10.5.20 release

kjur · Apr 25, 2022 · 5efa282 · 5efa282
1 parent 041564e
commit 5efa282
Show file tree

Hide file tree

Showing 19 changed files with 1,774 additions and 1,639 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -1,6 +1,15 @@
 
 ChangeLog for jsrsasign
 
+OCSP ResponderID object udpate
+* Changes from 10.5.19 to 10.5.20 (2022-Apr-25)
+  - src/asn1ocsp.js
+    - ResponderID class now also supports PEM certificate or
+      X509 object for key and name field.
+  - test/qunit-do-asn1ocsp.html
+    - add some test cases and fix for above
+  - remove silver sponsor
+
 Time stamp package update
 * Changes from 10.5.18 to 10.5.19 (2022-Apr-23)
   - src/asn1tsp.js

diff --git a/README.md b/README.md
@@ -99,9 +99,4 @@ You can donate cryptocurrency to jsrsasign using the following addresses:
 - Litecoin(LTC): [LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU](https://en.cryptobadges.io/donate/LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU)
 - Bitcoin Cash(BCH): bitcoincash:pq3hy08pc9vm57q6ddgsc06cqdffmfzwwqxd9yejyf
 
-## SPONSORS
-<p align="center">
-<font size="+2"><b>Silver Sponsors</b></font><br clear="all"/>
-<a href="https://shiguredo.jp/" target="_blank"><img src="https://avatars.githubusercontent.com/u/2549434?s=200&v=4" height="150"/></a>
-</p>
 
diff --git a/api/files.html b/api/files.html
@@ -624,7 +624,7 @@ <h2><a href="symbols/src/asn1ocsp-1.0.js.html">asn1ocsp-1.0.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 10.5.16 asn1ocsp 1.1.7 (2022-Apr-08)</dd>
+							<dd>jsrsasign 10.5.20 asn1ocsp 1.1.8 (2022-Apr-25)</dd>
 
 
 

diff --git a/api/symbols/KJUR.asn1.ocsp.ResponderID.html b/api/symbols/KJUR.asn1.ocsp.ResponderID.html
@@ -617,18 +617,31 @@ <h1 class="classTitle">
 </pre>
 Following properties are available:
 <ul>
-<li>{Array}name (OPTION) - JSON object of <a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a> parameter
-for "byName"</li>
-<li>{String}key (OPTION) - hexadecimal string of KeyHash value</li>
+<li>{Array}name (OPTION) - JSON object of <a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a> parameter,
+PEM string of X.509 certificate or {@link X509 object} for "byName",</li>
+<li>{String}key (OPTION) - hexadecimal string of KeyHash value,
+PEM string of X.509 certificate or {@link X509 object} for "byKey"</li>
 </ul>
+<br/>
+NOTE: From jsrsasign 10.5.20, "name" and "key" member values can be
+specified by PEM string of X.509 certificate or {@link X509 object}.
+For "name", subject field of the certificate will be used and
+for "key", subjectKeyIdentifier extension value of the certificate will be used
+respectively.
 
 				</div>
 
 
 
-				<pre class="code">new KJUR.asn1.ocsp.ResponderID({name: {str: "/C=JP/O=Resp"}})
+				<pre class="code">new KJUR.asn1.ocsp.ResponderID({key: "12ab..."})
+new KJUR.asn1.ocsp.ResponderID({name: {str: "/C=JP/O=Resp"}})
 new KJUR.asn1.ocsp.ResponderID({name: {array: [[{type:"C",value:"JP",ds:"prn"}]...]}})
-new KJUR.asn1.ocsp.ResponderID({key: "12ab..."})</pre>
+// by certificate
+new KJUR.asn1.ocsp.ResponderID({key: "-----BEGIN CERTIFICATE..."})
+new KJUR.asn1.ocsp.ResponderID({name: "-----BEGIN CERTIFICATE..."})
+// by X509 object
+new KJUR.asn1.ocsp.ResponderID({key: new X509(...)})
+new KJUR.asn1.ocsp.ResponderID({name: new X509(...)})</pre>
 
 
 
@@ -667,6 +680,10 @@ <h1 class="classTitle">
 
 							<dd><a href="../symbols/KJUR.asn1.ocsp.ResponseData.html">KJUR.asn1.ocsp.ResponseData</a></dd>
 
+							<dd><a href="../symbols/X509.html#getSubject">X509#getSubject</a></dd>
+
+							<dd><a href="../symbols/X509.html#getExtSubjectKeyIdentifier">X509#getExtSubjectKeyIdentifier</a></dd>
+
 						</dl>
 
 

diff --git a/api/symbols/src/asn1ocsp-1.0.js.html b/api/symbols/src/asn1ocsp-1.0.js.html
diff --git a/bower.json b/bower.json
@@ -1,6 +1,6 @@
 {
   "name": "kjur-jsrsasign",
-  "version": "10.5.19",
+  "version": "10.5.20",
   "main": "jsrsasign-all-min.js",
   "description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.",
   "license": "MIT",

diff --git a/index.html b/index.html
@@ -155,11 +155,6 @@ <h4>Cryptocurrency</h4>
 <li>Bitcoin Cash(BCH): <code>bitcoincash:pq3hy08pc9vm57q6ddgsc06cqdffmfzwwqxd9yejyf</code></li>
 </ul>
 
-<h3 align="center">SILVER SPONSORS</h3>
-<p align="center">
-<a href="https://shiguredo.jp/" target="_blank"><img src="https://avatars.githubusercontent.com/u/2549434?s=200&v=4" style="width:150px; height:150px"/></a>
-</p>
-
 <!-- now editing -->
 
       </section>

diff --git a/jsrsasign-all-min.js b/jsrsasign-all-min.js
diff --git a/jsrsasign-jwths-min.js b/jsrsasign-jwths-min.js
diff --git a/jsrsasign-rsa-min.js b/jsrsasign-rsa-min.js
diff --git a/min/asn1ocsp-1.0.min.js b/min/asn1ocsp-1.0.min.js
diff --git a/npm/README.md b/npm/README.md
@@ -99,9 +99,4 @@ You can donate cryptocurrency to jsrsasign using the following addresses:
 - Litecoin(LTC): [LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU](https://en.cryptobadges.io/donate/LPf3VDJVamwPcNJNjjVtrUQuJQ17ZyWzeU)
 - Bitcoin Cash(BCH): bitcoincash:pq3hy08pc9vm57q6ddgsc06cqdffmfzwwqxd9yejyf
 
-## SPONSORS
-<p align="center">
-<font size="+2"><b>Silver Sponsors</b></font><br clear="all"/>
-<a href="https://shiguredo.jp/" target="_blank"><img src="https://avatars.githubusercontent.com/u/2549434?s=200&v=4" height="150"/></a>
-</p>
 
diff --git a/npm/lib/jsrsasign-all-min.js b/npm/lib/jsrsasign-all-min.js
diff --git a/npm/lib/jsrsasign-jwths-min.js b/npm/lib/jsrsasign-jwths-min.js
diff --git a/npm/lib/jsrsasign-rsa-min.js b/npm/lib/jsrsasign-rsa-min.js
diff --git a/npm/lib/jsrsasign.js b/npm/lib/jsrsasign.js
diff --git a/npm/package.json b/npm/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jsrsasign",
-  "version": "10.5.19",
+  "version": "10.5.20",
   "description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).",
   "main": "lib/jsrsasign.js",
   "scripts": {

diff --git a/src/asn1ocsp-1.0.js b/src/asn1ocsp-1.0.js
@@ -1,4 +1,4 @@
-/* asn1ocsp-1.1.7.js (c) 2016-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+/* asn1ocsp-1.1.8.js (c) 2016-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 /*
  * asn1ocsp.js - ASN.1 DER encoder classes for OCSP protocol
@@ -16,7 +16,7 @@
  * @fileOverview
  * @name asn1ocsp-1.0.js
  * @author Kenji Urushima [email protected]
- * @version jsrsasign 10.5.16 asn1ocsp 1.1.7 (2022-Apr-08)
+ * @version jsrsasign 10.5.20 asn1ocsp 1.1.8 (2022-Apr-25)
  * @since jsrsasign 6.1.0
  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
  */
@@ -481,6 +481,8 @@ extendClass(KJUR.asn1.ocsp.ResponseData, KJUR.asn1.ASN1Object);
  * @see KJUR.asn1.ocsp.ResponseBytes
  * @see KJUR.asn1.ocsp.BasicOCSPResponse
  * @see KJUR.asn1.ocsp.ResponseData
+ * @see X509#getSubject
+ * @see X509#getExtSubjectKeyIdentifier
  *
  * @description
  * ResponderID ASN.1 class is defined in 
@@ -494,38 +496,80 @@ extendClass(KJUR.asn1.ocsp.ResponseData, KJUR.asn1.ASN1Object);
  * </pre>
  * Following properties are available:
  * <ul>
- * <li>{Array}name (OPTION) - JSON object of {@link KJUR.asn1.x509.X500Name} parameter
- * for "byName"</li>
- * <li>{String}key (OPTION) - hexadecimal string of KeyHash value</li>
+ * <li>{Array}name (OPTION) - JSON object of {@link KJUR.asn1.x509.X500Name} parameter,
+ * PEM string of X.509 certificate or {@link X509 object} for "byName",</li>
+ * <li>{String}key (OPTION) - hexadecimal string of KeyHash value,
+ * PEM string of X.509 certificate or {@link X509 object} for "byKey"</li>
  * </ul>
+ * <br/>
+ * NOTE: From jsrsasign 10.5.20, "name" and "key" member values can be
+ * specified by PEM string of X.509 certificate or {@link X509 object}.
+ * For "name", subject field of the certificate will be used and
+ * for "key", subjectKeyIdentifier extension value of the certificate will be used
+ * respectively.
  *
  * @example
+ * new KJUR.asn1.ocsp.ResponderID({key: "12ab..."})
  * new KJUR.asn1.ocsp.ResponderID({name: {str: "/C=JP/O=Resp"}})
  * new KJUR.asn1.ocsp.ResponderID({name: {array: [[{type:"C",value:"JP",ds:"prn"}]...]}})
- * new KJUR.asn1.ocsp.ResponderID({key: "12ab..."})
+ * // by certificate
+ * new KJUR.asn1.ocsp.ResponderID({key: "-----BEGIN CERTIFICATE..."})
+ * new KJUR.asn1.ocsp.ResponderID({name: "-----BEGIN CERTIFICATE..."})
+ * // by X509 object
+ * new KJUR.asn1.ocsp.ResponderID({key: new X509(...)})
+ * new KJUR.asn1.ocsp.ResponderID({name: new X509(...)})
  */
 KJUR.asn1.ocsp.ResponderID = function(params) {
     KJUR.asn1.ocsp.ResponderID.superclass.constructor.call(this);
-    var _KJUR_asn1 = KJUR.asn1,
+    var _KJUR = KJUR,
+	_KJUR_asn1 = _KJUR.asn1,
 	_newObject = _KJUR_asn1.ASN1Util.newObject,
-	_X500Name = _KJUR_asn1.x509.X500Name;
+	_X500Name = _KJUR_asn1.x509.X500Name,
+	_isHex = _KJUR.lang.String.isHex,
+	_Error = Error;
 
     this.params = null;
 
     this.tohex = function() {
 	var params = this.params;
 	if (params.key != undefined) {
+	    var hKey = null;
+	    if (typeof params.key == "string") {
+		if (_isHex(params.key)) hKey = params.key;
+		if (params.key.match(/-----BEGIN CERTIFICATE/)) {
+		    var x = new X509(params.key);
+		    var extSKID = x.getExtSubjectKeyIdentifier();
+		    if (extSKID != null) hKey = extSKID.kid.hex;
+		}
+	    } else if (params.key instanceof X509) {
+		var extSKID = params.key.getExtSubjectKeyIdentifier();
+		if (extSKID != null) hKey = extSKID.kid.hex;
+	    }
+	    if (hKey == null) throw new _Error("wrong key member value");
 	    var dTag = _newObject({tag: {tag:"a2",
 					 explicit:true,
-					 obj:{octstr:{hex:params.key}}}});
+					 obj:{octstr:{hex:hKey}}}});
 	    return dTag.tohex();
 	} else if (params.name != undefined) {
+	    var pName = null;
+	    if (typeof params.name == "string" &&
+		params.name.match(/-----BEGIN CERTIFICATE/)) {
+		var x = new X509(params.name);
+		pName = x.getSubject();
+	    } else if (params.name instanceof X509) {
+		pName = params.name.getSubject();
+	    } else if (typeof params.name == "object" &&
+		       (params.name.array != undefined ||
+			params.name.str != undefined)) {
+		pName = params.name;
+	    }
+	    if (pName == null) throw new _Error("wrong name member value");
 	    var dTag = _newObject({tag: {tag:"a1",
 					 explicit:true,
-					 obj:new _X500Name(params.name)}});
+					 obj:new _X500Name(pName)}});
 	    return dTag.tohex();
 	}
-	throw new Error("key or name not specified");
+	throw new _Error("key or name not specified");
     };
     this.getEncodedHex = function() { return this.tohex(); };
 

diff --git a/test/qunit-do-asn1ocsp.html b/test/qunit-do-asn1ocsp.html
@@ -124,6 +124,9 @@
 -----END CERTIFICATE-----
 */}).toString().match(/\/\*([^]*)\*\//)[1];
 
+// raymii.org cert
+// SBJDN=/OU=Domain Control Validated/OU=PositiveSSL/CN=raymii.org
+// SKID=70585f8fd3eff27167b12b4a5a9faa8f3154a592
 var certEE1 = (function() {/*
 -----BEGIN CERTIFICATE-----
 MIIGQzCCBSugAwIBAgIRANCSgmNDA6l/rfVVaKSMqH4wDQYJKoZIhvcNAQELBQAw
@@ -319,23 +322,56 @@
 
 test("ResponderID test", function() {
 var _ResponderID = KJUR.asn1.ocsp.ResponderID;
+var pIn, hExpect;
 
-var hExpect = "a204040212ab";
-var params = {key: "12ab"};
-equal((new _ResponderID(params)).getEncodedHex(), hExpect, "hex by key");
+pIn = {key: "12ab"};
+hExpect = "a204040212ab";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "hex by key");
 equal(
-ASN1HEX.dump((new _ResponderID(params)).getEncodedHex()),
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
 ASN1HEX.dump(hExpect),
-"dump by key");
+"dump by key hex");
 
-var hExpect2 = "a11c301a310b3009060355040613024a50310b3009060355040a0c024f31";
-var params2 = {name: {str: "/C=JP/O=O1"}};
-equal((new _ResponderID(params2)).getEncodedHex(), hExpect2, "hex by name");
+pIn = {name: {str: "/C=JP/O=O1"}};
+hExpect = "a11c301a310b3009060355040613024a50310b3009060355040a0c024f31";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "hex by name param");
 equal(
-ASN1HEX.dump((new _ResponderID(params2)).getEncodedHex()),
-ASN1HEX.dump(hExpect2),
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
+ASN1HEX.dump(hExpect),
 "dump by name");
 
+pIn = {key: certEE1};
+hExpect = "a216041470585f8fd3eff27167b12b4a5a9faa8f3154a592";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "key by cert");
+equal(
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
+ASN1HEX.dump(hExpect),
+"key by cert dump");
+
+pIn = {name: certEE1};
+hExpect = "a150304e3121301f060355040b1318446f6d61696e20436f6e74726f6c2056616c69646174656431143012060355040b130b506f73697469766553534c311330110603550403130a7261796d69692e6f7267";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "name by cert");
+equal(
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
+ASN1HEX.dump(hExpect),
+"name by cert dump");
+
+pIn = {key: new X509(certEE1)};
+hExpect = "a216041470585f8fd3eff27167b12b4a5a9faa8f3154a592";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "key by X509 obj");
+equal(
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
+ASN1HEX.dump(hExpect),
+"key by X509 obj dump");
+
+pIn = {name: new X509(certEE1)};
+hExpect = "a150304e3121301f060355040b1318446f6d61696e20436f6e74726f6c2056616c69646174656431143012060355040b130b506f73697469766553534c311330110603550403130a7261796d69692e6f7267";
+equal((new _ResponderID(pIn)).tohex(), hExpect, "name by X509 obj");
+equal(
+ASN1HEX.dump((new _ResponderID(pIn)).tohex()),
+ASN1HEX.dump(hExpect),
+"name by X509 obj dump");
+
 });
 
 test("SingleResponseList test", function() {
Original file line number	Diff line number	Diff line change
Expand Up		@@ -624,7 +624,7 @@ <h2><a href="symbols/src/asn1ocsp-1.0.js.html">asn1ocsp-1.0.js</a></h2>


		<dt class="heading">Version:</dt>
		<dd>jsrsasign 10.5.16 asn1ocsp 1.1.7 (2022-Apr-08)</dd>
		<dd>jsrsasign 10.5.20 asn1ocsp 1.1.8 (2022-Apr-25)</dd>



Expand Down