digitalbazaar/forge

- Use window.postMessage and/or a combination of it and
  MutationObserver. These mechanisms should not starve I/O or
  browser rendering, but cause code to execute asynchronously
  much more quickly than setTimeout(fn, 0).

Fix off-by-one error in jsbn's bnGetPrng.

…y (Low)

This bug was found by [Cure53](https://cure53.de) during a security review of [Whiteout Mail](https://whiteout.io). The following comments are copied from the audit report:

In the file forge/js/jsbn.js the method bnGetPrng() is present, tasked with generating a pseudo-random big number. This method is used during RSA key generation in the Miller Rabin pseudo-prime test. The following line gets a random number and converts it as uniformly distributed into a byte ([0..255]):
x[i] = Math.floor(Math.random() * 0xFF);
Unfortunately the value of 255 will never be reached because Math.random() generates a value between 0 inclusive and 1 exclusive. This results in a subtle weakness in the Miller-Rabin pseudoprime test. It should be corrected to the following code:
x[i] = Math.floor(Math.random() * 0x0100);
Note that here the astonishingly often despised call to Math.random() is acceptable because bnGetPrng() is only called to create the “witness” in the Miller Rabin test. If Math.random() was used for key creation, it would constitute a critical issue instead.

- If certificates are not recognized or if they contain key
  formats that are unrecognized, a pkcs#12 container can still
  be decrypted. The resulting certificate bag will have its
  `cert` property set to `null` and an `asn1` property will
  contain its ASN.1 representation.

Update URL for Mocha test framework.

- If a private key is in a format unrecognized by forge, an
  object representing it in ASN.1 format will be returned. This
  allows private keys to be extracted from PKCS#12 containers
  (and potentially converted to DER/PEM) even if forge doesn't
  recognize them.