jsrsasign JavaScript API Reference

---

Classes

• global__
• ASN1HEX
• Base64x
• KEYUTIL
• KJUR
• KJUR.asn1
• KJUR.asn1.ASN1Object
• KJUR.asn1.ASN1Util
• KJUR.asn1.cades
• KJUR.asn1.cades.CAdESUtil
• KJUR.asn1.cades.CompleteCertificateRefs
• KJUR.asn1.cades.OtherCertID
• KJUR.asn1.cades.OtherHash
• KJUR.asn1.cades.OtherHashAlgAndValue
• KJUR.asn1.cades.OtherHashValue
• KJUR.asn1.cades.SignaturePolicyId
• KJUR.asn1.cades.SignaturePolicyIdentifier
• KJUR.asn1.cades.SignatureTimeStamp
• KJUR.asn1.cms
• KJUR.asn1.cms.Attribute
• KJUR.asn1.cms.AttributeList
• KJUR.asn1.cms.CertificateSet
• KJUR.asn1.cms.CMSParser
• KJUR.asn1.cms.CMSUtil
• KJUR.asn1.cms.ContentInfo
• KJUR.asn1.cms.ContentType
• KJUR.asn1.cms.EncapsulatedContentInfo
• KJUR.asn1.cms.ESSCertID
• KJUR.asn1.cms.ESSCertIDv2
• KJUR.asn1.cms.IssuerAndSerialNumber
• KJUR.asn1.cms.IssuerSerial
• KJUR.asn1.cms.MessageDigest
• KJUR.asn1.cms.OtherRevocationFormat
• KJUR.asn1.cms.RevocationInfoChoice
• KJUR.asn1.cms.RevocationInfoChoices
• KJUR.asn1.cms.SignedData
• KJUR.asn1.cms.SignerIdentifier
• KJUR.asn1.cms.SignerInfo
• KJUR.asn1.cms.SigningCertificate
• KJUR.asn1.cms.SigningCertificateV2
• KJUR.asn1.cms.SigningTime
• KJUR.asn1.cms.SubjectKeyIdentifier
• KJUR.asn1.csr
• KJUR.asn1.csr.CertificationRequest
• KJUR.asn1.csr.CertificationRequestInfo
• KJUR.asn1.csr.CSRUtil
• KJUR.asn1.DERAbstractString
• KJUR.asn1.DERAbstractStructured
• KJUR.asn1.DERAbstractTime
• KJUR.asn1.DERBitString
• KJUR.asn1.DERBMPString
• KJUR.asn1.DERBoolean
• KJUR.asn1.DEREnumerated
• KJUR.asn1.DERGeneralizedTime
• KJUR.asn1.DERIA5String
• KJUR.asn1.DERInteger
• KJUR.asn1.DERNull
• KJUR.asn1.DERNumericString
• KJUR.asn1.DERObjectIdentifier
• KJUR.asn1.DEROctetString
• KJUR.asn1.DERPrintableString
• KJUR.asn1.DERSequence
• KJUR.asn1.DERSet
• KJUR.asn1.DERTaggedObject
• KJUR.asn1.DERTeletexString
• KJUR.asn1.DERUTCTime
• KJUR.asn1.DERUTF8String
• KJUR.asn1.DERVisibleString
• KJUR.asn1.ocsp
• KJUR.asn1.ocsp.BasicOCSPResponse
• KJUR.asn1.ocsp.CertID
• KJUR.asn1.ocsp.CertStatus
• KJUR.asn1.ocsp.OCSPParser
• KJUR.asn1.ocsp.OCSPRequest
• KJUR.asn1.ocsp.OCSPResponse
• KJUR.asn1.ocsp.OCSPUtil
• KJUR.asn1.ocsp.Request
• KJUR.asn1.ocsp.ResponderID
• KJUR.asn1.ocsp.ResponseBytes
• KJUR.asn1.ocsp.ResponseData
• KJUR.asn1.ocsp.SingleResponse
• KJUR.asn1.ocsp.SingleResponseList
• KJUR.asn1.ocsp.TBSRequest
• KJUR.asn1.tsp
• KJUR.asn1.tsp.AbstractTSAAdapter
• KJUR.asn1.tsp.Accuracy
• KJUR.asn1.tsp.FixedTSAAdapter
• KJUR.asn1.tsp.MessageImprint
• KJUR.asn1.tsp.PKIFailureInfo
• KJUR.asn1.tsp.PKIFreeText
• KJUR.asn1.tsp.PKIStatus
• KJUR.asn1.tsp.PKIStatusInfo
• KJUR.asn1.tsp.SimpleTSAAdapter
• KJUR.asn1.tsp.TimeStampReq
• KJUR.asn1.tsp.TimeStampResp
• KJUR.asn1.tsp.TimeStampToken
• KJUR.asn1.tsp.TSPParser
• KJUR.asn1.tsp.TSPUtil
• KJUR.asn1.tsp.TSTInfo
• KJUR.asn1.x509
• KJUR.asn1.x509.AdobeTimeStamp
• KJUR.asn1.x509.AlgorithmIdentifier
• KJUR.asn1.x509.AttributeTypeAndValue
• KJUR.asn1.x509.AuthorityInfoAccess
• KJUR.asn1.x509.AuthorityKeyIdentifier
• KJUR.asn1.x509.BasicConstraints
• KJUR.asn1.x509.Certificate
• KJUR.asn1.x509.CertificatePolicies
• KJUR.asn1.x509.CRL
• KJUR.asn1.x509.CRLDistributionPoints
• KJUR.asn1.x509.CRLEntry
• KJUR.asn1.x509.CRLNumber
• KJUR.asn1.x509.CRLReason
• KJUR.asn1.x509.DisplayText
• KJUR.asn1.x509.DistributionPoint
• KJUR.asn1.x509.DistributionPointName
• KJUR.asn1.x509.Extension
• KJUR.asn1.x509.Extensions
• KJUR.asn1.x509.ExtKeyUsage
• KJUR.asn1.x509.GeneralName
• KJUR.asn1.x509.GeneralNames
• KJUR.asn1.x509.GeneralSubtree
• KJUR.asn1.x509.InhibitAnyPolicy
• KJUR.asn1.x509.IssuerAltName
• KJUR.asn1.x509.KeyUsage
• KJUR.asn1.x509.NameConstraints
• KJUR.asn1.x509.NoticeReference
• KJUR.asn1.x509.OCSPNoCheck
• KJUR.asn1.x509.OCSPNonce
• KJUR.asn1.x509.OID
• KJUR.asn1.x509.OtherName
• KJUR.asn1.x509.PolicyConstraints
• KJUR.asn1.x509.PolicyInformation
• KJUR.asn1.x509.PolicyMappings
• KJUR.asn1.x509.PolicyQualifierInfo
• KJUR.asn1.x509.PrivateExtension
• KJUR.asn1.x509.RDN
• KJUR.asn1.x509.SubjectAltName
• KJUR.asn1.x509.SubjectDirectoryAttributes
• KJUR.asn1.x509.SubjectKeyIdentifier
• KJUR.asn1.x509.SubjectPublicKeyInfo
• KJUR.asn1.x509.TBSCertificate
• KJUR.asn1.x509.TBSCertList
• KJUR.asn1.x509.Time
• KJUR.asn1.x509.UserNotice
• KJUR.asn1.x509.X500Name
• KJUR.asn1.x509.X509Util
• KJUR.crypto
• KJUR.crypto.Cipher
• KJUR.crypto.DSA
• KJUR.crypto.ECDSA
• KJUR.crypto.ECParameterDB
• KJUR.crypto.Mac
• KJUR.crypto.MessageDigest
• KJUR.crypto.OID
• KJUR.crypto.Signature
• KJUR.crypto.Util
• KJUR.jws
• KJUR.jws.IntDate
• KJUR.jws.JWS
• KJUR.jws.JWSJS
• KJUR.lang.String
• RSAKey
• X509
• X509CRL

---

Class KJUR.crypto.ECDSA

class for EC key generation, ECDSA signing and verifcation
Defined in: ecdsa-modified-1.0.js.

Class Summary

Constructor Attributes	Constructor Name and Description
	KJUR.crypto.ECDSA() class for EC key generation, ECDSA signing and verifcation CAUTION: Most of the case, you don't need to use this class except for generating an EC key pair.

Method Summary

Method Attributes	Method Name and Description
<static>	KJUR.crypto.ECDSA.asn1SigToConcatSig(asn1Hex) convert hexadecimal ASN.1 encoded signature to concatinated signature
<static>	KJUR.crypto.ECDSA.biRSSigToASN1Sig(biR, biS) convert R and S BigInteger object of signature to ASN.1 encoded signature
<static>	KJUR.crypto.ECDSA.concatSigToASN1Sig(concatSig) convert hexadecimal concatinated signature to ASN.1 encoded signature
	generateKeyPairHex() generate a EC key pair
	generatePublicKeyHex() generate public key for EC private key
<static>	KJUR.crypto.ECDSA.getName(s) static method to get normalized EC curve name from curve name or hexadecimal OID value This static method returns normalized EC curve name which is supported in jsrsasign from curve name or hexadecimal OID value.
	getPublicKeyXYHex() get X and Y hexadecimal string value of public key
	getShortNISTPCurveName() get NIST curve short name such as "P-256" or "P-384"
<static>	KJUR.crypto.ECDSA.hexRSSigToASN1Sig(hR, hS) convert hexadecimal R and S value of signature to ASN.1 encoded signature
<static>	KJUR.crypto.ECDSA.parseSigHex(sigHex) parse ASN.1 DER encoded ECDSA signature
<static>	KJUR.crypto.ECDSA.parseSigHexInHexRS(sigHex) parse ASN.1 DER encoded ECDSA signature
	readCertPubKeyHex(h, nthPKI) read an ASN.1 hexadecimal string of X.509 ECC public key certificate
	readPKCS5PrvKeyHex(h) read an ASN.1 hexadecimal string of PKCS#1/5 plain ECC private key
	readPKCS8PrvKeyHex(h) read an ASN.1 hexadecimal string of PKCS#8 plain ECC private key
	readPKCS8PubKeyHex(h) read an ASN.1 hexadecimal string of PKCS#8 ECC public key
	signHex(hashHex, privHex) signing to message hash
	verifyHex(hashHex, sigHex, pubkeyHex) verifying signature with message hash and public key

Parameters:

{String} asn1Hex

hexadecimal string of ASN.1 encoded ECDSA signature value

Since:

ecdsa-modified 1.0.3

Throws:

Error when signature length is unsupported

Returns:

{String} r-s concatinated format of ECDSA signature value

---

Parameters:

{BigInteger} biR

BigInteger object of R field of ECDSA signature value

{BigInteger} biS

BIgInteger object of S field of ECDSA signature value

Since:

ecdsa-modified 1.0.3

Returns:

{String} hexadecimal string of ASN.1 encoded ECDSA signature value

---

Parameters:

{String} concatSig

r-s concatinated format of ECDSA signature value

Since:

ecdsa-modified 1.0.3

Throws:

Error when signature length is unsupported

Returns:

{String} hexadecimal string of ASN.1 encoded ECDSA signature value

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
var keypair = ec.generateKeyPairHex();
var pubhex = keypair.ecpubhex; // hexadecimal string of EC public key
var prvhex = keypair.ecprvhex; // hexadecimal string of EC private key (=d)

Since:

ecdsa-modified 1.0.1

Returns:

{Array} associative array of hexadecimal string of private and public key

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1', 'prv': prvHex});
var pubhex = ec.generatePublicKeyHex(); // hexadecimal string of EC public key
var pub ec.getPublicKeyXYHex() → { x: '01bacf...', y: 'c3bc22...' }

Returns:

{String} associative array of hexadecimal string of private and public key

---

KJUR.crypto.ECDSA.getName("2b8104000a") → "secp256k1"
KJUR.crypto.ECDSA.getName("NIST P-256") → "secp256r1"
KJUR.crypto.ECDSA.getName("P-521") → undefined // not supported

Parameters:

{String} s

curve name (ex. P-256) or hexadecimal OID value (ex. 2a86...)

Since:

jsrsasign 7.1.0 ecdsa-modified 1.1.0

Returns:

{String} normalized EC curve name (ex. secp256r1)

---

ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1', 'pub': pubHex});
ec.getPublicKeyXYHex() → { x: '01bacf...', y: 'c3bc22...' }

Since:

ecdsa-modified 1.0.5 jsrsasign 5.0.14

Returns:

{Array} associative array of x and y value of public key

---

ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1', 'pub': pubHex});
ec.getShortPCurveName() → "P-256";

Since:

ecdsa-modified 1.0.5 jsrsasign 5.0.14

Returns:

{String} short NIST P curve name such as "P-256" or "P-384" if it's NIST P curve otherwise null;

---

Parameters:

{String} hR

hexadecimal string of R field of ECDSA signature value

{String} hS

hexadecimal string of S field of ECDSA signature value

Since:

ecdsa-modified 1.0.3

Returns:

{String} hexadecimal string of ASN.1 encoded ECDSA signature value

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
var sig = ec.parseSigHex('30...');
var biR = sig.r; // BigInteger object for 'r' field of signature.
var biS = sig.s; // BigInteger object for 's' field of signature.

Parameters:

{String} sigHex

hexadecimal string of ECDSA signature value

Since:

ecdsa-modified 1.0.1

Throws:

Error when signature value is malformed.

Returns:

{Array} associative array of signature field r and s of BigInteger

See:

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
var sig = ec.parseSigHexInHexRS('30...');
var hR = sig.r; // hexadecimal string for 'r' field of signature.
var hS = sig.s; // hexadecimal string for 's' field of signature.

Parameters:

{String} sigHex

hexadecimal string of ECDSA signature value

Since:

ecdsa-modified 1.0.3

Throws:

Error when signature value is malformed.

Returns:

{Array} associative array of signature field r and s in hexadecimal

See:

---

Parameters:

{String} h

hexadecimal string of X.509 ECC public key certificate

{Integer} nthPKI

nth index of publicKeyInfo. (DEFAULT: 6 for X509v3)

Since:

jsrsasign 7.1.0 ecdsa-modified 1.1.0

---

Parameters:

{String} h

hexadecimal string of PKCS#1/5 ECC private key

Since:

jsrsasign 7.1.0 ecdsa-modified 1.1.0

---

Parameters:

{String} h

hexadecimal string of PKCS#8 ECC private key

Since:

jsrsasign 7.1.0 ecdsa-modified 1.1.0

---

Parameters:

{String} h

hexadecimal string of PKCS#8 ECC public key

Since:

jsrsasign 7.1.0 ecdsa-modified 1.1.0

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
var sigValue = ec.signHex(hash, prvKey);

Parameters:

{String} hashHex

hexadecimal string of hash value of signing message

{String} privHex

hexadecimal string of EC private key

Since:

ecdsa-modified 1.0.1

Returns:

{String} hexadecimal string of ECDSA signature

---

var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
var result = ec.verifyHex(msgHashHex, sigHex, pubkeyHex);

Parameters:

{String} hashHex

hexadecimal string of hash value of signing message

{String} sigHex

hexadecimal string of signature value

{String} pubkeyHex

hexadecimal string of public key

Since:

ecdsa-modified 1.0.1

Returns:

{Boolean} true if the signature is valid, otherwise false

---