Skip to content

Releases: kjur/jsrsasign

add private extension support for Cert CRL and CSR

27 Aug 12:52
Compare
Choose a tag to compare
  • Changes from 9.1.1 to 9.1.2 (2020-Aug-27)
    • undefined extension regarded as private extesion
      in extension parser X509.getExtParam.
      Thus certificate, CRL and CSR parser will
      not raise error when undefined extension
      is parsed.
    • src/x509.js
      • unknown extension is parsed as
        private extension.
    • test/qunit-do-{x509-param}.html
      • add test case to follow above update

new CRL parser and private extension encoder support

26 Aug 15:19
Compare
Choose a tag to compare
  • Changes from 9.1.0 to 9.1.1 (2020-Aug-27)
    • add new X509CRL class for CRL parser
    • add Certificate, CSR and CRL private extension support
    • src/x509crl.js (new)
      • X509CRL class
    • src/x509.js
      • new X509.getExtCRLNumber method for extension parser
      • new X509.getExtCRLReason method for extension parser
      • new X509.getExtParam method for parsing one extension
        • NOTE: not yet support for private extension
    • src/asn1x509.js
      • Extensions class: add support for private extension
      • PrivateExtension class added
      • OID.name2oid: add support OID (ex. "1.2.3.4") as argument
    • src/asn1csr.js
      • CSRUtil.getParam update to support X509.getExtParamArray and
        not using X509.parseExt
    • src/asn1.js
      • getLengthHexFromValue small update for exception
    • test/qunit-do-{asn1x509,asn1x509-tbscert,x509}.html
      • update to follow above updates
    • test/x509csr.html (new)

new CRL APIs and other updates

24 Aug 10:46
Compare
Choose a tag to compare
  • Changes from 9.0.3 to 9.1.0 (2020-Aug-24)
    • CRL constructor update to align Certificate
      class without backward compatibility.
    • BUGFIX: SigningCertificate{,V2} encoding bugifx
    • src/asn1cms.js
      • BUGFIX: SigningCertificate{,V2} encoding have been
        missign SEQUENCE. (#448)
    • src/asn1csr.js
      • CertificationRequestInfo class updated to
        new KJUR.asn1.x509.Extension class.
    • src/asn1x509.js
      • CRL and TBSCertList class constructor have
        been updated to align Certificate and
        CertificationRequestInfo style in 9.0.0
        without backward compatibility.
        • this update makes more extension and
          entry extension support in the future.
        • CRLEntry class is deprecated since
          no more used in updated TBSCertList.
      • new CRLNumber extension class added
      • new CRLReason entry extension class added
      • OID class updated to support
        cRLNumber and cRLReason oids
      • TBSCertificate.getExtDERSequence method
        was moved to new Extensions class.
      • ASN1HEX.dump updated to support ENUMERATED
    • test/qunit-do-{asn1cms,asn1tsp,asn1x509-tbscert,
      asn1x509} updated to follow above updates.

TimeStampToken ASN.1 encoding error fix

22 Aug 12:04
Compare
Choose a tag to compare
  • Changes from 9.0.2 to 9.0.3 (2020-Aug-22)
    • BUGFIX: tsa field of TSTInfo was not encoded properly. (#450)
    • BUGFIX: CMSSignedData version of TimestampToken was not 3. (#448)
    • src/asn1tsp.js
      • TSTInfo tsa field fix
      • TSTUtil.newTimeStampToken method to set
        CMSVersion 3.

PolicyInformation named policy OID bug fix

21 Aug 23:36
Compare
Choose a tag to compare
  • Changes from 9.0.1 to 9.0.2 (2020-Aug-22)
    • BUGFIX: KJUR.asn1.tsp.PolicyInformation class constructor
      have not been accepted named policy OID such as "anyPolicy".
      The issue was fixed.
    • src/asn1x509.js
      • PolicyInformation bugfix for above.
    • test/qunit-do-asn1x509.html
      • updated to follow above.

TimeStampToken contentType attribute bug fix

21 Aug 23:35
Compare
Choose a tag to compare
  • Changes from 9.0.0 to 9.0.1 (2020-Aug-21)
    • BUGFIX: KJUR.asn1.tsp.TimeStampToken class generates have
      generated with wrong contentType attribute
      with value "data". (#448)
    • src/asn1tsp.js
      • TimeStampToken class constructor will add
        contentType attribute with "tstinfo" for bugfix. (#448).
    • src/asn1cms.js
      • SignerInfo.setForContentAndHash class constructor
        parameter can have "contentType" property additionaly
        to set "tstinfo" as above.
    • src/asn1x509.js
      • some attribute type oids for CMS signedData are
        added to OID.name2oidList.

Certificate and CSR generator and parser API major updates

19 Aug 12:00
Compare
Choose a tag to compare
  • Changes from 8.0.24 to 9.0.0 (2020-Aug-19)
    • Please see migration notes in wiki:
      https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide
    • CAUTION: some certificate and CSR APIs are missing
      backward compatibility so you may need to change your code
      to upgrade jsrsasign 9.0.0.
    • src/asn1x509.js
      • JSON argument format of Certificate and all certificate
        extension class were changed without backward compatibility.
        • They can accept JSON objects from ASN.1 parser methods
          in X509 class as an parameter arguments.
        • Certificate class constructor can automatically
          generate TBSCertificate and sign by params argument.
          So no need to call sign method or TBSCertificate
          constructor.
        • JSON argument format are aligned to the same manner
          among all certificate extension class.
        • For CRLDistributionPoints class, JSON argument format
          of DistributionPoint and DistributionPointName
          was changed.
      • Extension.appendByNameToArray method was removed.
      • "array" key was added to X500Name class constructor
        JSON argument.
        • AttributeTypeAndValue constructor argument also
          extended to support {type:"CN",value:"Test",ds:"prn"}
          style JSON object.
      • X509Util.newCertPEM argument format is updated to
        align Certificate class and is deprecated.
    • src/x509.js
      • returned JSON object format by all "get*" parser method
        was changed to accept by related class defined in asn1x509.js
        without backward compatibility.
      • all certificate extension parsing methods are
        changed to have "hExtV" and "critical" as arguments.
      • following methods are added:
        getAlgorithmIdentifierName, getIssuer, getSubject,
        getGeneralNames, getGeneralName, getDistributionPoint,
        getDistributionPointName, getExtAuthorityInfoAccess,
        getPolicyInformation, getPolicyQualifierInfo,
        getUserNotice, getDisplayText, getX500NameRule,
        getX500Name, getRDN, getAttrTypeAndValue, getParam,
        getExtParamArray
      • following methods are deprecated:
        getExtSubjectAltName2, getExtAIAInfo,
        getExtCRLDistributionPointsURI.
      • X509Util.newCertPEM bugfix.
        Got error when cakey is PKCS#5 plain PEM key string
    • src/asn1csr.js
      • JSON argument format was changed in CertificationRequest,
        CertificationRequestInfo, CSRUtil.netCSRPEM without
        backward compatibility.
      • CSRUtil.getInfo was renamed to CSRUtil.getParam
      • CSRUtil.netCSRPEM is now deprecated
    • src/asn1.js
      • ASN1Util.newObject can also conclude ASN1Object
        as well as JSON parameter.
    • tool/tool_{ca,ca2}.html
      • changed to follow above updates.
    • test/*.html
      • following test pages are updated to follow above:
        qunit-do-{asn1csr,asn1tsp,asn1x509-newcrt,asn1x509,base64x,
        ecdsmod-s,keyutil-getpem,package-jwths,x509-ext,
        x509-key,x509-kid,x509}.html
      • following test pages are added:
        qunit-do-{asn1x509-tbscert,x509-param}.html

fix SigningCertificate v1 v2 attribute ASN.1 encoding

18 Aug 01:22
Compare
Choose a tag to compare
  • Changes from 8.0.23 to 8.0.24 (2020-Aug-18)
    • KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2}
      wrong ASN.1 encoding issue was fixed (#448)
    • src/asn1cms.js
      • KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2}
        ASN.1 encoding issue fixed (#448)
      • added KJUR.asn1.cms.IssuerSerial
    • test/qunit-do-asn1{cms,tsp}.html
      • updated for above issue

add CertificatePolicies BMPString and VisibleString support

06 Aug 04:21
Compare
Choose a tag to compare
  • Changes from 8.0.22 to 8.0.23 (2020-Aug-06)
    • src/asn1x509.js
      • CertificatePolicies class added
      • update Extension.appendByNameToArray for
        CertificatePolicies
      • PolicyInformation, PolicyQualifierInfo, UserNotice,
        NoticeReference and DisplayText class added
    • src/asn1.js
      • BMPString and VisibleString class added
      • update ASN1Util.newObject for {BMP,Visible}String
    • src/asn1hex.js
      • update ASN1HEX.dump for {BMP,Visible}String
    • test qunit-do-{asn1,asn1-newobj,asn1x509,asn1hex-dump}.html

ASN1HEX and X509 class minior bug fix

04 Aug 23:08
Compare
Choose a tag to compare
  • Changes from 8.0.21 to 8.0.22 (2020-Aug-05)
    • src/asn1hex.js
      • dump method update for BitString encapsulated
    • src/x509.js
      • getKeyUsageBin bugfix for such keyCertSign and cRLSign only
      • fix to stop raising error when X509 constructor called and
        asn1x509 doesn't loaded
      • TODO: getKeyUsageBin still has bug when decipherOnly(8) bit exists
    • test
      • qunit-do-{asn1hex-dump,x509-{ext,key}}.html to follow above updates