1 /* jws-3.3.11 (c) 2013-2018 Kenji Urushima | kjur.github.com/jsrsasign/license
  2  */
  3 /*
  4  * jws.js - JSON Web Signature(JWS) and JSON Web Token(JWT) Class
  5  *
  6  * Copyright (c) 2010-2018 Kenji Urushima (kenji.urushima@gmail.com)
  7  *
  8  * This software is licensed under the terms of the MIT License.
  9  * https://kjur.github.io/jsrsasign/license/
 10  *
 11  * The above copyright and license notice shall be 
 12  * included in all copies or substantial portions of the Software.
 13  */
 14 
 15 /**
 16  * @fileOverview
 17  * @name jws-3.3.js
 18  * @author Kenji Urushima kenji.urushima@gmail.com
 19  * @version jsrsasign 8.0.3 jws 3.3.11 (2018-Mar-11)
 20  * @since jsjws 1.0, jsrsasign 4.8.0
 21  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
 22  */
 23 
 24 if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
 25 
 26 /**
 27  * kjur's JSON Web Signature/Token(JWS/JWT) library name space
 28  * <p>
 29  * This namespace privides following JWS/JWS related classes.
 30  * <ul>
 31  * <li>{@link KJUR.jws.JWS} - JSON Web Signature/Token(JWS/JWT) class</li>
 32  * <li>{@link KJUR.jws.JWSJS} - JWS JSON Serialization(JWSJS) class</li>
 33  * <li>{@link KJUR.jws.IntDate} - UNIX origin time utility class</li>
 34  * </ul>
 35  * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2.
 36  * </p>
 37  * @name KJUR.jws
 38  * @namespace
 39  */
 40 if (typeof KJUR.jws == "undefined" || !KJUR.jws) KJUR.jws = {};
 41 
 42 /**
 43  * JSON Web Signature(JWS) class.<br/>
 44  * @name KJUR.jws.JWS
 45  * @class JSON Web Signature(JWS) class
 46  * @see <a href="https://kjur.github.io/jsjws/">'jwjws'(JWS JavaScript Library) home page https://kjur.github.io/jsjws/</a>
 47  * @see <a href="https://kjur.github.io/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page https://kjur.github.io/jsrsasign/</a>
 48  * @see <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14">IETF I-D JSON Web Algorithms (JWA)</a>
 49  * @since jsjws 1.0
 50  * @description
 51  * This class provides JSON Web Signature(JWS)/JSON Web Token(JWT) signing and validation.
 52  *
 53  * <h4>METHOD SUMMARY</h4>
 54  * Here is major methods of {@link KJUR.jws.JWS} class.
 55  * <ul>
 56  * <li><b>SIGN</b><br/>
 57  * <li>{@link KJUR.jws.JWS.sign} - sign JWS</li>
 58  * </li>
 59  * <li><b>VERIFY</b><br/>
 60  * <li>{@link KJUR.jws.JWS.verify} - verify JWS signature</li>
 61  * <li>{@link KJUR.jws.JWS.verifyJWT} - verify properties of JWT token at specified time</li>
 62  * </li>
 63  * <li><b>UTILITY</b><br/>
 64  * <li>{@link KJUR.jws.JWS.getJWKthumbprint} - get RFC 7638 JWK thumbprint</li>
 65  * <li>{@link KJUR.jws.JWS.isSafeJSONString} - check whether safe JSON string or not</li>
 66  * <li>{@link KJUR.jws.JWS.readSafeJSONString} - read safe JSON string only</li>
 67  * </li>
 68  * </ul> 
 69  *
 70  * <h4>SUPPORTED SIGNATURE ALGORITHMS</h4>
 71  * Here is supported algorithm names for {@link KJUR.jws.JWS.sign} and
 72  * {@link KJUR.jws.JWS.verify} methods.
 73  * <table>
 74  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
 75  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
 76  * <tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 77  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 78  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
 79  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 80  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 81  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
 82  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 83  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
 84  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 85  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 86  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
 87  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
 88  * </table>
 89  * <dl>
 90  * <dt><b>NOTE1</b>
 91  * <dd>HS384 is supported since jsjws 3.0.2 with jsrsasign 4.1.4.
 92  * <dt><b>NOTE2</b>
 93  * <dd>Some deprecated methods have been removed since jws 3.3 of jsrsasign 4.10.0.
 94  * Removed methods are following:
 95  * <ul>
 96  * <li>JWS.verifyJWSByNE</li>
 97  * <li>JWS.verifyJWSByKey</li>
 98  * <li>JWS.generateJWSByNED</li>
 99  * <li>JWS.generateJWSByKey</li>
100  * <li>JWS.generateJWSByP1PrvKey</li>
101  * </ul>
102  * </dl>
103  * <b>EXAMPLE</b><br/>
104  * @example
105  * // JWS signing 
106  * sJWS = KJUR.jws.JWS.sign(null, '{"alg":"HS256", "cty":"JWT"}', '{"age": 21}', {"utf8": "password"});
107  * // JWS validation
108  * isValid = KJUR.jws.JWS.verify('eyJjdHkiOiJKV1QiLCJhbGc...', {"utf8": "password"});
109  * // JWT validation
110  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', {"utf8": "password"}, {
111  *   alg: ['HS256', 'HS384'],
112  *   iss: ['http://foo.com']
113  * });
114  */
115 KJUR.jws.JWS = function() {
116     var _KJUR = KJUR,
117 	_KJUR_jws_JWS = _KJUR.jws.JWS,
118 	_isSafeJSONString = _KJUR_jws_JWS.isSafeJSONString;
119 
120     // === utility =============================================================
121 
122     /**
123      * parse JWS string and set public property 'parsedJWS' dictionary.<br/>
124      * @name parseJWS
125      * @memberOf KJUR.jws.JWS
126      * @function
127      * @param {String} sJWS JWS signature string to be parsed.
128      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
129      * @throws if JWS Header is a malformed JSON string.
130      * @since jws 1.1
131      */
132     this.parseJWS = function(sJWS, sigValNotNeeded) {
133 	if ((this.parsedJWS !== undefined) &&
134 	    (sigValNotNeeded || (this.parsedJWS.sigvalH !== undefined))) {
135 	    return;
136 	}
137 	var matchResult = sJWS.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);
138 	if (matchResult == null) {
139 	    throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
140 	}
141 	var b6Head = matchResult[1];
142 	var b6Payload = matchResult[2];
143 	var b6SigVal = matchResult[3];
144 	var sSI = b6Head + "." + b6Payload;
145 	this.parsedJWS = {};
146 	this.parsedJWS.headB64U = b6Head;
147 	this.parsedJWS.payloadB64U = b6Payload;
148 	this.parsedJWS.sigvalB64U = b6SigVal;
149 	this.parsedJWS.si = sSI;
150 
151 	if (!sigValNotNeeded) {
152 	    var hSigVal = b64utohex(b6SigVal);
153 	    var biSigVal = parseBigInt(hSigVal, 16);
154 	    this.parsedJWS.sigvalH = hSigVal;
155 	    this.parsedJWS.sigvalBI = biSigVal;
156 	}
157 
158 	var sHead = b64utoutf8(b6Head);
159 	var sPayload = b64utoutf8(b6Payload);
160 	this.parsedJWS.headS = sHead;
161 	this.parsedJWS.payloadS = sPayload;
162 
163 	if (! _isSafeJSONString(sHead, this.parsedJWS, 'headP'))
164 	    throw "malformed JSON string for JWS Head: " + sHead;
165     };
166 };
167 
168 // === major static method ========================================================
169 
170 /**
171  * generate JWS signature by specified key<br/>
172  * @name sign
173  * @memberOf KJUR.jws.JWS
174  * @function
175  * @static
176  * @param {String} alg JWS algorithm name to sign and force set to sHead or null 
177  * @param {String} spHead string or object of JWS Header
178  * @param {String} spPayload string or object of JWS Payload
179  * @param {String} key string of private key or mac key object to sign
180  * @param {String} pass (OPTION)passcode to use encrypted asymmetric private key 
181  * @return {String} JWS signature string
182  * @since jws 3.0.0
183  * @see <a href="https://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
184  * @see <a href="https://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
185  * @description
186  * This method supports following algorithms.
187  * <table>
188  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
189  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
190  * <tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
191  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
192  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
193  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
194  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
195  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
196  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
197  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
198  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
199  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
200  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
201  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
202  * </table>
203  * <dl>
204  * <dt>NOTE1:
205  * <dd>salt length of RSAPSS signature is the same as the hash algorithm length
206  * because of <a href="http://www.ietf.org/mail-archive/web/jose/current/msg02901.html">IETF JOSE ML discussion</a>.
207  * <dt>NOTE2:
208  * <dd>To support HS384, patched version of CryptoJS is used.
209  * <a href="https://code.google.com/p/crypto-js/issues/detail?id=84">See here for detail</a>.
210  * <dt>NOTE3:
211  * From jsrsasign 4.10.0 jws 3.3.0, Way to provide password
212  * for HS* algorithm is changed. The 'key' attribute value is
213  * passed to {@link KJUR.crypto.Mac.setPassword} so please see
214  * {@link KJUR.crypto.Mac.setPassword} for detail.
215  * As for backword compatibility, if key is a string, has even length and
216  * 0..9, A-F or a-f characters, key string is treated as a hexadecimal
217  * otherwise it is treated as a raw string.
218  * <dd>
219  * </dl>
220  * <b>EXAMPLE</b><br/>
221  * @example
222  * // sign HS256 signature with password "aaa" implicitly handled as string
223  * sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256", cty: "JWT"}, {age: 21}, "aaa");
224  * // sign HS256 signature with password "6161" implicitly handled as hex
225  * sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256", cty: "JWT"}, {age: 21}, "6161");
226  * // sign HS256 signature with base64 password
227  * sJWS = KJUR.jws.JWS.sign(null, {alg: "HS256"}, {age: 21}, {b64: "Mi/8..a="});
228  * // sign RS256 signature with PKCS#8 PEM RSA private key
229  * sJWS = KJUR.jws.JWS.sign(null, {alg: "RS256"}, {age: 21}, "-----BEGIN PRIVATE KEY...");
230  * // sign RS256 signature with PKCS#8 PEM ECC private key with passcode
231  * sJWS = KJUR.jws.JWS.sign(null, {alg: "ES256"}, {age: 21}, 
232  *                          "-----BEGIN PRIVATE KEY...", "keypass");
233  * // header and payload can be passed by both string and object
234  * sJWS = KJUR.jws.JWS.sign(null, '{alg:"HS256",cty:"JWT"}', '{age:21}', "aaa");
235  */
236 KJUR.jws.JWS.sign = function(alg, spHeader, spPayload, key, pass) {
237     var _KJUR = KJUR,
238 	_KJUR_jws = _KJUR.jws,
239 	_KJUR_jws_JWS = _KJUR_jws.JWS,
240 	_readSafeJSONString = _KJUR_jws_JWS.readSafeJSONString,
241 	_isSafeJSONString = _KJUR_jws_JWS.isSafeJSONString,
242 	_KJUR_crypto = _KJUR.crypto,
243 	_ECDSA = _KJUR_crypto.ECDSA,
244 	_Mac = _KJUR_crypto.Mac,
245 	_Signature = _KJUR_crypto.Signature,
246 	_JSON = JSON;
247 
248     var sHeader, pHeader, sPayload;
249 
250     // 1. check signatureInput(Header, Payload) is string or object
251     if (typeof spHeader != 'string' && typeof spHeader != 'object')
252 	throw "spHeader must be JSON string or object: " + spHeader;
253 
254     if (typeof spHeader == 'object') {
255 	pHeader = spHeader;
256 	sHeader = _JSON.stringify(pHeader);
257     }
258 
259     if (typeof spHeader == 'string') {
260 	sHeader = spHeader;
261 	if (! _isSafeJSONString(sHeader))
262 	    throw "JWS Head is not safe JSON string: " + sHeader;
263 	pHeader = _readSafeJSONString(sHeader);
264 
265     }
266 
267     sPayload = spPayload;
268     if (typeof spPayload == 'object') sPayload = _JSON.stringify(spPayload);
269 
270     // 2. use alg if defined in sHeader
271     if ((alg == '' || alg == null) &&
272 	pHeader['alg'] !== undefined) {
273 	alg = pHeader['alg'];
274     }
275 
276     // 3. update sHeader to add alg if alg undefined
277     if ((alg != '' && alg != null) &&
278 	pHeader['alg'] === undefined) {
279 	pHeader['alg'] = alg;
280 	sHeader = _JSON.stringify(pHeader);
281     }
282 
283     // 4. check explicit algorithm doesn't match with JWS header.
284     if (alg !== pHeader.alg)
285 	throw "alg and sHeader.alg doesn't match: " + alg + "!=" + pHeader.alg;
286 
287     // 5. set signature algorithm like SHA1withRSA
288     var sigAlg = null;
289     if (_KJUR_jws_JWS.jwsalg2sigalg[alg] === undefined) {
290 	throw "unsupported alg name: " + alg;
291     } else {
292 	sigAlg = _KJUR_jws_JWS.jwsalg2sigalg[alg];
293     }
294     
295     var uHeader = utf8tob64u(sHeader);
296     var uPayload = utf8tob64u(sPayload);
297     var uSignatureInput = uHeader + "." + uPayload
298     // 6. sign
299     var hSig = "";
300     if (sigAlg.substr(0, 4) == "Hmac") {
301 	if (key === undefined)
302 	    throw "mac key shall be specified for HS* alg";
303 	//alert("sigAlg=" + sigAlg);
304 	var mac = new _Mac({'alg': sigAlg, 'prov': 'cryptojs', 'pass': key});
305 	mac.updateString(uSignatureInput);
306 	hSig = mac.doFinal();
307     } else if (sigAlg.indexOf("withECDSA") != -1) {
308 	var sig = new _Signature({'alg': sigAlg});
309 	sig.init(key, pass);
310 	sig.updateString(uSignatureInput);
311 	var hASN1Sig = sig.sign();
312 	hSig = KJUR.crypto.ECDSA.asn1SigToConcatSig(hASN1Sig);
313     } else if (sigAlg != "none") {
314 	var sig = new _Signature({'alg': sigAlg});
315 	sig.init(key, pass);
316 	sig.updateString(uSignatureInput);
317 	hSig = sig.sign();
318     }
319 
320     var uSig = hextob64u(hSig);
321     return uSignatureInput + "." + uSig;
322 };
323 
324 /**
325  * verify JWS signature by specified key or certificate<br/>
326  * @name verify
327  * @memberOf KJUR.jws.JWS
328  * @function
329  * @static
330  * @param {String} sJWS string of JWS signature to verify
331  * @param {Object} key string of public key, certificate or key object to verify
332  * @param {String} acceptAlgs array of algorithm name strings (OPTION)
333  * @return {Boolean} true if the signature is valid otherwise false including no signature case or without head and payload
334  * @since jws 3.0.0
335  * @see <a href="https://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
336  * @see <a href="https://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
337  * @description
338  * <p>
339  * This method verifies a JSON Web Signature Compact Serialization string by the validation 
340  * algorithm as described in 
341  * <a href="http://self-issued.info/docs/draft-jones-json-web-signature-04.html#anchor5">
342  * the section 5 of Internet Draft draft-jones-json-web-signature-04.</a>
343  * </p>
344  * <p>
345  * Since 3.2.0 strict key checking has been provided against a JWS algorithm
346  * in a JWS header.
347  * <ul>
348  * <li>In case 'alg' is 'HS*' in the JWS header,
349  * 'key' shall be hexadecimal string for Hmac{256,384,512} shared secret key.
350  * Otherwise it raise an error.</li>
351  * <li>In case 'alg' is 'RS*' or 'PS*' in the JWS header,
352  * 'key' shall be a RSAKey object or a PEM string of
353  * X.509 RSA public key certificate or PKCS#8 RSA public key.
354  * Otherwise it raise an error.</li>
355  * <li>In case 'alg' is 'ES*' in the JWS header,
356  * 'key' shall be a KJUR.crypto.ECDSA object or a PEM string of
357  * X.509 ECC public key certificate or PKCS#8 ECC public key.
358  * Otherwise it raise an error.</li>
359  * <li>In case 'alg' is 'none' in the JWS header,
360  * validation not supported after jsjws 3.1.0.</li>
361  * </ul>
362  * </p>
363  * <p>
364  * NOTE1: The argument 'acceptAlgs' is supported since 3.2.0.
365  * Strongly recommended to provide acceptAlgs to mitigate
366  * signature replacement attacks.<br/>
367  * </p>
368  * <p>
369  * NOTE2: From jsrsasign 4.9.0 jws 3.2.5, Way to provide password
370  * for HS* algorithm is changed. The 'key' attribute value is
371  * passed to {@link KJUR.crypto.Mac.setPassword} so please see
372  * {@link KJUR.crypto.Mac.setPassword} for detail.
373  * As for backword compatibility, if key is a string, has even length and
374  * 0..9, A-F or a-f characters, key string is treated as a hexadecimal
375  * otherwise it is treated as a raw string.
376  * </p>
377  * @example
378  * // 1) verify a RS256 JWS signature by a certificate string.
379  * isValid = KJUR.jws.JWS.verify('eyJh...', '-----BEGIN...', ['RS256']);
380  * 
381  * // 2) verify a HS256 JWS signature by a certificate string.
382  * isValid = KJUR.jws.JWS.verify('eyJh...', {hex: '6f62ad...'}, ['HS256']);
383  * isValid = KJUR.jws.JWS.verify('eyJh...', {b64: 'Mi/ab8...a=='}, ['HS256']);
384  * isValid = KJUR.jws.JWS.verify('eyJh...', {utf8: 'Secret秘密'}, ['HS256']);
385  * isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ad', ['HS256']); // implicit hex
386  * isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ada', ['HS256']); // implicit raw string
387  *
388  * // 3) verify a ES256 JWS signature by a KJUR.crypto.ECDSA key object.
389  * var pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
390  * var isValid = KJUR.jws.JWS.verify('eyJh...', pubkey);
391  */
392 KJUR.jws.JWS.verify = function(sJWS, key, acceptAlgs) {
393     var _KJUR = KJUR,
394 	_KJUR_jws = _KJUR.jws,
395 	_KJUR_jws_JWS = _KJUR_jws.JWS,
396 	_readSafeJSONString = _KJUR_jws_JWS.readSafeJSONString,
397 	_KJUR_crypto = _KJUR.crypto,
398 	_ECDSA = _KJUR_crypto.ECDSA,
399 	_Mac = _KJUR_crypto.Mac,
400 	_Signature = _KJUR_crypto.Signature,
401 	_RSAKey;
402     
403     if (typeof RSAKey !== undefined) _RSAKey = RSAKey;
404 
405     var a = sJWS.split(".");
406     if (a.length !== 3) return false;
407 
408     var uHeader = a[0];
409     var uPayload = a[1];
410     var uSignatureInput = uHeader + "." + uPayload;
411     var hSig = b64utohex(a[2]);
412 
413     // 1. parse JWS header
414     var pHeader = _readSafeJSONString(b64utoutf8(a[0]));
415     var alg = null;
416     var algType = null; // HS|RS|PS|ES|no
417     if (pHeader.alg === undefined) {
418 	throw "algorithm not specified in header";
419     } else {
420 	alg = pHeader.alg;
421 	algType = alg.substr(0, 2);
422     }
423 
424     // 2. check whether alg is acceptable algorithms
425     if (acceptAlgs != null &&
426         Object.prototype.toString.call(acceptAlgs) === '[object Array]' &&
427         acceptAlgs.length > 0) {
428 	var acceptAlgStr = ":" + acceptAlgs.join(":") + ":";
429 	if (acceptAlgStr.indexOf(":" + alg + ":") == -1) {
430 	    throw "algorithm '" + alg + "' not accepted in the list";
431 	}
432     }
433 
434     // 3. check whether key is a proper key for alg.
435     if (alg != "none" && key === null) {
436 	throw "key shall be specified to verify.";
437     }
438 
439     // 3.1. There is no key check for HS* because Mac will check it.
440     //      since jsrsasign 5.0.0.
441 
442     // 3.2. convert key object if key is a public key or cert PEM string
443     if (typeof key == "string" &&
444 	key.indexOf("-----BEGIN ") != -1) {
445 	key = KEYUTIL.getKey(key);
446     }
447 
448     // 3.3. check whether key is RSAKey obj if alg is RS* or PS*.
449     if (algType == "RS" || algType == "PS") {
450 	if (!(key instanceof _RSAKey)) {
451 	    throw "key shall be a RSAKey obj for RS* and PS* algs";
452 	}
453     }
454 
455     // 3.4. check whether key is ECDSA obj if alg is ES*.
456     if (algType == "ES") {
457 	if (!(key instanceof _ECDSA)) {
458 	    throw "key shall be a ECDSA obj for ES* algs";
459 	}
460     }
461 
462     // 3.5. check when alg is 'none'
463     if (alg == "none") {
464     }
465 
466     // 4. check whether alg is supported alg in jsjws.
467     var sigAlg = null;
468     if (_KJUR_jws_JWS.jwsalg2sigalg[pHeader.alg] === undefined) {
469 	throw "unsupported alg name: " + alg;
470     } else {
471 	sigAlg = _KJUR_jws_JWS.jwsalg2sigalg[alg];
472     }
473 
474     // 5. verify
475     if (sigAlg == "none") {
476         throw "not supported";
477     } else if (sigAlg.substr(0, 4) == "Hmac") {
478 	var hSig2 = null;
479 	if (key === undefined)
480 	    throw "hexadecimal key shall be specified for HMAC";
481 	//try {
482 	    var mac = new _Mac({'alg': sigAlg, 'pass': key});
483 	    mac.updateString(uSignatureInput);
484 	    hSig2 = mac.doFinal();
485 	//} catch(ex) {};
486 	return hSig == hSig2;
487     } else if (sigAlg.indexOf("withECDSA") != -1) {
488 	var hASN1Sig = null;
489         try {
490 	    hASN1Sig = _ECDSA.concatSigToASN1Sig(hSig);
491 	} catch (ex) {
492 	    return false;
493 	}
494 	var sig = new _Signature({'alg': sigAlg});
495 	sig.init(key)
496 	sig.updateString(uSignatureInput);
497 	return sig.verify(hASN1Sig);
498     } else {
499 	var sig = new _Signature({'alg': sigAlg});
500 	sig.init(key)
501 	sig.updateString(uSignatureInput);
502 	return sig.verify(hSig);
503     }
504 };
505 
506 /**
507  * parse header and payload of JWS signature<br/>
508  * @name parse
509  * @memberOf KJUR.jws.JWS
510  * @function
511  * @static
512  * @param {String} sJWS string of JWS signature to parse
513  * @return {Array} associative array of parsed header and payload. See below.
514  * @throws if sJWS is malformed JWS signature
515  * @since jws 3.3.3
516  * @description
517  * This method parses JWS signature string. 
518  * Resulted associative array has following properties:
519  * <ul>
520  * <li>headerObj - JSON object of header</li>
521  * <li>payloadObj - JSON object of payload if payload is JSON string otherwise undefined</li>
522  * <li>headerPP - pretty printed JSON header by stringify</li>
523  * <li>payloadPP - pretty printed JSON payload by stringify if payload is JSON otherwise Base64URL decoded raw string of payload</li>
524  * <li>sigHex - hexadecimal string of signature</li>
525  * </ul>
526  * @example
527  * KJUR.jws.JWS.parse(sJWS) ->
528  * { 
529  *   headerObj: {"alg": "RS256", "typ": "JWS"},
530  *   payloadObj: {"product": "orange", "quantity": 100},
531  *   headerPP: 
532  *   '{
533  *     "alg": "RS256",
534  *     "typ": "JWS"
535  *   }',
536  *   payloadPP: 
537  *   '{
538  *     "product": "orange",
539  *     "quantity": 100
540  *   }',
541  *   sigHex: "91f3cd..." 
542  * }
543  */
544 KJUR.jws.JWS.parse = function(sJWS) {
545     var a = sJWS.split(".");
546     var result = {};
547     var uHeader, uPayload, uSig;
548     if (a.length != 2 && a.length != 3)
549 	throw "malformed sJWS: wrong number of '.' splitted elements";
550 
551     uHeader = a[0];
552     uPayload = a[1];
553     if (a.length == 3) uSig = a[2]; 
554 
555     result.headerObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uHeader));
556     result.payloadObj = KJUR.jws.JWS.readSafeJSONString(b64utoutf8(uPayload));
557 
558     result.headerPP = JSON.stringify(result.headerObj, null, "  ");
559     if (result.payloadObj == null) {
560 	result.payloadPP = b64utoutf8(uPayload);
561     } else {
562 	result.payloadPP = JSON.stringify(result.payloadObj, null, "  ");
563     }
564 
565     if (uSig !== undefined) {
566 	result.sigHex = b64utohex(uSig);
567     }
568 
569     return result;
570 };
571 
572 /**
573  * @name verifyJWT
574  * @memberOf KJUR.jws.JWS
575  * @function
576  * @static
577  * @param {String} sJWT string of JSON Web Token(JWT) to verify
578  * @param {Object} key string of public key, certificate or key object to verify
579  * @param {Array} acceptField associative array of acceptable fields (OPTION)
580  * @return {Boolean} true if the JWT token is valid otherwise false
581  * @since jws 3.2.3 jsrsasign 4.8.0
582  *
583  * @description
584  * This method verifies a
585  * <a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a> 
586  * JSON Web Token(JWT).
587  * It will verify following:
588  * <ul>
589  * <li>Header.alg
590  * <ul>
591  * <li>alg is specified in JWT header.</li>
592  * <li>alg is included in acceptField.alg array. (MANDATORY)</li>
593  * <li>alg is proper for key.</li>
594  * </ul>
595  * </li>
596  * <li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
597  * <li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
598  * <li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or 
599  *     the same as value if specified. (OPTION)</li>
600  * <li>Time validity
601  * <ul>
602  * <li>
603  * If acceptField.verifyAt as number of UNIX origin time is specifed for validation time, 
604  * this method will verify at the time for it, otherwise current time will be used to verify.
605  * </li>
606  * <li>
607  * Clock of JWT generator or verifier can be fast or slow. If these clocks are
608  * very different, JWT validation may fail. To avoid such case, 'jsrsasign' supports
609  * 'acceptField.gracePeriod' parameter which specifies acceptable time difference
610  * of those clocks in seconds. So if you want to accept slow or fast in 2 hours,
611  * you can specify <code>acceptField.gracePeriod = 2 * 60 * 60;</code>.
612  * "gracePeriod" is zero by default.
613  * "gracePeriod" is supported since jsrsasign 5.0.12.
614  * </li>
615  * <li>Payload.exp (expire) - Validation time is smaller than Payload.exp + gracePeriod.</li>
616  * <li>Payload.nbf (not before) - Validation time is greater than Payload.nbf - gracePeriod.</li>
617  * <li>Payload.iat (issued at) - Validation time is greater than Payload.iat - gracePeriod.</li>
618  * </ul>
619  * </li>
620  * <li>Payload.jti (JWT id) - Payload.jti is included in acceptField.jti if specified. (OPTION)</li>
621  * <li>JWS signature of JWS is valid for specified key.</li>
622  * </ul>
623  *
624  * <h4>acceptField parameters</h4>
625  * Here is available acceptField argument parameters:
626  * <ul>
627  * <li>alg - array of acceptable signature algorithm names (ex. ["HS256", "HS384"])</li>
628  * <li>iss - array of acceptable issuer names (ex. ['http://foo.com'])</li>
629  * <li>sub - array of acceptable subject names (ex. ['mailto:john@foo.com'])</li>
630  * <li>aud - array of acceptable audience name (ex. ['http://foo.com'])</li>
631  * <li>jti - string of acceptable JWT ID (OPTION) (ex. 'id1234')</li>
632  * <li>
633  * verifyAt - time to verify 'nbf', 'iat' and 'exp' in UNIX seconds 
634  * (OPTION) (ex. 1377663900).  
635  * If this is not specified, current time of verifier will be used. 
636  * {@link KJUR.jws.IntDate} may be useful to specify it.
637  * </li>
638  * <li>gracePeriod - acceptable time difference between signer and verifier
639  * in seconds (ex. 3600). If this is not specified, zero will be used.</li>
640  * </ul>
641  *
642  * @example
643  * // simple validation for HS256
644  * isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
645  *
646  * // full validation for RS or PS
647  * pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
648  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
649  *   alg: ['RS256', 'RS512', 'PS256', 'PS512'],
650  *   iss: ['http://foo.com'],
651  *   sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
652  *   verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
653  *   aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
654  *   jti: 'id123456',
655  *   gracePeriod: 1 * 60 * 60 // accept 1 hour slow or fast
656  * });
657  */
658 KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) {
659     var _KJUR = KJUR,
660 	_KJUR_jws = _KJUR.jws,
661 	_KJUR_jws_JWS = _KJUR_jws.JWS,
662 	_readSafeJSONString = _KJUR_jws_JWS.readSafeJSONString,
663 	_inArray = _KJUR_jws_JWS.inArray,
664 	_includedArray = _KJUR_jws_JWS.includedArray;
665 
666     // 1. parse JWT
667     var a = sJWT.split(".");
668     var uHeader = a[0];
669     var uPayload = a[1];
670     var uSignatureInput = uHeader + "." + uPayload;
671     var hSig = b64utohex(a[2]);
672 
673     // 2. parse JWS header
674     var pHeader = _readSafeJSONString(b64utoutf8(uHeader));
675 
676     // 3. parse JWS payload
677     var pPayload = _readSafeJSONString(b64utoutf8(uPayload));
678 
679     // 4. algorithm ('alg' in header) check
680     if (pHeader.alg === undefined) return false;
681     if (acceptField.alg === undefined)
682 	throw "acceptField.alg shall be specified";
683     if (! _inArray(pHeader.alg, acceptField.alg)) return false;
684 
685     // 5. issuer ('iss' in payload) check
686     if (pPayload.iss !== undefined && typeof acceptField.iss === "object") {
687 	if (! _inArray(pPayload.iss, acceptField.iss)) return false;
688     }
689 
690     // 6. subject ('sub' in payload) check
691     if (pPayload.sub !== undefined && typeof acceptField.sub === "object") {
692 	if (! _inArray(pPayload.sub, acceptField.sub)) return false;
693     }
694 
695     // 7. audience ('aud' in payload) check
696     if (pPayload.aud !== undefined && typeof acceptField.aud === "object") {
697 	if (typeof pPayload.aud == "string") {
698 	    if (! _inArray(pPayload.aud, acceptField.aud))
699 		return false;
700 	} else if (typeof pPayload.aud == "object") {
701 	    if (! _includedArray(pPayload.aud, acceptField.aud))
702 		return false;
703 	}
704     }
705 
706     // 8. time validity 
707     //   (nbf - gracePeriod < now < exp + gracePeriod) && (iat - gracePeriod < now)
708     var now = _KJUR_jws.IntDate.getNow();
709     if (acceptField.verifyAt !== undefined && typeof acceptField.verifyAt === "number") {
710 	now = acceptField.verifyAt;
711     }
712     if (acceptField.gracePeriod === undefined || 
713         typeof acceptField.gracePeriod !== "number") {
714 	acceptField.gracePeriod = 0;
715     }
716 
717     // 8.1 expired time 'exp' check
718     if (pPayload.exp !== undefined && typeof pPayload.exp == "number") {
719 	if (pPayload.exp + acceptField.gracePeriod < now) return false;
720     }
721 
722     // 8.2 not before time 'nbf' check
723     if (pPayload.nbf !== undefined && typeof pPayload.nbf == "number") {
724 	if (now < pPayload.nbf - acceptField.gracePeriod) return false;
725     }
726     
727     // 8.3 issued at time 'iat' check
728     if (pPayload.iat !== undefined && typeof pPayload.iat == "number") {
729 	if (now < pPayload.iat - acceptField.gracePeriod) return false;
730     }
731 
732     // 9 JWT id 'jti' check
733     if (pPayload.jti !== undefined && acceptField.jti !== undefined) {
734       if (pPayload.jti !== acceptField.jti) return false;
735     }
736 
737     // 10 JWS signature check
738     if (! _KJUR_jws_JWS.verify(sJWT, key, acceptField.alg)) return false;
739 
740     // 11 passed all check
741     return true;
742 };
743 
744 /**
745  * check whether array is included by another array
746  * @name includedArray
747  * @memberOf KJUR.jws.JWS
748  * @function
749  * @static
750  * @param {Array} a1 check whether set a1 is included by a2
751  * @param {Array} a2 check whether set a1 is included by a2
752  * @return {Boolean} check whether set a1 is included by a2
753  * @since jws 3.2.3
754  * This method verifies whether an array is included by another array.
755  * It doesn't care about item ordering in a array.
756  * @example
757  * KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
758  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
759  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false
760  */
761 KJUR.jws.JWS.includedArray = function(a1, a2) {
762     var _inArray = KJUR.jws.JWS.inArray;
763     if (a1 === null) return false;
764     if (typeof a1 !== "object") return false;
765     if (typeof a1.length !== "number") return false;
766 
767     for (var i = 0; i < a1.length; i++) {
768 	if (! _inArray(a1[i], a2)) return false;
769     }
770     return true;
771 };
772 
773 /**
774  * check whether item is included by array
775  * @name inArray
776  * @memberOf KJUR.jws.JWS
777  * @function
778  * @static
779  * @param {String} item check whether item is included by array
780  * @param {Array} a check whether item is included by array
781  * @return {Boolean} check whether item is included by array
782  * @since jws 3.2.3
783  * This method verifies whether an item is included by an array.
784  * It doesn't care about item ordering in an array.
785  * @example
786  * KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
787  * KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
788  * KJUR.jws.JWS.inArray('a', ['b', 'c']) => false
789  */
790 KJUR.jws.JWS.inArray = function(item, a) {
791     if (a === null) return false;
792     if (typeof a !== "object") return false;
793     if (typeof a.length !== "number") return false;
794     for (var i = 0; i < a.length; i++) {
795 	if (a[i] == item) return true;
796     }
797     return false;
798 };
799 
800 /**
801  * static associative array of general signature algorithm name from JWS algorithm name
802  * @since jws 3.0.0
803  */
804 KJUR.jws.JWS.jwsalg2sigalg = {
805     "HS256":	"HmacSHA256",
806     "HS384":	"HmacSHA384",
807     "HS512":	"HmacSHA512",
808     "RS256":	"SHA256withRSA",
809     "RS384":	"SHA384withRSA",
810     "RS512":	"SHA512withRSA",
811     "ES256":	"SHA256withECDSA",
812     "ES384":	"SHA384withECDSA",
813     //"ES512":	"SHA512withECDSA", // unsupported because of jsrsasign's bug
814     "PS256":	"SHA256withRSAandMGF1",
815     "PS384":	"SHA384withRSAandMGF1",
816     "PS512":	"SHA512withRSAandMGF1",
817     "none":	"none",
818 };
819 
820 // === utility static method ==================================================
821 
822 /**
823  * check whether a String "s" is a safe JSON string or not.<br/>
824  * If a String "s" is a malformed JSON string or an other object type
825  * this returns 0, otherwise this returns 1.
826  * @name isSafeJSONString
827  * @memberOf KJUR.jws.JWS
828  * @function
829  * @static
830  * @param {String} s JSON string
831  * @return {Number} 1 or 0
832  */
833 KJUR.jws.JWS.isSafeJSONString = function(s, h, p) {
834     var o = null;
835     try {
836 	o = jsonParse(s);
837 	if (typeof o != "object") return 0;
838 	if (o.constructor === Array) return 0;
839 	if (h) h[p] = o;
840 	return 1;
841     } catch (ex) {
842 	return 0;
843     }
844 };
845 
846 /**
847  * read a String "s" as JSON object if it is safe.<br/>
848  * If a String "s" is a malformed JSON string or not JSON string,
849  * this returns null, otherwise returns JSON object.
850  * @name readSafeJSONString
851  * @memberOf KJUR.jws.JWS
852  * @function
853  * @static
854  * @param {String} s JSON string
855  * @return {Object} JSON object or null
856  * @since 1.1.1
857  */
858 KJUR.jws.JWS.readSafeJSONString = function(s) {
859     var o = null;
860     try {
861 	o = jsonParse(s);
862 	if (typeof o != "object") return null;
863 	if (o.constructor === Array) return null;
864 	return o;
865     } catch (ex) {
866 	return null;
867     }
868 };
869 
870 /**
871  * get Encoed Signature Value from JWS string.<br/>
872  * @name getEncodedSignatureValueFromJWS
873  * @memberOf KJUR.jws.JWS
874  * @function
875  * @static
876  * @param {String} sJWS JWS signature string to be verified
877  * @return {String} string of Encoded Signature Value 
878  * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
879  */
880 KJUR.jws.JWS.getEncodedSignatureValueFromJWS = function(sJWS) {
881     var matchResult = sJWS.match(/^[^.]+\.[^.]+\.([^.]+)$/);
882     if (matchResult == null) {
883 	throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
884     }
885     return matchResult[1];
886 };
887 
888 /**
889  * get RFC 7638 JWK thumbprint from JWK object
890  * @name getJWKthumbprint
891  * @memberOf KJUR.jws.JWS
892  * @function
893  * @static
894  * @param {Object} o JWK object to be calculated thumbprint
895  * @return {String} Base64 URL encoded JWK thumbprint value
896  * @since jsrsasign 5.0.2 jws 3.3.2
897  * @description
898  * This method calculates JWK thmubprint for specified JWK object
899  * as described in 
900  * <a href="https://tools.ietf.org/html/rfc7638">RFC 7638</a>.
901  * It supports all type of "kty". (i.e. "RSA", "EC" and "oct"
902  * (for symmetric key))
903  * Working sample is 
904  * <a href="https://kjur.github.io/jsrsasign/sample/tool_jwktp.html">here</a>.
905  * @example
906  * jwk = {"kty":"RSA", "n":"0vx...", "e":"AQAB", ...};
907  * thumbprint = KJUR.jws.JWS.getJWKthumbprint(jwk);
908  */
909 KJUR.jws.JWS.getJWKthumbprint = function(o) {
910     if (o.kty !== "RSA" &&
911 	o.kty !== "EC" &&
912 	o.kty !== "oct")
913 	throw "unsupported algorithm for JWK Thumprint";
914 
915     // 1. get canonically ordered json string
916     var s = '{';
917     if (o.kty === "RSA") {
918 	if (typeof o.n != "string" || typeof o.e != "string")
919 	    throw "wrong n and e value for RSA key";
920 	s += '"' + 'e' + '":"' + o.e + '",';
921 	s += '"' + 'kty' + '":"' + o.kty + '",';
922 	s += '"' + 'n' + '":"' + o.n + '"}';
923     } else if (o.kty === "EC") {
924 	if (typeof o.crv != "string" || 
925 	    typeof o.x != "string" ||
926 	    typeof o.y != "string")
927 	    throw "wrong crv, x and y value for EC key";
928 	s += '"' + 'crv' + '":"' + o.crv + '",';
929 	s += '"' + 'kty' + '":"' + o.kty + '",';
930 	s += '"' + 'x' + '":"' + o.x + '",';
931 	s += '"' + 'y' + '":"' + o.y + '"}';
932     } else if (o.kty === "oct") {
933 	if (typeof o.k != "string")
934 	    throw "wrong k value for oct(symmetric) key";
935 	s += '"' + 'kty' + '":"' + o.kty + '",';
936 	s += '"' + 'k' + '":"' + o.k + '"}';
937     }
938     //alert(s);
939 
940     // 2. get thumb print
941     var hJWK = rstrtohex(s);
942     var hash = KJUR.crypto.Util.hashHex(hJWK, "sha256");
943     var hashB64U = hextob64u(hash);
944 
945     return hashB64U;
946 };
947 
948 /**
949  * IntDate class for time representation for JSON Web Token(JWT)
950  * @class KJUR.jws.IntDate class
951  * @name KJUR.jws.IntDate
952  * @since jws 3.0.1
953  * @description
954  * Utility class for IntDate which is integer representation of UNIX origin time
955  * used in JSON Web Token(JWT).
956  */
957 KJUR.jws.IntDate = {};
958 
959 /**
960  * get UNIX origin time from by string
961  * @name get
962  * @memberOf KJUR.jws.IntDate
963  * @function
964  * @static
965  * @param {String} s string of time representation
966  * @return {Integer} UNIX origin time in seconds for argument 's'
967  * @since jws 3.0.1
968  * @throws "unsupported format: s" when malformed format
969  * @description
970  * This method will accept following representation of time.
971  * <ul>
972  * <li>now - current time</li>
973  * <li>now + 1hour - after 1 hour from now</li>
974  * <li>now + 1day - after 1 day from now</li>
975  * <li>now + 1month - after 30 days from now</li>
976  * <li>now + 1year - after 365 days from now</li>
977  * <li>YYYYmmDDHHMMSSZ - UTC time (ex. 20130828235959Z)</li>
978  * <li>number - UNIX origin time (seconds from 1970-01-01 00:00:00) (ex. 1377714748)</li>
979  * </ul>
980  */
981 KJUR.jws.IntDate.get = function(s) {
982     var _KJUR_jws_IntDate = KJUR.jws.IntDate,
983 	_getNow = _KJUR_jws_IntDate.getNow,
984 	_getZulu = _KJUR_jws_IntDate.getZulu;
985 
986     if (s == "now") {
987 	return _getNow();
988     } else if (s == "now + 1hour") {
989 	return _getNow() + 60 * 60;
990     } else if (s == "now + 1day") {
991 	return _getNow() + 60 * 60 * 24;
992     } else if (s == "now + 1month") {
993 	return _getNow() + 60 * 60 * 24 * 30;
994     } else if (s == "now + 1year") {
995 	return _getNow() + 60 * 60 * 24 * 365;
996     } else if (s.match(/Z$/)) {
997 	return _getZulu(s);
998     } else if (s.match(/^[0-9]+$/)) {
999 	return parseInt(s);
1000     }
1001     throw "unsupported format: " + s;
1002 };
1003 
1004 /**
1005  * get UNIX origin time from Zulu time representation string
1006  * @name getZulu
1007  * @memberOf KJUR.jws.IntDate
1008  * @function
1009  * @static
1010  * @param {String} s string of Zulu time representation (ex. 20151012125959Z)
1011  * @return {Integer} UNIX origin time in seconds for argument 's'
1012  * @since jws 3.0.1
1013  * @throws "unsupported format: s" when malformed format
1014  * @description
1015  * This method provides UNIX origin time from Zulu time.
1016  * Following representations are supported:
1017  * <ul>
1018  * <li>YYYYMMDDHHmmSSZ - GeneralizedTime format</li>
1019  * <li>YYMMDDHHmmSSZ - UTCTime format. If YY is greater or equal to 
1020  * 50 then it represents 19YY otherwise 20YY.</li>
1021  * </ul>
1022  * @example
1023  * KJUR.jws.IntDate.getZulu("20151012125959Z") => 1478...
1024  * KJUR.jws.IntDate.getZulu("151012125959Z") => 1478...
1025  */
1026 KJUR.jws.IntDate.getZulu = function(s) {
1027     return zulutosec(s);
1028 };
1029 
1030 /**
1031  * get UNIX origin time of current time
1032  * @name getNow
1033  * @memberOf KJUR.jws.IntDate
1034  * @function
1035  * @static
1036  * @return {Integer} UNIX origin time for current time
1037  * @since jws 3.0.1
1038  * @description
1039  * This method provides UNIX origin time for current time
1040  * @example
1041  * KJUR.jws.IntDate.getNow() => 1478...
1042  */
1043 KJUR.jws.IntDate.getNow = function() {
1044     var d = ~~(new Date() / 1000);
1045     return d;
1046 };
1047 
1048 /**
1049  * get UTC time string from UNIX origin time value
1050  * @name intDate2UTCString
1051  * @memberOf KJUR.jws.IntDate
1052  * @function
1053  * @static
1054  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
1055  * @return {String} UTC time string
1056  * @since jws 3.0.1
1057  * @description
1058  * This method provides UTC time string for UNIX origin time value.
1059  * @example
1060  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "2015 Oct ..."
1061  */
1062 KJUR.jws.IntDate.intDate2UTCString = function(intDate) {
1063     var d = new Date(intDate * 1000);
1064     return d.toUTCString();
1065 };
1066 
1067 /**
1068  * get UTC time string from UNIX origin time value
1069  * @name intDate2Zulu
1070  * @memberOf KJUR.jws.IntDate
1071  * @function
1072  * @static
1073  * @param {Integer} intDate UNIX origin time value (ex. 1478...)
1074  * @return {String} Zulu time string
1075  * @since jws 3.0.1
1076  * @description
1077  * This method provides Zulu time string for UNIX origin time value.
1078  * @example
1079  * KJUR.jws.IntDate.intDate2UTCString(1478...) => "20151012...Z"
1080  */
1081 KJUR.jws.IntDate.intDate2Zulu = function(intDate) {
1082     var d = new Date(intDate * 1000),
1083 	year = ("0000" + d.getUTCFullYear()).slice(-4),
1084 	mon =  ("00" + (d.getUTCMonth() + 1)).slice(-2),
1085 	day =  ("00" + d.getUTCDate()).slice(-2),
1086 	hour = ("00" + d.getUTCHours()).slice(-2),
1087 	min =  ("00" + d.getUTCMinutes()).slice(-2),
1088         sec =  ("00" + d.getUTCSeconds()).slice(-2);
1089     return year + mon + day + hour + min + sec + "Z";
1090 };
1091 
1092