(); - key.setPublic(new BigInteger(p, 16), - new BigInteger(q, 16), - new BigInteger(g, 16), - new BigInteger(y, 16)); - return key; + var p = ASN1HEX.getVbyList(info.algparam, 0, [0], "02"); + var q = ASN1HEX.getVbyList(info.algparam, 0, [1], "02"); + var g = ASN1HEX.getVbyList(info.algparam, 0, [2], "02"); + var y = ASN1HEX.getHexOfV_AtObj(info.keyhex, 0); + y = y.substr(2); + var key = new KJUR.crypto.DSA(); + key.setPublic(new BigInteger(p, 16), + new BigInteger(q, 16), + new BigInteger(g, 16), + new BigInteger(y, 16)); + return key; } else { - throw "unsupported key"; + throw "unsupported key"; } }; @@ -317,40 +317,40 @@ X509.getPublicKeyInfoPropOfCertPEM = function(sCertPEM) { // 1. Certificate ASN.1 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, 0); if (a1.length != 3) - throw "malformed X.509 certificate PEM (code:001)"; // not 3 item of seq Cert + throw "malformed X.509 certificate PEM (code:001)"; // not 3 item of seq Cert // 2. tbsCertificate if (hCert.substr(a1[0], 2) != "30") - throw "malformed X.509 certificate PEM (code:002)"; // tbsCert not seq + throw "malformed X.509 certificate PEM (code:002)"; // tbsCert not seq var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a1[0]); // 3. subjectPublicKeyInfo if (a2.length < 7) - throw "malformed X.509 certificate PEM (code:003)"; // no subjPubKeyInfo + throw "malformed X.509 certificate PEM (code:003)"; // no subjPubKeyInfo var a3 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a2[6]); if (a3.length != 2) - throw "malformed X.509 certificate PEM (code:004)"; // not AlgId and PubKey + throw "malformed X.509 certificate PEM (code:004)"; // not AlgId and PubKey // 4. AlgId var a4 = ASN1HEX.getPosArrayOfChildren_AtObj(hCert, a3[0]); if (a4.length != 2) - throw "malformed X.509 certificate PEM (code:005)"; // not 2 item in AlgId + throw "malformed X.509 certificate PEM (code:005)"; // not 2 item in AlgId result.algoid = ASN1HEX.getHexOfV_AtObj(hCert, a4[0]); if (hCert.substr(a4[1], 2) == "06") { // EC - result.algparam = ASN1HEX.getHexOfV_AtObj(hCert, a4[1]); + result.algparam = ASN1HEX.getHexOfV_AtObj(hCert, a4[1]); } else if (hCert.substr(a4[1], 2) == "30") { // DSA - result.algparam = ASN1HEX.getHexOfTLV_AtObj(hCert, a4[1]); + result.algparam = ASN1HEX.getHexOfTLV_AtObj(hCert, a4[1]); } // 5. Public Key Hex if (hCert.substr(a3[1], 02) != "03") - throw "malformed X.509 certificate PEM (code:006)"; // not bitstring + throw "malformed X.509 certificate PEM (code:006)"; // not bitstring var unusedBitAndKeyHex = ASN1HEX.getHexOfV_AtObj(hCert, a3[1]); result.keyhex = unusedBitAndKeyHex.substr(2); @@ -359,13 +359,13 @@ X509.getPublicKeyInfoPropOfCertPEM = function(sCertPEM) { }; /* -X509.prototype.readCertPEM = _x509_readCertPEM; -X509.prototype.readCertPEMWithoutRSAInit = _x509_readCertPEMWithoutRSAInit; -X509.prototype.getSerialNumberHex = _x509_getSerialNumberHex; -X509.prototype.getIssuerHex = _x509_getIssuerHex; -X509.prototype.getSubjectHex = _x509_getSubjectHex; -X509.prototype.getIssuerString = _x509_getIssuerString; -X509.prototype.getSubjectString = _x509_getSubjectString; -X509.prototype.getNotBefore = _x509_getNotBefore; -X509.prototype.getNotAfter = _x509_getNotAfter; + X509.prototype.readCertPEM = _x509_readCertPEM; + X509.prototype.readCertPEMWithoutRSAInit = _x509_readCertPEMWithoutRSAInit; + X509.prototype.getSerialNumberHex = _x509_getSerialNumberHex; + X509.prototype.getIssuerHex = _x509_getIssuerHex; + X509.prototype.getSubjectHex = _x509_getSubjectHex; + X509.prototype.getIssuerString = _x509_getIssuerString; + X509.prototype.getSubjectString = _x509_getSubjectString; + X509.prototype.getNotBefore = _x509_getNotBefore; + X509.prototype.getNotAfter = _x509_getNotAfter; */ diff --git a/x509-1.1.min.js b/x509-1.1.min.js index 8c4b5d9b..16438102 100644 --- a/x509-1.1.min.js +++ b/x509-1.1.min.js @@ -1,3 +1,3 @@ -/*! x509-1.1.2.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! x509-1.1.3.js (c) 2012-2014 Kenji Urushima | kjur.github.com/jsrsasign/license */ function X509(){this.subjectPublicKeyRSA=null;this.subjectPublicKeyRSA_hN=null;this.subjectPublicKeyRSA_hE=null;this.hex=null;this.getSerialNumberHex=function(){return ASN1HEX.getDecendantHexVByNthList(this.hex,0,[0,1])};this.getIssuerHex=function(){return ASN1HEX.getDecendantHexTLVByNthList(this.hex,0,[0,3])};this.getIssuerString=function(){return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex,0,[0,3]))};this.getSubjectHex=function(){return ASN1HEX.getDecendantHexTLVByNthList(this.hex,0,[0,5])};this.getSubjectString=function(){return X509.hex2dn(ASN1HEX.getDecendantHexTLVByNthList(this.hex,0,[0,5]))};this.getNotBefore=function(){var a=ASN1HEX.getDecendantHexVByNthList(this.hex,0,[0,4,0]);a=a.replace(/(..)/g,"%$1");a=decodeURIComponent(a);return a};this.getNotAfter=function(){var a=ASN1HEX.getDecendantHexVByNthList(this.hex,0,[0,4,1]);a=a.replace(/(..)/g,"%$1");a=decodeURIComponent(a);return a};this.readCertPEM=function(c){var e=X509.pemToHex(c);var b=X509.getPublicKeyHexArrayFromCertHex(e);var d=new RSAKey();d.setPublic(b[0],b[1]);this.subjectPublicKeyRSA=d;this.subjectPublicKeyRSA_hN=b[0];this.subjectPublicKeyRSA_hE=b[1];this.hex=e};this.readCertPEMWithoutRSAInit=function(c){var d=X509.pemToHex(c);var b=X509.getPublicKeyHexArrayFromCertHex(d);this.subjectPublicKeyRSA.setPublic(b[0],b[1]);this.subjectPublicKeyRSA_hN=b[0];this.subjectPublicKeyRSA_hE=b[1];this.hex=d}}X509.pemToBase64=function(a){var b=a;b=b.replace("-----BEGIN CERTIFICATE-----","");b=b.replace("-----END CERTIFICATE-----","");b=b.replace(/[ \n]+/g,"");return b};X509.pemToHex=function(a){var c=X509.pemToBase64(a);var b=b64tohex(c);return b};X509.getSubjectPublicKeyPosFromCertHex=function(f){var e=X509.getSubjectPublicKeyInfoPosFromCertHex(f);if(e==-1){return -1}var b=ASN1HEX.getPosArrayOfChildren_AtObj(f,e);if(b.length!=2){return -1}var d=b[1];if(f.substring(d,d+2)!="03"){return -1}var c=ASN1HEX.getStartPosOfV_AtObj(f,d);if(f.substring(c,c+2)!="00"){return -1}return c+2};X509.getSubjectPublicKeyInfoPosFromCertHex=function(d){var c=ASN1HEX.getStartPosOfV_AtObj(d,0);var b=ASN1HEX.getPosArrayOfChildren_AtObj(d,c);if(b.length<1){return -1}if(d.substring(b[0],b[0]+10)=="a003020102"){if(b.length<6){return -1}return b[6]}else{if(b.length<5){return -1}return b[5]}};X509.getPublicKeyHexArrayFromCertHex=function(f){var e=X509.getSubjectPublicKeyPosFromCertHex(f);var b=ASN1HEX.getPosArrayOfChildren_AtObj(f,e);if(b.length!=2){return[]}var d=ASN1HEX.getHexOfV_AtObj(f,b[0]);var c=ASN1HEX.getHexOfV_AtObj(f,b[1]);if(d!=null&&c!=null){return[d,c]}else{return[]}};X509.getHexTbsCertificateFromCert=function(b){var a=ASN1HEX.getStartPosOfV_AtObj(b,0);return a};X509.getPublicKeyHexArrayFromCertPEM=function(c){var d=X509.pemToHex(c);var b=X509.getPublicKeyHexArrayFromCertHex(d);return b};X509.hex2dn=function(e){var f="";var c=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);for(var d=0;d