From 4536a6e9e8bcf1a644ab7c07ed96e453347dae41 Mon Sep 17 00:00:00 2001 From: Kenji Urushima Date: Fri, 24 Jun 2022 00:23:58 +0900 Subject: [PATCH] CVE-2022-25898 Security fix in JWS and JWT validation --- ChangeLog.txt | 13 + README.md | 3 +- api/files.html | 4 +- api/symbols/global__.html | 70 ++ api/symbols/src/base64x-1.1.js.html | 1149 +++++++++++----------- api/symbols/src/jws-3.3.js.html | 1377 ++++++++++++++------------- bower.json | 2 +- jsrsasign-all-min.js | 6 +- jsrsasign-jwths-min.js | 6 +- jsrsasign-rsa-min.js | 4 +- min/base64x-1.1.min.js | 2 +- min/jws-3.3.min.js | 2 +- npm/README.md | 3 +- npm/lib/footer.js | 1 + npm/lib/jsrsasign-all-min.js | 6 +- npm/lib/jsrsasign-jwths-min.js | 6 +- npm/lib/jsrsasign-rsa-min.js | 4 +- npm/lib/jsrsasign.js | 7 +- npm/package.json | 2 +- src/base64x-1.1.js | 25 +- src/jws-3.3.js | 13 +- test/qunit-do-jwt-veri.html | 1 + 22 files changed, 1425 insertions(+), 1281 deletions(-) diff --git a/ChangeLog.txt b/ChangeLog.txt index ea05251e..0e9973d5 100755 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,6 +1,19 @@ ChangeLog for jsrsasign +CVE-2022-25898 Security fix in JWS and JWT validation +* Changes from 10.5.24 to 10.5.25 (2022-Jun-23) + - src/jws.js + - JWS.verify and JWS.verifyJWT + - CVE-2022-25898 SECURITY FIX: + verify and verifyJWT may accept signature with special characters + or \number characters by mistake. + Please see security advisory: + https://github.com/kjur/jsrsasign/security/advisories/GHSA-3fvg-4v2m-98jf + - src/base64x.js + - function isBase64URLDot added + - test/qunit-do-jwt-veri.html + X509.getParam bugfix for v1 certificate * Changes from 10.5.23 to 10.5.24 (2022-Jun-04) - src/x509.js diff --git a/README.md b/README.md index 830bb5f9..d53f8f3c 100755 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ HIGHLIGHTS - no dependency to other library - no dependency to [W3C Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/) nor [OpenSSL](https://www.openssl.org/) - no dependency on newer ECMAScirpt function. So old browsers also supported. -- very popular crypto library with [0.6M+ npm downloads/month](https://npm-stat.com/charts.html?package=jsrsasign&from=2016-05-01&to=2022-06-01) +- very popular crypto library with [0.6M+ npm downloads/month](https://npm-stat.com/charts.html?package=jsrsasign&from=2016-05-01&to=2022-06-20) INSTALL ------- @@ -78,6 +78,7 @@ MORE TUTORIALS AND SAMPLES |published|fixed version|title/advisory|CVE|CVSS| |:---|:---|:---|:---|:---| +|2022Jun24|10.5.25|[JWS and JWT signature validation vulnerability with special characters](https://github.com/kjur/jsrsasign/security/advisories/GHSA-3fvg-4v2m-98jf)|CVE-2022-25898|?| |2021Apr14|10.2.0|[RSA signature validation vulnerability on maleable encoded message](https://github.com/kjur/jsrsasign/security/advisories/GHSA-27fj-mc8w-j9wg)|CVE-2021-30246|9.1| |2020Jun22|8.0.19|[ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding](https://github.com/kjur/jsrsasign/security/advisories/GHSA-p8c3-7rj8-q963)|CVE-2020-14966|5.5| |2020Jun22|8.0.18|[RSA RSAES-PKCS1-v1_5 and RSA-OAEP decryption vulnerability with prepending zeros](https://github.com/kjur/jsrsasign/security/advisories/GHSA-xxxq-chmp-67g4)|CVE-2020-14967|4.8| diff --git a/api/files.html b/api/files.html index c7becf00..43075a73 100644 --- a/api/files.html +++ b/api/files.html @@ -681,7 +681,7 @@

base64x-1.1.js

Version:
-
jsrsasign 10.5.23 base64x 1.1.29 (2022-May-27)
+
jsrsasign 10.5.25 base64x 1.1.30 (2022-Jun-23)
@@ -776,7 +776,7 @@

jws-3.3.js

Version:
-
jsrsasign 8.0.3 jws 3.3.11 (2018-Mar-11)
+
jsrsasign 10.5.25 jws 3.3.12 (2022-Jun-23)
diff --git a/api/symbols/global__.html b/api/symbols/global__.html index f7f797fa..3d55e3d5 100644 --- a/api/symbols/global__.html +++ b/api/symbols/global__.html @@ -879,6 +879,16 @@

+ + <static>   + +
isBase64URLDot(s) +
+
check whether a string is a base64url encoded string and dot or not
+Input string can conclude new lines or space characters.
+ + + <static>   @@ -3184,6 +3194,66 @@

+
+ + +
<static> + + {Boolean} + isBase64URLDot(s) + +
+
+ check whether a string is a base64url encoded string and dot or not
+Input string can conclude new lines or space characters. + +
+ Defined in: base64x-1.1.js. + + +
+ + + + 
isBase64URLDot("YWE") → true
+isBase64URLDot("YWE.YWE.YWE") → true
+isBase64URLDot("YW-") → true
+isBase64URLDot("YW+") → false
+ + + + +
+
Parameters:
+ +
+ {String} s + +
+
input string
+ +
+ + + +
+
Since:
+
base64x 1.1.30 jsrsasign 10.5.25
+
+ + + + +
+
Returns:
+ +
{Boolean} true if a string "s" is a base64url encoded string and dot otherwise false
+ +
+ + + +
diff --git a/api/symbols/src/base64x-1.1.js.html b/api/symbols/src/base64x-1.1.js.html index 00cac176..84fe65f2 100644 --- a/api/symbols/src/base64x-1.1.js.html +++ b/api/symbols/src/base64x-1.1.js.html @@ -5,7 +5,7 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} - 
  1 /* base64x-1.1.29 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+	
  1 /* base64x-1.1.30 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
   2  */
   3 /*
   4  * base64x.js - Base64url and supplementary functions for Tom Wu's base64.js library
@@ -23,7 +23,7 @@
  16  * @fileOverview
  17  * @name base64x-1.1.js
  18  * @author Kenji Urushima kenji.urushima@gmail.com
- 19  * @version jsrsasign 10.5.23 base64x 1.1.29 (2022-May-27)
+ 19  * @version jsrsasign 10.5.25 base64x 1.1.30 (2022-Jun-23)
  20  * @since jsrsasign 2.1
  21  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
  22  */
@@ -1312,570 +1312,591 @@
 1305     return KJUR.lang.String.isBase64(s);
 1306 };
 1307 
-1308 /**
-1309  * check whether a string is a string of integer array or not<br/>
-1310  * Input string can conclude new lines or space characters.
-1311  * @name isIntegerArray
-1312  * @memberOf KJUR.lang.String
+1308 
+1309 /**
+1310  * check whether a string is a base64url encoded string and dot or not<br/>
+1311  * Input string can conclude new lines or space characters.
+1312  * @name isBase64URLDot
 1313  * @function
 1314  * @static
 1315  * @param {String} s input string
-1316  * @return {Boolean} true if a string "s" is a string of integer array otherwise false
-1317  * @since base64x 1.1.7 jsrsasign 5.0.13
+1316  * @return {Boolean} true if a string "s" is a base64url encoded string and dot otherwise false
+1317  * @since base64x 1.1.30 jsrsasign 10.5.25
 1318  * @example
-1319  * KJUR.lang.String.isIntegerArray("[1,2,3]") → true
-1320  * KJUR.lang.String.isIntegerArray("  [1, 2, 3  ] ") → true
-1321  * KJUR.lang.String.isIntegerArray("[a,2]") → false
-1322  */
-1323 KJUR.lang.String.isIntegerArray = function(s) {
-1324     s = s.replace(/\s+/g, "");
-1325     if (s.match(/^\[[0-9,]+\]$/)) {
-1326 	return true;
-1327     } else {
-1328 	return false;
-1329     }
-1330 };
-1331 
-1332 /**
-1333  * check whether a string consists of PrintableString characters<br/>
-1334  * @name isPrintable
-1335  * @memberOf KJUR.lang.String
-1336  * @function
-1337  * @static
-1338  * @param {String} s input string
-1339  * @return {Boolean} true if a string "s" consists of PrintableString characters
-1340  * @since jsrsasign 9.0.0 base64x 1.1.16
-1341  * A PrintableString consists of following characters
-1342  * <pre>
-1343  * 0-9A-Za-z '()+,-./:=?
-1344  * </pre>
-1345  * This method returns false when other characters than above.
-1346  * Otherwise it returns true.
-1347  * @example
-1348  * KJUR.lang.String.isPrintable("abc") → true
-1349  * KJUR.lang.String.isPrintable("abc@") → false
-1350  * KJUR.lang.String.isPrintable("あいう") → false
-1351  */
-1352 KJUR.lang.String.isPrintable = function(s) {
-1353     if (s.match(/^[0-9A-Za-z '()+,-./:=?]*$/) !== null) return true;
-1354     return false;
-1355 };
-1356 
-1357 /**
-1358  * check whether a string consists of IAString characters<br/>
-1359  * @name isIA5
-1360  * @memberOf KJUR.lang.String
-1361  * @function
-1362  * @static
-1363  * @param {String} s input string
-1364  * @return {Boolean} true if a string "s" consists of IA5String characters
-1365  * @since jsrsasign 9.0.0 base64x 1.1.16
-1366  * A IA5String consists of following characters
-1367  * <pre>
-1368  * %x00-21/%x23-7F (i.e. ASCII characters excludes double quote(%x22)
-1369  * </pre>
-1370  * This method returns false when other characters than above.
-1371  * Otherwise it returns true.
-1372  * @example
-1373  * KJUR.lang.String.isIA5("abc") → true
-1374  * KJUR.lang.String.isIA5('"abc"') → false
-1375  * KJUR.lang.String.isIA5("あいう") → false
-1376  */
-1377 KJUR.lang.String.isIA5 = function(s) {
-1378     if (s.match(/^[\x20-\x21\x23-\x7f]*$/) !== null) return true;
-1379     return false;
-1380 };
-1381 
-1382 /**
-1383  * check whether a string is RFC 822 mail address<br/>
-1384  * @name isMail
-1385  * @memberOf KJUR.lang.String
-1386  * @function
-1387  * @static
-1388  * @param {String} s input string
-1389  * @return {Boolean} true if a string "s" RFC 822 mail address
-1390  * @since jsrsasign 9.0.0 base64x 1.1.16
-1391  * This static method will check string s is RFC 822 compliant mail address.
-1392  * @example
-1393  * KJUR.lang.String.isMail("abc") → false
-1394  * KJUR.lang.String.isMail("abc@example") → false
-1395  * KJUR.lang.String.isMail("abc@example.com") → true
-1396  */
-1397 KJUR.lang.String.isMail = function(s) {
-1398     if (s.match(/^[A-Za-z0-9]{1}[A-Za-z0-9_.-]*@{1}[A-Za-z0-9_.-]{1,}\.[A-Za-z0-9]{1,}$/) !== null) return true;
-1399     return false;
-1400 };
-1401 
-1402 // ==== others ================================
-1403 
-1404 /**
-1405  * canonicalize hexadecimal string of positive integer<br/>
-1406  * @name hextoposhex
+1319  * isBase64URLDot("YWE") → true
+1320  * isBase64URLDot("YWE.YWE.YWE") → true
+1321  * isBase64URLDot("YW-") → true
+1322  * isBase64URLDot("YW+") → false
+1323  */
+1324 function isBase64URLDot(s) {
+1325     if (s.match(/^[0-9A-Za-z-_.]+$/)) return true;
+1326     return false;
+1327 }
+1328 
+1329 /**
+1330  * check whether a string is a string of integer array or not<br/>
+1331  * Input string can conclude new lines or space characters.
+1332  * @name isIntegerArray
+1333  * @memberOf KJUR.lang.String
+1334  * @function
+1335  * @static
+1336  * @param {String} s input string
+1337  * @return {Boolean} true if a string "s" is a string of integer array otherwise false
+1338  * @since base64x 1.1.7 jsrsasign 5.0.13
+1339  * @example
+1340  * KJUR.lang.String.isIntegerArray("[1,2,3]") → true
+1341  * KJUR.lang.String.isIntegerArray("  [1, 2, 3  ] ") → true
+1342  * KJUR.lang.String.isIntegerArray("[a,2]") → false
+1343  */
+1344 KJUR.lang.String.isIntegerArray = function(s) {
+1345     s = s.replace(/\s+/g, "");
+1346     if (s.match(/^\[[0-9,]+\]$/)) {
+1347 	return true;
+1348     } else {
+1349 	return false;
+1350     }
+1351 };
+1352 
+1353 /**
+1354  * check whether a string consists of PrintableString characters<br/>
+1355  * @name isPrintable
+1356  * @memberOf KJUR.lang.String
+1357  * @function
+1358  * @static
+1359  * @param {String} s input string
+1360  * @return {Boolean} true if a string "s" consists of PrintableString characters
+1361  * @since jsrsasign 9.0.0 base64x 1.1.16
+1362  * A PrintableString consists of following characters
+1363  * <pre>
+1364  * 0-9A-Za-z '()+,-./:=?
+1365  * </pre>
+1366  * This method returns false when other characters than above.
+1367  * Otherwise it returns true.
+1368  * @example
+1369  * KJUR.lang.String.isPrintable("abc") → true
+1370  * KJUR.lang.String.isPrintable("abc@") → false
+1371  * KJUR.lang.String.isPrintable("あいう") → false
+1372  */
+1373 KJUR.lang.String.isPrintable = function(s) {
+1374     if (s.match(/^[0-9A-Za-z '()+,-./:=?]*$/) !== null) return true;
+1375     return false;
+1376 };
+1377 
+1378 /**
+1379  * check whether a string consists of IAString characters<br/>
+1380  * @name isIA5
+1381  * @memberOf KJUR.lang.String
+1382  * @function
+1383  * @static
+1384  * @param {String} s input string
+1385  * @return {Boolean} true if a string "s" consists of IA5String characters
+1386  * @since jsrsasign 9.0.0 base64x 1.1.16
+1387  * A IA5String consists of following characters
+1388  * <pre>
+1389  * %x00-21/%x23-7F (i.e. ASCII characters excludes double quote(%x22)
+1390  * </pre>
+1391  * This method returns false when other characters than above.
+1392  * Otherwise it returns true.
+1393  * @example
+1394  * KJUR.lang.String.isIA5("abc") → true
+1395  * KJUR.lang.String.isIA5('"abc"') → false
+1396  * KJUR.lang.String.isIA5("あいう") → false
+1397  */
+1398 KJUR.lang.String.isIA5 = function(s) {
+1399     if (s.match(/^[\x20-\x21\x23-\x7f]*$/) !== null) return true;
+1400     return false;
+1401 };
+1402 
+1403 /**
+1404  * check whether a string is RFC 822 mail address<br/>
+1405  * @name isMail
+1406  * @memberOf KJUR.lang.String
 1407  * @function
-1408  * @param {String} s hexadecimal string 
-1409  * @return {String} canonicalized hexadecimal string of positive integer
-1410  * @since base64x 1.1.10 jsrsasign 7.1.4
-1411  * @description
-1412  * This method canonicalize a hexadecimal string of positive integer
-1413  * for two's complement representation.
-1414  * Canonicalized hexadecimal string of positive integer will be:
-1415  * <ul>
-1416  * <li>Its length is always even.</li>
-1417  * <li>If odd length it will be padded with leading zero.<li>
-1418  * <li>If it is even length and its first character is "8" or greater,
-1419  * it will be padded with "00" to make it positive integer.</li>
-1420  * </ul>
-1421  * @example
-1422  * hextoposhex("abcd") → "00abcd"
-1423  * hextoposhex("1234") → "1234"
-1424  * hextoposhex("12345") → "012345"
-1425  */
-1426 function hextoposhex(s) {
-1427     if (s.length % 2 == 1) return "0" + s;
-1428     if (s.substr(0, 1) > "7") return "00" + s;
-1429     return s;
-1430 }
-1431 
-1432 /**
-1433  * convert string of integer array to hexadecimal string.<br/>
-1434  * @name intarystrtohex
-1435  * @function
-1436  * @param {String} s string of integer array
-1437  * @return {String} hexadecimal string
-1438  * @since base64x 1.1.6 jsrsasign 5.0.2
-1439  * @throws "malformed integer array string: *" for wrong input
-1440  * @description
-1441  * This function converts a string of JavaScript integer array to
-1442  * a hexadecimal string. Each integer value shall be in a range 
-1443  * from 0 to 255 otherwise it raise exception. Input string can
-1444  * have extra space or newline string so that they will be ignored.
-1445  * 
-1446  * @example
-1447  * intarystrtohex(" [123, 34, 101, 34, 58] ")
-1448  * → 7b2265223a (i.e. '{"e":' as string)
-1449  */
-1450 function intarystrtohex(s) {
-1451   s = s.replace(/^\s*\[\s*/, '');
-1452   s = s.replace(/\s*\]\s*$/, '');
-1453   s = s.replace(/\s*/g, '');
-1454   try {
-1455     var hex = s.split(/,/).map(function(element, index, array) {
-1456       var i = parseInt(element);
-1457       if (i < 0 || 255 < i) throw "integer not in range 0-255";
-1458       var hI = ("00" + i.toString(16)).slice(-2);
-1459       return hI;
-1460     }).join('');
-1461     return hex;
-1462   } catch(ex) {
-1463     throw "malformed integer array string: " + ex;
-1464   }
-1465 }
-1466 
-1467 /**
-1468  * find index of string where two string differs
-1469  * @name strdiffidx
-1470  * @function
-1471  * @param {String} s1 string to compare
-1472  * @param {String} s2 string to compare
-1473  * @return {Number} string index of where character differs. Return -1 if same.
-1474  * @since jsrsasign 4.9.0 base64x 1.1.5
-1475  * @example
-1476  * strdiffidx("abcdefg", "abcd4fg") -> 4
-1477  * strdiffidx("abcdefg", "abcdefg") -> -1
-1478  * strdiffidx("abcdefg", "abcdef") -> 6
-1479  * strdiffidx("abcdefgh", "abcdef") -> 6
-1480  */
-1481 var strdiffidx = function(s1, s2) {
-1482     var n = s1.length;
-1483     if (s1.length > s2.length) n = s2.length;
-1484     for (var i = 0; i < n; i++) {
-1485 	if (s1.charCodeAt(i) != s2.charCodeAt(i)) return i;
-1486     }
-1487     if (s1.length != s2.length) return n;
-1488     return -1; // same
-1489 };
-1490 
-1491 // ==== hex / oid =================================
-1492 
-1493 /**
-1494  * get hexadecimal value of object identifier from dot noted oid value
-1495  * @name oidtohex
-1496  * @function
-1497  * @param {String} oidString dot noted string of object identifier
-1498  * @return {String} hexadecimal value of object identifier
-1499  * @since jsrsasign 10.1.0 base64x 1.1.18
-1500  * @see hextooid
-1501  * @see ASN1HEX.hextooidstr
-1502  * @see KJUR.asn1.ASN1Util.oidIntToHex
-1503  * @description
-1504  * This static method converts from object identifier value string.
-1505  * to hexadecimal string representation of it.
-1506  * {@link hextooid} is a reverse function of this.
-1507  * @example
-1508  * oidtohex("2.5.4.6") → "550406"
-1509  */
-1510 function oidtohex(oidString) {
-1511     var itox = function(i) {
-1512         var h = i.toString(16);
-1513         if (h.length == 1) h = '0' + h;
-1514         return h;
-1515     };
-1516 
-1517     var roidtox = function(roid) {
-1518         var h = '';
-1519         var bi = parseInt(roid, 10);
-1520         var b = bi.toString(2);
-1521 
-1522         var padLen = 7 - b.length % 7;
-1523         if (padLen == 7) padLen = 0;
-1524         var bPad = '';
-1525         for (var i = 0; i < padLen; i++) bPad += '0';
-1526         b = bPad + b;
-1527         for (var i = 0; i < b.length - 1; i += 7) {
-1528             var b8 = b.substr(i, 7);
-1529             if (i != b.length - 7) b8 = '1' + b8;
-1530             h += itox(parseInt(b8, 2));
-1531         }
-1532         return h;
-1533     };
-1534     
-1535     try {
-1536 	if (! oidString.match(/^[0-9.]+$/)) return null;
-1537     
-1538 	var h = '';
-1539 	var a = oidString.split('.');
-1540 	var i0 = parseInt(a[0], 10) * 40 + parseInt(a[1], 10);
-1541 	h += itox(i0);
-1542 	a.splice(0, 2);
-1543 	for (var i = 0; i < a.length; i++) {
-1544             h += roidtox(a[i]);
-1545 	}
-1546 	return h;
-1547     } catch(ex) {
-1548 	return null;
-1549     }
-1550 };
-1551 
-1552 /**
-1553  * get oid string from hexadecimal value of object identifier<br/>
-1554  * @name hextooid
-1555  * @function
-1556  * @param {String} h hexadecimal value of object identifier
-1557  * @return {String} dot noted string of object identifier (ex. "1.2.3.4")
-1558  * @since jsrsasign 10.1.0 base64x 1.1.18
-1559  * @see oidtohex
-1560  * @see ASN1HEX.hextooidstr
-1561  * @see KJUR.asn1.ASN1Util.oidIntToHex
-1562  * @description
-1563  * This static method converts from hexadecimal object identifier value 
-1564  * to dot noted OID value (ex. "1.2.3.4").
-1565  * {@link oidtohex} is a reverse function of this.
-1566  * @example
-1567  * hextooid("550406") → "2.5.4.6"
-1568  */
-1569 function hextooid(h) {
-1570     if (! ishex(h)) return null;
-1571     try {
-1572 	var a = [];
-1573 
-1574 	// a[0], a[1]
-1575 	var hex0 = h.substr(0, 2);
-1576 	var i0 = parseInt(hex0, 16);
-1577 	a[0] = new String(Math.floor(i0 / 40));
-1578 	a[1] = new String(i0 % 40);
-1579 
-1580 	// a[2]..a[n]
-1581 	var hex1 = h.substr(2);
-1582 	var b = [];
-1583 	for (var i = 0; i < hex1.length / 2; i++) {
-1584 	    b.push(parseInt(hex1.substr(i * 2, 2), 16));
-1585 	}
-1586 	var c = [];
-1587 	var cbin = "";
-1588 	for (var i = 0; i < b.length; i++) {
-1589             if (b[i] & 0x80) {
-1590 		cbin = cbin + strpad((b[i] & 0x7f).toString(2), 7);
-1591             } else {
-1592 		cbin = cbin + strpad((b[i] & 0x7f).toString(2), 7);
-1593 		c.push(new String(parseInt(cbin, 2)));
-1594 		cbin = "";
-1595             }
-1596 	}
-1597 
-1598 	var s = a.join(".");
-1599 	if (c.length > 0) s = s + "." + c.join(".");
-1600 	return s;
-1601     } catch(ex) {
-1602 	return null;
-1603     }
-1604 };
-1605 
-1606 /**
-1607  * string padding<br/>
-1608  * @name strpad
-1609  * @function
-1610  * @param {String} s input string
-1611  * @param {Number} len output string length
-1612  * @param {String} padchar padding character (default is "0")
-1613  * @return {String} padded string
-1614  * @since jsrsasign 10.1.0 base64x 1.1.18
-1615  * @example
-1616  * strpad("1234", 10, "0") → "0000001234"
-1617  * strpad("1234", 10, " ") → "      1234"
-1618  * strpad("1234", 10)      → "0000001234"
-1619  */
-1620 var strpad = function(s, len, padchar) {
-1621     if (padchar == undefined) padchar = "0";
-1622     if (s.length >= len) return s;
-1623     return new Array(len - s.length + 1).join(padchar) + s;
-1624 };
-1625 
-1626 // ==== bitstr hex / int =================================
-1627 
-1628 /**
-1629  * convert from hexadecimal string of ASN.1 BitString value with unused bit to integer value<br/>
-1630  * @name bitstrtoint
-1631  * @function
-1632  * @param {String} h hexadecimal string of ASN.1 BitString value with unused bit
-1633  * @return {Number} positive integer value of the BitString
-1634  * @since jsrsasign 10.1.3 base64x 1.1.19
-1635  * @see inttobitstr
-1636  * @see KJUR.asn1.DERBitString
-1637  * @see ASN1HEX.getInt
-1638  * 
-1639  * @description
-1640  * This function converts from hexadecimal string of ASN.1 BitString
-1641  * value with unused bit to its integer value. <br/>
-1642  * When an improper hexadecimal string of BitString value
-1643  * is applied, this returns -1.
-1644  * 
-1645  * @example
-1646  * // "03c8" → 0xc8 unusedbit=03 → 11001000b unusedbit=03 → 11001b → 25
-1647  * bitstrtoint("03c8") → 25
-1648  * // "02fff8" → 0xfff8 unusedbit=02 → 1111111111111000b unusedbit=02
-1649  * //   11111111111110b → 16382
-1650  * bitstrtoint("02fff8") → 16382
-1651  * bitstrtoint("05a0") → 5 (=101b)
-1652  * bitstrtoint("ff00") → -1 // for improper BitString value
-1653  * bitstrtoint("05a0").toString(2) → "101"
-1654  * bitstrtoint("07a080").toString(2) → "101000001"
-1655  */
-1656 function bitstrtoint(h) {
-1657     if (h.length % 2 != 0) return -1; 
-1658     h = h.toLowerCase();
-1659     if (h.match(/^[0-9a-f]+$/) == null) return -1;
-1660     try {
-1661 	var hUnusedbit = h.substr(0, 2);
-1662 	if (hUnusedbit == "00")
-1663 	    return parseInt(h.substr(2), 16);
-1664 	var iUnusedbit = parseInt(hUnusedbit, 16);
-1665 	if (iUnusedbit > 7) return -1;
-1666 	var hValue = h.substr(2);
-1667 	var bValue = parseInt(hValue, 16).toString(2);
-1668 	if (bValue == "0") bValue = "00000000";
-1669 	bValue = bValue.slice(0, 0 - iUnusedbit);
-1670 	var iValue = parseInt(bValue, 2);
-1671 	if (iValue == NaN) return -1;
-1672 	return iValue;
-1673     } catch(ex) {
-1674 	return -1;
-1675     }
-1676 };
-1677 
-1678 /**
-1679  * convert from integer value to hexadecimal string of ASN.1 BitString value with unused bit<br/>
-1680  * @name inttobitstr
-1681  * @function
-1682  * @param {Number} n integer value of ASN.1 BitString
-1683  * @return {String} hexadecimal string of ASN.1 BitString value with unused bit
-1684  * @since jsrsasign 10.1.3 base64x 1.1.19
-1685  * @see bitstrtoint
-1686  * @see KJUR.asn1.DERBitString
-1687  * @see ASN1HEX.getInt
-1688  * 
-1689  * @description
-1690  * This function converts from an integer value to 
-1691  * hexadecimal string of ASN.1 BitString value
-1692  * with unused bit. <br/>
-1693  * When "n" is not non-negative number, this returns null
-1694  * 
-1695  * @example
-1696  * // 25 → 11001b → 11001000b unusedbit=03 → 0xc8 unusedbit=03 → "03c8"
-1697  * inttobitstr(25) → "03c8"
-1698  * inttobitstr(-3) → null
-1699  * inttobitstr("abc") → null
-1700  * inttobitstr(parseInt("11001", 2)) → "03c8"
-1701  * inttobitstr(parseInt("101", 2)) → "05a0"
-1702  * inttobitstr(parseInt("101000001", 2)) → "07a080"
-1703  */
-1704 function inttobitstr(n) {
-1705     if (typeof n != "number") return null;
-1706     if (n < 0) return null;
-1707     var bValue = Number(n).toString(2);
-1708     var iUnusedbit = 8 - bValue.length % 8;
-1709     if (iUnusedbit == 8) iUnusedbit = 0;
-1710     bValue = bValue + strpad("", iUnusedbit, "0");
-1711     var hValue = parseInt(bValue, 2).toString(16);
-1712     if (hValue.length % 2 == 1) hValue = "0" + hValue;
-1713     var hUnusedbit = "0" + iUnusedbit;
-1714     return hUnusedbit + hValue;
-1715 };
-1716 
-1717 // ==== bitstr hex / binary string =======================
-1718 
-1719 /**
-1720  * convert from hexadecimal string of ASN.1 BitString value with unused bit to binary string<br/>
-1721  * @name bitstrtobinstr
-1722  * @function
-1723  * @param {string} h hexadecimal string of ASN.1 BitString value with unused bit
-1724  * @return {string} binary string
-1725  * @since jsrsasign 10.5.4 base64x 1.1.21
-1726  * @see binstrtobitstr
-1727  * @see inttobitstr
-1728  * 
-1729  * @description
-1730  * This function converts from hexadecimal string of ASN.1 BitString
-1731  * value with unused bit to its integer value. <br/>
-1732  * When an improper hexadecimal string of BitString value
-1733  * is applied, this returns null.
-1734  * 
-1735  * @example
-1736  * bitstrtobinstr("05a0") → "101"
-1737  * bitstrtobinstr("0520") → "001"
-1738  * bitstrtobinstr("07a080") → "101000001"
-1739  * bitstrtobinstr(502) → null // non ASN.1 BitString value
-1740  * bitstrtobinstr("ff00") → null // for improper BitString value
-1741  */
-1742 function bitstrtobinstr(h) {
-1743     if (typeof h != "string") return null;
-1744     if (h.length % 2 != 0) return null;
-1745     if (! h.match(/^[0-9a-f]+$/)) return null;
-1746     try {
-1747 	var unusedBits = parseInt(h.substr(0, 2), 16);
-1748 	if (unusedBits < 0 || 7 < unusedBits) return null
-1749 
-1750 	var value = h.substr(2);
-1751 	var bin = "";
-1752 	for (var i = 0; i < value.length; i += 2) {
-1753 	    var hi = value.substr(i, 2);
-1754 	    var bi = parseInt(hi, 16).toString(2);
-1755 	    bi = ("0000000" + bi).slice(-8);
-1756 	    bin += bi;
-1757 	}
-1758 	return  bin.substr(0, bin.length - unusedBits);
-1759     } catch(ex) {
-1760 	return null;
-1761     }
-1762 }
-1763 
-1764 /**
-1765  * convert from binary string to hexadecimal string of ASN.1 BitString value with unused bit<br/>
-1766  * @name binstrtobitstr
-1767  * @function
-1768  * @param {string} s binary string (ex. "101")
-1769  * @return {string} hexadecimal string of ASN.1 BitString value with unused bit
-1770  * @since jsrsasign 10.5.4 base64x 1.1.21
-1771  * @see bitstrtobinstr
-1772  * @see inttobitstr
-1773  * @see KJUR.asn1.DERBitString
-1774  * 
-1775  * @description
-1776  * This function converts from an binary string (ex. "101") to 
-1777  * hexadecimal string of ASN.1 BitString value
-1778  * with unused bit (ex. "05a0"). <br/>
-1779  * When "s" is not binary string, this returns null.
-1780  * 
-1781  * @example
-1782  * binstrtobitstr("101") → "05a0"
-1783  * binstrtobitstr("001") → "0520"
-1784  * binstrtobitstr("11001") → "03c8"
-1785  * binstrtobitstr("101000001") → "07a080"
-1786  * binstrtobitstr(101) → null // not number
-1787  * binstrtobitstr("xyz") → null // not binary string
-1788  */
-1789 function binstrtobitstr(s) {
-1790     if (typeof s != "string") return null;
-1791     if (s.match(/^[01]+$/) == null) return null;
-1792     try {
-1793 	var n = parseInt(s, 2);
-1794 	return inttobitstr(n);
-1795     } catch(ex) {
-1796 	return null;
-1797     }
-1798 }
-1799 
-1800 // =======================================================
-1801 /**
-1802  * convert array of names to bit string<br/>
-1803  * @name namearraytobinstr
-1804  * @function
-1805  * @param {array} namearray array of name string
-1806  * @param {object} namedb associative array of name and value
-1807  * @return {string} binary string (ex. "110001")
-1808  * @since jsrsasign 10.5.21 base64x 1.1.27
-1809  * @see KJUR.asn1.x509.KeyUsage
-1810  * @see KJUR.asn1.tsp.PKIFailureInfo
-1811  * 
-1812  * @description
-1813  * This function converts from an array of names to
-1814  * a binary string. DB value bit will be set.
-1815  * Note that ordering of namearray items
-1816  * will be ignored.
-1817  *
-1818  * @example
-1819  * db = { a: 0, b: 3, c: 8, d: 9, e: 17, f: 19 };
-1820  * namearraytobinstr(['a', 'c', 'd'], db) &rarr: '1000000011'
-1821  * namearraytobinstr(['c', 'b'], db) &rarr: '000100001'
-1822  */
-1823 function namearraytobinstr (namearray, namedb) {
-1824     var d = 0;
-1825     for (var i = 0; i < namearray.length; i++) {
-1826 	d |= 1 << namedb[namearray[i]];
-1827     }
-1828 
-1829     var s = d.toString(2);
-1830     var r = "";
-1831     for (var i = s.length - 1; i >=0; i--) {
-1832 	r += s[i];
-1833     }
-1834     return r;
-1835 }
-1836 
-1837 // =======================================================
-1838 /**
-1839  * set class inheritance<br/>
-1840  * @name extendClass
-1841  * @function
-1842  * @param {Function} subClass sub class to set inheritance
-1843  * @param {Function} superClass super class to inherit
-1844  * @since jsrsasign 10.3.0 base64x 1.1.21
-1845  *
-1846  * @description
-1847  * This function extends a class and set an inheritance
-1848  * for member variables and methods.
-1849  *
-1850  * @example
-1851  * var Animal = function() {
-1852  *   this.hello = function(){console.log("Hello")};
-1853  *   this.name="Ani";
-1854  * };
-1855  * var Dog = function() {
-1856  *   Dog.superclass.constructor.call(this);
-1857  *   this.vow = function(){console.log("Vow wow")};
-1858  *   this.tail=true;
-1859  * };
-1860  * extendClass(Dog, Animal);
-1861  */
-1862 function extendClass(subClass, superClass) {
-1863     var F = function() {};
-1864     F.prototype = superClass.prototype;
-1865     subClass.prototype = new F();
-1866     subClass.prototype.constructor = subClass;
-1867     subClass.superclass = superClass.prototype;
-1868      
-1869     if (superClass.prototype.constructor == Object.prototype.constructor) {
-1870         superClass.prototype.constructor = superClass;
-1871     }
-1872 };
-1873 
-1874 

\ No newline at end of file
+1408  * @static
+1409  * @param {String} s input string
+1410  * @return {Boolean} true if a string "s" RFC 822 mail address
+1411  * @since jsrsasign 9.0.0 base64x 1.1.16
+1412  * This static method will check string s is RFC 822 compliant mail address.
+1413  * @example
+1414  * KJUR.lang.String.isMail("abc") → false
+1415  * KJUR.lang.String.isMail("abc@example") → false
+1416  * KJUR.lang.String.isMail("abc@example.com") → true
+1417  */
+1418 KJUR.lang.String.isMail = function(s) {
+1419     if (s.match(/^[A-Za-z0-9]{1}[A-Za-z0-9_.-]*@{1}[A-Za-z0-9_.-]{1,}\.[A-Za-z0-9]{1,}$/) !== null) return true;
+1420     return false;
+1421 };
+1422 
+1423 // ==== others ================================
+1424 
+1425 /**
+1426  * canonicalize hexadecimal string of positive integer<br/>
+1427  * @name hextoposhex
+1428  * @function
+1429  * @param {String} s hexadecimal string 
+1430  * @return {String} canonicalized hexadecimal string of positive integer
+1431  * @since base64x 1.1.10 jsrsasign 7.1.4
+1432  * @description
+1433  * This method canonicalize a hexadecimal string of positive integer
+1434  * for two's complement representation.
+1435  * Canonicalized hexadecimal string of positive integer will be:
+1436  * <ul>
+1437  * <li>Its length is always even.</li>
+1438  * <li>If odd length it will be padded with leading zero.<li>
+1439  * <li>If it is even length and its first character is "8" or greater,
+1440  * it will be padded with "00" to make it positive integer.</li>
+1441  * </ul>
+1442  * @example
+1443  * hextoposhex("abcd") → "00abcd"
+1444  * hextoposhex("1234") → "1234"
+1445  * hextoposhex("12345") → "012345"
+1446  */
+1447 function hextoposhex(s) {
+1448     if (s.length % 2 == 1) return "0" + s;
+1449     if (s.substr(0, 1) > "7") return "00" + s;
+1450     return s;
+1451 }
+1452 
+1453 /**
+1454  * convert string of integer array to hexadecimal string.<br/>
+1455  * @name intarystrtohex
+1456  * @function
+1457  * @param {String} s string of integer array
+1458  * @return {String} hexadecimal string
+1459  * @since base64x 1.1.6 jsrsasign 5.0.2
+1460  * @throws "malformed integer array string: *" for wrong input
+1461  * @description
+1462  * This function converts a string of JavaScript integer array to
+1463  * a hexadecimal string. Each integer value shall be in a range 
+1464  * from 0 to 255 otherwise it raise exception. Input string can
+1465  * have extra space or newline string so that they will be ignored.
+1466  * 
+1467  * @example
+1468  * intarystrtohex(" [123, 34, 101, 34, 58] ")
+1469  * → 7b2265223a (i.e. '{"e":' as string)
+1470  */
+1471 function intarystrtohex(s) {
+1472   s = s.replace(/^\s*\[\s*/, '');
+1473   s = s.replace(/\s*\]\s*$/, '');
+1474   s = s.replace(/\s*/g, '');
+1475   try {
+1476     var hex = s.split(/,/).map(function(element, index, array) {
+1477       var i = parseInt(element);
+1478       if (i < 0 || 255 < i) throw "integer not in range 0-255";
+1479       var hI = ("00" + i.toString(16)).slice(-2);
+1480       return hI;
+1481     }).join('');
+1482     return hex;
+1483   } catch(ex) {
+1484     throw "malformed integer array string: " + ex;
+1485   }
+1486 }
+1487 
+1488 /**
+1489  * find index of string where two string differs
+1490  * @name strdiffidx
+1491  * @function
+1492  * @param {String} s1 string to compare
+1493  * @param {String} s2 string to compare
+1494  * @return {Number} string index of where character differs. Return -1 if same.
+1495  * @since jsrsasign 4.9.0 base64x 1.1.5
+1496  * @example
+1497  * strdiffidx("abcdefg", "abcd4fg") -> 4
+1498  * strdiffidx("abcdefg", "abcdefg") -> -1
+1499  * strdiffidx("abcdefg", "abcdef") -> 6
+1500  * strdiffidx("abcdefgh", "abcdef") -> 6
+1501  */
+1502 var strdiffidx = function(s1, s2) {
+1503     var n = s1.length;
+1504     if (s1.length > s2.length) n = s2.length;
+1505     for (var i = 0; i < n; i++) {
+1506 	if (s1.charCodeAt(i) != s2.charCodeAt(i)) return i;
+1507     }
+1508     if (s1.length != s2.length) return n;
+1509     return -1; // same
+1510 };
+1511 
+1512 // ==== hex / oid =================================
+1513 
+1514 /**
+1515  * get hexadecimal value of object identifier from dot noted oid value
+1516  * @name oidtohex
+1517  * @function
+1518  * @param {String} oidString dot noted string of object identifier
+1519  * @return {String} hexadecimal value of object identifier
+1520  * @since jsrsasign 10.1.0 base64x 1.1.18
+1521  * @see hextooid
+1522  * @see ASN1HEX.hextooidstr
+1523  * @see KJUR.asn1.ASN1Util.oidIntToHex
+1524  * @description
+1525  * This static method converts from object identifier value string.
+1526  * to hexadecimal string representation of it.
+1527  * {@link hextooid} is a reverse function of this.
+1528  * @example
+1529  * oidtohex("2.5.4.6") → "550406"
+1530  */
+1531 function oidtohex(oidString) {
+1532     var itox = function(i) {
+1533         var h = i.toString(16);
+1534         if (h.length == 1) h = '0' + h;
+1535         return h;
+1536     };
+1537 
+1538     var roidtox = function(roid) {
+1539         var h = '';
+1540         var bi = parseInt(roid, 10);
+1541         var b = bi.toString(2);
+1542 
+1543         var padLen = 7 - b.length % 7;
+1544         if (padLen == 7) padLen = 0;
+1545         var bPad = '';
+1546         for (var i = 0; i < padLen; i++) bPad += '0';
+1547         b = bPad + b;
+1548         for (var i = 0; i < b.length - 1; i += 7) {
+1549             var b8 = b.substr(i, 7);
+1550             if (i != b.length - 7) b8 = '1' + b8;
+1551             h += itox(parseInt(b8, 2));
+1552         }
+1553         return h;
+1554     };
+1555     
+1556     try {
+1557 	if (! oidString.match(/^[0-9.]+$/)) return null;
+1558     
+1559 	var h = '';
+1560 	var a = oidString.split('.');
+1561 	var i0 = parseInt(a[0], 10) * 40 + parseInt(a[1], 10);
+1562 	h += itox(i0);
+1563 	a.splice(0, 2);
+1564 	for (var i = 0; i < a.length; i++) {
+1565             h += roidtox(a[i]);
+1566 	}
+1567 	return h;
+1568     } catch(ex) {
+1569 	return null;
+1570     }
+1571 };
+1572 
+1573 /**
+1574  * get oid string from hexadecimal value of object identifier<br/>
+1575  * @name hextooid
+1576  * @function
+1577  * @param {String} h hexadecimal value of object identifier
+1578  * @return {String} dot noted string of object identifier (ex. "1.2.3.4")
+1579  * @since jsrsasign 10.1.0 base64x 1.1.18
+1580  * @see oidtohex
+1581  * @see ASN1HEX.hextooidstr
+1582  * @see KJUR.asn1.ASN1Util.oidIntToHex
+1583  * @description
+1584  * This static method converts from hexadecimal object identifier value 
+1585  * to dot noted OID value (ex. "1.2.3.4").
+1586  * {@link oidtohex} is a reverse function of this.
+1587  * @example
+1588  * hextooid("550406") → "2.5.4.6"
+1589  */
+1590 function hextooid(h) {
+1591     if (! ishex(h)) return null;
+1592     try {
+1593 	var a = [];
+1594 
+1595 	// a[0], a[1]
+1596 	var hex0 = h.substr(0, 2);
+1597 	var i0 = parseInt(hex0, 16);
+1598 	a[0] = new String(Math.floor(i0 / 40));
+1599 	a[1] = new String(i0 % 40);
+1600 
+1601 	// a[2]..a[n]
+1602 	var hex1 = h.substr(2);
+1603 	var b = [];
+1604 	for (var i = 0; i < hex1.length / 2; i++) {
+1605 	    b.push(parseInt(hex1.substr(i * 2, 2), 16));
+1606 	}
+1607 	var c = [];
+1608 	var cbin = "";
+1609 	for (var i = 0; i < b.length; i++) {
+1610             if (b[i] & 0x80) {
+1611 		cbin = cbin + strpad((b[i] & 0x7f).toString(2), 7);
+1612             } else {
+1613 		cbin = cbin + strpad((b[i] & 0x7f).toString(2), 7);
+1614 		c.push(new String(parseInt(cbin, 2)));
+1615 		cbin = "";
+1616             }
+1617 	}
+1618 
+1619 	var s = a.join(".");
+1620 	if (c.length > 0) s = s + "." + c.join(".");
+1621 	return s;
+1622     } catch(ex) {
+1623 	return null;
+1624     }
+1625 };
+1626 
+1627 /**
+1628  * string padding<br/>
+1629  * @name strpad
+1630  * @function
+1631  * @param {String} s input string
+1632  * @param {Number} len output string length
+1633  * @param {String} padchar padding character (default is "0")
+1634  * @return {String} padded string
+1635  * @since jsrsasign 10.1.0 base64x 1.1.18
+1636  * @example
+1637  * strpad("1234", 10, "0") → "0000001234"
+1638  * strpad("1234", 10, " ") → "      1234"
+1639  * strpad("1234", 10)      → "0000001234"
+1640  */
+1641 var strpad = function(s, len, padchar) {
+1642     if (padchar == undefined) padchar = "0";
+1643     if (s.length >= len) return s;
+1644     return new Array(len - s.length + 1).join(padchar) + s;
+1645 };
+1646 
+1647 // ==== bitstr hex / int =================================
+1648 
+1649 /**
+1650  * convert from hexadecimal string of ASN.1 BitString value with unused bit to integer value<br/>
+1651  * @name bitstrtoint
+1652  * @function
+1653  * @param {String} h hexadecimal string of ASN.1 BitString value with unused bit
+1654  * @return {Number} positive integer value of the BitString
+1655  * @since jsrsasign 10.1.3 base64x 1.1.19
+1656  * @see inttobitstr
+1657  * @see KJUR.asn1.DERBitString
+1658  * @see ASN1HEX.getInt
+1659  * 
+1660  * @description
+1661  * This function converts from hexadecimal string of ASN.1 BitString
+1662  * value with unused bit to its integer value. <br/>
+1663  * When an improper hexadecimal string of BitString value
+1664  * is applied, this returns -1.
+1665  * 
+1666  * @example
+1667  * // "03c8" → 0xc8 unusedbit=03 → 11001000b unusedbit=03 → 11001b → 25
+1668  * bitstrtoint("03c8") → 25
+1669  * // "02fff8" → 0xfff8 unusedbit=02 → 1111111111111000b unusedbit=02
+1670  * //   11111111111110b → 16382
+1671  * bitstrtoint("02fff8") → 16382
+1672  * bitstrtoint("05a0") → 5 (=101b)
+1673  * bitstrtoint("ff00") → -1 // for improper BitString value
+1674  * bitstrtoint("05a0").toString(2) → "101"
+1675  * bitstrtoint("07a080").toString(2) → "101000001"
+1676  */
+1677 function bitstrtoint(h) {
+1678     if (h.length % 2 != 0) return -1; 
+1679     h = h.toLowerCase();
+1680     if (h.match(/^[0-9a-f]+$/) == null) return -1;
+1681     try {
+1682 	var hUnusedbit = h.substr(0, 2);
+1683 	if (hUnusedbit == "00")
+1684 	    return parseInt(h.substr(2), 16);
+1685 	var iUnusedbit = parseInt(hUnusedbit, 16);
+1686 	if (iUnusedbit > 7) return -1;
+1687 	var hValue = h.substr(2);
+1688 	var bValue = parseInt(hValue, 16).toString(2);
+1689 	if (bValue == "0") bValue = "00000000";
+1690 	bValue = bValue.slice(0, 0 - iUnusedbit);
+1691 	var iValue = parseInt(bValue, 2);
+1692 	if (iValue == NaN) return -1;
+1693 	return iValue;
+1694     } catch(ex) {
+1695 	return -1;
+1696     }
+1697 };
+1698 
+1699 /**
+1700  * convert from integer value to hexadecimal string of ASN.1 BitString value with unused bit<br/>
+1701  * @name inttobitstr
+1702  * @function
+1703  * @param {Number} n integer value of ASN.1 BitString
+1704  * @return {String} hexadecimal string of ASN.1 BitString value with unused bit
+1705  * @since jsrsasign 10.1.3 base64x 1.1.19
+1706  * @see bitstrtoint
+1707  * @see KJUR.asn1.DERBitString
+1708  * @see ASN1HEX.getInt
+1709  * 
+1710  * @description
+1711  * This function converts from an integer value to 
+1712  * hexadecimal string of ASN.1 BitString value
+1713  * with unused bit. <br/>
+1714  * When "n" is not non-negative number, this returns null
+1715  * 
+1716  * @example
+1717  * // 25 → 11001b → 11001000b unusedbit=03 → 0xc8 unusedbit=03 → "03c8"
+1718  * inttobitstr(25) → "03c8"
+1719  * inttobitstr(-3) → null
+1720  * inttobitstr("abc") → null
+1721  * inttobitstr(parseInt("11001", 2)) → "03c8"
+1722  * inttobitstr(parseInt("101", 2)) → "05a0"
+1723  * inttobitstr(parseInt("101000001", 2)) → "07a080"
+1724  */
+1725 function inttobitstr(n) {
+1726     if (typeof n != "number") return null;
+1727     if (n < 0) return null;
+1728     var bValue = Number(n).toString(2);
+1729     var iUnusedbit = 8 - bValue.length % 8;
+1730     if (iUnusedbit == 8) iUnusedbit = 0;
+1731     bValue = bValue + strpad("", iUnusedbit, "0");
+1732     var hValue = parseInt(bValue, 2).toString(16);
+1733     if (hValue.length % 2 == 1) hValue = "0" + hValue;
+1734     var hUnusedbit = "0" + iUnusedbit;
+1735     return hUnusedbit + hValue;
+1736 };
+1737 
+1738 // ==== bitstr hex / binary string =======================
+1739 
+1740 /**
+1741  * convert from hexadecimal string of ASN.1 BitString value with unused bit to binary string<br/>
+1742  * @name bitstrtobinstr
+1743  * @function
+1744  * @param {string} h hexadecimal string of ASN.1 BitString value with unused bit
+1745  * @return {string} binary string
+1746  * @since jsrsasign 10.5.4 base64x 1.1.21
+1747  * @see binstrtobitstr
+1748  * @see inttobitstr
+1749  * 
+1750  * @description
+1751  * This function converts from hexadecimal string of ASN.1 BitString
+1752  * value with unused bit to its integer value. <br/>
+1753  * When an improper hexadecimal string of BitString value
+1754  * is applied, this returns null.
+1755  * 
+1756  * @example
+1757  * bitstrtobinstr("05a0") → "101"
+1758  * bitstrtobinstr("0520") → "001"
+1759  * bitstrtobinstr("07a080") → "101000001"
+1760  * bitstrtobinstr(502) → null // non ASN.1 BitString value
+1761  * bitstrtobinstr("ff00") → null // for improper BitString value
+1762  */
+1763 function bitstrtobinstr(h) {
+1764     if (typeof h != "string") return null;
+1765     if (h.length % 2 != 0) return null;
+1766     if (! h.match(/^[0-9a-f]+$/)) return null;
+1767     try {
+1768 	var unusedBits = parseInt(h.substr(0, 2), 16);
+1769 	if (unusedBits < 0 || 7 < unusedBits) return null
+1770 
+1771 	var value = h.substr(2);
+1772 	var bin = "";
+1773 	for (var i = 0; i < value.length; i += 2) {
+1774 	    var hi = value.substr(i, 2);
+1775 	    var bi = parseInt(hi, 16).toString(2);
+1776 	    bi = ("0000000" + bi).slice(-8);
+1777 	    bin += bi;
+1778 	}
+1779 	return  bin.substr(0, bin.length - unusedBits);
+1780     } catch(ex) {
+1781 	return null;
+1782     }
+1783 }
+1784 
+1785 /**
+1786  * convert from binary string to hexadecimal string of ASN.1 BitString value with unused bit<br/>
+1787  * @name binstrtobitstr
+1788  * @function
+1789  * @param {string} s binary string (ex. "101")
+1790  * @return {string} hexadecimal string of ASN.1 BitString value with unused bit
+1791  * @since jsrsasign 10.5.4 base64x 1.1.21
+1792  * @see bitstrtobinstr
+1793  * @see inttobitstr
+1794  * @see KJUR.asn1.DERBitString
+1795  * 
+1796  * @description
+1797  * This function converts from an binary string (ex. "101") to 
+1798  * hexadecimal string of ASN.1 BitString value
+1799  * with unused bit (ex. "05a0"). <br/>
+1800  * When "s" is not binary string, this returns null.
+1801  * 
+1802  * @example
+1803  * binstrtobitstr("101") → "05a0"
+1804  * binstrtobitstr("001") → "0520"
+1805  * binstrtobitstr("11001") → "03c8"
+1806  * binstrtobitstr("101000001") → "07a080"
+1807  * binstrtobitstr(101) → null // not number
+1808  * binstrtobitstr("xyz") → null // not binary string
+1809  */
+1810 function binstrtobitstr(s) {
+1811     if (typeof s != "string") return null;
+1812     if (s.match(/^[01]+$/) == null) return null;
+1813     try {
+1814 	var n = parseInt(s, 2);
+1815 	return inttobitstr(n);
+1816     } catch(ex) {
+1817 	return null;
+1818     }
+1819 }
+1820 
+1821 // =======================================================
+1822 /**
+1823  * convert array of names to bit string<br/>
+1824  * @name namearraytobinstr
+1825  * @function
+1826  * @param {array} namearray array of name string
+1827  * @param {object} namedb associative array of name and value
+1828  * @return {string} binary string (ex. "110001")
+1829  * @since jsrsasign 10.5.21 base64x 1.1.27
+1830  * @see KJUR.asn1.x509.KeyUsage
+1831  * @see KJUR.asn1.tsp.PKIFailureInfo
+1832  * 
+1833  * @description
+1834  * This function converts from an array of names to
+1835  * a binary string. DB value bit will be set.
+1836  * Note that ordering of namearray items
+1837  * will be ignored.
+1838  *
+1839  * @example
+1840  * db = { a: 0, b: 3, c: 8, d: 9, e: 17, f: 19 };
+1841  * namearraytobinstr(['a', 'c', 'd'], db) &rarr: '1000000011'
+1842  * namearraytobinstr(['c', 'b'], db) &rarr: '000100001'
+1843  */
+1844 function namearraytobinstr (namearray, namedb) {
+1845     var d = 0;
+1846     for (var i = 0; i < namearray.length; i++) {
+1847 	d |= 1 << namedb[namearray[i]];
+1848     }
+1849 
+1850     var s = d.toString(2);
+1851     var r = "";
+1852     for (var i = s.length - 1; i >=0; i--) {
+1853 	r += s[i];
+1854     }
+1855     return r;
+1856 }
+1857 
+1858 // =======================================================
+1859 /**
+1860  * set class inheritance<br/>
+1861  * @name extendClass
+1862  * @function
+1863  * @param {Function} subClass sub class to set inheritance
+1864  * @param {Function} superClass super class to inherit
+1865  * @since jsrsasign 10.3.0 base64x 1.1.21
+1866  *
+1867  * @description
+1868  * This function extends a class and set an inheritance
+1869  * for member variables and methods.
+1870  *
+1871  * @example
+1872  * var Animal = function() {
+1873  *   this.hello = function(){console.log("Hello")};
+1874  *   this.name="Ani";
+1875  * };
+1876  * var Dog = function() {
+1877  *   Dog.superclass.constructor.call(this);
+1878  *   this.vow = function(){console.log("Vow wow")};
+1879  *   this.tail=true;
+1880  * };
+1881  * extendClass(Dog, Animal);
+1882  */
+1883 function extendClass(subClass, superClass) {
+1884     var F = function() {};
+1885     F.prototype = superClass.prototype;
+1886     subClass.prototype = new F();
+1887     subClass.prototype.constructor = subClass;
+1888     subClass.superclass = superClass.prototype;
+1889      
+1890     if (superClass.prototype.constructor == Object.prototype.constructor) {
+1891         superClass.prototype.constructor = superClass;
+1892     }
+1893 };
+1894 
+1895
\ No newline at end of file diff --git a/api/symbols/src/jws-3.3.js.html b/api/symbols/src/jws-3.3.js.html index 1925cf4e..13473b68 100644 --- a/api/symbols/src/jws-3.3.js.html +++ b/api/symbols/src/jws-3.3.js.html @@ -5,12 +5,12 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} - 
  1 /* jws-3.3.11 (c) 2013-2018 Kenji Urushima | kjur.github.io/jsrsasign/license
+	
  1 /* jws-3.3.12 (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
   2  */
   3 /*
   4  * jws.js - JSON Web Signature(JWS) and JSON Web Token(JWT) Class
   5  *
-  6  * Copyright (c) 2010-2018 Kenji Urushima (kenji.urushima@gmail.com)
+  6  * Copyright (c) 2010-2022 Kenji Urushima (kenji.urushima@gmail.com)
   7  *
   8  * This software is licensed under the terms of the MIT License.
   9  * https://kjur.github.io/jsrsasign/license/
@@ -23,7 +23,7 @@
  16  * @fileOverview
  17  * @name jws-3.3.js
  18  * @author Kenji Urushima kenji.urushima@gmail.com
- 19  * @version jsrsasign 8.0.3 jws 3.3.11 (2018-Mar-11)
+ 19  * @version jsrsasign 10.5.25 jws 3.3.12 (2022-Jun-23)
  20  * @since jsjws 1.0, jsrsasign 4.8.0
  21  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
  22  */
@@ -409,691 +409,698 @@
 402     
 403     if (typeof RSAKey !== undefined) _RSAKey = RSAKey;
 404 
-405     var a = sJWS.split(".");
-406     if (a.length !== 3) return false;
+405     // 0. checking dot concatinatd Base64URL encoded string
+406     if (! isBase64URLDot(sJWS)) return false;
 407 
-408     var uHeader = a[0];
-409     var uPayload = a[1];
-410     var uSignatureInput = uHeader + "." + uPayload;
-411     var hSig = b64utohex(a[2]);
-412 
-413     // 1. parse JWS header
-414     var pHeader = _readSafeJSONString(b64utoutf8(a[0]));
-415     var alg = null;
-416     var algType = null; // HS|RS|PS|ES|no
-417     if (pHeader.alg === undefined) {
-418 	throw "algorithm not specified in header";
-419     } else {
-420 	alg = pHeader.alg;
-421 	algType = alg.substr(0, 2);
-422     }
-423 
-424     // 2. check whether alg is acceptable algorithms
-425     if (acceptAlgs != null &&
-426         Object.prototype.toString.call(acceptAlgs) === '[object Array]' &&
-427         acceptAlgs.length > 0) {
-428 	var acceptAlgStr = ":" + acceptAlgs.join(":") + ":";
-429 	if (acceptAlgStr.indexOf(":" + alg + ":") == -1) {
-430 	    throw "algorithm '" + alg + "' not accepted in the list";
-431 	}
-432     }
-433 
-434     // 3. check whether key is a proper key for alg.
-435     if (alg != "none" && key === null) {
-436 	throw "key shall be specified to verify.";
-437     }
-438 
-439     // 3.1. There is no key check for HS* because Mac will check it.
-440     //      since jsrsasign 5.0.0.
+408     var a = sJWS.split(".");
+409     if (a.length !== 3) return false;
+410 
+411     var uHeader = a[0];
+412     var uPayload = a[1];
+413     var uSignatureInput = uHeader + "." + uPayload;
+414     var hSig = b64utohex(a[2]);
+415 
+416     // 1. parse JWS header
+417     var pHeader = _readSafeJSONString(b64utoutf8(a[0]));
+418     var alg = null;
+419     var algType = null; // HS|RS|PS|ES|no
+420     if (pHeader.alg === undefined) {
+421 	throw "algorithm not specified in header";
+422     } else {
+423 	alg = pHeader.alg;
+424 	algType = alg.substr(0, 2);
+425     }
+426 
+427     // 2. check whether alg is acceptable algorithms
+428     if (acceptAlgs != null &&
+429         Object.prototype.toString.call(acceptAlgs) === '[object Array]' &&
+430         acceptAlgs.length > 0) {
+431 	var acceptAlgStr = ":" + acceptAlgs.join(":") + ":";
+432 	if (acceptAlgStr.indexOf(":" + alg + ":") == -1) {
+433 	    throw "algorithm '" + alg + "' not accepted in the list";
+434 	}
+435     }
+436 
+437     // 3. check whether key is a proper key for alg.
+438     if (alg != "none" && key === null) {
+439 	throw "key shall be specified to verify.";
+440     }
 441 
-442     // 3.2. convert key object if key is a public key or cert PEM string
-443     if (typeof key == "string" &&
-444 	key.indexOf("-----BEGIN ") != -1) {
-445 	key = KEYUTIL.getKey(key);
-446     }
-447 
-448     // 3.3. check whether key is RSAKey obj if alg is RS* or PS*.
-449     if (algType == "RS" || algType == "PS") {
-450 	if (!(key instanceof _RSAKey)) {
-451 	    throw "key shall be a RSAKey obj for RS* and PS* algs";
-452 	}
-453     }
-454 
-455     // 3.4. check whether key is ECDSA obj if alg is ES*.
-456     if (algType == "ES") {
-457 	if (!(key instanceof _ECDSA)) {
-458 	    throw "key shall be a ECDSA obj for ES* algs";
-459 	}
-460     }
-461 
-462     // 3.5. check when alg is 'none'
-463     if (alg == "none") {
-464     }
-465 
-466     // 4. check whether alg is supported alg in jsjws.
-467     var sigAlg = null;
-468     if (_KJUR_jws_JWS.jwsalg2sigalg[pHeader.alg] === undefined) {
-469 	throw "unsupported alg name: " + alg;
-470     } else {
-471 	sigAlg = _KJUR_jws_JWS.jwsalg2sigalg[alg];
-472     }
-473 
-474     // 5. verify
-475     if (sigAlg == "none") {
-476         throw "not supported";
-477     } else if (sigAlg.substr(0, 4) == "Hmac") {
-478 	var hSig2 = null;
-479 	if (key === undefined)
-480 	    throw "hexadecimal key shall be specified for HMAC";
-481 	//try {
-482 	    var mac = new _Mac({'alg': sigAlg, 'pass': key});
-483 	    mac.updateString(uSignatureInput);
-484 	    hSig2 = mac.doFinal();
-485 	//} catch(ex) {};
-486 	return hSig == hSig2;
-487     } else if (sigAlg.indexOf("withECDSA") != -1) {
-488 	var hASN1Sig = null;
-489         try {
-490 	    hASN1Sig = _ECDSA.concatSigToASN1Sig(hSig);
-491 	} catch (ex) {
-492 	    return false;
-493 	}
-494 	var sig = new _Signature({'alg': sigAlg});
-495 	sig.init(key)
-496 	sig.updateString(uSignatureInput);
-497 	return sig.verify(hASN1Sig);
-498     } else {
-499 	var sig = new _Signature({'alg': sigAlg});
-500 	sig.init(key)
-501 	sig.updateString(uSignatureInput);
-502 	return sig.verify(hSig);
-503     }
-504 };
-505 
-506 /**
-507  * parse header and payload of JWS signature<br/>
-508  * @name parse
-509  * @memberOf KJUR.jws.JWS
-510  * @function
-511  * @static
-512  * @param {String} sJWS string of JWS signature to parse
-513  * @return {Array} associative array of parsed header and payload. See below.
-514  * @throws if sJWS is malformed JWS signature
-515  * @since jws 3.3.3
-516  * @description
-517  * This method parses JWS signature string. 
-518  * Resulted associative array has following properties:
-519  * <ul>
-520  * <li>headerObj - JSON object of header</li>
-521  * <li>payloadObj - JSON object of payload if payload is JSON string otherwise undefined</li>
-522  * <li>headerPP - pretty printed JSON header by stringify</li>
-523  * <li>payloadPP - pretty printed JSON payload by stringify if payload is JSON otherwise Base64URL decoded raw string of payload</li>
-524  * <li>sigHex - hexadecimal string of signature</li>
-525  * </ul>
-526  * @example
-527  * KJUR.jws.JWS.parse(sJWS) ->
-528  * { 
-529  *   headerObj: {"alg": "RS256", "typ": "JWS"},
-530  *   payloadObj: {"product": "orange", "quantity": 100},
-531  *   headerPP: 
-532  *   '{
-533  *     "alg": "RS256",
-534  *     "typ": "JWS"
-535  *   }',
-536  *   payloadPP: 
-537  *   '{
-538  *     "product": "orange",
-539  *     "quantity": 100
-540  *   }',
-541  *   sigHex: "91f3cd..." 
-542  * }
-543  */
-544 KJUR.jws.JWS.parse = function(sJWS) {
-545     var a = sJWS.split(".");
-546     var result = {};
-547     var uHeader, uPayload, uSig;
-548     if (a.length != 2 && a.length != 3)
-549 	throw "malformed sJWS: wrong number of '.' splitted elements";
-550 
-551     uHeader = a[0];
-552     uPayload = a[1];
-553     if (a.length == 3) uSig = a[2]; 
-554 
-555     result.headerObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uHeader));
-556     result.payloadObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uPayload));
+442     // 3.1. There is no key check for HS* because Mac will check it.
+443     //      since jsrsasign 5.0.0.
+444 
+445     // 3.2. convert key object if key is a public key or cert PEM string
+446     if (typeof key == "string" &&
+447 	key.indexOf("-----BEGIN ") != -1) {
+448 	key = KEYUTIL.getKey(key);
+449     }
+450 
+451     // 3.3. check whether key is RSAKey obj if alg is RS* or PS*.
+452     if (algType == "RS" || algType == "PS") {
+453 	if (!(key instanceof _RSAKey)) {
+454 	    throw "key shall be a RSAKey obj for RS* and PS* algs";
+455 	}
+456     }
+457 
+458     // 3.4. check whether key is ECDSA obj if alg is ES*.
+459     if (algType == "ES") {
+460 	if (!(key instanceof _ECDSA)) {
+461 	    throw "key shall be a ECDSA obj for ES* algs";
+462 	}
+463     }
+464 
+465     // 3.5. check when alg is 'none'
+466     if (alg == "none") {
+467     }
+468 
+469     // 4. check whether alg is supported alg in jsjws.
+470     var sigAlg = null;
+471     if (_KJUR_jws_JWS.jwsalg2sigalg[pHeader.alg] === undefined) {
+472 	throw "unsupported alg name: " + alg;
+473     } else {
+474 	sigAlg = _KJUR_jws_JWS.jwsalg2sigalg[alg];
+475     }
+476 
+477     // 5. verify
+478     if (sigAlg == "none") {
+479         throw "not supported";
+480     } else if (sigAlg.substr(0, 4) == "Hmac") {
+481 	var hSig2 = null;
+482 	if (key === undefined)
+483 	    throw "hexadecimal key shall be specified for HMAC";
+484 	//try {
+485 	    var mac = new _Mac({'alg': sigAlg, 'pass': key});
+486 	    mac.updateString(uSignatureInput);
+487 	    hSig2 = mac.doFinal();
+488 	//} catch(ex) {};
+489 	return hSig == hSig2;
+490     } else if (sigAlg.indexOf("withECDSA") != -1) {
+491 	var hASN1Sig = null;
+492         try {
+493 	    hASN1Sig = _ECDSA.concatSigToASN1Sig(hSig);
+494 	} catch (ex) {
+495 	    return false;
+496 	}
+497 	var sig = new _Signature({'alg': sigAlg});
+498 	sig.init(key)
+499 	sig.updateString(uSignatureInput);
+500 	return sig.verify(hASN1Sig);
+501     } else {
+502 	var sig = new _Signature({'alg': sigAlg});
+503 	sig.init(key)
+504 	sig.updateString(uSignatureInput);
+505 	return sig.verify(hSig);
+506     }
+507 };
+508 
+509 /**
+510  * parse header and payload of JWS signature<br/>
+511  * @name parse
+512  * @memberOf KJUR.jws.JWS
+513  * @function
+514  * @static
+515  * @param {String} sJWS string of JWS signature to parse
+516  * @return {Array} associative array of parsed header and payload. See below.
+517  * @throws if sJWS is malformed JWS signature
+518  * @since jws 3.3.3
+519  * @description
+520  * This method parses JWS signature string. 
+521  * Resulted associative array has following properties:
+522  * <ul>
+523  * <li>headerObj - JSON object of header</li>
+524  * <li>payloadObj - JSON object of payload if payload is JSON string otherwise undefined</li>
+525  * <li>headerPP - pretty printed JSON header by stringify</li>
+526  * <li>payloadPP - pretty printed JSON payload by stringify if payload is JSON otherwise Base64URL decoded raw string of payload</li>
+527  * <li>sigHex - hexadecimal string of signature</li>
+528  * </ul>
+529  * @example
+530  * KJUR.jws.JWS.parse(sJWS) ->
+531  * { 
+532  *   headerObj: {"alg": "RS256", "typ": "JWS"},
+533  *   payloadObj: {"product": "orange", "quantity": 100},
+534  *   headerPP: 
+535  *   '{
+536  *     "alg": "RS256",
+537  *     "typ": "JWS"
+538  *   }',
+539  *   payloadPP: 
+540  *   '{
+541  *     "product": "orange",
+542  *     "quantity": 100
+543  *   }',
+544  *   sigHex: "91f3cd..." 
+545  * }
+546  */
+547 KJUR.jws.JWS.parse = function(sJWS) {
+548     var a = sJWS.split(".");
+549     var result = {};
+550     var uHeader, uPayload, uSig;
+551     if (a.length != 2 && a.length != 3)
+552 	throw "malformed sJWS: wrong number of '.' splitted elements";
+553 
+554     uHeader = a[0];
+555     uPayload = a[1];
+556     if (a.length == 3) uSig = a[2]; 
 557 
-558     result.headerPP = JSON.stringify(result.headerObj, null, "  ");
-559     if (result.payloadObj == null) {
-560 	result.payloadPP = b64utoutf8(uPayload);
-561     } else {
-562 	result.payloadPP = JSON.stringify(result.payloadObj, null, "  ");
-563     }
-564 
-565     if (uSig !== undefined) {
-566 	result.sigHex = b64utohex(uSig);
-567     }
-568 
-569     return result;
-570 };
+558     result.headerObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uHeader));
+559     result.payloadObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uPayload));
+560 
+561     result.headerPP = JSON.stringify(result.headerObj, null, "  ");
+562     if (result.payloadObj == null) {
+563 	result.payloadPP = b64utoutf8(uPayload);
+564     } else {
+565 	result.payloadPP = JSON.stringify(result.payloadObj, null, "  ");
+566     }
+567 
+568     if (uSig !== undefined) {
+569 	result.sigHex = b64utohex(uSig);
+570     }
 571 
-572 /**
-573  * @name verifyJWT
-574  * @memberOf KJUR.jws.JWS
-575  * @function
-576  * @static
-577  * @param {String} sJWT string of JSON Web Token(JWT) to verify
-578  * @param {Object} key string of public key, certificate or key object to verify
-579  * @param {Array} acceptField associative array of acceptable fields (OPTION)
-580  * @return {Boolean} true if the JWT token is valid otherwise false
-581  * @since jws 3.2.3 jsrsasign 4.8.0
-582  *
-583  * @description
-584  * This method verifies a
-585  * <a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a> 
-586  * JSON Web Token(JWT).
-587  * It will verify following:
-588  * <ul>
-589  * <li>Header.alg
-590  * <ul>
-591  * <li>alg is specified in JWT header.</li>
-592  * <li>alg is included in acceptField.alg array. (MANDATORY)</li>
-593  * <li>alg is proper for key.</li>
-594  * </ul>
-595  * </li>
-596  * <li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
-597  * <li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
-598  * <li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or 
-599  *     the same as value if specified. (OPTION)</li>
-600  * <li>Time validity
-601  * <ul>
-602  * <li>
-603  * If acceptField.verifyAt as number of UNIX origin time is specifed for validation time, 
-604  * this method will verify at the time for it, otherwise current time will be used to verify.
-605  * </li>
-606  * <li>
-607  * Clock of JWT generator or verifier can be fast or slow. If these clocks are
-608  * very different, JWT validation may fail. To avoid such case, 'jsrsasign' supports
-609  * 'acceptField.gracePeriod' parameter which specifies acceptable time difference
-610  * of those clocks in seconds. So if you want to accept slow or fast in 2 hours,
-611  * you can specify <code>acceptField.gracePeriod = 2 * 60 * 60;</code>.
-612  * "gracePeriod" is zero by default.
-613  * "gracePeriod" is supported since jsrsasign 5.0.12.
-614  * </li>
-615  * <li>Payload.exp (expire) - Validation time is smaller than Payload.exp + gracePeriod.</li>
-616  * <li>Payload.nbf (not before) - Validation time is greater than Payload.nbf - gracePeriod.</li>
-617  * <li>Payload.iat (issued at) - Validation time is greater than Payload.iat - gracePeriod.</li>
-618  * </ul>
-619  * </li>
-620  * <li>Payload.jti (JWT id) - Payload.jti is included in acceptField.jti if specified. (OPTION)</li>
-621  * <li>JWS signature of JWS is valid for specified key.</li>
-622  * </ul>
-623  *
-624  * <h4>acceptField parameters</h4>
-625  * Here is available acceptField argument parameters:
-626  * <ul>
-627  * <li>alg - array of acceptable signature algorithm names (ex. ["HS256", "HS384"])</li>
-628  * <li>iss - array of acceptable issuer names (ex. ['http://foo.com'])</li>
-629  * <li>sub - array of acceptable subject names (ex. ['mailto:john@foo.com'])</li>
-630  * <li>aud - array of acceptable audience name (ex. ['http://foo.com'])</li>
-631  * <li>jti - string of acceptable JWT ID (OPTION) (ex. 'id1234')</li>
-632  * <li>
-633  * verifyAt - time to verify 'nbf', 'iat' and 'exp' in UNIX seconds 
-634  * (OPTION) (ex. 1377663900).  
-635  * If this is not specified, current time of verifier will be used. 
-636  * {@link KJUR.jws.IntDate} may be useful to specify it.
-637  * </li>
-638  * <li>gracePeriod - acceptable time difference between signer and verifier
-639  * in seconds (ex. 3600). If this is not specified, zero will be used.</li>
-640  * </ul>
-641  *
-642  * @example
-643  * // simple validation for HS256
-644  * isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
-645  *
-646  * // full validation for RS or PS
-647  * pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
-648  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
-649  *   alg: ['RS256', 'RS512', 'PS256', 'PS512'],
-650  *   iss: ['http://foo.com'],
-651  *   sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
-652  *   verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
-653  *   aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
-654  *   jti: 'id123456',
-655  *   gracePeriod: 1 * 60 * 60 // accept 1 hour slow or fast
-656  * });
-657  */
-658 KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) {
-659     var _KJUR = KJUR,
-660 	_KJUR_jws = _KJUR.jws,
-661 	_KJUR_jws_JWS = _KJUR_jws.JWS,
-662 	_readSafeJSONString = _KJUR_jws_JWS.readSafeJSONString,
-663 	_inArray = _KJUR_jws_JWS.inArray,
-664 	_includedArray = _KJUR_jws_JWS.includedArray;
-665 
-666     // 1. parse JWT
-667     var a = sJWT.split(".");
-668     var uHeader = a[0];
-669     var uPayload = a[1];
-670     var uSignatureInput = uHeader + "." + uPayload;
-671     var hSig = b64utohex(a[2]);
-672 
-673     // 2. parse JWS header
-674     var pHeader = _readSafeJSONString(b64utoutf8(uHeader));
-675 
-676     // 3. parse JWS payload
-677     var pPayload = _readSafeJSONString(b64utoutf8(uPayload));
-678 
-679     // 4. algorithm ('alg' in header) check
-680     if (pHeader.alg === undefined) return false;
-681     if (acceptField.alg === undefined)
-682 	throw "acceptField.alg shall be specified";
-683     if (! _inArray(pHeader.alg, acceptField.alg)) return false;
-684 
-685     // 5. issuer ('iss' in payload) check
-686     if (pPayload.iss !== undefined && typeof acceptField.iss === "object") {
-687 	if (! _inArray(pPayload.iss, acceptField.iss)) return false;
-688     }
-689 
-690     // 6. subject ('sub' in payload) check
-691     if (pPayload.sub !== undefined && typeof acceptField.sub === "object") {
-692 	if (! _inArray(pPayload.sub, acceptField.sub)) return false;
-693     }
-694 
-695     // 7. audience ('aud' in payload) check
-696     if (pPayload.aud !== undefined && typeof acceptField.aud === "object") {
-697 	if (typeof pPayload.aud == "string") {
-698 	    if (! _inArray(pPayload.aud, acceptField.aud))
-699 		return false;
-700 	} else if (typeof pPayload.aud == "object") {
-701 	    if (! _includedArray(pPayload.aud, acceptField.aud))
-702 		return false;
-703 	}
-704     }
-705 
-706     // 8. time validity 
-707     //   (nbf - gracePeriod < now < exp + gracePeriod) && (iat - gracePeriod < now)
-708     var now = _KJUR_jws.IntDate.getNow();
-709     if (acceptField.verifyAt !== undefined && typeof acceptField.verifyAt === "number") {
-710 	now = acceptField.verifyAt;
+572     return result;
+573 };
+574 
+575 /**
+576  * @name verifyJWT
+577  * @memberOf KJUR.jws.JWS
+578  * @function
+579  * @static
+580  * @param {String} sJWT string of JSON Web Token(JWT) to verify
+581  * @param {Object} key string of public key, certificate or key object to verify
+582  * @param {Array} acceptField associative array of acceptable fields (OPTION)
+583  * @return {Boolean} true if the JWT token is valid otherwise false
+584  * @since jws 3.2.3 jsrsasign 4.8.0
+585  *
+586  * @description
+587  * This method verifies a
+588  * <a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a> 
+589  * JSON Web Token(JWT).
+590  * It will verify following:
+591  * <ul>
+592  * <li>Header.alg
+593  * <ul>
+594  * <li>alg is specified in JWT header.</li>
+595  * <li>alg is included in acceptField.alg array. (MANDATORY)</li>
+596  * <li>alg is proper for key.</li>
+597  * </ul>
+598  * </li>
+599  * <li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
+600  * <li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
+601  * <li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or 
+602  *     the same as value if specified. (OPTION)</li>
+603  * <li>Time validity
+604  * <ul>
+605  * <li>
+606  * If acceptField.verifyAt as number of UNIX origin time is specifed for validation time, 
+607  * this method will verify at the time for it, otherwise current time will be used to verify.
+608  * </li>
+609  * <li>
+610  * Clock of JWT generator or verifier can be fast or slow. If these clocks are
+611  * very different, JWT validation may fail. To avoid such case, 'jsrsasign' supports
+612  * 'acceptField.gracePeriod' parameter which specifies acceptable time difference
+613  * of those clocks in seconds. So if you want to accept slow or fast in 2 hours,
+614  * you can specify <code>acceptField.gracePeriod = 2 * 60 * 60;</code>.
+615  * "gracePeriod" is zero by default.
+616  * "gracePeriod" is supported since jsrsasign 5.0.12.
+617  * </li>
+618  * <li>Payload.exp (expire) - Validation time is smaller than Payload.exp + gracePeriod.</li>
+619  * <li>Payload.nbf (not before) - Validation time is greater than Payload.nbf - gracePeriod.</li>
+620  * <li>Payload.iat (issued at) - Validation time is greater than Payload.iat - gracePeriod.</li>
+621  * </ul>
+622  * </li>
+623  * <li>Payload.jti (JWT id) - Payload.jti is included in acceptField.jti if specified. (OPTION)</li>
+624  * <li>JWS signature of JWS is valid for specified key.</li>
+625  * </ul>
+626  *
+627  * <h4>acceptField parameters</h4>
+628  * Here is available acceptField argument parameters:
+629  * <ul>
+630  * <li>alg - array of acceptable signature algorithm names (ex. ["HS256", "HS384"])</li>
+631  * <li>iss - array of acceptable issuer names (ex. ['http://foo.com'])</li>
+632  * <li>sub - array of acceptable subject names (ex. ['mailto:john@foo.com'])</li>
+633  * <li>aud - array of acceptable audience name (ex. ['http://foo.com'])</li>
+634  * <li>jti - string of acceptable JWT ID (OPTION) (ex. 'id1234')</li>
+635  * <li>
+636  * verifyAt - time to verify 'nbf', 'iat' and 'exp' in UNIX seconds 
+637  * (OPTION) (ex. 1377663900).  
+638  * If this is not specified, current time of verifier will be used. 
+639  * {@link KJUR.jws.IntDate} may be useful to specify it.
+640  * </li>
+641  * <li>gracePeriod - acceptable time difference between signer and verifier
+642  * in seconds (ex. 3600). If this is not specified, zero will be used.</li>
+643  * </ul>
+644  *
+645  * @example
+646  * // simple validation for HS256
+647  * isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
+648  *
+649  * // full validation for RS or PS
+650  * pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
+651  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
+652  *   alg: ['RS256', 'RS512', 'PS256', 'PS512'],
+653  *   iss: ['http://foo.com'],
+654  *   sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
+655  *   verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
+656  *   aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
+657  *   jti: 'id123456',
+658  *   gracePeriod: 1 * 60 * 60 // accept 1 hour slow or fast
+659  * });
+660  */
+661 KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) {
+662     var _KJUR = KJUR,
+663 	_KJUR_jws = _KJUR.jws,
+664 	_KJUR_jws_JWS = _KJUR_jws.JWS,
+665 	_readSafeJSONString = _KJUR_jws_JWS.readSafeJSONString,
+666 	_inArray = _KJUR_jws_JWS.inArray,
+667 	_includedArray = _KJUR_jws_JWS.includedArray;
+668 
+669     // 0. checking dot concatinatd Base64URL encoded string
+670     if (! isBase64URLDot(sJWT)) return false;
+671 
+672     // 1. parse JWT
+673     var a = sJWT.split(".");
+674     if (a.length != 3) return false;
+675     var uHeader = a[0];
+676     var uPayload = a[1];
+677     var uSignatureInput = uHeader + "." + uPayload;
+678     var hSig = b64utohex(a[2]);
+679 
+680     // 2. parse JWS header
+681     var pHeader = _readSafeJSONString(b64utoutf8(uHeader));
+682 
+683     // 3. parse JWS payload
+684     var pPayload = _readSafeJSONString(b64utoutf8(uPayload));
+685 
+686     // 4. algorithm ('alg' in header) check
+687     if (pHeader.alg === undefined) return false;
+688     if (acceptField.alg === undefined)
+689 	throw "acceptField.alg shall be specified";
+690     if (! _inArray(pHeader.alg, acceptField.alg)) return false;
+691 
+692     // 5. issuer ('iss' in payload) check
+693     if (pPayload.iss !== undefined && typeof acceptField.iss === "object") {
+694 	if (! _inArray(pPayload.iss, acceptField.iss)) return false;
+695     }
+696 
+697     // 6. subject ('sub' in payload) check
+698     if (pPayload.sub !== undefined && typeof acceptField.sub === "object") {
+699 	if (! _inArray(pPayload.sub, acceptField.sub)) return false;
+700     }
+701 
+702     // 7. audience ('aud' in payload) check
+703     if (pPayload.aud !== undefined && typeof acceptField.aud === "object") {
+704 	if (typeof pPayload.aud == "string") {
+705 	    if (! _inArray(pPayload.aud, acceptField.aud))
+706 		return false;
+707 	} else if (typeof pPayload.aud == "object") {
+708 	    if (! _includedArray(pPayload.aud, acceptField.aud))
+709 		return false;
+710 	}
 711     }
-712     if (acceptField.gracePeriod === undefined || 
-713         typeof acceptField.gracePeriod !== "number") {
-714 	acceptField.gracePeriod = 0;
-715     }
-716 
-717     // 8.1 expired time 'exp' check
-718     if (pPayload.exp !== undefined && typeof pPayload.exp == "number") {
-719 	if (pPayload.exp + acceptField.gracePeriod < now) return false;
-720     }
-721 
-722     // 8.2 not before time 'nbf' check
-723     if (pPayload.nbf !== undefined && typeof pPayload.nbf == "number") {
-724 	if (now < pPayload.nbf - acceptField.gracePeriod) return false;
-725     }
-726     
-727     // 8.3 issued at time 'iat' check
-728     if (pPayload.iat !== undefined && typeof pPayload.iat == "number") {
-729 	if (now < pPayload.iat - acceptField.gracePeriod) return false;
-730     }
-731 
-732     // 9 JWT id 'jti' check
-733     if (pPayload.jti !== undefined && acceptField.jti !== undefined) {
-734       if (pPayload.jti !== acceptField.jti) return false;
-735     }
-736 
-737     // 10 JWS signature check
-738     if (! _KJUR_jws_JWS.verify(sJWT, key, acceptField.alg)) return false;
-739 
-740     // 11 passed all check
-741     return true;
-742 };
+712 
+713     // 8. time validity 
+714     //   (nbf - gracePeriod < now < exp + gracePeriod) && (iat - gracePeriod < now)
+715     var now = _KJUR_jws.IntDate.getNow();
+716     if (acceptField.verifyAt !== undefined && typeof acceptField.verifyAt === "number") {
+717 	now = acceptField.verifyAt;
+718     }
+719     if (acceptField.gracePeriod === undefined || 
+720         typeof acceptField.gracePeriod !== "number") {
+721 	acceptField.gracePeriod = 0;
+722     }
+723 
+724     // 8.1 expired time 'exp' check
+725     if (pPayload.exp !== undefined && typeof pPayload.exp == "number") {
+726 	if (pPayload.exp + acceptField.gracePeriod < now) return false;
+727     }
+728 
+729     // 8.2 not before time 'nbf' check
+730     if (pPayload.nbf !== undefined && typeof pPayload.nbf == "number") {
+731 	if (now < pPayload.nbf - acceptField.gracePeriod) return false;
+732     }
+733     
+734     // 8.3 issued at time 'iat' check
+735     if (pPayload.iat !== undefined && typeof pPayload.iat == "number") {
+736 	if (now < pPayload.iat - acceptField.gracePeriod) return false;
+737     }
+738 
+739     // 9 JWT id 'jti' check
+740     if (pPayload.jti !== undefined && acceptField.jti !== undefined) {
+741       if (pPayload.jti !== acceptField.jti) return false;
+742     }
 743 
-744 /**
-745  * check whether array is included by another array
-746  * @name includedArray
-747  * @memberOf KJUR.jws.JWS
-748  * @function
-749  * @static
-750  * @param {Array} a1 check whether set a1 is included by a2
-751  * @param {Array} a2 check whether set a1 is included by a2
-752  * @return {Boolean} check whether set a1 is included by a2
-753  * @since jws 3.2.3
-754  * This method verifies whether an array is included by another array.
-755  * It doesn't care about item ordering in a array.
-756  * @example
-757  * KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
-758  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
-759  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false
-760  */
-761 KJUR.jws.JWS.includedArray = function(a1, a2) {
-762     var _inArray = KJUR.jws.JWS.inArray;
-763     if (a1 === null) return false;
-764     if (typeof a1 !== "object") return false;
-765     if (typeof a1.length !== "number") return false;
-766 
-767     for (var i = 0; i < a1.length; i++) {
-768 	if (! _inArray(a1[i], a2)) return false;
-769     }
-770     return true;
-771 };
-772 
-773 /**
-774  * check whether item is included by array
-775  * @name inArray
-776  * @memberOf KJUR.jws.JWS
-777  * @function
-778  * @static
-779  * @param {String} item check whether item is included by array
-780  * @param {Array} a check whether item is included by array
-781  * @return {Boolean} check whether item is included by array
-782  * @since jws 3.2.3
-783  * This method verifies whether an item is included by an array.
-784  * It doesn't care about item ordering in an array.
-785  * @example
-786  * KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
-787  * KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
-788  * KJUR.jws.JWS.inArray('a', ['b', 'c']) => false
-789  */
-790 KJUR.jws.JWS.inArray = function(item, a) {
-791     if (a === null) return false;
-792     if (typeof a !== "object") return false;
-793     if (typeof a.length !== "number") return false;
-794     for (var i = 0; i < a.length; i++) {
-795 	if (a[i] == item) return true;
-796     }
-797     return false;
-798 };
-799 
-800 /**
-801  * static associative array of general signature algorithm name from JWS algorithm name
-802  * @since jws 3.0.0
-803  */
-804 KJUR.jws.JWS.jwsalg2sigalg = {
-805     "HS256":	"HmacSHA256",
-806     "HS384":	"HmacSHA384",
-807     "HS512":	"HmacSHA512",
-808     "RS256":	"SHA256withRSA",
-809     "RS384":	"SHA384withRSA",
-810     "RS512":	"SHA512withRSA",
-811     "ES256":	"SHA256withECDSA",
-812     "ES384":	"SHA384withECDSA",
-813     "ES512":	"SHA512withECDSA",
-814     "PS256":	"SHA256withRSAandMGF1",
-815     "PS384":	"SHA384withRSAandMGF1",
-816     "PS512":	"SHA512withRSAandMGF1",
-817     "none":	"none",
-818 };
-819 
-820 // === utility static method ==================================================
-821 
-822 /**
-823  * check whether a String "s" is a safe JSON string or not.<br/>
-824  * If a String "s" is a malformed JSON string or an other object type
-825  * this returns 0, otherwise this returns 1.
-826  * @name isSafeJSONString
-827  * @memberOf KJUR.jws.JWS
-828  * @function
-829  * @static
-830  * @param {String} s JSON string
-831  * @return {Number} 1 or 0
-832  */
-833 KJUR.jws.JWS.isSafeJSONString = function(s, h, p) {
-834     var o = null;
-835     try {
-836 	o = jsonParse(s);
-837 	if (typeof o != "object") return 0;
-838 	if (o.constructor === Array) return 0;
-839 	if (h) h[p] = o;
-840 	return 1;
-841     } catch (ex) {
-842 	return 0;
-843     }
-844 };
-845 
-846 /**
-847  * read a String "s" as JSON object if it is safe.<br/>
-848  * If a String "s" is a malformed JSON string or not JSON string,
-849  * this returns null, otherwise returns JSON object.
-850  * @name readSafeJSONString
-851  * @memberOf KJUR.jws.JWS
-852  * @function
-853  * @static
-854  * @param {String} s JSON string
-855  * @return {Object} JSON object or null
-856  * @since 1.1.1
-857  */
-858 KJUR.jws.JWS.readSafeJSONString = function(s) {
-859     var o = null;
-860     try {
-861 	o = jsonParse(s);
-862 	if (typeof o != "object") return null;
-863 	if (o.constructor === Array) return null;
-864 	return o;
-865     } catch (ex) {
-866 	return null;
-867     }
-868 };
-869 
-870 /**
-871  * get Encoed Signature Value from JWS string.<br/>
-872  * @name getEncodedSignatureValueFromJWS
-873  * @memberOf KJUR.jws.JWS
-874  * @function
-875  * @static
-876  * @param {String} sJWS JWS signature string to be verified
-877  * @return {String} string of Encoded Signature Value 
-878  * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
-879  */
-880 KJUR.jws.JWS.getEncodedSignatureValueFromJWS = function(sJWS) {
-881     var matchResult = sJWS.match(/^[^.]+\.[^.]+\.([^.]+)$/);
-882     if (matchResult == null) {
-883 	throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
-884     }
-885     return matchResult[1];
-886 };
-887 
-888 /**
-889  * get RFC 7638 JWK thumbprint from JWK object
-890  * @name getJWKthumbprint
-891  * @memberOf KJUR.jws.JWS
-892  * @function
-893  * @static
-894  * @param {Object} o JWK object to be calculated thumbprint
-895  * @return {String} Base64 URL encoded JWK thumbprint value
-896  * @since jsrsasign 5.0.2 jws 3.3.2
-897  * @description
-898  * This method calculates JWK thmubprint for specified JWK object
-899  * as described in 
-900  * <a href="https://tools.ietf.org/html/rfc7638">RFC 7638</a>.
-901  * It supports all type of "kty". (i.e. "RSA", "EC" and "oct"
-902  * (for symmetric key))
-903  * Working sample is 
-904  * <a href="https://kjur.github.io/jsrsasign/sample/tool_jwktp.html">here</a>.
-905  * @example
-906  * jwk = {"kty":"RSA", "n":"0vx...", "e":"AQAB", ...};
-907  * thumbprint = KJUR.jws.JWS.getJWKthumbprint(jwk);
-908  */
-909 KJUR.jws.JWS.getJWKthumbprint = function(o) {
-910     if (o.kty !== "RSA" &&
-911 	o.kty !== "EC" &&
-912 	o.kty !== "oct")
-913 	throw "unsupported algorithm for JWK Thumprint";
-914 
-915     // 1. get canonically ordered json string
-916     var s = '{';
-917     if (o.kty === "RSA") {
-918 	if (typeof o.n != "string" || typeof o.e != "string")
-919 	    throw "wrong n and e value for RSA key";
-920 	s += '"' + 'e' + '":"' + o.e + '",';
-921 	s += '"' + 'kty' + '":"' + o.kty + '",';
-922 	s += '"' + 'n' + '":"' + o.n + '"}';
-923     } else if (o.kty === "EC") {
-924 	if (typeof o.crv != "string" || 
-925 	    typeof o.x != "string" ||
-926 	    typeof o.y != "string")
-927 	    throw "wrong crv, x and y value for EC key";
-928 	s += '"' + 'crv' + '":"' + o.crv + '",';
-929 	s += '"' + 'kty' + '":"' + o.kty + '",';
-930 	s += '"' + 'x' + '":"' + o.x + '",';
-931 	s += '"' + 'y' + '":"' + o.y + '"}';
-932     } else if (o.kty === "oct") {
-933 	if (typeof o.k != "string")
-934 	    throw "wrong k value for oct(symmetric) key";
-935 	s += '"' + 'kty' + '":"' + o.kty + '",';
-936 	s += '"' + 'k' + '":"' + o.k + '"}';
-937     }
-938     //alert(s);
-939 
-940     // 2. get thumb print
-941     var hJWK = rstrtohex(s);
-942     var hash = KJUR.crypto.Util.hashHex(hJWK, "sha256");
-943     var hashB64U = hextob64u(hash);
-944 
-945     return hashB64U;
-946 };
-947 
-948 /**
-949  * IntDate class for time representation for JSON Web Token(JWT)
-950  * @class KJUR.jws.IntDate class
-951  * @name KJUR.jws.IntDate
-952  * @since jws 3.0.1
-953  * @description
-954  * Utility class for IntDate which is integer representation of UNIX origin time
-955  * used in JSON Web Token(JWT).
-956  */
-957 KJUR.jws.IntDate = {};
-958 
-959 /**
-960  * get UNIX origin time from by string
-961  * @name get
-962  * @memberOf KJUR.jws.IntDate
-963  * @function
-964  * @static
-965  * @param {String} s string of time representation
-966  * @return {Integer} UNIX origin time in seconds for argument 's'
-967  * @since jws 3.0.1
-968  * @throws "unsupported format: s" when malformed format
-969  * @description
-970  * This method will accept following representation of time.
-971  * <ul>
-972  * <li>now - current time</li>
-973  * <li>now + 1hour - after 1 hour from now</li>
-974  * <li>now + 1day - after 1 day from now</li>
-975  * <li>now + 1month - after 30 days from now</li>
-976  * <li>now + 1year - after 365 days from now</li>
-977  * <li>YYYYmmDDHHMMSSZ - UTC time (ex. 20130828235959Z)</li>
-978  * <li>number - UNIX origin time (seconds from 1970-01-01 00:00:00) (ex. 1377714748)</li>
-979  * </ul>
-980  */
-981 KJUR.jws.IntDate.get = function(s) {
-982     var _KJUR_jws_IntDate = KJUR.jws.IntDate,
-983 	_getNow = _KJUR_jws_IntDate.getNow,
-984 	_getZulu = _KJUR_jws_IntDate.getZulu;
-985 
-986     if (s == "now") {
-987 	return _getNow();
-988     } else if (s == "now + 1hour") {
-989 	return _getNow() + 60 * 60;
-990     } else if (s == "now + 1day") {
-991 	return _getNow() + 60 * 60 * 24;
-992     } else if (s == "now + 1month") {
-993 	return _getNow() + 60 * 60 * 24 * 30;
-994     } else if (s == "now + 1year") {
-995 	return _getNow() + 60 * 60 * 24 * 365;
-996     } else if (s.match(/Z$/)) {
-997 	return _getZulu(s);
-998     } else if (s.match(/^[0-9]+$/)) {
-999 	return parseInt(s);
-1000     }
-1001     throw "unsupported format: " + s;
-1002 };
-1003 
-1004 /**
-1005  * get UNIX origin time from Zulu time representation string
-1006  * @name getZulu
-1007  * @memberOf KJUR.jws.IntDate
-1008  * @function
-1009  * @static
-1010  * @param {String} s string of Zulu time representation (ex. 20151012125959Z)
-1011  * @return {Integer} UNIX origin time in seconds for argument 's'
-1012  * @since jws 3.0.1
-1013  * @throws "unsupported format: s" when malformed format
-1014  * @description
-1015  * This method provides UNIX origin time from Zulu time.
-1016  * Following representations are supported:
-1017  * <ul>
-1018  * <li>YYYYMMDDHHmmSSZ - GeneralizedTime format</li>
-1019  * <li>YYMMDDHHmmSSZ - UTCTime format. If YY is greater or equal to 
-1020  * 50 then it represents 19YY otherwise 20YY.</li>
-1021  * </ul>
-1022  * @example
-1023  * KJUR.jws.IntDate.getZulu("20151012125959Z") => 1478...
-1024  * KJUR.jws.IntDate.getZulu("151012125959Z") => 1478...
-1025  */
-1026 KJUR.jws.IntDate.getZulu = function(s) {
-1027     return zulutosec(s);
-1028 };
-1029 
-1030 /**
-1031  * get UNIX origin time of current time
-1032  * @name getNow
-1033  * @memberOf KJUR.jws.IntDate
-1034  * @function
-1035  * @static
-1036  * @return {Integer} UNIX origin time for current time
-1037  * @since jws 3.0.1
-1038  * @description
-1039  * This method provides UNIX origin time for current time
-1040  * @example
-1041  * KJUR.jws.IntDate.getNow() => 1478...
-1042  */
-1043 KJUR.jws.IntDate.getNow = function() {
-1044     var d = ~~(new Date() / 1000);
-1045     return d;
-1046 };
-1047 
-1048 /**
-1049  * get UTC time string from UNIX origin time value
-1050  * @name intDate2UTCString
-1051  * @memberOf KJUR.jws.IntDate
-1052  * @function
-1053  * @static
-1054  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
-1055  * @return {String} UTC time string
-1056  * @since jws 3.0.1
-1057  * @description
-1058  * This method provides UTC time string for UNIX origin time value.
-1059  * @example
-1060  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "2015 Oct ..."
-1061  */
-1062 KJUR.jws.IntDate.intDate2UTCString = function(intDate) {
-1063     var d = new Date(intDate * 1000);
-1064     return d.toUTCString();
-1065 };
-1066 
-1067 /**
-1068  * get UTC time string from UNIX origin time value
-1069  * @name intDate2Zulu
-1070  * @memberOf KJUR.jws.IntDate
-1071  * @function
-1072  * @static
-1073  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
-1074  * @return {String} Zulu time string
-1075  * @since jws 3.0.1
-1076  * @description
-1077  * This method provides Zulu time string for UNIX origin time value.
-1078  * @example
-1079  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "20151012...Z"
-1080  */
-1081 KJUR.jws.IntDate.intDate2Zulu = function(intDate) {
-1082     var d = new Date(intDate * 1000),
-1083 	year = ("0000" + d.getUTCFullYear()).slice(-4),
-1084 	mon =  ("00" + (d.getUTCMonth() + 1)).slice(-2),
-1085 	day =  ("00" + d.getUTCDate()).slice(-2),
-1086 	hour = ("00" + d.getUTCHours()).slice(-2),
-1087 	min =  ("00" + d.getUTCMinutes()).slice(-2),
-1088         sec =  ("00" + d.getUTCSeconds()).slice(-2);
-1089     return year + mon + day + hour + min + sec + "Z";
-1090 };
-1091 
-1092 

\ No newline at end of file
+744     // 10 JWS signature check
+745     if (! _KJUR_jws_JWS.verify(sJWT, key, acceptField.alg)) return false;
+746 
+747     // 11 passed all check
+748     return true;
+749 };
+750 
+751 /**
+752  * check whether array is included by another array
+753  * @name includedArray
+754  * @memberOf KJUR.jws.JWS
+755  * @function
+756  * @static
+757  * @param {Array} a1 check whether set a1 is included by a2
+758  * @param {Array} a2 check whether set a1 is included by a2
+759  * @return {Boolean} check whether set a1 is included by a2
+760  * @since jws 3.2.3
+761  * This method verifies whether an array is included by another array.
+762  * It doesn't care about item ordering in a array.
+763  * @example
+764  * KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
+765  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
+766  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false
+767  */
+768 KJUR.jws.JWS.includedArray = function(a1, a2) {
+769     var _inArray = KJUR.jws.JWS.inArray;
+770     if (a1 === null) return false;
+771     if (typeof a1 !== "object") return false;
+772     if (typeof a1.length !== "number") return false;
+773 
+774     for (var i = 0; i < a1.length; i++) {
+775 	if (! _inArray(a1[i], a2)) return false;
+776     }
+777     return true;
+778 };
+779 
+780 /**
+781  * check whether item is included by array
+782  * @name inArray
+783  * @memberOf KJUR.jws.JWS
+784  * @function
+785  * @static
+786  * @param {String} item check whether item is included by array
+787  * @param {Array} a check whether item is included by array
+788  * @return {Boolean} check whether item is included by array
+789  * @since jws 3.2.3
+790  * This method verifies whether an item is included by an array.
+791  * It doesn't care about item ordering in an array.
+792  * @example
+793  * KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
+794  * KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
+795  * KJUR.jws.JWS.inArray('a', ['b', 'c']) => false
+796  */
+797 KJUR.jws.JWS.inArray = function(item, a) {
+798     if (a === null) return false;
+799     if (typeof a !== "object") return false;
+800     if (typeof a.length !== "number") return false;
+801     for (var i = 0; i < a.length; i++) {
+802 	if (a[i] == item) return true;
+803     }
+804     return false;
+805 };
+806 
+807 /**
+808  * static associative array of general signature algorithm name from JWS algorithm name
+809  * @since jws 3.0.0
+810  */
+811 KJUR.jws.JWS.jwsalg2sigalg = {
+812     "HS256":	"HmacSHA256",
+813     "HS384":	"HmacSHA384",
+814     "HS512":	"HmacSHA512",
+815     "RS256":	"SHA256withRSA",
+816     "RS384":	"SHA384withRSA",
+817     "RS512":	"SHA512withRSA",
+818     "ES256":	"SHA256withECDSA",
+819     "ES384":	"SHA384withECDSA",
+820     "ES512":	"SHA512withECDSA",
+821     "PS256":	"SHA256withRSAandMGF1",
+822     "PS384":	"SHA384withRSAandMGF1",
+823     "PS512":	"SHA512withRSAandMGF1",
+824     "none":	"none",
+825 };
+826 
+827 // === utility static method ==================================================
+828 
+829 /**
+830  * check whether a String "s" is a safe JSON string or not.<br/>
+831  * If a String "s" is a malformed JSON string or an other object type
+832  * this returns 0, otherwise this returns 1.
+833  * @name isSafeJSONString
+834  * @memberOf KJUR.jws.JWS
+835  * @function
+836  * @static
+837  * @param {String} s JSON string
+838  * @return {Number} 1 or 0
+839  */
+840 KJUR.jws.JWS.isSafeJSONString = function(s, h, p) {
+841     var o = null;
+842     try {
+843 	o = jsonParse(s);
+844 	if (typeof o != "object") return 0;
+845 	if (o.constructor === Array) return 0;
+846 	if (h) h[p] = o;
+847 	return 1;
+848     } catch (ex) {
+849 	return 0;
+850     }
+851 };
+852 
+853 /**
+854  * read a String "s" as JSON object if it is safe.<br/>
+855  * If a String "s" is a malformed JSON string or not JSON string,
+856  * this returns null, otherwise returns JSON object.
+857  * @name readSafeJSONString
+858  * @memberOf KJUR.jws.JWS
+859  * @function
+860  * @static
+861  * @param {String} s JSON string
+862  * @return {Object} JSON object or null
+863  * @since 1.1.1
+864  */
+865 KJUR.jws.JWS.readSafeJSONString = function(s) {
+866     var o = null;
+867     try {
+868 	o = jsonParse(s);
+869 	if (typeof o != "object") return null;
+870 	if (o.constructor === Array) return null;
+871 	return o;
+872     } catch (ex) {
+873 	return null;
+874     }
+875 };
+876 
+877 /**
+878  * get Encoed Signature Value from JWS string.<br/>
+879  * @name getEncodedSignatureValueFromJWS
+880  * @memberOf KJUR.jws.JWS
+881  * @function
+882  * @static
+883  * @param {String} sJWS JWS signature string to be verified
+884  * @return {String} string of Encoded Signature Value 
+885  * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+886  */
+887 KJUR.jws.JWS.getEncodedSignatureValueFromJWS = function(sJWS) {
+888     var matchResult = sJWS.match(/^[^.]+\.[^.]+\.([^.]+)$/);
+889     if (matchResult == null) {
+890 	throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
+891     }
+892     return matchResult[1];
+893 };
+894 
+895 /**
+896  * get RFC 7638 JWK thumbprint from JWK object
+897  * @name getJWKthumbprint
+898  * @memberOf KJUR.jws.JWS
+899  * @function
+900  * @static
+901  * @param {Object} o JWK object to be calculated thumbprint
+902  * @return {String} Base64 URL encoded JWK thumbprint value
+903  * @since jsrsasign 5.0.2 jws 3.3.2
+904  * @description
+905  * This method calculates JWK thmubprint for specified JWK object
+906  * as described in 
+907  * <a href="https://tools.ietf.org/html/rfc7638">RFC 7638</a>.
+908  * It supports all type of "kty". (i.e. "RSA", "EC" and "oct"
+909  * (for symmetric key))
+910  * Working sample is 
+911  * <a href="https://kjur.github.io/jsrsasign/sample/tool_jwktp.html">here</a>.
+912  * @example
+913  * jwk = {"kty":"RSA", "n":"0vx...", "e":"AQAB", ...};
+914  * thumbprint = KJUR.jws.JWS.getJWKthumbprint(jwk);
+915  */
+916 KJUR.jws.JWS.getJWKthumbprint = function(o) {
+917     if (o.kty !== "RSA" &&
+918 	o.kty !== "EC" &&
+919 	o.kty !== "oct")
+920 	throw "unsupported algorithm for JWK Thumprint";
+921 
+922     // 1. get canonically ordered json string
+923     var s = '{';
+924     if (o.kty === "RSA") {
+925 	if (typeof o.n != "string" || typeof o.e != "string")
+926 	    throw "wrong n and e value for RSA key";
+927 	s += '"' + 'e' + '":"' + o.e + '",';
+928 	s += '"' + 'kty' + '":"' + o.kty + '",';
+929 	s += '"' + 'n' + '":"' + o.n + '"}';
+930     } else if (o.kty === "EC") {
+931 	if (typeof o.crv != "string" || 
+932 	    typeof o.x != "string" ||
+933 	    typeof o.y != "string")
+934 	    throw "wrong crv, x and y value for EC key";
+935 	s += '"' + 'crv' + '":"' + o.crv + '",';
+936 	s += '"' + 'kty' + '":"' + o.kty + '",';
+937 	s += '"' + 'x' + '":"' + o.x + '",';
+938 	s += '"' + 'y' + '":"' + o.y + '"}';
+939     } else if (o.kty === "oct") {
+940 	if (typeof o.k != "string")
+941 	    throw "wrong k value for oct(symmetric) key";
+942 	s += '"' + 'kty' + '":"' + o.kty + '",';
+943 	s += '"' + 'k' + '":"' + o.k + '"}';
+944     }
+945     //alert(s);
+946 
+947     // 2. get thumb print
+948     var hJWK = rstrtohex(s);
+949     var hash = KJUR.crypto.Util.hashHex(hJWK, "sha256");
+950     var hashB64U = hextob64u(hash);
+951 
+952     return hashB64U;
+953 };
+954 
+955 /**
+956  * IntDate class for time representation for JSON Web Token(JWT)
+957  * @class KJUR.jws.IntDate class
+958  * @name KJUR.jws.IntDate
+959  * @since jws 3.0.1
+960  * @description
+961  * Utility class for IntDate which is integer representation of UNIX origin time
+962  * used in JSON Web Token(JWT).
+963  */
+964 KJUR.jws.IntDate = {};
+965 
+966 /**
+967  * get UNIX origin time from by string
+968  * @name get
+969  * @memberOf KJUR.jws.IntDate
+970  * @function
+971  * @static
+972  * @param {String} s string of time representation
+973  * @return {Integer} UNIX origin time in seconds for argument 's'
+974  * @since jws 3.0.1
+975  * @throws "unsupported format: s" when malformed format
+976  * @description
+977  * This method will accept following representation of time.
+978  * <ul>
+979  * <li>now - current time</li>
+980  * <li>now + 1hour - after 1 hour from now</li>
+981  * <li>now + 1day - after 1 day from now</li>
+982  * <li>now + 1month - after 30 days from now</li>
+983  * <li>now + 1year - after 365 days from now</li>
+984  * <li>YYYYmmDDHHMMSSZ - UTC time (ex. 20130828235959Z)</li>
+985  * <li>number - UNIX origin time (seconds from 1970-01-01 00:00:00) (ex. 1377714748)</li>
+986  * </ul>
+987  */
+988 KJUR.jws.IntDate.get = function(s) {
+989     var _KJUR_jws_IntDate = KJUR.jws.IntDate,
+990 	_getNow = _KJUR_jws_IntDate.getNow,
+991 	_getZulu = _KJUR_jws_IntDate.getZulu;
+992 
+993     if (s == "now") {
+994 	return _getNow();
+995     } else if (s == "now + 1hour") {
+996 	return _getNow() + 60 * 60;
+997     } else if (s == "now + 1day") {
+998 	return _getNow() + 60 * 60 * 24;
+999     } else if (s == "now + 1month") {
+1000 	return _getNow() + 60 * 60 * 24 * 30;
+1001     } else if (s == "now + 1year") {
+1002 	return _getNow() + 60 * 60 * 24 * 365;
+1003     } else if (s.match(/Z$/)) {
+1004 	return _getZulu(s);
+1005     } else if (s.match(/^[0-9]+$/)) {
+1006 	return parseInt(s);
+1007     }
+1008     throw "unsupported format: " + s;
+1009 };
+1010 
+1011 /**
+1012  * get UNIX origin time from Zulu time representation string
+1013  * @name getZulu
+1014  * @memberOf KJUR.jws.IntDate
+1015  * @function
+1016  * @static
+1017  * @param {String} s string of Zulu time representation (ex. 20151012125959Z)
+1018  * @return {Integer} UNIX origin time in seconds for argument 's'
+1019  * @since jws 3.0.1
+1020  * @throws "unsupported format: s" when malformed format
+1021  * @description
+1022  * This method provides UNIX origin time from Zulu time.
+1023  * Following representations are supported:
+1024  * <ul>
+1025  * <li>YYYYMMDDHHmmSSZ - GeneralizedTime format</li>
+1026  * <li>YYMMDDHHmmSSZ - UTCTime format. If YY is greater or equal to 
+1027  * 50 then it represents 19YY otherwise 20YY.</li>
+1028  * </ul>
+1029  * @example
+1030  * KJUR.jws.IntDate.getZulu("20151012125959Z") => 1478...
+1031  * KJUR.jws.IntDate.getZulu("151012125959Z") => 1478...
+1032  */
+1033 KJUR.jws.IntDate.getZulu = function(s) {
+1034     return zulutosec(s);
+1035 };
+1036 
+1037 /**
+1038  * get UNIX origin time of current time
+1039  * @name getNow
+1040  * @memberOf KJUR.jws.IntDate
+1041  * @function
+1042  * @static
+1043  * @return {Integer} UNIX origin time for current time
+1044  * @since jws 3.0.1
+1045  * @description
+1046  * This method provides UNIX origin time for current time
+1047  * @example
+1048  * KJUR.jws.IntDate.getNow() => 1478...
+1049  */
+1050 KJUR.jws.IntDate.getNow = function() {
+1051     var d = ~~(new Date() / 1000);
+1052     return d;
+1053 };
+1054 
+1055 /**
+1056  * get UTC time string from UNIX origin time value
+1057  * @name intDate2UTCString
+1058  * @memberOf KJUR.jws.IntDate
+1059  * @function
+1060  * @static
+1061  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
+1062  * @return {String} UTC time string
+1063  * @since jws 3.0.1
+1064  * @description
+1065  * This method provides UTC time string for UNIX origin time value.
+1066  * @example
+1067  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "2015 Oct ..."
+1068  */
+1069 KJUR.jws.IntDate.intDate2UTCString = function(intDate) {
+1070     var d = new Date(intDate * 1000);
+1071     return d.toUTCString();
+1072 };
+1073 
+1074 /**
+1075  * get UTC time string from UNIX origin time value
+1076  * @name intDate2Zulu
+1077  * @memberOf KJUR.jws.IntDate
+1078  * @function
+1079  * @static
+1080  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
+1081  * @return {String} Zulu time string
+1082  * @since jws 3.0.1
+1083  * @description
+1084  * This method provides Zulu time string for UNIX origin time value.
+1085  * @example
+1086  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "20151012...Z"
+1087  */
+1088 KJUR.jws.IntDate.intDate2Zulu = function(intDate) {
+1089     var d = new Date(intDate * 1000),
+1090 	year = ("0000" + d.getUTCFullYear()).slice(-4),
+1091 	mon =  ("00" + (d.getUTCMonth() + 1)).slice(-2),
+1092 	day =  ("00" + d.getUTCDate()).slice(-2),
+1093 	hour = ("00" + d.getUTCHours()).slice(-2),
+1094 	min =  ("00" + d.getUTCMinutes()).slice(-2),
+1095         sec =  ("00" + d.getUTCSeconds()).slice(-2);
+1096     return year + mon + day + hour + min + sec + "Z";
+1097 };
+1098 
+1099
\ No newline at end of file diff --git a/bower.json b/bower.json index bfd88694..e24e04d2 100644 --- a/bower.json +++ b/bower.json @@ -1,6 +1,6 @@ { "name": "kjur-jsrsasign", - "version": "10.5.24", + "version": "10.5.25", "main": "jsrsasign-all-min.js", "description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.", "license": "MIT", diff --git a/jsrsasign-all-min.js b/jsrsasign-all-min.js index c7c31b9a..d2f72880 100644 --- a/jsrsasign-all-min.js +++ b/jsrsasign-all-min.js @@ -1,5 +1,5 @@ /* - * jsrsasign(all) 10.5.24 (2022-06-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license + * jsrsasign(all) 10.5.25 (2022-06-24) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license */ /*! CryptoJS v3.1.2 core-fix.js @@ -225,7 +225,7 @@ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!K if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cades=="undefined"||!KJUR.asn1.cades){KJUR.asn1.cades={}}KJUR.asn1.cades.SignaturePolicyIdentifier=function(e){var c=KJUR,b=c.asn1,a=b.cades,d=a.SignaturePolicyId;a.SignaturePolicyIdentifier.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.15";this.params=null;this.getValueArray=function(){return[new d(this.params)]};this.setByParam=function(f){this.params=f};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyIdentifier,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.SignaturePolicyId=function(e){var a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DERObjectIdentifier,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,h=c.SignaturePolicyId,b=c.OtherHashAlgAndValue;h.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new i(m.oid));k.push(new b(m));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyId,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashAlgAndValue=function(e){var h=Error,a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DEROctetString,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,b=c.OtherHashAlgAndValue;b.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.alg==undefined){throw new h("property 'alg' not specified")}if(o.hash==undefined&&o.cert==undefined){throw new h("property 'hash' nor 'cert' not specified")}var m=null;if(o.hash!=undefined){m=o.hash}else{if(o.cert!=undefined){if(typeof o.cert!="string"){throw new h("cert not string")}var n=o.cert;if(o.cert.indexOf("-----BEGIN")!=-1){n=pemtohex(o.cert)}m=KJUR.crypto.Util.hashHex(n,o.alg)}}var k=[];k.push(new j({name:o.alg}));k.push(new i({hex:m}));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherHashAlgAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashValue=function(g){KJUR.asn1.cades.OtherHashValue.superclass.constructor.call(this);var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.DEROctetString,a=c.crypto.Util.hashHex;this.params=null;this.tohex=function(){var j=this.params;if(j.hash==undefined&&j.cert==undefined){throw new d("hash or cert not specified")}var h=null;if(j.hash!=undefined){h=j.hash}else{if(j.cert!=undefined){if(typeof j.cert!="string"){throw new d("cert not string")}var i=j.cert;if(j.cert.indexOf("-----BEGIN")!=-1){i=pemtohex(j.cert)}h=KJUR.crypto.Util.hashHex(i,"sha1")}}return(new e({hex:h})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHashValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.SignatureTimeStamp=function(h){var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.ASN1Object,g=b.x509,a=b.cades;a.SignatureTimeStamp.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.14";this.params=null;this.getValueArray=function(){var l=this.params;if(l.tst!=undefined){if(f(l.tst)){var j=new e();j.hTLV=l.tst;return[j]}else{if(l.tst instanceof e){return[l.tst]}else{throw new d("params.tst has wrong value")}}}else{if(l.res!=undefined){var k=l.res;if(k instanceof e){k=k.tohex()}if(typeof k!="string"||(!f(k))){throw new d("params.res has wrong value")}var i=ASN1HEX.getTLVbyList(k,0,[1]);var j=new e();j.hTLV=l.tst;return[j]}}};if(h!=null){this.setByParam(h)}};extendClass(KJUR.asn1.cades.SignatureTimeStamp,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.CompleteCertificateRefs=function(h){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.cades,a=c.OtherCertID,g=e.lang.String.isHex;c.CompleteCertificateRefs.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.21";this.params=null;this.getValueArray=function(){var o=this.params;var k=[];for(var m=0;m>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--u){v=v.twice2D();v.z=f.ONE;if(t.testBit(u)){if(s.testBit(u)){v=v.add2D(y)}else{v=v.add2D(x)}}else{if(s.testBit(u)){v=v.add2D(w)}}}return v}this.getBigRandom=function(r){return new f(r.bitLength(),a).mod(r.subtract(f.ONE)).add(f.ONE)};this.setNamedCurve=function(r){this.ecparams=c.getByName(r);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=r};this.setPrivateKeyHex=function(r){this.isPrivate=true;this.prvKeyHex=r};this.setPublicKeyHex=function(r){this.isPublic=true;this.pubKeyHex=r};this.getPublicKeyXYHex=function(){var t=this.pubKeyHex;if(t.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var s=this.ecparams.keycharlen;if(t.length!==2+s*2){throw"malformed public key hex length"}var r={};r.x=t.substr(2,s);r.y=t.substr(2+s);return r};this.getShortNISTPCurveName=function(){var r=this.curveName;if(r==="secp256r1"||r==="NIST P-256"||r==="P-256"||r==="prime256v1"){return"P-256"}if(r==="secp384r1"||r==="NIST P-384"||r==="P-384"){return"P-384"}if(r==="secp521r1"||r==="NIST P-521"||r==="P-521"){return"P-521"}return null};this.generateKeyPairHex=function(){var s=this.ecparams.n;var u=this.getBigRandom(s);var r=this.ecparams.keycharlen;var t=("0000000000"+u.toString(16)).slice(-r);this.setPrivateKeyHex(t);var v=this.generatePublicKeyHex();return{ecprvhex:t,ecpubhex:v}};this.generatePublicKeyHex=function(){var u=new f(this.prvKeyHex,16);var w=this.ecparams.G.multiply(u);var t=w.getX().toBigInteger();var s=w.getY().toBigInteger();var r=this.ecparams.keycharlen;var y=("0000000000"+t.toString(16)).slice(-r);var v=("0000000000"+s.toString(16)).slice(-r);var x="04"+y+v;this.setPublicKeyHex(x);return x};this.signWithMessageHash=function(r){return this.signHex(r,this.prvKeyHex)};this.signHex=function(x,u){var A=new f(u,16);var v=this.ecparams.n;var z=new f(x.substring(0,this.ecparams.keycharlen),16);do{var w=this.getBigRandom(v);var B=this.ecparams.G;var y=B.multiply(w);var t=y.getX().toBigInteger().mod(v)}while(t.compareTo(f.ZERO)<=0);var C=w.modInverse(v).multiply(z.add(A.multiply(t))).mod(v);return m.biRSSigToASN1Sig(t,C)};this.sign=function(w,B){var z=B;var u=this.ecparams.n;var y=f.fromByteArrayUnsigned(w);do{var v=this.getBigRandom(u);var A=this.ecparams.G;var x=A.multiply(v);var t=x.getX().toBigInteger().mod(u)}while(t.compareTo(BigInteger.ZERO)<=0);var C=v.modInverse(u).multiply(y.add(z.multiply(t))).mod(u);return this.serializeSig(t,C)};this.verifyWithMessageHash=function(s,r){return this.verifyHex(s,r,this.pubKeyHex)};this.verifyHex=function(v,y,u){try{var t,B;var w=m.parseSigHex(y);t=w.r;B=w.s;var x=h.decodeFromHex(this.ecparams.curve,u);var z=new f(v.substring(0,this.ecparams.keycharlen),16);return this.verifyRaw(z,t,B,x)}catch(A){return false}};this.verify=function(z,A,u){var w,t;if(Bitcoin.Util.isArray(A)){var y=this.parseSig(A);w=y.r;t=y.s}else{if("object"===typeof A&&A.r&&A.s){w=A.r;t=A.s}else{throw"Invalid value for signature"}}var v;if(u instanceof ECPointFp){v=u}else{if(Bitcoin.Util.isArray(u)){v=h.decodeFrom(this.ecparams.curve,u)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var x=f.fromByteArrayUnsigned(z);return this.verifyRaw(x,w,t,v)};this.verifyRaw=function(z,t,E,y){var x=this.ecparams.n;var D=this.ecparams.G;if(t.compareTo(f.ONE)<0||t.compareTo(x)>=0){return false}if(E.compareTo(f.ONE)<0||E.compareTo(x)>=0){return false}var A=E.modInverse(x);var w=z.multiply(A).mod(x);var u=t.multiply(A).mod(x);var B=D.multiply(w).add(y.multiply(u));var C=B.getX().toBigInteger().mod(x);return C.equals(t)};this.serializeSig=function(v,u){var w=v.toByteArraySigned();var t=u.toByteArraySigned();var x=[];x.push(2);x.push(w.length);x=x.concat(w);x.push(2);x.push(t.length);x=x.concat(t);x.unshift(x.length);x.unshift(48);return x};this.parseSig=function(y){var x;if(y[0]!=48){throw new Error("Signature not a valid DERSequence")}x=2;if(y[x]!=2){throw new Error("First element in signature must be a DERInteger")}var w=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];if(y[x]!=2){throw new Error("Second element in signature must be a DERInteger")}var t=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];var v=f.fromByteArrayUnsigned(w);var u=f.fromByteArrayUnsigned(t);return{r:v,s:u}};this.parseSigCompact=function(w){if(w.length!==65){throw"Signature has the wrong length"}var t=w[0]-27;if(t<0||t>7){throw"Invalid signature type"}var x=this.ecparams.n;var v=f.fromByteArrayUnsigned(w.slice(1,33)).mod(x);var u=f.fromByteArrayUnsigned(w.slice(33,65)).mod(x);return{r:v,s:u,i:t}};this.readPKCS5PrvKeyHex=function(u){if(k(u)===false){throw new Error("not ASN.1 hex string")}var r,t,v;try{r=n(u,0,["[0]",0],"06");t=n(u,0,[1],"04");try{v=n(u,0,["[1]",0],"03")}catch(s){}}catch(s){throw new Error("malformed PKCS#1/5 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v);this.setPrivateKeyHex(t);this.isPublic=false};this.readPKCS8PrvKeyHex=function(v){if(k(v)===false){throw new j("not ASN.1 hex string")}var t,r,u,w;try{t=n(v,0,[1,0],"06");r=n(v,0,[1,1],"06");u=n(v,0,[2,0,1],"04");try{w=n(v,0,[2,0,"[1]",0],"03")}catch(s){}}catch(s){throw new j("malformed PKCS#8 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(w);this.setPrivateKeyHex(u);this.isPublic=false};this.readPKCS8PubKeyHex=function(u){if(k(u)===false){throw new j("not ASN.1 hex string")}var t,r,v;try{t=n(u,0,[0,0],"06");r=n(u,0,[0,1],"06");v=n(u,0,[1],"03")}catch(s){throw new j("malformed PKCS#8 ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v)};this.readCertPubKeyHex=function(t,v){if(k(t)===false){throw new j("not ASN.1 hex string")}var r,u;try{r=n(t,0,[0,5,0,1],"06");u=n(t,0,[0,5,1],"03")}catch(s){throw new j("malformed X.509 certificate ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(u)};if(e!==undefined){if(e.curve!==undefined){this.curveName=e.curve}}if(this.curveName===undefined){this.curveName=g}this.setNamedCurve(this.curveName);if(e!==undefined){if(e.prv!==undefined){this.setPrivateKeyHex(e.prv)}if(e.pub!==undefined){this.setPublicKeyHex(e.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(f){var j=ASN1HEX,i=j.getChildIdx,g=j.getV;j.checkStrictDER(f,0);if(f.substr(0,2)!="30"){throw new Error("signature is not a ASN.1 sequence")}var h=i(f,0);if(h.length!=2){throw new Error("signature shall have two elements")}var e=h[0];var d=h[1];if(f.substr(e,2)!="02"){throw new Error("1st item not ASN.1 integer")}if(f.substr(d,2)!="02"){throw new Error("2nd item not ASN.1 integer")}var c=g(f,e);var b=g(f,d);return{r:c,s:b}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(d){var e=KJUR.crypto.ECDSA.parseSigHexInHexRS(d);var b=e.r;var a=e.s;if(b.length>=130&&b.length<=134){if(b.length%2!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%2!=0){throw Error("unknown ECDSA sig s length error")}if(b.substr(0,2)=="00"){b=b.substr(2)}if(a.substr(0,2)=="00"){a=a.substr(2)}var c=Math.max(b.length,a.length);b=("000000"+b).slice(-c);a=("000000"+a).slice(-c);return b+a}if(b.substr(0,2)=="00"&&(b.length%32)==2){b=b.substr(2)}if(a.substr(0,2)=="00"&&(a.length%32)==2){a=a.substr(2)}if((b.length%32)==30){b="00"+b}if((a.length%32)==30){a="00"+a}if(b.length%32!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%32!=0){throw Error("unknown ECDSA sig s length error")}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if(a.length%4!=0){throw Error("unknown ECDSA concatinated r-s sig length error")}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(f,d){var c=KJUR.asn1;var b=new c.DERInteger({bigint:f});var a=new c.DERInteger({bigint:d});var e=new c.DERSequence({array:[b,a]});return e.tohex()};KJUR.crypto.ECDSA.getName=function(a){if(a==="2b8104001f"){return"secp192k1"}if(a==="2a8648ce3d030107"){return"secp256r1"}if(a==="2b8104000a"){return"secp256k1"}if(a==="2b81040021"){return"secp224r1"}if(a==="2b81040022"){return"secp384r1"}if(a==="2b81040023"){return"secp521r1"}if("|secp256r1|NIST P-256|P-256|prime256v1|".indexOf(a)!==-1){return"secp256r1"}if("|secp256k1|".indexOf(a)!==-1){return"secp256k1"}if("|secp224r1|NIST P-224|P-224|".indexOf(a)!==-1){return"secp224r1"}if("|secp384r1|NIST P-384|P-384|".indexOf(a)!==-1){return"secp384r1"}if("|secp521r1|NIST P-521|P-521|".indexOf(a)!==-1){return"secp521r1"}return null}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["keycharlen"]=Math.ceil(l/8)*2;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dk){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriodl){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}}; diff --git a/jsrsasign-jwths-min.js b/jsrsasign-jwths-min.js index 16c07d57..dbe88955 100644 --- a/jsrsasign-jwths-min.js +++ b/jsrsasign-jwths-min.js @@ -1,5 +1,5 @@ /* - * jsrsasign(jwths) 10.5.24 (2022-06-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license + * jsrsasign(jwths) 10.5.25 (2022-06-24) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license */ /*! CryptoJS v3.1.2 core-fix.js @@ -111,6 +111,6 @@ var rng_state;var rng_pool;var rng_pptr;function rng_seed_int(a){rng_pool[rng_pp /*! Mike Samuel (c) 2009 | code.google.com/p/json-sans-eval */ var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})(); -var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod=a.length){return null}}var e="";while(++f191)&&(h<224)){e+=String.fromCharCode(((h&31)<<6)|(a[f+1]&63));++f}else{e+=String.fromCharCode(((h&15)<<12)|((a[f+1]&63)<<6)|(a[f+2]&63));f+=2}}}return e}function oaep_mgf1_str(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}function oaep_unpad(o,b,g,p){var e=KJUR.crypto.MessageDigest;var r=KJUR.crypto.Util;var c=null;if(!g){g="sha1"}if(typeof g==="string"){c=e.getCanonicalAlgName(g);p=e.getHashLength(c);g=function(d){return hextorstr(r.hashHex(rstrtohex(d),c))}}o=o.toByteArray();var h;for(h=0;h0&&a.length>0){this.n=parseBigInt(c,16);this.e=parseInt(a,16);this.d=parseBigInt(b,16)}else{throw"Invalid RSA private key"}}}function RSASetPrivateEx(g,d,e,c,b,a,h,f){this.isPrivate=true;this.isPublic=false;if(g==null){throw"RSASetPrivateEx N == null"}if(d==null){throw"RSASetPrivateEx E == null"}if(g.length==0){throw"RSASetPrivateEx N.length == 0"}if(d.length==0){throw"RSASetPrivateEx E.length == 0"}if(g!=null&&d!=null&&g.length>0&&d.length>0){this.n=parseBigInt(g,16);this.e=parseInt(d,16);this.d=parseBigInt(e,16);this.p=parseBigInt(c,16);this.q=parseBigInt(b,16);this.dmp1=parseBigInt(a,16);this.dmq1=parseBigInt(h,16);this.coeff=parseBigInt(f,16)}else{throw"Invalid RSA private key in RSASetPrivateEx"}}function RSAGenerate(b,l){var a=new SecureRandom();var g=b>>1;this.e=parseInt(l,16);var c=new BigInteger(l,16);var d=(b/2)-100;var k=BigInteger.ONE.shiftLeft(d);for(;;){for(;;){this.p=new BigInteger(b-g,1,a);if(this.p.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.p.isProbablePrime(10)){break}}for(;;){this.q=new BigInteger(g,1,a);if(this.q.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.q.isProbablePrime(10)){break}}if(this.p.compareTo(this.q)<=0){var j=this.p;this.p=this.q;this.q=j}var h=this.q.subtract(this.p).abs();if(h.bitLength()>3)}function RSADecryptOAEP(e,d,b){if(e.length!=Math.ceil(this.n.bitLength()/4)){throw new Error("wrong ctext length")}var f=parseBigInt(e,16);var a=this.doPrivate(f);if(a==null){return null}return oaep_unpad(a,(this.n.bitLength()+7)>>3,d,b)}RSAKey.prototype.doPrivate=RSADoPrivate;RSAKey.prototype.setPrivate=RSASetPrivate;RSAKey.prototype.setPrivateEx=RSASetPrivateEx;RSAKey.prototype.generate=RSAGenerate;RSAKey.prototype.decrypt=RSADecrypt;RSAKey.prototype.decryptOAEP=RSADecryptOAEP; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw new Error("ASN.1 length too long to represent by 8x: n = "+j.toString(16))}var g=128+h;return g.toString(16)+i}};this.tohex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.getValueHex=function(){this.tohex();return this.hV};this.getFreshValueHex=function(){return""};this.setByParam=function(g){this.params=g};if(e!=undefined){if(e.tlv!=undefined){this.hTLV=e.tlv;this.isModified=false}}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=utf8tohex(this.s).toLowerCase()};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};extendClass(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(g){var e=g.getTime()+(g.getTimezoneOffset()*60000);var f=new Date(e);return f};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.setByParam=function(d){this.hV=null;this.hTLV=null;this.params=d};this.getString=function(){return undefined};this.setString=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.str=d};this.setByDate=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.date=d};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};extendClass(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};extendClass(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(a){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";if(a==false){this.hTLV="010100"}else{this.hTLV="0101ff"}};extendClass(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};extendClass(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.tohex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7=f){break}}return j};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){return -1}}return d}f=c.shift();b=g.getChildIdx(e,d);if(f>=b.length){return -1}return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getIdxbyListEx=function(f,k,b,g){var m=ASN1HEX;var d,l;if(b.length==0){if(g!==undefined){if(f.substr(k,2)!==g){return -1}}return k}d=b.shift();l=m.getChildIdx(f,k);var j=0;for(var e=0;e=d.length){return null}return e.getTLV(d,a)};ASN1HEX.getTLVbyListEx=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyListEx(d,c,b,f);if(a==-1){return null}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a==-1){return null}if(a>=e.length){return null}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.getVbyListEx=function(b,e,a,d,f){var j=ASN1HEX;var g,c,i;g=j.getIdxbyListEx(b,e,a,d);if(g==-1){return null}i=j.getV(b,g);if(b.substr(g,2)=="03"&&f!==false){i=i.substr(2)}return i};ASN1HEX.getInt=function(e,b,f){if(f==undefined){f=-1}try{var c=e.substr(b,2);if(c!="02"&&c!="03"){return f}var a=ASN1HEX.getV(e,b);if(c=="02"){return parseInt(a,16)}else{return bitstrtoint(a)}}catch(d){return f}};ASN1HEX.getOID=function(c,a,d){if(d==undefined){d=null}try{if(c.substr(a,2)!="06"){return d}var e=ASN1HEX.getV(c,a);return hextooid(e)}catch(b){return d}};ASN1HEX.getOIDName=function(d,a,f){if(f==undefined){f=null}try{var e=ASN1HEX.getOID(d,a,f);if(e==f){return f}var b=KJUR.asn1.x509.OID.oid2name(e);if(b==""){return e}return b}catch(c){return f}};ASN1HEX.getString=function(d,b,e){if(e==undefined){e=null}try{var a=ASN1HEX.getV(d,b);return hextorstr(a)}catch(c){return e}};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.tohex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;var z=e.substr(l,2);if(z=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(z=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(z=="03"){var h=j(e,l);if(p.isASN1HEX(h.substr(2))){var k=g+"BITSTRING, encapsulates\n";k=k+y(h.substr(2),c,0,g+" ");return k}else{return g+"BITSTRING "+q(h,x)+"\n"}}if(z=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+" ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(z=="05"){return g+"NULL\n"}if(z=="06"){var m=j(e,l);var b=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(b);var a=b.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+a+")\n"}else{return g+"ObjectIdentifier ("+a+")\n"}}if(z=="0a"){return g+"ENUMERATED "+parseInt(j(e,l))+"\n"}if(z=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(z=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(z=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(z=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(z=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(z=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(z=="1a"){return g+"VisualString '"+hextoutf8(j(e,l))+"'\n"}if(z=="1e"){return g+"BMPString '"+ucs2hextoutf8(j(e,l))+"'\n"}if(z=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u4){return{"enum":{hex:p}}}else{return{"enum":parseInt(p,16)}}}else{if(C=="30"||C=="31"){j[c[C]]=u(x);return j}else{if(C=="14"){var o=q(p);j[c[C]]={str:o};return j}else{if(C=="1e"){var o=n(p);j[c[C]]={str:o};return j}else{if(":0c:12:13:16:17:18:1a:".indexOf(C)!=-1){var o=k(p);j[c[C]]={str:o};return j}else{if(C.match(/^8[0-9]$/)){var o=k(p);if(o==null|o==""){return{tag:{tag:C,explicit:false,hex:p}}}else{if(o.match(/[\x00-\x1F\x7F-\x9F]/)!=null||o.match(/[\u0000-\u001F\u0080–\u009F]/)!=null){return{tag:{tag:C,explicit:false,hex:p}}}else{return{tag:{tag:C,explicit:false,str:o}}}}}else{if(C.match(/^a[0-9]$/)){try{if(!a(p)){throw new Error("not encap")}return{tag:{tag:C,explicit:true,obj:f(p)}}}catch(z){return{tag:{tag:C,explicit:true,hex:p}}}}else{var A=new KJUR.asn1.ASN1Object();A.hV=p;var w=A.getLengthHexFromValue();return{asn1:{tlv:C+w+p}}}}}}}}}}}}}}}};ASN1HEX.isContextTag=function(c,b){c=c.toLowerCase();var f,e;try{f=parseInt(c,16)}catch(d){return -1}if(b===undefined){if((f&192)==128){return true}else{return false}}try{var a=b.match(/^\[[0-9]+\]$/);if(a==null){return false}e=parseInt(b.substr(1,b.length-1),10);if(e>31){return false}if(((f&192)==128)&&((f&31)==e)){return true}return false}catch(d){return false}};ASN1HEX.isASN1HEX=function(e){var d=ASN1HEX;if(e.length%2==1){return false}var c=d.getVblen(e,0);var b=e.substr(0,2);var f=d.getL(e,0);var a=e.length-b.length-f.length;if(a==c*2){return true}return false};ASN1HEX.checkStrictDER=function(g,o,d,c,r){var s=ASN1HEX;if(d===undefined){if(typeof g!="string"){throw new Error("not hex string")}g=g.toLowerCase();if(!KJUR.lang.String.isHex(g)){throw new Error("not hex string")}d=g.length;c=g.length/2;if(c<128){r=1}else{r=Math.ceil(c.toString(16))+1}}var k=s.getL(g,o);if(k.length>r*2){throw new Error("L of TLV too long: idx="+o)}var n=s.getVblen(g,o);if(n>c){throw new Error("value of L too long than hex: idx="+o)}var q=s.getTLV(g,o);var f=q.length-2-s.getL(g,o).length;if(f!==(n*2)){throw new Error("V string length and L's value not the same:"+f+"/"+(n*2))}if(o===0){if(g.length!=q.length){throw new Error("total length and TLV length unmatch:"+g.length+"!="+q.length)}}var b=g.substr(o,2);if(b==="02"){var a=s.getVidx(g,o);if(g.substr(a,2)=="00"&&g.charCodeAt(a+2)<56){throw new Error("not least zeros for DER INTEGER")}}if(parseInt(b,16)&32){var p=s.getVblen(g,o);var m=0;var l=s.getChildIdx(g,o);for(var e=0;e>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dk){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; \ No newline at end of file +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; \ No newline at end of file diff --git a/min/jws-3.3.min.js b/min/jws-3.3.min.js index 348e5d13..b11ffeca 100644 --- a/min/jws-3.3.min.js +++ b/min/jws-3.3.min.js @@ -1 +1 @@ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWS=function(){var b=KJUR,a=b.jws.JWS,c=a.isSafeJSONString;this.parseJWS=function(g,j){if((this.parsedJWS!==undefined)&&(j||(this.parsedJWS.sigvalH!==undefined))){return}var i=g.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);if(i==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}var k=i[1];var e=i[2];var l=i[3];var n=k+"."+e;this.parsedJWS={};this.parsedJWS.headB64U=k;this.parsedJWS.payloadB64U=e;this.parsedJWS.sigvalB64U=l;this.parsedJWS.si=n;if(!j){var h=b64utohex(l);var f=parseBigInt(h,16);this.parsedJWS.sigvalH=h;this.parsedJWS.sigvalBI=f}var d=b64utoutf8(k);var m=b64utoutf8(e);this.parsedJWS.headS=d;this.parsedJWS.payloadS=m;if(!c(d,this.parsedJWS,"headP")){throw"malformed JSON string for JWS Head: "+d}}};KJUR.jws.JWS.sign=function(j,w,z,A,a){var x=KJUR,n=x.jws,r=n.JWS,h=r.readSafeJSONString,q=r.isSafeJSONString,d=x.crypto,l=d.ECDSA,p=d.Mac,c=d.Signature,u=JSON;var t,k,o;if(typeof w!="string"&&typeof w!="object"){throw"spHeader must be JSON string or object: "+w}if(typeof w=="object"){k=w;t=u.stringify(k)}if(typeof w=="string"){t=w;if(!q(t)){throw"JWS Head is not safe JSON string: "+t}k=h(t)}o=z;if(typeof z=="object"){o=u.stringify(z)}if((j==""||j==null)&&k.alg!==undefined){j=k.alg}if((j!=""&&j!=null)&&k.alg===undefined){k.alg=j;t=u.stringify(k)}if(j!==k.alg){throw"alg and sHeader.alg doesn't match: "+j+"!="+k.alg}var s=null;if(r.jwsalg2sigalg[j]===undefined){throw"unsupported alg name: "+j}else{s=r.jwsalg2sigalg[j]}var e=utf8tob64u(t);var m=utf8tob64u(o);var b=e+"."+m;var y="";if(s.substr(0,4)=="Hmac"){if(A===undefined){throw"mac key shall be specified for HS* alg"}var i=new p({alg:s,prov:"cryptojs",pass:A});i.updateString(b);y=i.doFinal()}else{if(s.indexOf("withECDSA")!=-1){var f=new c({alg:s});f.init(A,a);f.updateString(b);var g=f.sign();y=KJUR.crypto.ECDSA.asn1SigToConcatSig(g)}else{if(s!="none"){var f=new c({alg:s});f.init(A,a);f.updateString(b);y=f.sign()}}}var v=hextob64u(y);return b+"."+v};KJUR.jws.JWS.verify=function(w,B,n){var x=KJUR,q=x.jws,t=q.JWS,i=t.readSafeJSONString,e=x.crypto,p=e.ECDSA,s=e.Mac,d=e.Signature,m;if(typeof RSAKey!==undefined){m=RSAKey}var y=w.split(".");if(y.length!==3){return false}var f=y[0];var r=y[1];var c=f+"."+r;var A=b64utohex(y[2]);var l=i(b64utoutf8(y[0]));var k=null;var z=null;if(l.alg===undefined){throw"algorithm not specified in header"}else{k=l.alg;z=k.substr(0,2)}if(n!=null&&Object.prototype.toString.call(n)==="[object Array]"&&n.length>0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--u){v=v.twice2D();v.z=f.ONE;if(t.testBit(u)){if(s.testBit(u)){v=v.add2D(y)}else{v=v.add2D(x)}}else{if(s.testBit(u)){v=v.add2D(w)}}}return v}this.getBigRandom=function(r){return new f(r.bitLength(),a).mod(r.subtract(f.ONE)).add(f.ONE)};this.setNamedCurve=function(r){this.ecparams=c.getByName(r);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=r};this.setPrivateKeyHex=function(r){this.isPrivate=true;this.prvKeyHex=r};this.setPublicKeyHex=function(r){this.isPublic=true;this.pubKeyHex=r};this.getPublicKeyXYHex=function(){var t=this.pubKeyHex;if(t.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var s=this.ecparams.keycharlen;if(t.length!==2+s*2){throw"malformed public key hex length"}var r={};r.x=t.substr(2,s);r.y=t.substr(2+s);return r};this.getShortNISTPCurveName=function(){var r=this.curveName;if(r==="secp256r1"||r==="NIST P-256"||r==="P-256"||r==="prime256v1"){return"P-256"}if(r==="secp384r1"||r==="NIST P-384"||r==="P-384"){return"P-384"}if(r==="secp521r1"||r==="NIST P-521"||r==="P-521"){return"P-521"}return null};this.generateKeyPairHex=function(){var s=this.ecparams.n;var u=this.getBigRandom(s);var r=this.ecparams.keycharlen;var t=("0000000000"+u.toString(16)).slice(-r);this.setPrivateKeyHex(t);var v=this.generatePublicKeyHex();return{ecprvhex:t,ecpubhex:v}};this.generatePublicKeyHex=function(){var u=new f(this.prvKeyHex,16);var w=this.ecparams.G.multiply(u);var t=w.getX().toBigInteger();var s=w.getY().toBigInteger();var r=this.ecparams.keycharlen;var y=("0000000000"+t.toString(16)).slice(-r);var v=("0000000000"+s.toString(16)).slice(-r);var x="04"+y+v;this.setPublicKeyHex(x);return x};this.signWithMessageHash=function(r){return this.signHex(r,this.prvKeyHex)};this.signHex=function(x,u){var A=new f(u,16);var v=this.ecparams.n;var z=new f(x.substring(0,this.ecparams.keycharlen),16);do{var w=this.getBigRandom(v);var B=this.ecparams.G;var y=B.multiply(w);var t=y.getX().toBigInteger().mod(v)}while(t.compareTo(f.ZERO)<=0);var C=w.modInverse(v).multiply(z.add(A.multiply(t))).mod(v);return m.biRSSigToASN1Sig(t,C)};this.sign=function(w,B){var z=B;var u=this.ecparams.n;var y=f.fromByteArrayUnsigned(w);do{var v=this.getBigRandom(u);var A=this.ecparams.G;var x=A.multiply(v);var t=x.getX().toBigInteger().mod(u)}while(t.compareTo(BigInteger.ZERO)<=0);var C=v.modInverse(u).multiply(y.add(z.multiply(t))).mod(u);return this.serializeSig(t,C)};this.verifyWithMessageHash=function(s,r){return this.verifyHex(s,r,this.pubKeyHex)};this.verifyHex=function(v,y,u){try{var t,B;var w=m.parseSigHex(y);t=w.r;B=w.s;var x=h.decodeFromHex(this.ecparams.curve,u);var z=new f(v.substring(0,this.ecparams.keycharlen),16);return this.verifyRaw(z,t,B,x)}catch(A){return false}};this.verify=function(z,A,u){var w,t;if(Bitcoin.Util.isArray(A)){var y=this.parseSig(A);w=y.r;t=y.s}else{if("object"===typeof A&&A.r&&A.s){w=A.r;t=A.s}else{throw"Invalid value for signature"}}var v;if(u instanceof ECPointFp){v=u}else{if(Bitcoin.Util.isArray(u)){v=h.decodeFrom(this.ecparams.curve,u)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var x=f.fromByteArrayUnsigned(z);return this.verifyRaw(x,w,t,v)};this.verifyRaw=function(z,t,E,y){var x=this.ecparams.n;var D=this.ecparams.G;if(t.compareTo(f.ONE)<0||t.compareTo(x)>=0){return false}if(E.compareTo(f.ONE)<0||E.compareTo(x)>=0){return false}var A=E.modInverse(x);var w=z.multiply(A).mod(x);var u=t.multiply(A).mod(x);var B=D.multiply(w).add(y.multiply(u));var C=B.getX().toBigInteger().mod(x);return C.equals(t)};this.serializeSig=function(v,u){var w=v.toByteArraySigned();var t=u.toByteArraySigned();var x=[];x.push(2);x.push(w.length);x=x.concat(w);x.push(2);x.push(t.length);x=x.concat(t);x.unshift(x.length);x.unshift(48);return x};this.parseSig=function(y){var x;if(y[0]!=48){throw new Error("Signature not a valid DERSequence")}x=2;if(y[x]!=2){throw new Error("First element in signature must be a DERInteger")}var w=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];if(y[x]!=2){throw new Error("Second element in signature must be a DERInteger")}var t=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];var v=f.fromByteArrayUnsigned(w);var u=f.fromByteArrayUnsigned(t);return{r:v,s:u}};this.parseSigCompact=function(w){if(w.length!==65){throw"Signature has the wrong length"}var t=w[0]-27;if(t<0||t>7){throw"Invalid signature type"}var x=this.ecparams.n;var v=f.fromByteArrayUnsigned(w.slice(1,33)).mod(x);var u=f.fromByteArrayUnsigned(w.slice(33,65)).mod(x);return{r:v,s:u,i:t}};this.readPKCS5PrvKeyHex=function(u){if(k(u)===false){throw new Error("not ASN.1 hex string")}var r,t,v;try{r=n(u,0,["[0]",0],"06");t=n(u,0,[1],"04");try{v=n(u,0,["[1]",0],"03")}catch(s){}}catch(s){throw new Error("malformed PKCS#1/5 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v);this.setPrivateKeyHex(t);this.isPublic=false};this.readPKCS8PrvKeyHex=function(v){if(k(v)===false){throw new j("not ASN.1 hex string")}var t,r,u,w;try{t=n(v,0,[1,0],"06");r=n(v,0,[1,1],"06");u=n(v,0,[2,0,1],"04");try{w=n(v,0,[2,0,"[1]",0],"03")}catch(s){}}catch(s){throw new j("malformed PKCS#8 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(w);this.setPrivateKeyHex(u);this.isPublic=false};this.readPKCS8PubKeyHex=function(u){if(k(u)===false){throw new j("not ASN.1 hex string")}var t,r,v;try{t=n(u,0,[0,0],"06");r=n(u,0,[0,1],"06");v=n(u,0,[1],"03")}catch(s){throw new j("malformed PKCS#8 ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v)};this.readCertPubKeyHex=function(t,v){if(k(t)===false){throw new j("not ASN.1 hex string")}var r,u;try{r=n(t,0,[0,5,0,1],"06");u=n(t,0,[0,5,1],"03")}catch(s){throw new j("malformed X.509 certificate ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(u)};if(e!==undefined){if(e.curve!==undefined){this.curveName=e.curve}}if(this.curveName===undefined){this.curveName=g}this.setNamedCurve(this.curveName);if(e!==undefined){if(e.prv!==undefined){this.setPrivateKeyHex(e.prv)}if(e.pub!==undefined){this.setPublicKeyHex(e.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(f){var j=ASN1HEX,i=j.getChildIdx,g=j.getV;j.checkStrictDER(f,0);if(f.substr(0,2)!="30"){throw new Error("signature is not a ASN.1 sequence")}var h=i(f,0);if(h.length!=2){throw new Error("signature shall have two elements")}var e=h[0];var d=h[1];if(f.substr(e,2)!="02"){throw new Error("1st item not ASN.1 integer")}if(f.substr(d,2)!="02"){throw new Error("2nd item not ASN.1 integer")}var c=g(f,e);var b=g(f,d);return{r:c,s:b}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(d){var e=KJUR.crypto.ECDSA.parseSigHexInHexRS(d);var b=e.r;var a=e.s;if(b.length>=130&&b.length<=134){if(b.length%2!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%2!=0){throw Error("unknown ECDSA sig s length error")}if(b.substr(0,2)=="00"){b=b.substr(2)}if(a.substr(0,2)=="00"){a=a.substr(2)}var c=Math.max(b.length,a.length);b=("000000"+b).slice(-c);a=("000000"+a).slice(-c);return b+a}if(b.substr(0,2)=="00"&&(b.length%32)==2){b=b.substr(2)}if(a.substr(0,2)=="00"&&(a.length%32)==2){a=a.substr(2)}if((b.length%32)==30){b="00"+b}if((a.length%32)==30){a="00"+a}if(b.length%32!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%32!=0){throw Error("unknown ECDSA sig s length error")}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if(a.length%4!=0){throw Error("unknown ECDSA concatinated r-s sig length error")}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(f,d){var c=KJUR.asn1;var b=new c.DERInteger({bigint:f});var a=new c.DERInteger({bigint:d});var e=new c.DERSequence({array:[b,a]});return e.tohex()};KJUR.crypto.ECDSA.getName=function(a){if(a==="2b8104001f"){return"secp192k1"}if(a==="2a8648ce3d030107"){return"secp256r1"}if(a==="2b8104000a"){return"secp256k1"}if(a==="2b81040021"){return"secp224r1"}if(a==="2b81040022"){return"secp384r1"}if(a==="2b81040023"){return"secp521r1"}if("|secp256r1|NIST P-256|P-256|prime256v1|".indexOf(a)!==-1){return"secp256r1"}if("|secp256k1|".indexOf(a)!==-1){return"secp256k1"}if("|secp224r1|NIST P-224|P-224|".indexOf(a)!==-1){return"secp224r1"}if("|secp384r1|NIST P-384|P-384|".indexOf(a)!==-1){return"secp384r1"}if("|secp521r1|NIST P-521|P-521|".indexOf(a)!==-1){return"secp521r1"}return null}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["keycharlen"]=Math.ceil(l/8)*2;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dk){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriodl){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}}; diff --git a/npm/lib/jsrsasign-jwths-min.js b/npm/lib/jsrsasign-jwths-min.js index 16c07d57..dbe88955 100644 --- a/npm/lib/jsrsasign-jwths-min.js +++ b/npm/lib/jsrsasign-jwths-min.js @@ -1,5 +1,5 @@ /* - * jsrsasign(jwths) 10.5.24 (2022-06-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license + * jsrsasign(jwths) 10.5.25 (2022-06-24) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license */ /*! CryptoJS v3.1.2 core-fix.js @@ -111,6 +111,6 @@ var rng_state;var rng_pool;var rng_pptr;function rng_seed_int(a){rng_pool[rng_pp /*! Mike Samuel (c) 2009 | code.google.com/p/json-sans-eval */ var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})(); -var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod=a.length){return null}}var e="";while(++f191)&&(h<224)){e+=String.fromCharCode(((h&31)<<6)|(a[f+1]&63));++f}else{e+=String.fromCharCode(((h&15)<<12)|((a[f+1]&63)<<6)|(a[f+2]&63));f+=2}}}return e}function oaep_mgf1_str(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}function oaep_unpad(o,b,g,p){var e=KJUR.crypto.MessageDigest;var r=KJUR.crypto.Util;var c=null;if(!g){g="sha1"}if(typeof g==="string"){c=e.getCanonicalAlgName(g);p=e.getHashLength(c);g=function(d){return hextorstr(r.hashHex(rstrtohex(d),c))}}o=o.toByteArray();var h;for(h=0;h0&&a.length>0){this.n=parseBigInt(c,16);this.e=parseInt(a,16);this.d=parseBigInt(b,16)}else{throw"Invalid RSA private key"}}}function RSASetPrivateEx(g,d,e,c,b,a,h,f){this.isPrivate=true;this.isPublic=false;if(g==null){throw"RSASetPrivateEx N == null"}if(d==null){throw"RSASetPrivateEx E == null"}if(g.length==0){throw"RSASetPrivateEx N.length == 0"}if(d.length==0){throw"RSASetPrivateEx E.length == 0"}if(g!=null&&d!=null&&g.length>0&&d.length>0){this.n=parseBigInt(g,16);this.e=parseInt(d,16);this.d=parseBigInt(e,16);this.p=parseBigInt(c,16);this.q=parseBigInt(b,16);this.dmp1=parseBigInt(a,16);this.dmq1=parseBigInt(h,16);this.coeff=parseBigInt(f,16)}else{throw"Invalid RSA private key in RSASetPrivateEx"}}function RSAGenerate(b,l){var a=new SecureRandom();var g=b>>1;this.e=parseInt(l,16);var c=new BigInteger(l,16);var d=(b/2)-100;var k=BigInteger.ONE.shiftLeft(d);for(;;){for(;;){this.p=new BigInteger(b-g,1,a);if(this.p.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.p.isProbablePrime(10)){break}}for(;;){this.q=new BigInteger(g,1,a);if(this.q.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.q.isProbablePrime(10)){break}}if(this.p.compareTo(this.q)<=0){var j=this.p;this.p=this.q;this.q=j}var h=this.q.subtract(this.p).abs();if(h.bitLength()>3)}function RSADecryptOAEP(e,d,b){if(e.length!=Math.ceil(this.n.bitLength()/4)){throw new Error("wrong ctext length")}var f=parseBigInt(e,16);var a=this.doPrivate(f);if(a==null){return null}return oaep_unpad(a,(this.n.bitLength()+7)>>3,d,b)}RSAKey.prototype.doPrivate=RSADoPrivate;RSAKey.prototype.setPrivate=RSASetPrivate;RSAKey.prototype.setPrivateEx=RSASetPrivateEx;RSAKey.prototype.generate=RSAGenerate;RSAKey.prototype.decrypt=RSADecrypt;RSAKey.prototype.decryptOAEP=RSADecryptOAEP; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw new Error("ASN.1 length too long to represent by 8x: n = "+j.toString(16))}var g=128+h;return g.toString(16)+i}};this.tohex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.getValueHex=function(){this.tohex();return this.hV};this.getFreshValueHex=function(){return""};this.setByParam=function(g){this.params=g};if(e!=undefined){if(e.tlv!=undefined){this.hTLV=e.tlv;this.isModified=false}}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=utf8tohex(this.s).toLowerCase()};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};extendClass(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(g){var e=g.getTime()+(g.getTimezoneOffset()*60000);var f=new Date(e);return f};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.setByParam=function(d){this.hV=null;this.hTLV=null;this.params=d};this.getString=function(){return undefined};this.setString=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.str=d};this.setByDate=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.date=d};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};extendClass(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};extendClass(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(a){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";if(a==false){this.hTLV="010100"}else{this.hTLV="0101ff"}};extendClass(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};extendClass(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.tohex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7=f){break}}return j};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){return -1}}return d}f=c.shift();b=g.getChildIdx(e,d);if(f>=b.length){return -1}return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getIdxbyListEx=function(f,k,b,g){var m=ASN1HEX;var d,l;if(b.length==0){if(g!==undefined){if(f.substr(k,2)!==g){return -1}}return k}d=b.shift();l=m.getChildIdx(f,k);var j=0;for(var e=0;e=d.length){return null}return e.getTLV(d,a)};ASN1HEX.getTLVbyListEx=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyListEx(d,c,b,f);if(a==-1){return null}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a==-1){return null}if(a>=e.length){return null}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.getVbyListEx=function(b,e,a,d,f){var j=ASN1HEX;var g,c,i;g=j.getIdxbyListEx(b,e,a,d);if(g==-1){return null}i=j.getV(b,g);if(b.substr(g,2)=="03"&&f!==false){i=i.substr(2)}return i};ASN1HEX.getInt=function(e,b,f){if(f==undefined){f=-1}try{var c=e.substr(b,2);if(c!="02"&&c!="03"){return f}var a=ASN1HEX.getV(e,b);if(c=="02"){return parseInt(a,16)}else{return bitstrtoint(a)}}catch(d){return f}};ASN1HEX.getOID=function(c,a,d){if(d==undefined){d=null}try{if(c.substr(a,2)!="06"){return d}var e=ASN1HEX.getV(c,a);return hextooid(e)}catch(b){return d}};ASN1HEX.getOIDName=function(d,a,f){if(f==undefined){f=null}try{var e=ASN1HEX.getOID(d,a,f);if(e==f){return f}var b=KJUR.asn1.x509.OID.oid2name(e);if(b==""){return e}return b}catch(c){return f}};ASN1HEX.getString=function(d,b,e){if(e==undefined){e=null}try{var a=ASN1HEX.getV(d,b);return hextorstr(a)}catch(c){return e}};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.tohex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;var z=e.substr(l,2);if(z=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(z=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(z=="03"){var h=j(e,l);if(p.isASN1HEX(h.substr(2))){var k=g+"BITSTRING, encapsulates\n";k=k+y(h.substr(2),c,0,g+" ");return k}else{return g+"BITSTRING "+q(h,x)+"\n"}}if(z=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+" ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(z=="05"){return g+"NULL\n"}if(z=="06"){var m=j(e,l);var b=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(b);var a=b.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+a+")\n"}else{return g+"ObjectIdentifier ("+a+")\n"}}if(z=="0a"){return g+"ENUMERATED "+parseInt(j(e,l))+"\n"}if(z=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(z=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(z=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(z=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(z=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(z=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(z=="1a"){return g+"VisualString '"+hextoutf8(j(e,l))+"'\n"}if(z=="1e"){return g+"BMPString '"+ucs2hextoutf8(j(e,l))+"'\n"}if(z=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u4){return{"enum":{hex:p}}}else{return{"enum":parseInt(p,16)}}}else{if(C=="30"||C=="31"){j[c[C]]=u(x);return j}else{if(C=="14"){var o=q(p);j[c[C]]={str:o};return j}else{if(C=="1e"){var o=n(p);j[c[C]]={str:o};return j}else{if(":0c:12:13:16:17:18:1a:".indexOf(C)!=-1){var o=k(p);j[c[C]]={str:o};return j}else{if(C.match(/^8[0-9]$/)){var o=k(p);if(o==null|o==""){return{tag:{tag:C,explicit:false,hex:p}}}else{if(o.match(/[\x00-\x1F\x7F-\x9F]/)!=null||o.match(/[\u0000-\u001F\u0080–\u009F]/)!=null){return{tag:{tag:C,explicit:false,hex:p}}}else{return{tag:{tag:C,explicit:false,str:o}}}}}else{if(C.match(/^a[0-9]$/)){try{if(!a(p)){throw new Error("not encap")}return{tag:{tag:C,explicit:true,obj:f(p)}}}catch(z){return{tag:{tag:C,explicit:true,hex:p}}}}else{var A=new KJUR.asn1.ASN1Object();A.hV=p;var w=A.getLengthHexFromValue();return{asn1:{tlv:C+w+p}}}}}}}}}}}}}}}};ASN1HEX.isContextTag=function(c,b){c=c.toLowerCase();var f,e;try{f=parseInt(c,16)}catch(d){return -1}if(b===undefined){if((f&192)==128){return true}else{return false}}try{var a=b.match(/^\[[0-9]+\]$/);if(a==null){return false}e=parseInt(b.substr(1,b.length-1),10);if(e>31){return false}if(((f&192)==128)&&((f&31)==e)){return true}return false}catch(d){return false}};ASN1HEX.isASN1HEX=function(e){var d=ASN1HEX;if(e.length%2==1){return false}var c=d.getVblen(e,0);var b=e.substr(0,2);var f=d.getL(e,0);var a=e.length-b.length-f.length;if(a==c*2){return true}return false};ASN1HEX.checkStrictDER=function(g,o,d,c,r){var s=ASN1HEX;if(d===undefined){if(typeof g!="string"){throw new Error("not hex string")}g=g.toLowerCase();if(!KJUR.lang.String.isHex(g)){throw new Error("not hex string")}d=g.length;c=g.length/2;if(c<128){r=1}else{r=Math.ceil(c.toString(16))+1}}var k=s.getL(g,o);if(k.length>r*2){throw new Error("L of TLV too long: idx="+o)}var n=s.getVblen(g,o);if(n>c){throw new Error("value of L too long than hex: idx="+o)}var q=s.getTLV(g,o);var f=q.length-2-s.getL(g,o).length;if(f!==(n*2)){throw new Error("V string length and L's value not the same:"+f+"/"+(n*2))}if(o===0){if(g.length!=q.length){throw new Error("total length and TLV length unmatch:"+g.length+"!="+q.length)}}var b=g.substr(o,2);if(b==="02"){var a=s.getVidx(g,o);if(g.substr(a,2)=="00"&&g.charCodeAt(a+2)<56){throw new Error("not least zeros for DER INTEGER")}}if(parseInt(b,16)&32){var p=s.getVblen(g,o);var m=0;var l=s.getChildIdx(g,o);for(var e=0;e>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dk){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; +var KJUR;if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.lang=="undefined"||!KJUR.lang){KJUR.lang={}}KJUR.lang.String=function(){};function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;c>6);var i=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16))}var j=224|((h&240)>>4);var i=128|((h&15)<<2)|((a&192)>>6);var g=128|(a&63);return hextoutf8(j.toString(16)+i.toString(16)+g.toString(16))}var c=d.match(/.{4}/g);var b=c.map(e);return b.join("")}function encodeURIComponentAll(a){var d=encodeURIComponent(a);var b="";for(var c=0;c"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;b0){o=o+"."+k.join(".")}return o}catch(j){return null}}var strpad=function(c,b,a){if(a==undefined){a="0"}if(c.length>=b){return c}return new Array(b-c.length+1).join(a)+c};function bitstrtoint(e){if(e.length%2!=0){return -1}e=e.toLowerCase();if(e.match(/^[0-9a-f]+$/)==null){return -1}try{var a=e.substr(0,2);if(a=="00"){return parseInt(e.substr(2),16)}var b=parseInt(a,16);if(b>7){return -1}var g=e.substr(2);var d=parseInt(g,16).toString(2);if(d=="0"){d="00000000"}d=d.slice(0,0-b);var f=parseInt(d,2);if(f==NaN){return -1}return f}catch(c){return -1}}function inttobitstr(e){if(typeof e!="number"){return null}if(e<0){return null}var c=Number(e).toString(2);var b=8-c.length%8;if(b==8){b=0}c=c+strpad("",b,"0");var d=parseInt(c,2).toString(16);if(d.length%2==1){d="0"+d}var a="0"+b;return a+d}function bitstrtobinstr(g){if(typeof g!="string"){return null}if(g.length%2!=0){return null}if(!g.match(/^[0-9a-f]+$/)){return null}try{var c=parseInt(g.substr(0,2),16);if(c<0||7=0;a--){c+=b[a]}return c}function extendClass(c,a){var b=function(){};b.prototype=a.prototype;c.prototype=new b();c.prototype.constructor=c;c.superclass=a.prototype;if(a.prototype.constructor==Object.prototype.constructor){a.prototype.constructor=a}}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:CryptoJS.algo.MD5,sha1:CryptoJS.algo.SHA1,sha224:CryptoJS.algo.SHA224,sha256:CryptoJS.algo.SHA256,sha384:CryptoJS.algo.SHA384,sha512:CryptoJS.algo.SHA512,ripemd160:CryptoJS.algo.RIPEMD160};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--u){v=v.twice2D();v.z=f.ONE;if(t.testBit(u)){if(s.testBit(u)){v=v.add2D(y)}else{v=v.add2D(x)}}else{if(s.testBit(u)){v=v.add2D(w)}}}return v}this.getBigRandom=function(r){return new f(r.bitLength(),a).mod(r.subtract(f.ONE)).add(f.ONE)};this.setNamedCurve=function(r){this.ecparams=c.getByName(r);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=r};this.setPrivateKeyHex=function(r){this.isPrivate=true;this.prvKeyHex=r};this.setPublicKeyHex=function(r){this.isPublic=true;this.pubKeyHex=r};this.getPublicKeyXYHex=function(){var t=this.pubKeyHex;if(t.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var s=this.ecparams.keycharlen;if(t.length!==2+s*2){throw"malformed public key hex length"}var r={};r.x=t.substr(2,s);r.y=t.substr(2+s);return r};this.getShortNISTPCurveName=function(){var r=this.curveName;if(r==="secp256r1"||r==="NIST P-256"||r==="P-256"||r==="prime256v1"){return"P-256"}if(r==="secp384r1"||r==="NIST P-384"||r==="P-384"){return"P-384"}if(r==="secp521r1"||r==="NIST P-521"||r==="P-521"){return"P-521"}return null};this.generateKeyPairHex=function(){var s=this.ecparams.n;var u=this.getBigRandom(s);var r=this.ecparams.keycharlen;var t=("0000000000"+u.toString(16)).slice(-r);this.setPrivateKeyHex(t);var v=this.generatePublicKeyHex();return{ecprvhex:t,ecpubhex:v}};this.generatePublicKeyHex=function(){var u=new f(this.prvKeyHex,16);var w=this.ecparams.G.multiply(u);var t=w.getX().toBigInteger();var s=w.getY().toBigInteger();var r=this.ecparams.keycharlen;var y=("0000000000"+t.toString(16)).slice(-r);var v=("0000000000"+s.toString(16)).slice(-r);var x="04"+y+v;this.setPublicKeyHex(x);return x};this.signWithMessageHash=function(r){return this.signHex(r,this.prvKeyHex)};this.signHex=function(x,u){var A=new f(u,16);var v=this.ecparams.n;var z=new f(x.substring(0,this.ecparams.keycharlen),16);do{var w=this.getBigRandom(v);var B=this.ecparams.G;var y=B.multiply(w);var t=y.getX().toBigInteger().mod(v)}while(t.compareTo(f.ZERO)<=0);var C=w.modInverse(v).multiply(z.add(A.multiply(t))).mod(v);return m.biRSSigToASN1Sig(t,C)};this.sign=function(w,B){var z=B;var u=this.ecparams.n;var y=f.fromByteArrayUnsigned(w);do{var v=this.getBigRandom(u);var A=this.ecparams.G;var x=A.multiply(v);var t=x.getX().toBigInteger().mod(u)}while(t.compareTo(BigInteger.ZERO)<=0);var C=v.modInverse(u).multiply(y.add(z.multiply(t))).mod(u);return this.serializeSig(t,C)};this.verifyWithMessageHash=function(s,r){return this.verifyHex(s,r,this.pubKeyHex)};this.verifyHex=function(v,y,u){try{var t,B;var w=m.parseSigHex(y);t=w.r;B=w.s;var x=h.decodeFromHex(this.ecparams.curve,u);var z=new f(v.substring(0,this.ecparams.keycharlen),16);return this.verifyRaw(z,t,B,x)}catch(A){return false}};this.verify=function(z,A,u){var w,t;if(Bitcoin.Util.isArray(A)){var y=this.parseSig(A);w=y.r;t=y.s}else{if("object"===typeof A&&A.r&&A.s){w=A.r;t=A.s}else{throw"Invalid value for signature"}}var v;if(u instanceof ECPointFp){v=u}else{if(Bitcoin.Util.isArray(u)){v=h.decodeFrom(this.ecparams.curve,u)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var x=f.fromByteArrayUnsigned(z);return this.verifyRaw(x,w,t,v)};this.verifyRaw=function(z,t,E,y){var x=this.ecparams.n;var D=this.ecparams.G;if(t.compareTo(f.ONE)<0||t.compareTo(x)>=0){return false}if(E.compareTo(f.ONE)<0||E.compareTo(x)>=0){return false}var A=E.modInverse(x);var w=z.multiply(A).mod(x);var u=t.multiply(A).mod(x);var B=D.multiply(w).add(y.multiply(u));var C=B.getX().toBigInteger().mod(x);return C.equals(t)};this.serializeSig=function(v,u){var w=v.toByteArraySigned();var t=u.toByteArraySigned();var x=[];x.push(2);x.push(w.length);x=x.concat(w);x.push(2);x.push(t.length);x=x.concat(t);x.unshift(x.length);x.unshift(48);return x};this.parseSig=function(y){var x;if(y[0]!=48){throw new Error("Signature not a valid DERSequence")}x=2;if(y[x]!=2){throw new Error("First element in signature must be a DERInteger")}var w=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];if(y[x]!=2){throw new Error("Second element in signature must be a DERInteger")}var t=y.slice(x+2,x+2+y[x+1]);x+=2+y[x+1];var v=f.fromByteArrayUnsigned(w);var u=f.fromByteArrayUnsigned(t);return{r:v,s:u}};this.parseSigCompact=function(w){if(w.length!==65){throw"Signature has the wrong length"}var t=w[0]-27;if(t<0||t>7){throw"Invalid signature type"}var x=this.ecparams.n;var v=f.fromByteArrayUnsigned(w.slice(1,33)).mod(x);var u=f.fromByteArrayUnsigned(w.slice(33,65)).mod(x);return{r:v,s:u,i:t}};this.readPKCS5PrvKeyHex=function(u){if(k(u)===false){throw new Error("not ASN.1 hex string")}var r,t,v;try{r=n(u,0,["[0]",0],"06");t=n(u,0,[1],"04");try{v=n(u,0,["[1]",0],"03")}catch(s){}}catch(s){throw new Error("malformed PKCS#1/5 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v);this.setPrivateKeyHex(t);this.isPublic=false};this.readPKCS8PrvKeyHex=function(v){if(k(v)===false){throw new j("not ASN.1 hex string")}var t,r,u,w;try{t=n(v,0,[1,0],"06");r=n(v,0,[1,1],"06");u=n(v,0,[2,0,1],"04");try{w=n(v,0,[2,0,"[1]",0],"03")}catch(s){}}catch(s){throw new j("malformed PKCS#8 plain ECC private key")}this.curveName=d(r);if(this.curveName===undefined){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(w);this.setPrivateKeyHex(u);this.isPublic=false};this.readPKCS8PubKeyHex=function(u){if(k(u)===false){throw new j("not ASN.1 hex string")}var t,r,v;try{t=n(u,0,[0,0],"06");r=n(u,0,[0,1],"06");v=n(u,0,[1],"03")}catch(s){throw new j("malformed PKCS#8 ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(v)};this.readCertPubKeyHex=function(t,v){if(k(t)===false){throw new j("not ASN.1 hex string")}var r,u;try{r=n(t,0,[0,5,0,1],"06");u=n(t,0,[0,5,1],"03")}catch(s){throw new j("malformed X.509 certificate ECC public key")}this.curveName=d(r);if(this.curveName===null){throw new j("unsupported curve name")}this.setNamedCurve(this.curveName);this.setPublicKeyHex(u)};if(e!==undefined){if(e.curve!==undefined){this.curveName=e.curve}}if(this.curveName===undefined){this.curveName=g}this.setNamedCurve(this.curveName);if(e!==undefined){if(e.prv!==undefined){this.setPrivateKeyHex(e.prv)}if(e.pub!==undefined){this.setPublicKeyHex(e.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(f){var j=ASN1HEX,i=j.getChildIdx,g=j.getV;j.checkStrictDER(f,0);if(f.substr(0,2)!="30"){throw new Error("signature is not a ASN.1 sequence")}var h=i(f,0);if(h.length!=2){throw new Error("signature shall have two elements")}var e=h[0];var d=h[1];if(f.substr(e,2)!="02"){throw new Error("1st item not ASN.1 integer")}if(f.substr(d,2)!="02"){throw new Error("2nd item not ASN.1 integer")}var c=g(f,e);var b=g(f,d);return{r:c,s:b}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(d){var e=KJUR.crypto.ECDSA.parseSigHexInHexRS(d);var b=e.r;var a=e.s;if(b.length>=130&&b.length<=134){if(b.length%2!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%2!=0){throw Error("unknown ECDSA sig s length error")}if(b.substr(0,2)=="00"){b=b.substr(2)}if(a.substr(0,2)=="00"){a=a.substr(2)}var c=Math.max(b.length,a.length);b=("000000"+b).slice(-c);a=("000000"+a).slice(-c);return b+a}if(b.substr(0,2)=="00"&&(b.length%32)==2){b=b.substr(2)}if(a.substr(0,2)=="00"&&(a.length%32)==2){a=a.substr(2)}if((b.length%32)==30){b="00"+b}if((a.length%32)==30){a="00"+a}if(b.length%32!=0){throw Error("unknown ECDSA sig r length error")}if(a.length%32!=0){throw Error("unknown ECDSA sig s length error")}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if(a.length%4!=0){throw Error("unknown ECDSA concatinated r-s sig length error")}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(f,d){var c=KJUR.asn1;var b=new c.DERInteger({bigint:f});var a=new c.DERInteger({bigint:d});var e=new c.DERSequence({array:[b,a]});return e.tohex()};KJUR.crypto.ECDSA.getName=function(a){if(a==="2b8104001f"){return"secp192k1"}if(a==="2a8648ce3d030107"){return"secp256r1"}if(a==="2b8104000a"){return"secp256k1"}if(a==="2b81040021"){return"secp224r1"}if(a==="2b81040022"){return"secp384r1"}if(a==="2b81040023"){return"secp521r1"}if("|secp256r1|NIST P-256|P-256|prime256v1|".indexOf(a)!==-1){return"secp256r1"}if("|secp256k1|".indexOf(a)!==-1){return"secp256k1"}if("|secp224r1|NIST P-224|P-224|".indexOf(a)!==-1){return"secp224r1"}if("|secp384r1|NIST P-384|P-384|".indexOf(a)!==-1){return"secp384r1"}if("|secp521r1|NIST P-521|P-521|".indexOf(a)!==-1){return"secp521r1"}return null}; if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["keycharlen"]=Math.ceil(l/8)*2;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dk){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriodl){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}}; exports.SecureRandom = SecureRandom; exports.rng_seed_time = rng_seed_time; @@ -320,6 +320,7 @@ exports.bitstrtoint = bitstrtoint; exports.inttobitstr = inttobitstr; exports.bitstrtobinstr = bitstrtobinstr; exports.binstrtobitstr = binstrtobitstr; +exports.isBase64URLDot = isBase64URLDot; exports.namearraytobinstr = namearraytobinstr; exports.extendClass = extendClass; diff --git a/npm/package.json b/npm/package.json index 1e28b47d..489046a8 100755 --- a/npm/package.json +++ b/npm/package.json @@ -1,6 +1,6 @@ { "name": "jsrsasign", - "version": "10.5.24", + "version": "10.5.25", "description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).", "main": "lib/jsrsasign.js", "scripts": { diff --git a/src/base64x-1.1.js b/src/base64x-1.1.js index f2877d7b..e7fa486a 100644 --- a/src/base64x-1.1.js +++ b/src/base64x-1.1.js @@ -1,4 +1,4 @@ -/* base64x-1.1.29 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license +/* base64x-1.1.30 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license */ /* * base64x.js - Base64url and supplementary functions for Tom Wu's base64.js library @@ -16,7 +16,7 @@ * @fileOverview * @name base64x-1.1.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version jsrsasign 10.5.23 base64x 1.1.29 (2022-May-27) + * @version jsrsasign 10.5.25 base64x 1.1.30 (2022-Jun-23) * @since jsrsasign 2.1 * @license MIT License */ @@ -1305,6 +1305,27 @@ KJUR.lang.String.isBase64URL = function(s) { return KJUR.lang.String.isBase64(s); }; + +/** + * check whether a string is a base64url encoded string and dot or not
+ * Input string can conclude new lines or space characters. + * @name isBase64URLDot + * @function + * @static + * @param {String} s input string + * @return {Boolean} true if a string "s" is a base64url encoded string and dot otherwise false + * @since base64x 1.1.30 jsrsasign 10.5.25 + * @example + * isBase64URLDot("YWE") → true + * isBase64URLDot("YWE.YWE.YWE") → true + * isBase64URLDot("YW-") → true + * isBase64URLDot("YW+") → false + */ +function isBase64URLDot(s) { + if (s.match(/^[0-9A-Za-z-_.]+$/)) return true; + return false; +} + /** * check whether a string is a string of integer array or not
* Input string can conclude new lines or space characters. diff --git a/src/jws-3.3.js b/src/jws-3.3.js index 8b13e68c..2a8e576b 100644 --- a/src/jws-3.3.js +++ b/src/jws-3.3.js @@ -1,9 +1,9 @@ -/* jws-3.3.11 (c) 2013-2018 Kenji Urushima | kjur.github.io/jsrsasign/license +/* jws-3.3.12 (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license */ /* * jws.js - JSON Web Signature(JWS) and JSON Web Token(JWT) Class * - * Copyright (c) 2010-2018 Kenji Urushima (kenji.urushima@gmail.com) + * Copyright (c) 2010-2022 Kenji Urushima (kenji.urushima@gmail.com) * * This software is licensed under the terms of the MIT License. * https://kjur.github.io/jsrsasign/license/ @@ -16,7 +16,7 @@ * @fileOverview * @name jws-3.3.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version jsrsasign 8.0.3 jws 3.3.11 (2018-Mar-11) + * @version jsrsasign 10.5.25 jws 3.3.12 (2022-Jun-23) * @since jsjws 1.0, jsrsasign 4.8.0 * @license MIT License */ @@ -402,6 +402,9 @@ KJUR.jws.JWS.verify = function(sJWS, key, acceptAlgs) { if (typeof RSAKey !== undefined) _RSAKey = RSAKey; + // 0. checking dot concatinatd Base64URL encoded string + if (! isBase64URLDot(sJWS)) return false; + var a = sJWS.split("."); if (a.length !== 3) return false; @@ -663,8 +666,12 @@ KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) { _inArray = _KJUR_jws_JWS.inArray, _includedArray = _KJUR_jws_JWS.includedArray; + // 0. checking dot concatinatd Base64URL encoded string + if (! isBase64URLDot(sJWT)) return false; + // 1. parse JWT var a = sJWT.split("."); + if (a.length != 3) return false; var uHeader = a[0]; var uPayload = a[1]; var uSignatureInput = uHeader + "." + uPayload; diff --git a/test/qunit-do-jwt-veri.html b/test/qunit-do-jwt-veri.html index 13de22fe..bfe030c8 100755 --- a/test/qunit-do-jwt-veri.html +++ b/test/qunit-do-jwt-veri.html @@ -11,6 +11,7 @@ +