CMS

kjur/jsrsasign

CAUTION: END OF SUPPORT ON 3 JUN 2026. The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.

#asn1#x509#certificate#crl#ocsp#timestamp#cms#rsa#dsa#ecdsa#aes#3des#sha1#sha2#signature#encryption#decryption

スコア

/ 100

Star

3,372

Fork

647

Open Issue

サイズ

24MB

言語

HTML

最終push

28 日前

Docker

—

採点内訳

過去CVE 6件 (適量)

✓

直近 push: 28 日前

✓

得意言語 (HTML)

—

オープンissue 26件

—

中規模 (24MB)

✓

Docker 未対応

—

1k–10k: 初心者ベスト (★3,372)

✓

※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。

過去の SecurityAdvisory (7 件)

HIGHGHSA-rh63-9qcf-83gf CVE-2024-214842024/1/17
2024.01.16 CVE-2024-21484 Marvin attack of RSA and RSAOAEP decryption
HIGHGHSA-3fvg-4v2m-98jf CVE-2022-258982022/6/23
2022.06.24 CVE-2022-25898 JWS and JWT signature validation vulnerability with special characters
LOWGHSA-27fj-mc8w-j9wg CVE-2021-302462021/4/13
2021.04.14 CVE-2021-30246 RSA signature validation vulnerability on maleable encoded message
MEDIUMGHSA-g753-jx37-7xwh2020/6/28
2020.03.31 ECDSA signature vulnerability of Minerva timing attack
MEDIUMGHSA-p8c3-7rj8-q963 CVE-2020-149662020/6/23
2020.06.22 CVE-2020-14966 ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding
LOWGHSA-xxxq-chmp-67g4 CVE-2020-149672020/6/23
2020.06.22 CVE-2020-14967 RSA RSAES-PKCS1-v1_5 and RSA-OAEP decryption vulnerability with prepending zeros
LOWGHSA-q3gh-5r98-j4h3 CVE-2020-149682020/6/23
2020.06.22 CVE-2020-14968 RSA-PSS signature validation vulnerability by prepending zeros