9.0.0 release

johnfrancisli · Aug 19, 2020 · c8d3b2a · c8d3b2a
1 parent c46b4a5
commit c8d3b2a
Show file tree

Hide file tree

Showing 85 changed files with 16,933 additions and 11,072 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -1,6 +1,73 @@
 
 ChangeLog for jsrsasign
 
+Certificate and CSR geenrator and parser API major updates
+* Changes from 8.0.24 to 9.0.0 (2020-Aug-19)
+  - Please see migration notes in wiki:
+    https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide
+  - CAUTION: some certificate and CSR APIs are missing
+    backward compatibility so you may need to change your code
+    to upgrade jsrsasign 9.0.0.
+  - src/asn1x509.js
+    - JSON argument format of Certificate and all certificate
+      extension class were changed without backward compatibility.
+      - They can accept JSON objects from ASN.1 parser methods 
+        in X509 class as an parameter arguments.
+      - Certificate class constructor can automatically 
+        generate TBSCertificate and sign by params argument.
+        So no need to call sign method or TBSCertificate 
+        constructor.
+      - JSON argument format are aligned to the same manner
+        among all certificate extension class.
+      - For CRLDistributionPoints class, JSON argument format
+        of DistributionPoint and DistributionPointName
+        was changed.
+    - Extension.appendByNameToArray method was removed.
+    - "array" key was added to X500Name class constructor
+      JSON argument.
+      - AttributeTypeAndValue constructor argument also
+        extended to support {type:"CN",value:"Test",ds:"prn"}
+        style JSON object.
+    - X509Util.newCertPEM argument format is updated to
+      align Certificate class and is *deprecated*.
+  - src/x509.js
+    - returned JSON object format by all "get*" parser method 
+      was changed to accept by related class defined in asn1x509.js
+      without backward compatibility.
+    - all certificate extension parsing methods are
+      changed to have "hExtV" and "critical" as arguments.
+    - following methods are added:
+      getAlgorithmIdentifierName, getIssuer, getSubject,
+      getGeneralNames, getGeneralName, getDistributionPoint,
+      getDistributionPointName, getExtAuthorityInfoAccess,
+      getPolicyInformation, getPolicyQualifierInfo,
+      getUserNotice, getDisplayText, getX500NameRule,
+      getX500Name, getRDN, getAttrTypeAndValue, getParam,
+      getExtParamArray
+    - following methods are *deprecated*:
+      getExtSubjectAltName2, getExtAIAInfo, 
+      getExtCRLDistributionPointsURI.
+    - X509Util.newCertPEM bugfix. 
+      Got error when cakey is PKCS#5 plain PEM key string
+  - src/asn1csr.js
+    - JSON argument format was changed in CertificationRequest, 
+      CertificationRequestInfo, CSRUtil.netCSRPEM without
+      backward compatibility.
+    - CSRUtil.getInfo was renamed to CSRUtil.getParam
+    - CSRUtil.netCSRPEM is now *deprecated*
+  - src/asn1.js
+    - ASN1Util.newObject can also conclude ASN1Object
+      as well as JSON parameter.
+  - tool/tool_{ca,ca2}.html
+    - changed to follow above updates.
+  - test/*.html
+    - following test pages are updated to follow above:
+      qunit-do-{asn1csr,asn1tsp,asn1x509-newcrt,asn1x509,base64x,
+      ecdsmod-s,keyutil-getpem,package-jwths,x509-ext,
+      x509-key,x509-kid,x509}.html
+    - following test pages are added:
+      qunit-do-{asn1x509-tbscert,x509-param}.html
+
 fix SigningCertificate v1 v2 attribute ASN.1 encoding
 * Changes from 8.0.23 to 8.0.24 (2020-Aug-18)
   - KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2}
@@ -9,6 +76,8 @@ fix SigningCertificate v1 v2 attribute ASN.1 encoding
     - KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2}
       ASN.1 encoding issue fixed (#448)
     - added KJUR.asn1.cms.IssuerSerial
+  - src/base64x.js
+    - String.{isPritable,isIA5,isMail} methods added
   - test/qunit-do-asn1{cms,tsp}.html
     - updated for above issue
 

diff --git a/README.md b/README.md
@@ -17,6 +17,7 @@ Your bugfix and pull request contribution are always welcomed :)
 
 NEWS
 ----
+- 2020-Aug-19: 9.0.0 released for major update of certificate and CSR generation and parsing without backward compatibility. Please see [migration guide](https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide) in detail.
 - 2020-Aug-18: 8.0.24 released for SigningCertificate ASN.1 encoding bugfix
 - 2020-Aug-02: twitter account [@jsrsasign](https://twitter.com/jsrsasign) started for announcement. please follow.
 

diff --git a/api/files.html b/api/files.html
@@ -461,7 +461,7 @@ <h2><a href="symbols/src/asn1-1.0.js.html">asn1-1.0.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>asn1 1.0.15 (2020-Aug-05)</dd>
+							<dd>jsrsasign 9.0.0 asn1 1.0.16 (2020-Aug-12)</dd>
 
 
 
@@ -518,7 +518,7 @@ <h2><a href="symbols/src/asn1csr-1.0.js.html">asn1csr-1.0.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 8.0.21 asn1csr 1.0.8 (2020-Jul-24)</dd>
+							<dd>jsrsasign 9.0.0 asn1csr 2.0.0 (2020-Aug-17)</dd>
 
 
 
@@ -594,7 +594,7 @@ <h2><a href="symbols/src/asn1x509-1.0.js.html">asn1x509-1.0.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 8.0.23 asn1x509 1.1.12 (2020-Apr-06)</dd>
+							<dd>jsrsasign 9.0.0 asn1x509 2.0.0 (2020-Aug-12)</dd>
 
 
 
@@ -613,7 +613,7 @@ <h2><a href="symbols/src/base64x-1.1.js.html">base64x-1.1.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 8.0.12 base64x 1.1.15 (2020-Apr-11)</dd>
+							<dd>jsrsasign 9.0.0 base64x 1.1.16 (2020-Aug-13)</dd>
 
 
 
@@ -822,7 +822,7 @@ <h2><a href="symbols/src/x509-1.1.js.html">x509-1.1.js</a></h2>
 
 
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 8.0.22 x509 1.1.23 (2020-Aug-05)</dd>
+							<dd>jsrsasign 9.0.0 x509 2.0.0 (2020-Aug-12)</dd>
 
 
 

diff --git a/api/symbols/KJUR.asn1.ASN1Util.html b/api/symbols/KJUR.asn1.ASN1Util.html
@@ -770,6 +770,9 @@ <h1 class="classTitle">
 <li>'set' - DERSet</li>
 <li>'tag' - DERTaggedObject</li>
 </ul>
+<br/>
+NOTE: Structured object such as SEQUENCE or SET can conclude
+ASN1Object as well as JSON parameters since jsrsasign 9.0.0.
 
 
 					</div>
@@ -778,6 +781,7 @@ <h1 class="classTitle">
 
 					<pre class="code">newObject({'prnstr': 'aaa'});
 newObject({'seq': [{'int': 3}, {'prnstr': 'aaa'}]})
+newObject({seq: [{int: 3}, new DERInteger({int: 3})]}) // mixed
 // ASN.1 Tagged Object
 newObject({'tag': {'tag': 'a1', 
                    'explicit': true,

diff --git a/api/symbols/KJUR.asn1.DERObjectIdentifier.html b/api/symbols/KJUR.asn1.DERObjectIdentifier.html
@@ -488,7 +488,7 @@ <h1 class="classTitle">
 						<td class="attributes">&nbsp;</td>
 						<td class="nameDescription" >
 							<div class="fixedFont">
-								<b><a href="../symbols/KJUR.asn1.DERObjectIdentifier.html#constructor">KJUR.asn1.DERObjectIdentifier</a></b>(params)
+								<b><a href="../symbols/KJUR.asn1.DERObjectIdentifier.html#constructor">KJUR.asn1.DERObjectIdentifier</a></b>(JSON)
 							</div>
 							<div class="description">class for ASN.1 DER ObjectIdentifier
 <br/>
@@ -577,7 +577,7 @@ <h1 class="classTitle">
 				</div>
 
 				<div class="fixedFont">
-						<b>KJUR.asn1.DERObjectIdentifier</b>(params)
+						<b>KJUR.asn1.DERObjectIdentifier</b>(JSON)
 				</div>
 
 				<div class="description">
@@ -595,16 +595,24 @@ <h1 class="classTitle">
 
 
 
+				<pre class="code">new DERObjectIdentifier({"name": "sha1"})
+new DERObjectIdentifier({"oid": "1.2.3.4"})
+new DERObjectIdentifier({"hex": "2d..."})
+new DERObjectIdentifier("1.2.3.4")
+new DERObjectIdentifier("SHA1withRSA")</pre>
+
+
+
 
 
 						<dl class="detailList">
 						<dt class="heading">Parameters:</dt>
 
 							<dt>
-								<span class="light fixedFont">{Array}</span>  <b>params</b>
+								<span class="light fixedFont">{Object}</span>  <b>JSON</b>
 
 							</dt>
-								<dd>associative array of parameters (ex. {'oid': '2.5.4.5'})</dd>
+								<dd>object or string of parameters (ex. {'oid': '2.5.4.5'})</dd>
 
 						</dl>
 

diff --git a/api/symbols/KJUR.asn1.csr.CSRUtil.html b/api/symbols/KJUR.asn1.csr.CSRUtil.html
@@ -516,11 +516,11 @@ <h1 class="classTitle">
 						<tr>
 							<td class="attributes">&lt;static&gt; &nbsp;</td>
 							<td class="nameDescription">
-								<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getInfo">getInfo</a></b>(sPEM)
+								<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getParam">getParam</a></b>(sPEM)
 								</div>
 								<div class="description">get field values from CSR/PKCS#10 PEM string<br/>
 This method parses PEM CSR/PKCS#1 string and retrieves
-subject name and public key.</div>
+fields such as subject name and public key.</div>
 							</td>
 						</tr>
 
@@ -529,13 +529,8 @@ <h1 class="classTitle">
 							<td class="nameDescription">
 								<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.newCSRPEM">newCSRPEM</a></b>(param)
 								</div>
-								<div class="description">generate a PEM format of CSR/PKCS#10 certificate signing request
-This method can generate a CSR certificate signing
-request by a simple JSON object which has following parameters:
-<ul>
-<li>subject - parameter to be passed to <a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></li>
-<li>sbjpubkey - parameter to be passed to <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a></li>
-<li>sigalg - signature algorithm name (ex.</div>
+								<div class="description">generate a PEM format of CSR/PKCS#10 certificate signing request (DEPRECATED)<br/>
+This method can generate a CSR certificate signing.</div>
 							</td>
 						</tr>
 
@@ -564,8 +559,8 @@ <h1 class="classTitle">
 This class provides utility static methods for CSR/PKCS#10.
 Here is a list of methods:
 <ul>
-<li><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.newCSRPEM">KJUR.asn1.csr.CSRUtil.newCSRPEM</a></li>
-<li><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getInfo">KJUR.asn1.csr.CSRUtil.getInfo</a></li>
+<li><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.newCSRPEM">KJUR.asn1.csr.CSRUtil.newCSRPEM</a> (DEPRECATED)</li>
+<li><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getParam">KJUR.asn1.csr.CSRUtil.getParam</a></li>
 </ul>
 <br/>
 
@@ -594,38 +589,46 @@ <h1 class="classTitle">
 					Method Detail
 				</div>
 
-					<a name=".getInfo"> </a>
+					<a name=".getParam"> </a>
 					<div class="fixedFont">&lt;static&gt; 
 
-					<span class="light">{Object}</span>
-					<span class="light">KJUR.asn1.csr.CSRUtil.</span><b>getInfo</b>(sPEM)
+					<span class="light">{Array}</span>
+					<span class="light">KJUR.asn1.csr.CSRUtil.</span><b>getParam</b>(sPEM)
 
 					</div>
 					<div class="description">
 						get field values from CSR/PKCS#10 PEM string<br/>
 This method parses PEM CSR/PKCS#1 string and retrieves
-subject name and public key. Following parameters are available in the
+fields such as subject name and public key. 
+Following parameters are available in the
 resulted JSON object.
 <ul>
-<li>subject.name - subject name string (ex. /C=US/O=Test)</li>
-<li>subject.hex - hexadecimal string of X.500 Name of subject</li>
-<li>pubkey.obj - subject public key object such as RSAKey, KJUR.crypto.{ECDSA,DSA}</li>
-<li>pubkey.hex - hexadecimal string of subject public key</li>
-<li>ext - array of extensionRequest parameters</li>
+<li>{X500Name}subject - subject name parameters </li>
+<li>{String}sbjpubkey - PEM string of subject public key</li>
+<li>{Array}extreq - array of extensionRequest parameters</li>
+<li>{String}sigalg - name of signature algorithm field</li>
+<li>{String}sighex - hexadecimal string of signature value</li>
 </ul>
-NOTE: 'ext' property is supported since jsrsasign 8.0.20 asn1csr 1.0.7 and
-ext only support subjectAltName extension at current stage.
+Returned JSON object can be passed to 
+<a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a> class constructor.
+<br/>
+CAUTION: 
+Returned JSON value format have been changed without 
+backward compatibility since jsrsasign 9.0.0 asn1csr 2.0.0.
 
 
 					</div>
 
 
 
-					<pre class="code">KJUR.asn1.csr.CSRUtil.getInfo("-----BEGIN CERTIFICATE REQUEST...") &rarr;
+					<pre class="code">KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST...") &rarr;
 {
-  subject: { name: "/C=US/O=Test", hex: "30..." },
-  pubkey: { hex: "30...", obj: KEYOBJECT },
-  ext: [ { subjectAltName: { array: [["DNS", "example.com"]] } } ]
+  subject: { array:[[{type:"C",value:"JP",ds:"prn"}],...],
+             str: "/C=JP/O=Test"},
+  sbjpubkey: "-----BEGIN PUBLIC KEY...",
+  extreq: [{extname:"subjectAltName",array:[{dns:"example.com"}]}]
+  sigalg: "SHA256withRSA",
+  sighex: "1ab3df.."
 }</pre>
 
 
@@ -646,7 +649,7 @@ <h1 class="classTitle">
 
 							<dl class="detailList">
 							<dt class="heading">Since:</dt>
-								<dd>jsrsasign 6.1.3 asn1csr 1.0.1</dd>
+								<dd>jsrsasign 9.0.0 asn1csr 2.0.0</dd>
 							</dl>
 							</dl>
 
@@ -655,12 +658,23 @@ <h1 class="classTitle">
 							<dl class="detailList">
 							<dt class="heading">Returns:</dt>
 
-								<dd><span class="light fixedFont">{Object}</span> JSON object with parsed parameters such as name or public key</dd>
+								<dd><span class="light fixedFont">{Array}</span> JSON object with parsed parameters such as name or public key</dd>
 
 							</dl>
 
 
 
+							<dl class="detailList">
+							<dt class="heading">See:</dt>
+
+								<dd><a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a></dd>
+
+								<dd><a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></dd>
+
+								<dd><a href="../symbols/X509.html#getExtParamArray">X509#getExtParamArray</a></dd>
+
+							</dl>
+
 
 					<hr />
 
@@ -672,15 +686,8 @@ <h1 class="classTitle">
 
 					</div>
 					<div class="description">
-						generate a PEM format of CSR/PKCS#10 certificate signing request
-This method can generate a CSR certificate signing
-request by a simple JSON object which has following parameters:
-<ul>
-<li>subject - parameter to be passed to <a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></li>
-<li>sbjpubkey - parameter to be passed to <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a></li>
-<li>sigalg - signature algorithm name (ex. SHA256withRSA)</li>
-<li>sbjprvkey - parameter to be passed to <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a></li>
-</ul>
+						generate a PEM format of CSR/PKCS#10 certificate signing request (DEPRECATED)<br/>
+This method can generate a CSR certificate signing.
 
 
 					</div>
@@ -692,7 +699,11 @@ <h1 class="classTitle">
   subject: {str: '/C=US/O=Test/CN=example.com'},
   sbjpubkey: pubKeyObj,
   sigalg: "SHA256withRSA",
-  sbjprvkey: prvKeyObj
+  sbjprvkey: prvKeyObj,
+  extreq: [{
+    extname: "subjectAltName",
+    array: [{dns:"example.com"}]
+  }]
 });
 
 // 2) by private/public key PEM 
@@ -738,6 +749,13 @@ <h1 class="classTitle">
 							</dl>
 
 
+							<dl class="detailList">
+							<dt class="heading">Deprecated:</dt>
+							<dt>
+								since jsrsasign 9.0.0 asn1csr 2.0.0. please use <a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a> constructor.
+							</dt>
+							</dl>
+
 
 							<dl class="detailList">
 							<dt class="heading">Since:</dt>
-Original file line number
+Diff line change
@@ Expand Up @@
     NEWS
     ----
+    - 2020-Aug-19: 9.0.0 released for major update of certificate and CSR generation and parsing without backward compatibility. Please see [migration guide](https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide) in detail.
     - 2020-Aug-18: 8.0.24 released for SigningCertificate ASN.1 encoding bugfix
     - 2020-Aug-02: twitter account [@jsrsasign](https://twitter.com/jsrsasign) started for announcement. please follow.
@@ Expand Down @@