Skip to content

Commit

Permalink
10.5.17 release
Browse files Browse the repository at this point in the history
  • Loading branch information
kjur committed Apr 14, 2022
1 parent bd075c6 commit 52d2b55
Show file tree
Hide file tree
Showing 22 changed files with 1,812 additions and 1,575 deletions.
12 changes: 12 additions & 0 deletions ChangeLog.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,18 @@

ChangeLog for jsrsasign

CIDR subnet mask support in iptohex and hextoip
* Changes from 10.5.16 to 10.5.17 (2022-Apr-14)
- src/asn1x509.js
- add IP address support in NameConstraints class
- bugfix in NameConstraints ip address
- wrong ASN.1 encoder in NameConstraints class bug fix (wrong explicit tag)
- src/base64x.js
- add CIDR subnet mask support in iptohex and hextoip
- iptohex, hextoip refactoring
- test/qunit-do-{x509-ext,base64x,asn1x509-tbscert,asn1x509}.html
- add some test cases and fix for above

Add NameConstraints extension and modify getEncodedHex to tohex
* Changes from 10.5.15 to 10.5.16 (2022-Apr-08)
- src/asn1x509.js
Expand Down
4 changes: 2 additions & 2 deletions api/files.html
Original file line number Diff line number Diff line change
Expand Up @@ -662,7 +662,7 @@ <h2><a href="symbols/src/asn1x509-1.0.js.html">asn1x509-1.0.js</a></h2>


<dt class="heading">Version:</dt>
<dd>jsrsasign 10.5.16 asn1x509 2.1.13 (2022-Apr-08)</dd>
<dd>jsrsasign 10.5.17 asn1x509 2.1.14 (2022-Apr-14)</dd>



Expand All @@ -681,7 +681,7 @@ <h2><a href="symbols/src/base64x-1.1.js.html">base64x-1.1.js</a></h2>


<dt class="heading">Version:</dt>
<dd>jsrsasign 10.5.12 base64x 1.1.25 (2022-Mar-13)</dd>
<dd>jsrsasign 10.5.17 base64x 1.1.26 (2022-Apr-14)</dd>



Expand Down
32 changes: 25 additions & 7 deletions api/symbols/global__.html
Original file line number Diff line number Diff line change
Expand Up @@ -2411,6 +2411,8 @@ <h1 class="classTitle">
IPv6 address to IPv4 or IPv6 address string.
If byte length is not 4 nor 16, this returns a
hexadecimal string without conversion.
<br/>
NOTE: From jsrsasign 10.5.17, CIDR subnet mask notation also supported.

<br />
<i>Defined in: </i> <a href="../symbols/src/base64x-1.1.js.html">base64x-1.1.js</a>.
Expand All @@ -2420,10 +2422,11 @@ <h1 class="classTitle">



<pre class="code">hextoip("c0a80101") &rarr "192.168.1.1"
<pre class="code">hextoip("c0a80101") &rarr; "192.168.1.1"
hextoip("871020010db8000000000000000000000004") &rarr "2001:db8::4"
hextoip("c0a801010203") &rarr "c0a801010203" // 6 bytes
hextoip("zzz")) &rarr raise exception because of not hexadecimal</pre>
hextoip("c0a80100ffffff00") &rarr; "192.168.1.0/24"
hextoip("c0a801010203") &rarr; "c0a801010203" // wrong 6 bytes
hextoip("zzz")) &rarr; raise exception because of not hexadecimal</pre>



Expand Down Expand Up @@ -2461,7 +2464,9 @@ <h1 class="classTitle">
<dl class="detailList">
<dt class="heading">See:</dt>

<dd></dd>
<dd><a href="../symbols/global__.html#hextoipv6">hextoipv6</a></dd>

<dd><a href="../symbols/global__.html#iptohex">iptohex</a></dd>

</dl>

Expand Down Expand Up @@ -3054,6 +3059,8 @@ <h1 class="classTitle">
convert IPv4/v6 addresss to a hexadecimal string<br/>
This function converts IPv4 or IPv6 address string to
a hexadecimal string of IPv4 or IPv6 address.
<br/>
NOTE: From jsrsasign 10.5.17, CIDR net mask notation also supported.

<br />
<i>Defined in: </i> <a href="../symbols/src/base64x-1.1.js.html">base64x-1.1.js</a>.
Expand All @@ -3063,9 +3070,11 @@ <h1 class="classTitle">



<pre class="code">iptohex("192.168.1.1") &rarr "c0a80101"
iptohex("2001:db8::4") &rarr "871020010db8000000000000000000000004"
iptohex("zzz")) &rarr raise exception</pre>
<pre class="code">iptohex("192.168.1.1") &rarr; "c0a80101"
iptohex("2001:db8::4") &rarr; "871020010db8000000000000000000000004"
iptohex("192.168.1.1/24") &rarr; "c0a80101ffffff00"
iptohex("2001:db8::/120") &rarr; "871020010db8000000000000000000000000ffffffffffffffffffffffffffffffffff00"
iptohex("zzz")) &rarr; raise exception</pre>



Expand Down Expand Up @@ -3100,6 +3109,15 @@ <h1 class="classTitle">



<dl class="detailList">
<dt class="heading">See:</dt>

<dd><a href="../symbols/global__.html#hextoip">hextoip</a></dd>

<dd><a href="../symbols/global__.html#ipv6tohex">ipv6tohex</a></dd>

</dl>


<hr />

Expand Down
1,298 changes: 650 additions & 648 deletions api/symbols/src/asn1x509-1.0.js.html

Large diffs are not rendered by default.

1,623 changes: 846 additions & 777 deletions api/symbols/src/base64x-1.1.js.html

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion bower.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "kjur-jsrsasign",
"version": "10.5.16",
"version": "10.5.17",
"main": "jsrsasign-all-min.js",
"description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.",
"license": "MIT",
Expand Down
6 changes: 3 additions & 3 deletions jsrsasign-all-min.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions jsrsasign-jwths-min.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions jsrsasign-rsa-min.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion min/asn1x509-1.0.min.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion min/base64x-1.1.min.js

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions npm/lib/jsrsasign-all-min.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions npm/lib/jsrsasign-jwths-min.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions npm/lib/jsrsasign-rsa-min.js

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions npm/lib/jsrsasign.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion npm/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "jsrsasign",
"version": "10.5.16",
"version": "10.5.17",
"description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).",
"main": "lib/jsrsasign.js",
"scripts": {
Expand Down
34 changes: 18 additions & 16 deletions src/asn1x509-1.0.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
/* asn1x509-2.1.13.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
/* asn1x509-2.1.14.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
*/
/*
* asn1x509.js - ASN.1 DER encoder classes for X.509 certificate
Expand All @@ -16,7 +16,7 @@
* @fileOverview
* @name asn1x509-1.0.js
* @author Kenji Urushima kenji.urushima@gmail.com
* @version jsrsasign 10.5.16 asn1x509 2.1.13 (2022-Apr-08)
* @version jsrsasign 10.5.17 asn1x509 2.1.14 (2022-Apr-14)
* @since jsrsasign 2.1
* @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
*/
Expand Down Expand Up @@ -1373,7 +1373,7 @@ KJUR.asn1.x509.NameConstraints = function(params) {
for (var i = 0; i < params.permit.length; i++) {
aPermit.push(new _GeneralSubtree(params.permit[i]));
}
aItem.push({tag: {tage: "a0", obj: {seq: aPermit}}});
aItem.push({tag: {tagi: "a0", obj: {seq: aPermit}}});
}

if (params.exclude != undefined &&
Expand All @@ -1382,7 +1382,7 @@ KJUR.asn1.x509.NameConstraints = function(params) {
for (var i = 0; i < params.exclude.length; i++) {
aExclude.push(new _GeneralSubtree(params.exclude[i]));
}
aItem.push({tag: {tage: "a1", obj: {seq: aExclude}}});
aItem.push({tag: {tagi: "a1", obj: {seq: aExclude}}});
}

this.asn1ExtnValue = _newObject({seq: aItem});
Expand Down Expand Up @@ -4091,19 +4091,21 @@ KJUR.asn1.x509.GeneralName = function(params) {
dObj = new _DERIA5String({str: params.uri});
} else if (params.ip !== undefined) {
hTag = "87";
var ip = params.ip;
var hIP;
var errmsg = "malformed IP address";
if (ip.match(/^[0-9.]+[.][0-9.]+$/)) { // ipv4
hIP = intarystrtohex("[" + ip.split(".").join(",") + "]");
if (hIP.length !== 8)
throw new _Error(errmsg);
} else if (ip.match(/^[0-9A-Fa-f:]+:[0-9A-Fa-f:]+$/)) { // ipv6
hIP = ipv6tohex(ip);
} else if (ip.match(/^([0-9A-Fa-f][0-9A-Fa-f]){1,}$/)) { // hex
hIP = ip;
} else {
throw new _Error(errmsg);
var ip = params.ip;
try {
if (ip.match(/^[0-9a-f]+$/)) {
var len = ip.length;
if (len == 8 || len == 16 || len == 32 || len == 64) {
hIP = ip;
} else {
throw "err";
}
} else {
hIP = iptohex(ip);
}
} catch(ex) {
throw new _Error("malformed IP address: " + params.ip + ":" + ex.message);
}
dObj = new _DEROctetString({hex: hIP});
} else {
Expand Down
157 changes: 113 additions & 44 deletions src/base64x-1.1.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
/* base64x-1.1.25 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
/* base64x-1.1.26 (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
*/
/*
* base64x.js - Base64url and supplementary functions for Tom Wu's base64.js library
Expand All @@ -16,7 +16,7 @@
* @fileOverview
* @name base64x-1.1.js
* @author Kenji Urushima kenji.urushima@gmail.com
* @version jsrsasign 10.5.12 base64x 1.1.25 (2022-Mar-13)
* @version jsrsasign 10.5.17 base64x 1.1.26 (2022-Apr-14)
* @since jsrsasign 2.1
* @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
*/
Expand Down Expand Up @@ -946,77 +946,146 @@ function hextoipv6(s) {
* @param {String} s hexadecimal string of IP address
* @return {String} IP address string
* @since jsrsasign 8.0.10 base64x 1.1.13
* @see hextoipv6
* @see iptohex
*
* @description
* This function converts a hexadecimal string of IPv4 or
* IPv6 address to IPv4 or IPv6 address string.
* If byte length is not 4 nor 16, this returns a
* hexadecimal string without conversion.
* @see {@link hextoipv6}
* <br/>
* NOTE: From jsrsasign 10.5.17, CIDR subnet mask notation also supported.
*
* @example
* hextoip("c0a80101") &rarr "192.168.1.1"
* hextoip("c0a80101") &rarr; "192.168.1.1"
* hextoip("871020010db8000000000000000000000004") &rarr "2001:db8::4"
* hextoip("c0a801010203") &rarr "c0a801010203" // 6 bytes
* hextoip("zzz")) &rarr raise exception because of not hexadecimal
* hextoip("c0a80100ffffff00") &rarr; "192.168.1.0/24"
* hextoip("c0a801010203") &rarr; "c0a801010203" // wrong 6 bytes
* hextoip("zzz")) &rarr; raise exception because of not hexadecimal
*/
function hextoip(s) {
var malformedMsg = "malformed hex value";
if (! s.match(/^([0-9A-Fa-f][0-9A-Fa-f]){1,}$/))
throw malformedMsg;
if (s.length == 8) { // ipv4
var ip;
try {
ip = parseInt(s.substr(0, 2), 16) + "." +
parseInt(s.substr(2, 2), 16) + "." +
parseInt(s.substr(4, 2), 16) + "." +
parseInt(s.substr(6, 2), 16);
return ip;
} catch (ex) {
throw malformedMsg;
}
var malformedErr = new Error("malformed hex value");
if (! s.match(/^([0-9A-Fa-f][0-9A-Fa-f]){1,}$/))
throw malformedErr;
if (s.length == 8) { // ipv4
var ip;
try {
ip = parseInt(s.substr(0, 2), 16) + "." +
parseInt(s.substr(2, 2), 16) + "." +
parseInt(s.substr(4, 2), 16) + "." +
parseInt(s.substr(6, 2), 16);
return ip;
} catch (ex) {
throw malformedErr;
}
} else if (s.length == 16) {
try {
return hextoip(s.substr(0, 8)) + "/" + ipprefixlen(s.substr(8));
} catch (ex) {
throw malformedErr;
}
} else if (s.length == 32) {
return hextoipv6(s);
return hextoipv6(s);
} else if (s.length == 64) {
try {
return hextoipv6(s.substr(0, 32)) + "/" + ipprefixlen(s.substr(32));
} catch (ex) {
throw malformedErr;
}
return
} else {
return s;
}
}

/*
* convert subnet mask hex to ip address prefix length<br/>
* @name ipprefixlen
* @param {string} hMask hexadecimal string of ipv4/6 subnet mask (ex. "ffffff00" for v4 class C)
* @return {nummber} ip address prefix length (ex. 24 for IPv4 class C)
*/
function ipprefixlen(hMask) {
var malformedErr = new Error("malformed mask");
var bMask;
try {
bMask = new BigInteger(hMask, 16).toString(2);
} catch(ex) {
throw malformedErr;
}
if (! bMask.match(/^1*0*$/)) throw malformedErr;
return bMask.replace(/0+$/, '').length;
}

/**
* convert IPv4/v6 addresss to a hexadecimal string<br/>
* @name iptohex
* @function
* @param {String} s IPv4/v6 address string
* @return {String} hexadecimal string of IP address
* @since jsrsasign 8.0.12 base64x 1.1.14
* @see hextoip
* @see ipv6tohex
*
* @description
* This function converts IPv4 or IPv6 address string to
* a hexadecimal string of IPv4 or IPv6 address.
* <br/>
* NOTE: From jsrsasign 10.5.17, CIDR net mask notation also supported.
*
* @example
* iptohex("192.168.1.1") &rarr "c0a80101"
* iptohex("2001:db8::4") &rarr "871020010db8000000000000000000000004"
* iptohex("zzz")) &rarr raise exception
* iptohex("192.168.1.1") &rarr; "c0a80101"
* iptohex("2001:db8::4") &rarr; "871020010db8000000000000000000000004"
* iptohex("192.168.1.1/24") &rarr; "c0a80101ffffff00"
* iptohex("2001:db8::/120") &rarr; "871020010db8000000000000000000000000ffffffffffffffffffffffffffffffffff00"
* iptohex("zzz")) &rarr; raise exception
*/
function iptohex(s) {
var malformedMsg = "malformed IP address";
s = s.toLowerCase(s);

if (s.match(/^[0-9.]+$/)) {
var a = s.split(".");
if (a.length !== 4) throw malformedMsg;
var hex = "";
try {
for (var i = 0; i < 4; i++) {
var d = parseInt(a[i]);
hex += ("0" + d.toString(16)).slice(-2);
}
return hex;
} catch(ex) {
throw malformedMsg;
var malformedErr = new Error("malformed IP address");
s = s.toLowerCase(s);

if (! s.match(/^[0-9a-f.:/]+$/) ) throw malformedErr;

if (s.match(/^[0-9.]+$/)) {
var a = s.split(".");
if (a.length !== 4) throw malformedErr;
var hex = "";
try {
for (var i = 0; i < 4; i++) {
var d = parseInt(a[i]);
hex += ("0" + d.toString(16)).slice(-2);
}
return hex;
} catch(ex) {
throw malformedErr;
}
} else if (s.match(/^[0-9.]+\/[0-9]+$/)) {
var aItem = s.split("/");
return iptohex(aItem[0]) + ipnetmask(parseInt(aItem[1]), 32);
} else if (s.match(/^[0-9a-f:]+$/) && s.indexOf(":") !== -1) {
return ipv6tohex(s);
} else if (s.match(/^[0-9a-f:]+\/[0-9]+$/) && s.indexOf(":") !== -1) {
var aItem = s.split("/");
return ipv6tohex(aItem[0]) + ipnetmask(parseInt(aItem[1]), 128);
} else {
throw malformedErr;
}
} else if (s.match(/^[0-9a-f:]+$/) && s.indexOf(":") !== -1) {
return ipv6tohex(s);
} else {
throw malformedMsg;
}
}

/*
* convert ip prefix length to net mask octets<br/>
* @param {number} prefixlen ip prefix length value (ex. 24 for IPv4 class C)
* @param {number} len ip address length (ex. 32 for IPv4 and 128 for IPv6)
* @return {string} hexadecimal string of net mask octets
* @example
* ipnetmask(24, 32) &rarr; "ffffff00"
* ipnetmask(120, 128) &rarr; "ffffffffffffffffffffffffffffff00"
*/
function ipnetmask(prefixlen, len) {
if (len == 32 && prefixlen == 0) return "00000000"; // v4
if (len == 128 && prefixlen == 0) return "00000000000000000000000000000000"; // v6
var b = Array(prefixlen + 1).join("1") + Array(len - prefixlen + 1).join("0");
return new BigInteger(b, 2).toString(16);
}

// ==== ucs2hex / utf8 ==============================
Expand Down
Loading

0 comments on commit 52d2b55

Please sign in to comment.