ChangeLog.txt

ChangeLog for jsrsasign

* Changes between 5.0.0 to 5.0.1 (2015-Oct-17)
  - keyutil 1.0.10 to 1.0.11
    - add support for bare RSA NED hexadecimal key in KEYUTIL.getKey

* Changes between 4.9.2 to 5.0.0 (2015-Oct-14)
  - *NOTICE* release 4.10.0 declined since API semver violation
  - some JWS HS* and Crypto Mac signature issue was fixed.
  - crypto 1.1.6 to 1.1.7
    - add support for various password providing method
      such as base64, base64url, hexadecimal or utf8 string
      for Mac.
  - jws 3.2.4 to 3.3.0
    - add support for various password providing method
      such as base64, base64url, hexadecimal or utf8 string
      for HS* JWS signing and validation
    - remove some old fashoned functions and methods
      which marked as "deprecated". Followings are removed:
      - JWS.generateJWSByP1PrvKey
      - JWS.generateJWSByKey
      - JWS.generateJWSByNED
      - JWS.verifyJWSByPemX509Cert
    - JWS.sign can handle header and payload
      JSON object not JSON string.
    - JWS.verify bugfix in 4.10.0 which only 
      accepts hexacedimal string key for HS*.
  - keyutil 1.0.10 to 1.0.11
    - add support for RSA private key without
      P/Q/DP/DQ/COEFF of JWK

* Changes between 4.9.1 to 4.9.2 (2015-Oct-02)
  - latest asn1x509 1.0.13 was missed in the latest-min.js and
    it was fixed.

* Changes between 4.9.0 to 4.9.1
  - asn1x509 1.0.12 t 1.0.13
    - setByObject method added to X500Name class
    - {C: "US", O: "test"} representation now can be used
      in newCertPEM method in X509Util class.

* Changes between 4.8.6 to 4.9.0
  - certificate signing request(CSR/PKCS#10) generation support
    asn1csr-1.0.js added
  - asn1 1.0.7 to 1.0.8
    - small API document update
  - base64x 1.1.4 to 1.1.5
    - function strdiffidx added
  - keyutil 1.0.9 to 1.0.10
    - fix and small program comment update
  - jws: small API document update

* Changes between 4.8.5 to 4.8.6
  - npm package and bower fix

* Changes between 4.8.4 to 4.8.5
  - some of small fix release for npm and jsrsasign-latest-all-min.
  - jwt 3.2.3 to 3.2.4
    - jws.js update for validation of jti confirming to RFC 7519
      as optional in verifyJWT method. Thanks @stephanbacheller.

* Changes between 4.8.3 to 4.8.4
  - some of small fix release for npm.

* Changes between 4.8.2 to 4.8.3
  - crypto 1.1.5 to 1.1.6
    - Signature.sign method fix in automatic detection of private key
  - asn1 1.0.6 to 1.0.7
    - ASN1Util.oidHexToInt() added
    - ASN1Util.oidIntToHex() added
  - asn1hex 1.1.5 to 1.1.6
    - ASN1HEX.dump() simple ASN.1 dump functionality added
    - ASN1HEX.isASN1HEX() added
  - tool_asn1dumper.html - Online ASN.1 dump tool added for demo
  - ** 4.8.3 updated files
    - ChangeLog.txt
    - asn1-1.0*.js
    - asn1hex-1.1*.js
    - crypto-1.1*.js
    - test/qunit-do-asn1-oidhex.html
    - test/qunit-do-asn1hex-dump.html

* Changes between 4.8.1 to 4.8.2
  - keyutil 1.0.8 to 1.0.9
    - getKey EC private/public key bug #69 fix
  - node npm module officially released at npmjs.com
  - ** 4.8.2 updated files
    - ChangeLog.txt
    - keyutil-1.0*.js

* Changes between 4.8.0 to 4.8.1
  - keyutil 1.0.7 to 1.0.8
    - RFC 7517 JSON Web Key(JWK) support 
      for RSA/ECC private/public key added in KEYUTIL.getKey method
  - ** 4.8.1 updated files
    - ChangeLog.txt
    - ecdsa-modified-1.0*.js (jsdoc fix)
    - keyutil-1.0*.js
    - base64x-1.1.js (b64utohex zero padding added)
    - test/qunit-do-base64x.html
    - test/qunit-do-keyutil-jwk.html
    - test/qunit-do-keyutil-pairpem.html

* Changes between 4.7.2 to 4.8.0 (2015-Jun-01)
  - Now jsjws JSON Web Signtaure library is merged into
    jsrsasign.
  - RFC 7519 JWT JSON Web Token full validation support.
  - jws 3.2.2 to 3.2.3
    - JWS.verifyJWT added to do full validation for JWT
    - JWS.inArray added
    - JWS.includedArray added
    - ChangeLogs for jws and jwsjs before jws 3.2.2
      please see ChangeLog_jws322.txt
  - asn1x509 1.0.11 to 1.0.12
    - subjectKeyIdentifier OID duplicate definition fix
  - JSON Web Token(JWT) full validation demo is available.
  - tool_jwt.html update to add 'aud' claim
  - ** 4.8.0 updated files
    - ChangeLog*.txt
    - jws-3.2.*
    - jwsjs-2.0.*
    - index_jws*.*
    - sample_jws*
    - tool_b64u*
    - tool_{jws,jwt}*.html
    - ext/json-sans-eval*.js
    - test/qunit-do-jws*.html

* Changes between 4.7.1 to 4.7.2 (2015-May-18)
  - x509 1.1.4 to 1.1.6
    - add some X.509v3 extension parsing methods.
      following methods are added:
      - getV3ExtInfoListOfCertHex
      - getV3ExtItemInfo_AtObj
      - getHexOfTLV_V3ExtValue
      - getHexOfV_V3ExtValue
      - getPosOfTLV_V3ExtValue
      - getExtKeyUsageBin
      - getExtKeyUsageString
      - getExtAIAInfo
  - asn1x509 1.0.10 to 1.0.11
    - OID.name2oidList updated for X.509v3 extension OIDs
    - OID.name2oid method added
    - OID.oid2name method added
  - ** 4.7.2 updated files **
    - ChangeLog.txt
    - asn1x509-1.0.js
    - test/qunit-do-x509-ext.html
    - test/qunit-do-asn1x509.html
    - x509-1.1
    - test/index.html
    - tool_httpscfg.html
    - ext/yahoo-min.js
    - ext/yahoo.js

* Changes between 4.7.0 to 4.7.1 (2015-May-14)
  - asn1x509 1.0.9 to 1.0.10
    - certissuer and certsubj supported in GeneralName class
  - x509 1.1.3 to 1.1.4
    - getPublicKeyInfoPosOfCertHEX added
  - tool_httpscfg.html added

* Changes between 4.6.0 to 4.7.0 (2014-Jul-07)
  - RFC 5126 CAdES format supported
    - CAdES-BES/EPES/T support in this version.
  - asn1cades (NEW)
  - asn1tsp 1.0.0 to 1.0.1
    - AbstractTSAAdapter, Fixed/SimpleTSAAdapter class added
  - asn1cms 1.0.1 to 1.0.2
    - SigningCertificate and SigningCertificateV2
      attributes are added.
    - IssuerAndSerialNumber class constructor now 
      supports PEM string of certificate.
    - properties dDigestAlgs and dCerts of SignedData object
      are added for object preservation.
    - CMSUtil.newSignedData now supports
      SigningCertificate/V2 attributes.
  - asn1
    - add DEREnumerate class
  - x509
    - fix for strict mode
  - crypto
    - fix for Signature.signHex/Str

* Changes between 4.5.0 to 4.6.0 (2014-May-25)
  - RFC 3161 Time Stamp Protocol generator is now supported.
  - asn1tsp 1.0.0 (NEW)
  - asn1 1.0.5 to 1.0.6
    - AbstractTime/GeneralizedTime: millisecond support
  - asn1cms 1.0.0 to 1.0.1
    - IssuerAndSerialNumber: setByCertPEM method added
    - SigningCertificate attribute added
    - SigningCertificate attributeV2 added
  - asn1x509 1.0.8 to 1.0.9
    - OID.oid2name added
    - X500Name
      - add certissuer, certsubject parameter support
  - base64x 1.1.2 to 1.1.3
    - function hextob64, hextob64nl, b64nltohex added
  - tool_tsreq.html for TimeStamp Request demo (NEW)
  - tool_tsres.html for making TimeStampToken demo (NEW)
  - tool_ca.html
    - fix signing key bug
    - support ExtKeyUsage

* Changes between 4.2.3 to 4.5.0 (2014-May-17)
  - RFC 5652 CMS SignedData generator is now supported.
  - asn1cms 1.0.0 (NEW)
  - asn1 1.0.4 to 1.0.5
    - unsorted DERSet is now supported for ASN.1 BER
    - DERUTCTime/GeneralizedTime provides current time
      if arguments is not specified.
  - asn1x509 1.0.8 to 1.0.9
    - x509.Time: automatic detection for UTC/Gen by length
    - OID: some oids are added.
  - keyutil 1.0.6 to 1.0.7
    - KEYUTIL.getHexFromPEM can omit sHead now.

* Changes between 4.2.2 to 4.2.3 (2014-May-14) minor update
  - keyutil 1.0.6
    - isPublic and isPrivate flag fix for generateKey method.
  - tool_ca.html
    - fix keyutil.js reference

* Changes between 4.2.1 to 4.2.2 (2014-Apr-19)
  - asn1x509 1.0.7 to 1.0.8
    - add setSignatureHex method for Certificate class
    - modify newCertPEM method to support to specify signature
      by value.
    - add AuthorityKeyIdentifier X.509v3 extension class
  - keyutil 1.0.4 to 1.0.5
    - PKCS#10 CSR support. Following methods are added:
      - KEYUTIL.getKeyFromCSRPEM
      - KEYUTIL.getKeyFromCSRHex
      - KEYUTIL.parseCSRHex
  - Tool:
    - tool_forfact.html:
      CSR to fake certificate converter for factorable.net
      key weakness check.
  - Test codes:
    - add test/qunit-do-keyutil-csr.html

* Changes between 4.2.0 to 4.2.1 (2013-Oct-11)
  - keyutil 1.0.3 to 1.0.4
    - new getPEM method for exporting keys
    - exporting PKCS#8 encrypted private key also supported.
    - DES-CBC support for PKCS#5 encrypted private key
    - additional DSA support
    - make old methods are marked as deprecated.

* Changes between 4.1.6 to 4.2.0 (2013-Oct-06)
  - DSA support added to most of classes.
  - now RSAKey/KJUR.crypto.{ECDSA,DSA} class has new properties
    isPrivate and isPublic
  - asn1x509 1.0.5 to 1.0.6
    - new X509Util.newCertPEM method is added to provate
      easy certificate issuance by JSON object.
    - DSA/ECDSA support added to Signature, TBSCertificate, 
      AlgorithmIdentifier and SubjectPublicKeyInfo classes
  - keyutil 1.0.2 to 1.0.3
    - provide support for DSA
      - getKey
      - getKeyFromPublicPKCS8Hex,parsePublicPKCS8Hex
  - x509 1.1.1 to 1.1.2
    - ECDSA,DSA support added in X509.getPublicKeyFromCertPEM
  - dsa-modified 1.0.0 to 1.0.1
    - method setPrivateKey, setPublicKey are changed to
      setPrivate and setPublic respectively to align RSA/ECDSA class.

* Changes between 4.1.5 to 4.1.6 (2013-Oct-02)
  - newly dsa-modified 1.0.0 added
    - This is a DSA algorithm ported from github.com/openpgpjs
    - However Signature and KEYUTIL doesn't support DSA yet.
  - asn1 1.0.3 to 1.0.4
    - ASN1Util.jsonToASN1HEX method added.
  - asn1hex 1.1.3 to 1.1.4
    - ASN1HEX.getVbyList with tag checking method added.
  - keyutil 1.0.1 to 1.0.2
    - fix typo in newEncryptedPKCS5PEM method.

* Changes between 4.1.4 to 4.1.5 (2013-Sep-29)
  - keyutil 1.0.0 to 1.0.1
    - new generateKeypair method added
    - fix getKey method
  - add LICENSE file for YUI.
  - name jsrsasign-4.1.4-all-min.js is the same but updated.

* Changes between 4.1.3 to 4.1.4 (2013-Sep-24)
  - ext/cryptojs-312-core-fix*.js added to fix HmacSHA224/384 issue.
    Please use 
      'http://kjur.github.io/jsrsasign/ext/cryptojs-312-core-fix.js' or 
      'http://kjur.github.io/jsrsasign/ext/cryptojs-312-core-fix-min.js' or 
      'http://kjur.github.io/jsrsasign/jsrsasign-4.1.4-all-min.js'
    instead of orignal 'core.js' of CryptoJS.

* Changes between 4.1.2 to 4.1.3 (2013-Sep-23)
  - keyutil 1.0.0
    - PKCS5PKEY class is moved to KEYUTIL class.
      PKCS5PKEY is now deprecated and backward compatibility purpose only.
    - KEYUTIL.getKey() method added to private more generic access to
      private and public keys.
  - asn1 1.0.3 to 1.0.4
    - ASN1Util.newObject method now supports more simple 
      representation of tagged object like:
      newObject({tag: ['a1', true, {seq: [{int: 3}, {int: 4}]}]});
  - ext/base64.js
      fix for "var v;" for strict

* Changes between 4.1.1 to 4.1.2 (2013-Sep-12)
  - asn1 1.0.2 to 1.0.3
    - new method ASN1Util.newObject added.
  - all in one script 'jsrsasign-4.1.2-all-min.js' added.

* Changes between 4.1.0 to 4.1.1 (2013-Aug-27)
  - crypto 1.1.3 to 1.1.4
    - add hmacmd5, hmacripemd160 support and test code
  - ecdsa-modified 1.0.2 to 1.0.3
    - new static method added
      - parseSigHex
      - parseSigHexInHexRS
      - asn1SigToConcatSig
      - concatSigToASN1Sig
      - hexRSSigToASN1Sig
      - biRSSigToASN1Sig
  - all QUnit test code is moved for latest QUnit 1.12

* Changes between 4.0.5 to 4.1.0 (2013-Aug-25)
  - crypto 1.1.2 to 1.1.3
    - RSAPSS(*withRSAandMGF1) support in Signature class
    - powerful init method to specify any type of key and
      certificate and automatic initialization.
    - KJUR.crypto.OID class added for OID and hex conversion
  - pkcs5pkey 1.0.4 to 1.0.5
    - to support for KJUR.crypto.ECDSA:
      - getKeyFromEncryptedPKCS8PEM, parsePlainPrivetePKCS8Hex,
        getKeyFromPublicPKCS8PEM, getKeyFromPublicPKCS8Hex,
        parsePublicRawRSAKeyHex, parsePrivateRawRSAKeyHexAtObj,
        parsePrivateRawECKeyHexAtObj and parsePublicPKCS8Hex
        method added.
  - rsasign 1.2.5 to 1.2.7
    - RSAPSS saltlen default was changed from -2 to -1
    - add API document description about PSS salt length.
    - signWithMessageHashPSS, verifyWithMessageHashPSS 
      method added.
  - ecdsa-modified 1.0.1 to 1.0.2
    - method setNamedCurve, setPrivateKeyHex, setPublicKeyHex added
    - sign/verifyWithMessageHash method added to align RSAKey class
  - x509 1.1.0 to 1.1.1
    - encapsulated as class
    - getPublicKeyInfoPropOfCertPEM method added.
  - asn1hex 1.1.1 to 1.1.2
    - encapsulated as class

* Changes between 4.0.4 to 4.0.5 (2013-Aug-16)
  - crypto 1.1.1 to 1.1.2
    - KJUR.crypto.Mac (message authentication code) class added

* Changes between 4.0.3 to 4.0.4 (2013-Jul-30)
  - rsasign 1.2.4 to 1.2.5
    - verifyStringPSS argument change from BigInteger object biSig 
      to hexadecimal string hSig
      
* Changes between 4.0.2 to 4.0.3 (2013-Jul-29)
  - crypto.js 1.1.0 to 1.1.1
    - Signature and MessageDigest class supports default provider.
      So no need to specify provider.
    - DEFAULTPROVIDER property
    - add Util.hashString, Util.hashHex functions
  - pkcs5pkey 1.0.3 to 1.0.4 
    - add getRSAKeyFromPublicPKCS8PEM
    - add getRSAKeyFromPublicPKCS8Hex
  - rsasign 1.2.3 to 1.2.4
    - delete _RSASIGN_HASHHEXFUNC property
    - now rsasign supports any hash algorithm
      which is supported by KJUR.crypto.Util.hashString
  - add some QUnit test code
    - test/qunit-do-{pkcs5-pub, rsasign-pss}.html 

* Changes between 4.0.1 to 4.0.2 (2013-Jul-23)
  - RSAPSS signing and validation fix by Dave(github.com/davedoesdev)
    (base64x,crypto,rsasign)

* Changes between 4.0.0 to 4.0.1
  - rsasign-1.2.js
    - small fix for PSS by Dave's contribution (github.com/davedoesdev)
    - However still having issue in PSS
  - NEW base64x-1.1.js 
    - moved from github.com/kjur/jsjws

* Changes between 3.1.5 and 4.0.0 (2013-Jul-18)
  - newly added ECC key and ECDSA support
    - MODIFY crypto-1.1.js - Signature class now supports ECDSA
    - NEW ecdsa-modified-1.0.js - modifed version of Bitcoin ecdsa.js
    - NEW ecparam-1.0.js - ECC curve parameters definition
    - NEW ext/ec.js - Tom Wu's EC library
    - NEW ext/ec-patch.js - patch to Tom Wu's EC library by Bitcoin
    - supported curves are secp{256r1,256k1,384r1}

* Changes between 3.1.4 and 3.1.5 (2013-Jun-11)
  - move third party library to ext directory.
  - fix script URLs in sample-rsasign.html 

* Changes between 3.1.3 and 3.1.4 (2013-May-31)
  - asn1-1.0.js update 1.0.1 to 1.0.2
    - method ASN1Util.getPEMStringFromHex added
  - asn1x509-1.0.js update 1.0.3 to 1.0.4
    - mehtod X509Util.getPKCS8PubKeyPEMfromRSAKey added

* Changes between 3.1.2 and 3.1.3 (2013-May-28)
  - crypto-1.0.js update 1.0.3 to 1.0.4
    - support "sjcl" (i.e. Stanford JavaScript Crypto Library) 
      provider with sha256 in MessageDigest class

* Changes between 3.1.1 and 3.1.2 (2013-May-27)
  - pkcs5pkey-1.0.js update 1.0.2 to 1.0.3
    - following method added to support loading encrypted PKCS#8 priavte key
      - getRSAKeyFromEncryptedPKCS8PEM
      - getPlainPKCS8HexFromEncryptedPKCS8PEM
      - getPBKDF2KeyHexFromParam
      - parseHexOfEncryptedPKCS8
      - getRSAKeyFromPlainPKCS8Hex

* Changes between 3.1.0 and 3.1.1
  - pkcs5pkey-1.0.js update 1.0.1 to 1.0.2
    - method 'getRSAKeyFromEncryptedPKCS5PEM', 'getEryptedPKCS5PEMFromPrvKeyHex'
      'getEryptedPKCS5PEMFromRSAKey' and 'newEncryptedPKCS5PEM'
      added to PKCS5PKEY to get encrypted PEM key.

* Changes between 3.0.5 and 3.1.0
  - asn1x509-1.0.js update 1.0.2 to 1.0.3
    CRL, TBSCertList and CRLEntry class added to KJUR.asn1.x509
    to issue CRL.

* Changes between 3.0.4 and 3.0.5
  - pkcs5peky-1.0 update 1.0.0 to 1.0.1
    method getRSAKeyFromPlainPKCS8PEM added to PKCS5PKEY class to load
    unencrypted PEM formatted PKCS#8 private key.

* Changes between 3.0.3 and 3.0.4
  - rsasign-1.2.js update 1.2.1 to 1.2.2
    - hash algs used were changed from  to MessageDigest(CryptoJS base). 
      So now jsrsasign doesn't use Paul Johnston's
      hash library(http://pajhome.org.uk/crypt/md5/md5.html).
      Paul's scripts will be concluded approx. one year for know then
      their scripts and LICENSE notice will be removed then.
  - crypto-1.0.js update 1.0.2 to 1.0.3
    - add static hash functions {md5,sha1,sha256,sha512,ripemd160} to KJUR.crypto.Util

* Changes between 3.0.2 and 3.0.3
  - asn1x509-1.0.js update to 1.0.1
    - ExtKeyUsage extension class added.

* Changes between 3.0.1 and 3.0.2
  - crypto-1.0.js update to 1.0.2
    - Signature now supports signature verification:
      - initVerifyByPublicKey and initVerifyByCertificatePEM method
        added.

* Changes between 3.0.0 and 3.0.1
  - crypto-1.0.js update to 1.0.1
    - MessageDigest class now support md5, sha224, sha256, sha384, 
      sha512 and ripemd160 of 'cryptojs' provider.
    - Signature class now support {MD5,SHA224,SHA256,SHA384,
      SHA512,RIPEMD160}withRSA of 'cryptojs/jsrsa' provider.
    - Signature class constructor now supports 
      'prvkeypem' parameter to specify signing private key.
  - asn1x509-1.0.js update to 1.0.1
    - Certificate.setRsaPrvKeyByPEMandPass(pem,pass) method added and
      supports new constructor property 'rsaprvpem' and 'rsaprvpas'.

* Changes between 2.0.0 and 3.0.0
  - New features:
    - crypto-1.0.js: MessageDigest and Signature class like Java JCE
    - asn1-1.0.js  : ASN.1 Primitive Encoder class
    - asn1x509-1.0.js: ASN.1 class for X.509 certificate
  - merge David Halls's contribution. 
    (https://github.com/davedoesdev, Thanks! Dave.)
    - rsa.js: update for PKCS#1 OAEP support
    - rsa2.js: update for PKCS#1 OAEP support
    - rsasign-1.2.js: add PSS support (1.2.1)
    - jsbn.js: small fix
    - jsbn2.js: update for probable prime fix, bnSquare
    - base64.js: small fix
  - gradually moving to CryptoJS library from other hash library

* Changes between 1.3.1 and 2.0.0 [Apr 14, 2013]0
  - newly added pkcs5pkey.js and PKCS5PKEY class to support 
    passcode encrypted PKCS#5 private key.

* Changes between 1.3 and 1.3.1 [Apr 14, 2013]
  - rsapem.js updated to 1.1 to 1.1.1
    - method RSAKey.readPrivateKeyFromASN1HexString added.

* Changes between 1.2.1 and 1.3 [May 10, 2012]
  - ASN1HEX class defined in asn1hex.js
  - update x509.js and rsapem.js for ASN1HEX class.
  - enhance ASN1HEX and X509class.
  - JavaScript API document is available.

* Changes between 1.2 and 1.2.1 [May 03, 2012]
  - now minified files also provided

* Changes between 1.1 and 1.2 [Apr 30, 2012]
  - fixed critial signature generation and verification bug related to
    zero padding of big integer.
  - add MD5, SHA512 and RIPEMD-160 support
  - default hash libraries were changed which was developed by
    Paul Johnston (See http://pajhome.org.uk/crypt/md5/md5.html).
  - now download site is hosted on github.

* Changes between 1.0 and 1.1 [Sep 25, 2010]
  - some web contents update

* 1.0 Initial Relasse [Jun 03, 2010]