Bump jsrsasign from 8.0.24 to 10.6.0

[dependabot]

Bumps jsrsasign from 8.0.24 to 10.6.0.

Release notes

Sourced from jsrsasign's releases.

StringPrep DN canonicalization support and some fix

z* Changes from 10.5.27 to 10.6.0 (2022-Nov-04)

• x509.js
  • X509.getParam
    • add support for optional parameter "dncanon" and "dnhex"
  • X509.getInfo
    • update representation for AltName
  • X509.{getIssuer,getSubect}
    • add support for optional argument flagCanon, flagHex
  • X509.c14RDNArray added to convert from RDN array to canonicalized DN name (a.k.a. StringPrep).
  • X509.getX500Name
    • API document updated
  • X509.getOtherName
    • member name changed from "other" to "value" for consistency with KJUR.asn1.x509.OtherName class constructor.
    • Also oid member value in return object will be an oid name if defined.
  • X509.setCanonicalizedDN added to set "canon" member value
• asn1x509.js
  • smtpUTF8Mailbox oid added to OID class
  • API document fix
• asn1.js
  • DERTaggedObject API document update
• test/qunit-do-{asn1x509,x509-ext,x509-getinfo,x509-param,x509}.html
  • update some test cases for above

extend CertificationRequestInfo class for challengePassword and unstructuredName

• Changes from 10.5.26 to 10.5.27 (2022-Aug-19)
  • src/asn1csr.js
    • CertificationRequestInfo class
      • add support for challengePassword and unstructuredName (#522)
      • "attrs" member support in constructure argument
  • test/qunit-do-asn1csr.html

CSRUtil class enhancement

• Changes from 10.5.25 to 10.5.26 (2022-Jul-14)
  • src/asn1csr.js
    • CSRUtil.verifySignature method added
    • CSRUtil.getParam enhanced to support optional argument flagTBS
  • test/qunit-do-asn1csr.html
    • update some test cases for above

CVE-2022-25898 Security fix in JWS and JWT validation

• Changes from 10.5.24 to 10.5.25 (2022-Jun-23)
  • src/jws.js
    • JWS.verify and JWS.verifyJWT
      • CVE-2022-25898 SECURITY FIX: verify and verifyJWT may accept signature with special characters or \number characters by mistake. Please see security advisory:

... (truncated)

Changelog

Sourced from jsrsasign's changelog.

ChangeLog for jsrsasign

StringPrep DN canonicalization support and some fix

• Changes from 10.5.27 to 10.6.0 (2022-Nov-04)
  • x509.js
    • X509.getParam
      • add support for optional parameter "dncanon" and "dnhex"
    • X509.getInfo
      • update representation for AltName
    • X509.{getIssuer,getSubect}
      • add support for optional argument flagCanon, flagHex
    • X509.c14RDNArray added to convert from RDN array to canonicalized DN name (a.k.a. StringPrep).
    • X509.getX500Name
      • API document updated
    • X509.getOtherName
      • member name changed from "other" to "value" for consistency with KJUR.asn1.x509.OtherName class constructor.
      • Also oid member value in return object will be an oid name if defined.
    • X509.setCanonicalizedDN added to set "canon" member value
  • asn1x509.js
    • smtpUTF8Mailbox oid added to OID class
    • API document fix
  • asn1.js
    • DERTaggedObject API document update
  • test/qunit-do-{asn1x509,x509-ext,x509-getinfo,x509-param,x509}.html
    • update some test cases for above

CSRUtil class enhancement

• Changes from 10.5.25 to 10.5.26 (2022-Jul-14)
  • src/asn1csr.js
    • CSRUtil.verifySignature method added
    • CSRUtil.getParam enhanced to support optional argument flagTBS
  • test/qunit-do-asn1csr.html
    • update some test cases for above

CVE-2022-25898 Security fix in JWS and JWT validation

• Changes from 10.5.24 to 10.5.25 (2022-Jun-23)
  • src/jws.js
    • JWS.verify and JWS.verifyJWT
      • CVE-2022-25898 SECURITY FIX: verify and verifyJWT may accept signature with special characters or \number characters by mistake. Please see security advisory: GHSA-3fvg-4v2m-98jf
  • src/base64x.js
    • function isBase64URLDot added
  • test/qunit-do-jwt-veri.html

... (truncated)

Commits

• 58e5cdf 10.6.0 release
• c665ebc 10.5.27 release
• 6513aca 10.5.26 release
• 4536a6e CVE-2022-25898 Security fix in JWS and JWT validation
• 3edc007 10.5.24 release
• f6b7916 10.5.23 release
• 2613c64 10.5.22 release
• 4274a59 10.5.21 release
• f11615a ResponderID API doc update
• 5efa282 10.5.20 release
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #240.