Skip to content

Releases: kjur/jsrsasign

Donation program started, more RSA-PSS support and add ASN1HEX.get{Idx,TLV,V}byListEx

01 Aug 13:31
Compare
Choose a tag to compare
  • Changes from 8.0.20 to 8.0.21 (2020-Aug-01)
    • donation program have been started.
      Please consider donation to sustain this project
      https://github.com/kjur/jsrsasign#donations
    • RSA-PSS support in AlgorithmIdentifier, Signature,
      X509 and newCertPEM
    • new method to access ASN.1 decendant object
      ASN1HEX.get{Idx,TLV,V}byListEx added
      Its tutorial page will be provided by following URL near in future
      https://github.com/kjur/jsrsasign/wiki/Tutorial-for-accessing-deep-inside-of-ASN.1-structure-by-using-new-ASN1HEX.getIdxbyListEx
    • src/x509.js
      • update getSignatureAlgorithmField to support
        RSA-PSS(SHA{,256,384,512}withRSAandMGF1) algorithms
      • update verifySignature to support
        RSA-PSS(SHA{,256,384,512}withRSAandMGF1) algorithms
    • src/crypto.js
      • Signature class
        • SHAwithRSAandMGF1 supported (the same as SHA1withRSAandMGF1)
    • src/asn1hex.js
      • ASN1HEX.getIdxbyList
      • add get{Idx,TLV,V}byListEx for context specific tag
      • add ASN1HEX.isContextTag to check context
        specific tag
      • get{Idx,TLV,V} will be deprecated near in the future version
        Please consider to move get{Idx,TLV,V}byListEx.
    • src/{asn1csr,dsa,rsapem,ecdsa-modified}.js
      • replace to use get{Idx,TLV,V}byListEx
    • test/qunit-do-asn1x509.html
      • add Certificate class test for RSA-PSS
      • add TBSCertificate class test for RSA-PSS
      • add AlgorithmIdentifier class test for
        SHA{,256,384,512}withRSAandMGF1
    • test/qunit-do-crypto-pss.html
      • add Signature class test for
        SHAwithRSAandMGF1.
    • test/qunit-do-asn1x509-newcrt.html
      • add newCertPEM test for RSA-PSS
    • test/qunit-do-x509.html
      • add getSignatureAlgorithmField test for
        SHA{,256,384,512}withRSAandMGF1
    • sample_node/asn1extract2
      • bug fix for -v(--vonly) option
    • test/qunit-do-asn1hex.html
      • add test for ASN1HEX.isContextTag

add CSR support for subjectAltName

24 Jun 14:45
Compare
Choose a tag to compare
  • Changes From 8.0.19 to 8.0.20
    • src/asn1csr.js
      • CSRUtil.getInfo
        • add ext parameter to show subjectAltName property
        • change not to raise error when subject name is empty in CSR
    • src/x509.js
      • X509.parseExt
        • add support for CSR extension request field
    • src/asn1hex.js
      • ASN1HEX.getIdxbyList
        • small update for exception
    • test/
      • qunit-do-{asn1csr, x509}.html to add tests for above.

ECDSA signature validation maleability fix and others

22 Jun 22:16
Compare
Choose a tag to compare

JSRSASIGN SECURITY ADVISORY : 2020.06.22 CVE-2020-14966 ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding

  • Changes from 8.0.18 to 8.0.19
    • src/ecdsa-mod.js
      • ECDSA.verifyHex fixed for some types of maleability (#437)
    • src/asn1hex.js
      • ASN1HEX.checkStrictDER added
    • src/asn1x509.js
      • It's founded that OpenSSL's DN representation like
        "/C=US/O=test" is "compat" format. So those methods
        are added and existing method is now deprecated.
        • X500Name.{ldapToOneline, onelineToLdap} are now deprecated.
        • X500Name.{ldapToCompat, compatToLdap} are added.
    • src/x509.js
      • update for compatToLdap and ldapToCompat
    • src/crypto.js
      • document update

RSA decryption and RSA signature validation maleability fix

20 Jun 13:28
Compare
Choose a tag to compare

JSRSASIGN SECURITY ADVISORY : 2020.06.22 CVE-2020-14967 RSA RSAES-PKCS1-v1_5 and RSA-OAEP decryption vulnerability with prepending zeros

  • Changes from 8.0.17 to 8.0.18
    • ext/rsa2.js
      • RSADecrypt fixed for zero prepending maleability (#439)
      • RSADecryptOAEP fixed for zero prepending maleability
    • src/rsasign.js
      • verifyWithMessageHash fixed for zero prepending maleability
    • test
      • qunit-do-crypto-cipher.html: some test case added for above

RSAPSS verification maleability fix and others

19 Jun 14:35
Compare
Choose a tag to compare

JSRSASIGN SECURITY ADVISORY : 2020.06.22 CVE-2020-14968 RSA-PSS signature validation vulnerability by prepending zeros

  • Changes from 8.0.16 to 8.0.17
    • src/rsasign.js
      • verifyWithMessageHashPSS fixed for prepending zeros maleability (#438)
    • src/asn1x509.js
      • allow alternative algorithms to sign CRLs (#440)
    • src/asn1cms.js
      • improve CMSUtil.newSignedData helper with detached signatures (#441)
    • ext/rsa2.js
      • RSAGenerate fixed for not having requesting key length (#442)
    • sample_node
      • pemtobin was fixed for pemtohex function
    • test
      • qunit-do-rsagenkeylen.html new test code for (#442)
      • qunit-do-rsasign-pss.html add maleability test code (#438)
      • index.html, qunit-do-x509.html link update

extended Authority/SubjectKeyIdentifier support

31 May 02:52
Compare
Choose a tag to compare
  • Changes from 8.0.15 to 8.0.16 (2020-Mar-29)
    • src/asn1x509.js
      • AuthorityKeyIdentifier class
        • issuerDN ASN.1 encoding bug fixed
        • now keyIdentifier is automatically calculated
          by certificate or key
        • issuer dn and serial number can be set
          by certificate
      • SubjectKeyIdentifier class
        • now keyIdentifier is automatically calculated
          by certificate or key
      • X500Name class
        • certissuer and certsubject parameter is added
          to set value by issuer or subject of certificate.
      • GeneralName class
        • dn parameter support was updated.
    • src/keyutil.js
      • getKeyID method added to calcalate a key identifier
        for certificate.
    • crypto.js
      • Util.isKey static method added
      • Signature.{sign,verify} method bug fix for ECDSA
      • code refactoring
    • src/asn1csr.js
      • strict mode fix (pull #410)
    • src/jws.js
      • strict mode fix (pull #347)
    • src/jwsjs.js
      • readJWSJS fix (pull #373)
    • sample_node/asn1extract2
      • sample added. more flexible use than asn1extract.
    • test/qunit-do-crypto.html
      • getRandom test fix
    • test/qunit-do-asn1x509-newcrt.html
      • test case expected value fix

SHA384/512withECDSA wrong signature fix and add some curves support

13 Apr 00:52
Compare
Choose a tag to compare
  • src/ecdsa-modified.js
    • SHA384withECDSA, SHA512withECDSA signature
      wrong validation result issue was fixed (issue #394)
    • secp192k1, secp224r1 curve are now supported
    • test/qunit-do-ecdsamod.html
      testcase added for SHA1/SHA384/SHA512 and
      secp192k1/secp224r1
  • sample_node command added
    • genkey: keypair generation
    • eckey2hex: show EC PKCS#1/8 private/public key in hex format

SubjectKeyIdentifier and KEYUTIL update

11 Apr 05:07
Compare
Choose a tag to compare
  • Changes from 8.0.13 to 8.0.14 (2020-Apr-03)
    • src/asn1x509-1.0.js
      • add SubjectKeyIdentifier class (issue #402)
        • add SubjectKeyIdentifier support in
          TBSCertificate.appendExtensionByName method
        • test/qunit-do-asn1x509.html
          SubjectKeyIdentifier test added
    • src/base64x.js
      • add multi section support for pemtohex
        such as EC PRIVATE KEY and EC PARAMETRS
      • test/qunit-do-base64x.html
        pemtohex testcase added
    • src/keyutil.js (pull #415)
      • add support for multi section plain PKCS#5 EC PRIVATE KEY
      • test/qunit-do-keyutil-ec.html
        plain PKCS#5 EC PRIVATE KEY testcase added
    • src/asn1csr-1.0.js
      document fix (pull #356)
    • npm_util/Makefile
      merged (pull #216)
    • src/rsasign-1.2.js
      merged for RegExp (pull #419)
    • src/asn1-1.0.js
      merged for strict fix (pull #389)
    • src/crypto-1.0.js
      document fix in return of decrypt method (issue #383)
    • src/x509-1.1.js
      onelineToLDAP sample added in document (issue #428)

mitigate minerva attack

31 Mar 10:07
Compare
Choose a tag to compare
  • Changes from 8.0.12 to 8.0.13 (2020-Mar-31)
    • LICENSE.txt
      • fixed wrong description from BSD to MIT License
    • ext/ec.js
    • test/qunit-do-crypto-ecdsa.html
      • testcase fix
    • sample_node/tsr2certs added
      • script to extract certificates from timestamp response or token
    • npm
      • ECPointFp, ECCurveFp and ECFieldElementFp are now exported.

SECURITY ADVISORY

jsrsasign from 4.0.0 to 8.0.12 affects Minerva timing attack vulnerability.
https://minerva.crocs.fi.muni.cz/

  • Minerva is one of timing attack or side channel attack for EC.
  • If you don't use ECDSA class, you are not affected the vulnerability.
  • The vulnerability is that attacker may guess private key
    by checking processing time of EC key generation or ECDSA signing.
  • The cause issue is that point multiplication processing time in ECDSA signing is depends on
    private key value.
  • After 8.0.13, processing time of point multiplication in ECDSA signing have become
    constant for key value in theory.
  • See also this security advisory in detail.

update for IPv6 and KeyUsage

22 Apr 13:55
Compare
Choose a tag to compare
  • base64x 1.1.13 to 1.1.14
    • function iptohex added
    • fix hextoipv6 for wrong "::" shrinking
  • asn1x509 1.1.5 to 1.1.6
    • KeyUsage class now supports names parameter such as
      ['digitalSignature', 'nonRepudiation'].
    • some refactoring
  • tool/tool_ca2.html added for
    yet another certificate generation tool by.
  • testcase added for above methods/functions
    • qunit-do-base64x.html
    • qunit-do-asn1x509.html