opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK)
npm install jsrsasignjsrsasign
=========
jsrsasign TOP | github | Wiki | DOWNLOADS | TUTORIALS | API REFERENCE | Online Tool | DEMO | NODE TOOL | AddOn | DONATE
The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token/Key in pure JavaScript.
Public page is https://kjur.github.io/jsrsasign .
Your bugfix and pull request contribution are always welcomed :)
NOTICE FOR COMMING 11.0.0 RELEASE
---------------------------------
The "jsrsasign" library is a long lived JavaScript library from 2010 developed with old JavaScript style and backword compatibility. From coming release 11.0.0, following are planed and suport them gradually:
- Stop to support Internet Explorer.
- Stop to support bower.
- Modern ECMA functions will be introduced such as Promise, let, Array methods or class.
- API document generator will be changed from Jsdoc Toolkit to JSDoc3.
- Module bandler will be used such as browserify or webpack.
- Not to use YUI compressor.
- Unit test framework will be changed from QUnit and mocha to jest.
- W3C Web Crypto API support.
- split into some modules besides jsrsasign have been all in package before 11.0.0.
NEWS
----
- 2023-Mar-12: 10.7.0 Release. Now supports custom X.509 extension and custom OIDs by new "Add-on" architecture. (See here in detail)
- 2021-Nov-21: 10.5.0 Release. Now supports secp521r1(P-521) ECDSA.
- 2021-Apr-14: Security advisory and update for CVE-2021-30246 RSA signature validation vulnerability published
- 2020-Oct-05: jsrsasign won Google Open Source Peer Bonus Award. Thank you Google.
- 2020-Sep-23: 10.0.0 released for CMS SignedData related class including timestamp and CAdES architecture update
- 2020-Aug-24: 9.1.0 released to new CRL APIs align with certificate
- 2020-Aug-19: 9.0.0 released for major update of certificate and CSR generation and parsing without backward compatibility. Please see migration guide in detail.
- 2020-Aug-02: twitter account @jsrsasign started for announcement. please follow.
HIGHLIGHTS
----------
- Swiss Army Knife style all in one package crypto and PKI library
- available on Node.js and browsers
- Long live open source software from 2010
- very easy API to use
- powerful various format key loader and ASN.1 API
- rich document and samples
- no dependency to other library
- no dependency to W3C Web Cryptography API nor OpenSSL
- no dependency on newer ECMAScirpt function. So old browsers also supported.
- very popular crypto library with 1M+ npm downloads/month
- supports "Add-on" architecture
INSTALL
-------