donghaolin
/
JbSxs
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
6 Branches
0 Tags
108 MiB
Tree: 991dea072f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '991dea072f'
${ noResults }
JbSxs/Front-end logistics/node_modules/node-forge/CHANGELOG.md

412 lines
16 KiB
Raw Normal View History

250414提交
1 month ago
  1. Forge ChangeLog
  2. ===============
  4. ## 1.3.1 - 2022-03-29
  6. ### Fixes
  7. - RFC 3447 and RFC 8017 allow for optional `DigestAlgorithm` `NULL` parameters
  8. for `sha*` algorithms and require `NULL` paramters for `md2` and `md5`
  9. algorithms.
  11. ## 1.3.0 - 2022-03-17
  13. ### Security
  14. - Three RSA PKCS#1 v1.5 signature verification issues were reported by Moosa
  15. Yahyazadeh (moosa-yahyazadeh@uiowa.edu).
  16. - **HIGH**: Leniency in checking `digestAlgorithm` structure can lead to
  17. signature forgery.
  18. - The code is lenient in checking the digest algorithm structure. This can
  19. allow a crafted structure that steals padding bytes and uses unchecked
  20. portion of the PKCS#1 encoded message to forge a signature when a low
  21. public exponent is being used. For more information, please see
  22. ["Bleichenbacher's RSA signature forgery based on implementation
  23. error"](https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE/)
  24. by Hal Finney.
  25. - CVE ID: [CVE-2022-24771](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24771)
  26. - GHSA ID: [GHSA-cfm4-qjh2-4765](https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765)
  27. - **HIGH**: Failing to check tailing garbage bytes can lead to signature
  28. forgery.
  29. - The code does not check for tailing garbage bytes after decoding a
  30. `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed
  31. and garbage data added to forge a signature when a low public exponent is
  32. being used. For more information, please see ["Bleichenbacher's RSA
  33. signature forgery based on implementation
  34. error"](https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE/)
  35. by Hal Finney.
  36. - CVE ID: [CVE-2022-24772](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24772)
  37. - GHSA ID: [GHSA-x4jg-mjrx-434g](https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g)
  38. - **MEDIUM**: Leniency in checking type octet.
  39. - `DigestInfo` is not properly checked for proper ASN.1 structure. This can
  40. lead to successful verification with signatures that contain invalid
  41. structures but a valid digest.
  42. - CVE ID: [CVE-2022-24773](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24773)
  43. - GHSA ID: [GHSA-2r2c-g63r-vccr](https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr)
  45. ### Fixed
  46. - [asn1] Add fallback to pretty print invalid UTF8 data.
  47. - [asn1] `fromDer` is now more strict and will default to ensuring all input
  48. bytes are parsed or throw an error. A new option `parseAllBytes` can disable
  49. this behavior.
  50. - **NOTE**: The previous behavior is being changed since it can lead to
  51. security issues with crafted inputs. It is possible that code doing custom
  52. DER parsing may need to adapt to this new behavior and optional flag.
  53. - [rsa] Add and use a validator to check for proper structure of parsed ASN.1
  54. `RSASSA-PKCS-v1_5` `DigestInfo` data. Additionally check that the hash
  55. algorithm identifier is a known value from RFC 8017
  56. `PKCS1-v1-5DigestAlgorithms`. An invalid `DigestInfo` or algorithm identifier
  57. will now throw an error.
  58. - **NOTE**: The previous lenient behavior is being changed to be more strict
  59. since it could lead to security issues with crafted inputs. It is possible
  60. that code may have to handle the errors from these stricter checks.
  62. ### Added
  63. - [oid] Added missing RFC 8017 PKCS1-v1-5DigestAlgorithms algorithm
  64. identifiers:
  65. - `1.2.840.113549.2.2` / `md2`
  66. - `2.16.840.1.101.3.4.2.4` / `sha224`
  67. - `2.16.840.1.101.3.4.2.5` / `sha512-224`
  68. - `2.16.840.1.101.3.4.2.6` / `sha512-256`
  70. ## 1.2.1 - 2022-01-11
  72. ### Fixed
  73. - [tests]: Load entire module to improve top-level testing and coverage
  74. reporting.
  75. - [log]: Refactor logging setup to avoid use of `URLSearchParams`.
  77. ## 1.2.0 - 2022-01-07
  79. ### Fixed
  80. - [x509] 'Expected' and 'Actual' issuers were backwards in verification failure
  81. message.
  83. ### Added
  84. - [oid,x509]: Added OID `1.3.14.3.2.29 / sha1WithRSASignature` for sha1 with
  85. RSA. Considered a deprecated equivalent to `1.2.840.113549.1.1.5 /
  86. sha1WithRSAEncryption`. See [discussion and
  87. links](https://github.com/digitalbazaar/forge/issues/825).
  89. ### Changed
  90. - [x509]: Reduce duplicate code. Add helper function to create a signature
  91. digest given an signature algorithm OID. Add helper function to verify
  92. signatures.
  94. ## 1.1.0 - 2022-01-06
  96. ### Fixed
  97. - [x509]: Correctly compute certificate issuer and subject hashes to match
  98. behavior of openssl.
  99. - [pem]: Accept certificate requests with "NEW" in the label. "BEGIN NEW
  100. CERTIFICATE REQUEST" handled as "BEGIN CERTIFICATE REQUEST".
  102. ## 1.0.0 - 2022-01-04
  104. ### Notes
  105. - **1.0.0**!
  106. - This project is over a decade old! Time for a 1.0.0 release.
  107. - The URL related changes may expose bugs in some of the networking related
  108. code (unrelated to the much wider used cryptography code). The automated and
  109. manual test coverage for this code is weak at best. Issues or patches to
  110. update the code or tests would be appreciated.
  112. ### Removed
  113. - **SECURITY**, **BREAKING**: Remove `forge.debug` API. The API has the
  114. potential for prototype pollution. This API was only briefly used by the
  115. maintainers for internal project debug purposes and was never intended to be
  116. used with untrusted user inputs. This API was not documented or advertised
  117. and is being removed rather than fixed.
  118. - **SECURITY**, **BREAKING**: Remove `forge.util.parseUrl()` (and
  119. `forge.http.parseUrl` alias) and use the [WHATWG URL
  120. Standard](https://url.spec.whatwg.org/). `URL` is supported by modern browers
  121. and modern Node.js. This change is needed to address URL parsing security
  122. issues. If `forge.util.parseUrl()` is used directly or through `forge.xhr` or
  123. `forge.http` APIs, and support is needed for environments without `URL`
  124. support, then a polyfill must be used.
  125. - **BREAKING**: Remove `forge.task` API. This API was never used, documented,
  126. or advertised by the maintainers. If anyone was using this API and wishes to
  127. continue development it in other project, please let the maintainers know.
  128. Due to use in the test suite, a modified version is located in
  129. `tests/support/`.
  130. - **BREAKING**: Remove `forge.util.makeLink`, `forge.util.makeRequest`,
  131. `forge.util.parseFragment`, `forge.util.getQueryVariables`. Replace with
  132. `URL`, `URLSearchParams`, and custom code as needed.
  134. ### Changed
  135. - **BREAKING**: Increase supported Node.js version to 6.13.0 for URL support.
  136. - **BREAKING**: Renamed `master` branch to `main`.
  137. - **BREAKING**: Release process updated to use tooling that prefixes versions
  138. with `v`. Other tools, scripts, or scanners may need to adapt.
  139. - **BREAKING**: Remove docs related to Bower and
  140. [forge-dist](https://github.com/digitalbazaar/forge-dist). Install using
  141. [another method](./README.md#installation).
  143. ### Added
  144. - OIDs for `surname`, `title`, and `givenName`.
  146. ### Fixed
  147. - **BREAKING**: OID 2.5.4.5 name fixed from `serialName` to `serialNumber`.
  148. Depending on how applications used this id to name association it could cause
  149. compatibility issues.
  151. ## 0.10.0 - 2020-09-01
  153. ### Changed
  154. - **BREAKING**: Node.js 4 no longer supported. The code *may* still work, and
  155. non-invasive patches to keep it working will be considered. However, more
  156. modern tools no longer support old Node.js versions making testing difficult.
  158. ### Removed
  159. - **BREAKING**: Remove `util.getPath`, `util.setPath`, and `util.deletePath`.
  160. `util.setPath` had a potential prototype pollution security issue when used
  161. with unsafe inputs. These functions are not used by `forge` itself. They date
  162. from an early time when `forge` was targeted at providing general helper
  163. functions. The library direction changed to be more focused on cryptography.
  164. Many other excellent libraries are more suitable for general utilities. If
  165. you need a replacement for these functions, consider `get`, `set`, and `unset`
  166. from [lodash](https://lodash.com/). But also consider the potential similar
  167. security issues with those APIs.
  169. ## 0.9.2 - 2020-09-01
  171. ### Changed
  172. - Added `util.setPath` security note to function docs and to README.
  174. ### Notes
  175. - **SECURITY**: The `util.setPath` function has the potential to cause
  176. prototype pollution if used with unsafe input.
  177. - This function is **not** used internally by `forge`.
  178. - The rest of the library is unaffected by this issue.
  179. - **Do not** use unsafe input with this function.
  180. - Usage with known input should function as expected. (Including input
  181. intentionally using potentially problematic keys.)
  182. - No code changes will be made to address this issue in 0.9.x. The current
  183. behavior *could* be considered a feature rather than a security issue.
  184. 0.10.0 will be released that removes `util.getPath` and `util.setPath`.
  185. Consider `get` and `set` from [lodash](https://lodash.com/) if you need
  186. replacements. But also consider the potential similar security issues with
  187. those APIs.
  188. - https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
  189. - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720
  191. ## 0.9.1 - 2019-09-26
  193. ### Fixed
  194. - Ensure DES-CBC given IV is long enough for block size.
  196. ## 0.9.0 - 2019-09-04
  198. ### Added
  199. - Add ed25519.publicKeyFromAsn1 and ed25519.privateKeyFromAsn1 APIs.
  200. - A few OIDs used in EV certs.
  202. ### Fixed
  203. - Improve ed25519 NativeBuffer check.
  205. ## 0.8.5 - 2019-06-18
  207. ### Fixed
  208. - Remove use of `const`.
  210. ## 0.8.4 - 2019-05-22
  212. ### Changed
  213. - Replace all instances of Node.js `new Buffer` with `Buffer.from` and `Buffer.alloc`.
  215. ## 0.8.3 - 2019-05-15
  217. ### Fixed
  218. - Use basic character set for code.
  220. ## 0.8.2 - 2019-03-18
  222. ### Fixed
  223. - Fix tag calculation when continuing an AES-GCM block.
  225. ### Changed
  226. - Switch to eslint.
  228. ## 0.8.1 - 2019-02-23
  230. ### Fixed
  231. - Fix off-by-1 bug with kem random generation.
  233. ## 0.8.0 - 2019-01-31
  235. ### Fixed
  236. - Handle creation of certificates with `notBefore` and `notAfter` dates less
  237. than Jan 1, 1950 or greater than or equal to Jan 1, 2050.
  239. ### Added
  240. - Add OID 2.5.4.13 "description".
  241. - Add OID 2.16.840.1.113730.1.13 "nsComment".
  242. - Also handle extension when creating a certificate.
  243. - `pki.verifyCertificateChain`:
  244. - Add `validityCheckDate` option to allow checking the certificate validity
  245. period against an arbitrary `Date` or `null` for no check at all. The
  246. current date is used by default.
  247. - `tls.createConnection`:
  248. - Add `verifyOptions` option that passes through to
  249. `pki.verifyCertificateChain`. Can be used for the above `validityCheckDate`
  250. option.
  252. ### Changed
  253. - Support WebCrypto API in web workers.
  254. - `rsa.generateKeyPair`:
  255. - Use `crypto.generateKeyPair`/`crypto.generateKeyPairSync` on Node.js if
  256. available (10.12.0+) and not in pure JS mode.
  257. - Use JS fallback in `rsa.generateKeyPair` if `prng` option specified since
  258. this isn't supported by current native APIs.
  259. - Only run key generation comparison tests if keys will be deterministic.
  260. - PhantomJS is deprecated, now using Headless Chrome with Karma.
  261. - **Note**: Using Headless Chrome vs PhantomJS may cause newer JS features to
  262. slip into releases without proper support for older runtimes and browsers.
  263. Please report such issues and they will be addressed.
  264. - `pki.verifyCertificateChain`:
  265. - Signature changed to `(caStore, chain, options)`. Older `(caStore, chain,
  266. verify)` signature is still supported. New style is to to pass in a
  267. `verify` option.
  269. ## 0.7.6 - 2018-08-14
  271. ### Added
  272. - Test on Node.js 10.x.
  273. - Support for PKCS#7 detached signatures.
  275. ### Changed
  276. - Improve webpack/browser detection.
  278. ## 0.7.5 - 2018-03-30
  280. ### Fixed
  281. - Remove use of `const`.
  283. ## 0.7.4 - 2018-03-07
  285. ### Fixed
  286. - Potential regex denial of service in form.js.
  288. ### Added
  289. - Support for ED25519.
  290. - Support for baseN/base58.
  292. ## 0.7.3 - 2018-03-05
  294. - Re-publish with npm 5.6.0 due to file timestamp issues.
  296. ## 0.7.2 - 2018-02-27
  298. ### Added
  299. - Support verification of SHA-384 certificates.
  300. - `1.2.840.10040.4.3'`/`dsa-with-sha1` OID.
  302. ### Fixed
  303. - Support importing PKCS#7 data with no certificates. RFC 2315 sec 9.1 states
  304. certificates are optional.
  305. - `asn1.equals` loop bug.
  306. - Fortuna implementation bugs.
  308. ## 0.7.1 - 2017-03-27
  310. ### Fixed
  312. - Fix digestLength for hashes based on SHA-512.
  314. ## 0.7.0 - 2017-02-07
  316. ### Fixed
  318. - Fix test looping bugs so all tests are run.
  319. - Improved ASN.1 parsing. Many failure cases eliminated. More sanity checks.
  320. Better behavior in default mode of parsing BIT STRINGs. Better handling of
  321. parsed BIT STRINGs in `toDer()`. More tests.
  322. - Improve X.509 BIT STRING handling by using new capture modes.
  324. ### Changed
  326. - Major refactor to use CommonJS plus a browser build system.
  327. - Updated tests, examples, docs.
  328. - Updated dependencies.
  329. - Updated flash build system.
  330. - Improve OID mapping code.
  331. - Change test servers from Python to JavaScript.
  332. - Improve PhantomJS support.
  333. - Move Bower/bundle support to
  334. [forge-dist](https://github.com/digitalbazaar/forge-dist).
  335. - **BREAKING**: Require minimal digest algorithm dependencies from individual
  336. modules.
  337. - Enforce currently supported bit param values for byte buffer access. May be
  338. **BREAKING** for code that depended on unspecified and/or incorrect behavior.
  339. - Improve `asn1.prettyPrint()` BIT STRING display.
  341. ### Added
  343. - webpack bundler support via `npm run build`:
  344. - Builds `.js`, `.min.js`, and basic sourcemaps.
  345. - Basic build: `forge.js`.
  346. - Build with extra utils and networking support: `forge.all.js`.
  347. - Build WebWorker support: `prime.worker.js`.
  348. - Browserify support in package.json.
  349. - Karma browser testing.
  350. - `forge.options` field.
  351. - `forge.options.usePureJavaScript` flag.
  352. - `forge.util.isNodejs` flag (used to select "native" APIs).
  353. - Run PhantomJS tests in Travis-CI.
  354. - Add "Donations" section to README.
  355. - Add IRC to "Contact" section of README.
  356. - Add "Security Considerations" section to README.
  357. - Add pbkdf2 usePureJavaScript test.
  358. - Add rsa.generateKeyPair async and usePureJavaScript tests.
  359. - Add .editorconfig support.
  360. - Add `md.all.js` which includes all digest algorithms.
  361. - Add asn1 `equals()` and `copy()`.
  362. - Add asn1 `validate()` capture options for BIT STRING contents and value.
  364. ### Removed
  366. - **BREAKING**: Can no longer call `forge({...})` to create new instances.
  367. - Remove a large amount of old cruft.
  369. ### Migration from 0.6.x to 0.7.x
  371. - (all) If you used the feature to create a new forge instance with new
  372. configuration options you will need to rework your code. That ability has
  373. been removed due to implementation complexity. The main rare use was to set
  374. the option to use pure JavaScript. That is now available as a library global
  375. flag `forge.options.usePureJavaScript`.
  376. - (npm,bower) If you used the default main file there is little to nothing to
  377. change.
  378. - (npm) If you accessed a sub-resource like `forge/js/pki` you should either
  379. switch to just using the main `forge` and access `forge.pki` or update to
  380. `forge/lib/pki`.
  381. - (bower) If you used a sub-resource like `forge/js/pki` you should switch to
  382. just using `forge` and access `forge.pki`. The bower release bundles
  383. everything in one minified file.
  384. - (bower) A configured workerScript like
  385. `/bower_components/forge/js/prime.worker.js` will need to change to
  386. `/bower_components/forge/dist/prime.worker.min.js`.
  387. - (all) If you used the networking support or flash socket support, you will
  388. need to use a custom build and/or adjust where files are loaded from. This
  389. functionality is not included in the bower distribution by default and is
  390. also now in a different directory.
  391. - (all) The library should now directly support building custom bundles with
  392. webpack, browserify, or similar.
  393. - (all) If building a custom bundle ensure the correct dependencies are
  394. included. In particular, note there is now a `md.all.js` file to include all
  395. digest algorithms. Individual files limit what they include by default to
  396. allow smaller custom builds. For instance, `pbdkf2.js` has a `sha1` default
  397. but does not include any algorithm files by default. This allows the
  398. possibility to include only `sha256` without the overhead of `sha1` and
  399. `sha512`.
  401. ### Notes
  403. - This major update requires updating the version to 0.7.x. The existing
  404. work-in-progress "0.7.x" branch will be painfully rebased on top of this new
  405. 0.7.x and moved forward to 0.8.x or later as needed.
  406. - 0.7.x is a start of simplifying forge based on common issues and what has
  407. appeared to be the most common usage. Please file issues with feedback if the
  408. changes are problematic for your use cases.
  410. ## 0.6.x - 2016 and earlier
  412. - See Git commit log or https://github.com/digitalbazaar/forge.