Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: panva/jose
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v3.15.5
Choose a base ref
...
head repository: panva/jose
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v3.16.0
Choose a head ref
  • 12 commits
  • 106 files changed
  • 1 contributor

Commits on Sep 2, 2021

  1. chore: cleanup after publish

    @panva
    panva committed Sep 2, 2021

    Verified

    This commit was signed with the committer’s verified signature.
    iampopovich Alex Popov
    GPG key ID: C9ABDE12115262C4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    2231e49 View commit details

  2. test(deno): update keylike test to import as exportable

    @panva
    panva committed Sep 2, 2021

    Verified

    This commit was signed with the committer’s verified signature.
    iampopovich Alex Popov
    GPG key ID: C9ABDE12115262C4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    be3638c View commit details

Commits on Sep 6, 2021

  1. feat(node): support rsa-pss keys in Node.js >= 16.9.0 for sign/verify

    @panva
    panva committed Sep 6, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    0b112cf View commit details

  2. docs: update README.md

    @panva
    panva committed Sep 6, 2021

    Verified

    This commit was signed with the committer’s verified signature.
    iampopovich Alex Popov
    GPG key ID: C9ABDE12115262C4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    05770a1 View commit details

  3. Revert "ci: experimental builds with pending and throwing deprecations" 

    This reverts commit c0bc79e.
    @panva
    panva committed Sep 6, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    d9d5f6a View commit details

  4. style: prettier lint

    @panva
    panva committed Sep 6, 2021

    Verified

    This commit was signed with the committer’s verified signature.
    iampopovich Alex Popov
    GPG key ID: C9ABDE12115262C4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    71a2bae View commit details

Commits on Sep 7, 2021

  1. chore: remove .github/workflows/label-sponsors.yml

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    aaf8d22 View commit details

  2. ci: test with Cloudflare Workers

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    8cc2ac8 View commit details

  3. chore: update package.json

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    3f40aaf View commit details

  4. ci: cloudflare tests are not flaky

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was signed with the committer’s verified signature.
    iampopovich Alex Popov
    GPG key ID: C9ABDE12115262C4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    56ca183 View commit details

  5. chore: upgrade @types/node

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    d94ea45 View commit details

  6. chore(release): 3.16.0

    @panva
    panva committed Sep 7, 2021

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    01568e9 View commit details
Showing with 1,086 additions and 395 deletions.
  1. +0 −12 .github/workflows/label-sponsors.yml
  2. +50 −11 .github/workflows/test.yml
  3. +7 −0 CHANGELOG.md
  4. +2 −2 README.md
  5. +7 −0 ava.config.cjs
  6. +18 −18 dist/deno/README.md
  7. +31 −3 dist/node/cjs/runtime/node_key.js
  8. +31 −3 dist/node/esm/runtime/node_key.js
  9. +7 −7 docs/classes/jwe_compact_encrypt.CompactEncrypt.md
  10. +10 −10 docs/classes/jwe_flattened_encrypt.FlattenedEncrypt.md
  11. +4 −4 docs/classes/jws_compact_sign.CompactSign.md
  12. +5 −5 docs/classes/jws_flattened_sign.FlattenedSign.md
  13. +4 −4 docs/classes/jws_general_sign.GeneralSign.md
  14. +17 −17 docs/classes/jwt_encrypt.EncryptJWT.md
  15. +11 −11 docs/classes/jwt_sign.SignJWT.md
  16. +11 −11 docs/classes/jwt_unsecured.UnsecuredJWT.md
  17. +3 −3 docs/classes/util_errors.JOSEAlgNotAllowed.md
  18. +3 −3 docs/classes/util_errors.JOSEError.md
  19. +3 −3 docs/classes/util_errors.JOSENotSupported.md
  20. +4 −4 docs/classes/util_errors.JWEDecryptionFailed.md
  21. +3 −3 docs/classes/util_errors.JWEInvalid.md
  22. +3 −3 docs/classes/util_errors.JWKInvalid.md
  23. +3 −3 docs/classes/util_errors.JWKSInvalid.md
  24. +4 −4 docs/classes/util_errors.JWKSMultipleMatchingKeys.md
  25. +4 −4 docs/classes/util_errors.JWKSNoMatchingKey.md
  26. +3 −3 docs/classes/util_errors.JWSInvalid.md
  27. +4 −4 docs/classes/util_errors.JWSSignatureVerificationFailed.md
  28. +5 −5 docs/classes/util_errors.JWTClaimValidationFailed.md
  29. +5 −5 docs/classes/util_errors.JWTExpired.md
  30. +3 −3 docs/classes/util_errors.JWTInvalid.md
  31. +2 −2 docs/functions/jwe_compact_decrypt.compactDecrypt.md
  32. +2 −2 docs/functions/jwe_flattened_decrypt.flattenedDecrypt.md
  33. +2 −2 docs/functions/jwe_general_decrypt.generalDecrypt.md
  34. +2 −2 docs/functions/jwk_embedded.EmbeddedJWK.md
  35. +2 −2 docs/functions/jwk_from_key_like.fromKeyLike.md
  36. +2 −2 docs/functions/jwk_parse.parseJwk.md
  37. +2 −2 docs/functions/jwk_thumbprint.calculateThumbprint.md
  38. +2 −2 docs/functions/jwks_remote.createRemoteJWKSet.md
  39. +2 −2 docs/functions/jws_compact_verify.compactVerify.md
  40. +2 −2 docs/functions/jws_flattened_verify.flattenedVerify.md
  41. +2 −2 docs/functions/jws_general_verify.generalVerify.md
  42. +2 −2 docs/functions/jwt_decrypt.jwtDecrypt.md
  43. +2 −2 docs/functions/jwt_verify.jwtVerify.md
  44. +1 −1 docs/functions/util_base64url.decode.md
  45. +1 −1 docs/functions/util_base64url.encode.md
  46. +2 −2 docs/functions/util_decode_protected_header.decodeProtectedHeader.md
  47. +2 −2 docs/functions/util_generate_key_pair.generateKeyPair.md
  48. +2 −2 docs/functions/util_generate_secret.generateSecret.md
  49. +1 −1 docs/functions/util_random.random.md
  50. +1 −1 docs/interfaces/jwe_compact_decrypt.CompactDecryptGetKey.md
  51. +1 −1 docs/interfaces/jwe_flattened_decrypt.FlattenedDecryptGetKey.md
  52. +1 −1 docs/interfaces/jwe_general_decrypt.GeneralDecryptGetKey.md
  53. +3 −3 docs/interfaces/jwks_remote.RemoteJWKSetOptions.md
  54. +1 −1 docs/interfaces/jws_compact_verify.CompactVerifyGetKey.md
  55. +1 −1 docs/interfaces/jws_flattened_verify.FlattenedVerifyGetKey.md
  56. +2 −2 docs/interfaces/jws_general_sign.Signature.md
  57. +1 −1 docs/interfaces/jws_general_verify.GeneralVerifyGetKey.md
  58. +1 −1 docs/interfaces/jwt_decrypt.JWTDecryptGetKey.md
  59. +11 −11 docs/interfaces/jwt_decrypt.JWTDecryptOptions.md
  60. +2 −2 docs/interfaces/jwt_unsecured.UnsecuredResult.md
  61. +1 −1 docs/interfaces/jwt_verify.JWTVerifyGetKey.md
  62. +9 −9 docs/interfaces/jwt_verify.JWTVerifyOptions.md
  63. +2 −2 docs/interfaces/types.CompactDecryptResult.md
  64. +2 −2 docs/interfaces/types.CompactVerifyResult.md
  65. +1 −1 docs/interfaces/types.CritOption.md
  66. +4 −4 docs/interfaces/types.DecryptOptions.md
  67. +1 −1 docs/interfaces/types.DeflateFunction.md
  68. +2 −2 docs/interfaces/types.EncryptOptions.md
  69. +5 −5 docs/interfaces/types.FlattenedDecryptResult.md
  70. +8 −8 docs/interfaces/types.FlattenedJWE.md
  71. +4 −4 docs/interfaces/types.FlattenedJWS.md
  72. +4 −4 docs/interfaces/types.FlattenedJWSInput.md
  73. +3 −3 docs/interfaces/types.FlattenedVerifyResult.md
  74. +5 −5 docs/interfaces/types.GeneralDecryptResult.md
  75. +7 −7 docs/interfaces/types.GeneralJWE.md
  76. +2 −2 docs/interfaces/types.GeneralJWS.md
  77. +2 −2 docs/interfaces/types.GeneralJWSInput.md
  78. +3 −3 docs/interfaces/types.GeneralVerifyResult.md
  79. +1 −1 docs/interfaces/types.GetKeyFunction.md
  80. +1 −1 docs/interfaces/types.InflateFunction.md
  81. +12 −12 docs/interfaces/types.JWEHeaderParameters.md
  82. +6 −6 docs/interfaces/types.JWEKeyManagementHeaderParameters.md
  83. +23 −23 docs/interfaces/types.JWK.md
  84. +11 −11 docs/interfaces/types.JWSHeaderParameters.md
  85. +7 −7 docs/interfaces/types.JWTClaimVerificationOptions.md
  86. +2 −2 docs/interfaces/types.JWTDecryptResult.md
  87. +7 −7 docs/interfaces/types.JWTPayload.md
  88. +2 −2 docs/interfaces/types.JWTVerifyResult.md
  89. +8 −8 docs/interfaces/types.JoseHeaderParameters.md
  90. +1 −1 docs/interfaces/types.SignOptions.md
  91. +2 −2 docs/interfaces/types.VerifyOptions.md
  92. +3 −3 docs/interfaces/util_generate_key_pair.GenerateKeyPairOptions.md
  93. +2 −2 docs/interfaces/util_generate_key_pair.GenerateKeyPairResult.md
  94. +1 −1 docs/interfaces/util_generate_secret.GenerateSecretOptions.md
  95. +1 −1 docs/types/types.KeyLike.md
  96. +1 −1 docs/types/util_decode_protected_header.ProtectedHeaderParameters.md
  97. +11 −7 package.json
  98. +45 −3 src/runtime/node/node_key.ts
  99. +7 −0 test-cloudflare-workers.config.cjs
  100. +6 −0 test-cloudflare-workers/.prettierrc.json
  101. +288 −0 test-cloudflare-workers/cloudflare.test.mjs
  102. +77 −0 test-cloudflare-workers/template.js
  103. +1 −1 test-deno/keylike.test.ts
  104. +166 −0 test/jws/rsa-pss.test.mjs
  105. +2 −0 tools/publish-node-cjs.js
  106. +2 −0 tools/publish-node-esm.js
12 changes: 0 additions & 12 deletions .github/workflows/label-sponsors.yml
View file

This file was deleted.

61 changes: 50 additions & 11 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -64,7 +64,6 @@ jobs:
include:
- experimental: true
node-version: '>=15'
node-options: '--throw-deprecation --pending-deprecation'

runs-on: ubuntu-latest
steps:
@@ -96,18 +95,12 @@ jobs:
key: dist-${{ hashFiles('src/**/*.ts') }}-${{ hashFiles('tsconfig/*.json') }}-${{ hashFiles('.github/workflows/*.yml') }}-${{ hashFiles('package.json') }}
- name: Test Node.js crypto
run: npm run test
env:
NODE_OPTIONS: ${{ matrix.node-options }}
- name: Test Node.js crypto w/ CryptoKey
run: npm run test-cryptokey
if: ${{ !startsWith(matrix.node-version, '14') && !startsWith(matrix.node-version, '12') }}
env:
NODE_OPTIONS: ${{ matrix.node-options }}
- name: Test Web Cryptography API
run: npm run test-webcrypto
if: ${{ !startsWith(matrix.node-version, '14') && !startsWith(matrix.node-version, '12') }}
env:
NODE_OPTIONS: ${{ matrix.node-options }}
- run: git reset HEAD --hard

test-deno:
@@ -134,6 +127,48 @@ jobs:
run: npm run test-deno -- --no-check
- run: git reset HEAD --hard

test-cloudflare:
concurrency: test-cloudflare
needs:
- build

runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: denoland/setup-deno@v1
with:
deno-version: v1.x
- name: Setup node
uses: actions/setup-node@v2
with:
node-version: 16
- name: Store node version variable
id: node
run: |
echo "::set-output name=version::$(node -v)"
- name: Cache node_modules
uses: actions/cache@v2
id: node_modules
with:
path: node_modules
key: ${{ runner.os }}-node_modules-${{ hashFiles('package.json') }}-${{ steps.node.outputs.version }}
- name: Install dependencies
run: npx panva/npm-install-retry
if: ${{ steps.node_modules.outputs.cache-hit != 'true' }}
- name: Load cached dist
uses: actions/cache@v2
id: dist
with:
path: dist
key: dist-${{ hashFiles('src/**/*.ts') }}-${{ hashFiles('tsconfig/*.json') }}-${{ hashFiles('.github/workflows/*.yml') }}-${{ hashFiles('package.json') }}
- name: Test Cloudflare Workers
run: npm run test-cloudflare-workers
env:
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
- run: git reset HEAD --hard

test-electron:
needs:
- build
@@ -176,8 +211,8 @@ jobs:
run: xvfb-maybe electron ./test/.electron
- run: git reset HEAD --hard

browserstack:
concurrency: ci-${{ github.job }}
test-browsers:
concurrency: test-browsers
if: ${{ github.event_name != 'pull_request' }}
env:
BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }}
@@ -186,6 +221,9 @@ jobs:
- build
runs-on: ubuntu-latest
steps:
- uses: denoland/setup-deno@v1
with:
deno-version: v1.x
- name: Checkout
uses: actions/checkout@v2
- name: Setup node
@@ -211,15 +249,16 @@ jobs:
with:
path: dist
key: dist-${{ hashFiles('src/**/*.ts') }}-${{ hashFiles('tsconfig/*.json') }}-${{ hashFiles('.github/workflows/*.yml') }}-${{ hashFiles('package.json') }}
- run: npx retry-cli npm run test-browser
- run: npx retry-cli npm run test-browsers
- run: git reset HEAD --hard

prepare-release:
needs:
- browserstack
- test
- test-browsers
- test-electron
- test-deno
- test-cloudflare
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && github.repository == 'panva/jose' }}
steps:
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -2,6 +2,13 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [3.16.0](https://github.com/panva/jose/compare/v3.15.5...v3.16.0) (2021-09-07)


### Features

* **node:** support rsa-pss keys in Node.js >= 16.9.0 for sign/verify ([0b112cf](https://github.com/panva/jose/commit/0b112cf63ed2a859806531853c37486485740f9c))

## [3.15.5](https://github.com/panva/jose/compare/v3.15.4...v3.15.5) (2021-09-02)


4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -177,7 +177,7 @@ Legend:

- Revised API
- No dependencies
- Browser support (using [Web Cryptography API][webcrypto])
- Browser, Cloudflare Workers, and Deno support (using [Web Cryptography API][webcrypto])
- Promise-based API

#### v2.x docs?
@@ -190,7 +190,7 @@ Legend:

#### How is it different from [`jws`](https://github.com/brianloveswords/node-jws), [`jwa`](https://github.com/brianloveswords/node-jwa) or [`jsonwebtoken`](https://github.com/auth0/node-jsonwebtoken)?

- it supports the browser runtime
- it supports the browser, Cloudflare Workers, and Deno runtimes
- it supports encrypted JWTs (i.e. in JWE format)
- supports secp256k1, Ed25519, Ed448, X25519, and X448
- it supports JWK Key Format for all four key types (oct, RSA, EC and OKP)
7 changes: 7 additions & 0 deletions ava.config.cjs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module.exports = {
files: [
"test/**/*.test.mjs",
"test/**/*.test.cjs",
"test/**/*.test.js",
],
};
36 changes: 18 additions & 18 deletions dist/deno/README.md
View file
Original file line number Diff line number Diff line change
@@ -9,30 +9,30 @@ If you or your business use `jose`, please consider becoming a [sponsor][support
## Available modules

- JSON Web Tokens (JWT)
- [Signing](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jwt_sign.SignJWT.md#readme)
- [Verification & Claims Set Validation](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwt_verify.jwtVerify.md#readme)
- [Signing](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jwt_sign.SignJWT.md#readme)
- [Verification & Claims Set Validation](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwt_verify.jwtVerify.md#readme)
- Encrypted JSON Web Tokens
- [Encryption](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jwt_encrypt.EncryptJWT.md#readme)
- [Decryption & Claims Set Validation](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwt_decrypt.jwtDecrypt.md#readme)
- [Encryption](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jwt_encrypt.EncryptJWT.md#readme)
- [Decryption & Claims Set Validation](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwt_decrypt.jwtDecrypt.md#readme)
- JSON Web Encryption (JWE)
- Encryption - [Compact](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jwe_compact_encrypt.CompactEncrypt.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jwe_flattened_encrypt.FlattenedEncrypt.md#readme)
- Decryption - [Compact](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwe_compact_decrypt.compactDecrypt.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwe_flattened_decrypt.flattenedDecrypt.md#readme), [General](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwe_general_decrypt.generalDecrypt.md#readme)
- Encryption - [Compact](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jwe_compact_encrypt.CompactEncrypt.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jwe_flattened_encrypt.FlattenedEncrypt.md#readme)
- Decryption - [Compact](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwe_compact_decrypt.compactDecrypt.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwe_flattened_decrypt.flattenedDecrypt.md#readme), [General](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwe_general_decrypt.generalDecrypt.md#readme)
- JSON Web Signature (JWS)
- Signing - [Compact](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jws_compact_sign.CompactSign.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jws_flattened_sign.FlattenedSign.md#readme), [General](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jws_general_sign.GeneralSign.md#readme)
- Verification - [Compact](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jws_compact_verify.compactVerify.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jws_flattened_verify.flattenedVerify.md#readme), [General](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jws_general_verify.generalVerify.md#readme)
- Signing - [Compact](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jws_compact_sign.CompactSign.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jws_flattened_sign.FlattenedSign.md#readme), [General](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jws_general_sign.GeneralSign.md#readme)
- Verification - [Compact](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jws_compact_verify.compactVerify.md#readme), [Flattened](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jws_flattened_verify.flattenedVerify.md#readme), [General](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jws_general_verify.generalVerify.md#readme)
- JSON Web Key (JWK)
- [Parsing (JWK to KeyLike)](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwk_parse.parseJwk.md#readme)
- [Conversion (KeyLike to JWK)](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwk_from_key_like.fromKeyLike.md#readme)
- [Thumbprints](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwk_thumbprint.calculateThumbprint.md#readme)
- [EmbeddedJWK](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwk_embedded.EmbeddedJWK.md#readme)
- [Parsing (JWK to KeyLike)](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwk_parse.parseJwk.md#readme)
- [Conversion (KeyLike to JWK)](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwk_from_key_like.fromKeyLike.md#readme)
- [Thumbprints](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwk_thumbprint.calculateThumbprint.md#readme)
- [EmbeddedJWK](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwk_embedded.EmbeddedJWK.md#readme)
- JSON Web Key Set (JWKS)
- [Verify using a remote JWKSet](https://github.com/panva/jose/blob/v3.15.5/docs/functions/jwks_remote.createRemoteJWKSet.md#readme)
- [Verify using a remote JWKSet](https://github.com/panva/jose/blob/v3.16.0/docs/functions/jwks_remote.createRemoteJWKSet.md#readme)
- Key Pair or Secret Generation (Generate KeyLike)
- [Asymmetric Key Pair Generation](https://github.com/panva/jose/blob/v3.15.5/docs/functions/util_generate_key_pair.generateKeyPair.md#readme)
- [Symmetric Secret Generation](https://github.com/panva/jose/blob/v3.15.5/docs/functions/util_generate_secret.generateSecret.md#readme)
- [Asymmetric Key Pair Generation](https://github.com/panva/jose/blob/v3.16.0/docs/functions/util_generate_key_pair.generateKeyPair.md#readme)
- [Symmetric Secret Generation](https://github.com/panva/jose/blob/v3.16.0/docs/functions/util_generate_secret.generateSecret.md#readme)
- Utilities
- [Decoding Token's Protected Header](https://github.com/panva/jose/blob/v3.15.5/docs/functions/util_decode_protected_header.decodeProtectedHeader.md#readme)
- [Unsecured JWT](https://github.com/panva/jose/blob/v3.15.5/docs/classes/jwt_unsecured.UnsecuredJWT.md#readme)
- [JOSE Errors](https://github.com/panva/jose/blob/v3.15.5/docs/modules/util_errors.md#readme)
- [Decoding Token's Protected Header](https://github.com/panva/jose/blob/v3.16.0/docs/functions/util_decode_protected_header.decodeProtectedHeader.md#readme)
- [Unsecured JWT](https://github.com/panva/jose/blob/v3.16.0/docs/classes/jwt_unsecured.UnsecuredJWT.md#readme)
- [JOSE Errors](https://github.com/panva/jose/blob/v3.16.0/docs/modules/util_errors.md#readme)

[support-sponsor]: https://github.com/sponsors/panva
34 changes: 31 additions & 3 deletions dist/node/cjs/runtime/node_key.js
View file
Original file line number Diff line number Diff line change
@@ -4,6 +4,11 @@ const crypto_1 = require("crypto");
const get_named_curve_js_1 = require("./get_named_curve.js");
const errors_js_1 = require("../util/errors.js");
const check_modulus_length_js_1 = require("./check_modulus_length.js");
const [major, minor] = process.version
.substr(1)
.split('.')
.map((str) => parseInt(str, 10));
const rsaPssParams = major >= 17 || (major === 16 && minor >= 9);
const ecCurveAlgMap = new Map([
['ES256', 'P-256'],
['ES256K', 'secp256k1'],
@@ -25,9 +30,32 @@ function keyForCrypto(alg, key) {
}
(0, check_modulus_length_js_1.default)(key, alg);
return key;
case 'PS256':
case 'PS384':
case 'PS512':
case rsaPssParams && 'PS256':
case rsaPssParams && 'PS384':
case rsaPssParams && 'PS512':
if (key.asymmetricKeyType === 'rsa-pss') {
const { hashAlgorithm, mgf1HashAlgorithm, saltLength } = key.asymmetricKeyDetails;
const length = parseInt(alg.substr(-3), 10);
if (hashAlgorithm !== undefined &&
(hashAlgorithm !== `sha${length}` || mgf1HashAlgorithm !== hashAlgorithm)) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${alg}`);
}
if (saltLength !== undefined && saltLength > length >> 3) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${alg}`);
}
}
else if (key.asymmetricKeyType !== 'rsa') {
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss');
}
(0, check_modulus_length_js_1.default)(key, alg);
return {
key,
padding: crypto_1.constants.RSA_PKCS1_PSS_PADDING,
saltLength: crypto_1.constants.RSA_PSS_SALTLEN_DIGEST,
};
case !rsaPssParams && 'PS256':
case !rsaPssParams && 'PS384':
case !rsaPssParams && 'PS512':
if (key.asymmetricKeyType !== 'rsa') {
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa');
}
34 changes: 31 additions & 3 deletions dist/node/esm/runtime/node_key.js
View file
Original file line number Diff line number Diff line change
@@ -2,6 +2,11 @@ import { constants } from 'crypto';
import getNamedCurve from './get_named_curve.js';
import { JOSENotSupported } from '../util/errors.js';
import checkModulusLength from './check_modulus_length.js';
const [major, minor] = process.version
.substr(1)
.split('.')
.map((str) => parseInt(str, 10));
const rsaPssParams = major >= 17 || (major === 16 && minor >= 9);
const ecCurveAlgMap = new Map([
['ES256', 'P-256'],
['ES256K', 'secp256k1'],
@@ -23,9 +28,32 @@ export default function keyForCrypto(alg, key) {
}
checkModulusLength(key, alg);
return key;
case 'PS256':
case 'PS384':
case 'PS512':
case rsaPssParams && 'PS256':
case rsaPssParams && 'PS384':
case rsaPssParams && 'PS512':
if (key.asymmetricKeyType === 'rsa-pss') {
const { hashAlgorithm, mgf1HashAlgorithm, saltLength } = key.asymmetricKeyDetails;
const length = parseInt(alg.substr(-3), 10);
if (hashAlgorithm !== undefined &&
(hashAlgorithm !== `sha${length}` || mgf1HashAlgorithm !== hashAlgorithm)) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${alg}`);
}
if (saltLength !== undefined && saltLength > length >> 3) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${alg}`);
}
}
else if (key.asymmetricKeyType !== 'rsa') {
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss');
}
checkModulusLength(key, alg);
return {
key,
padding: constants.RSA_PKCS1_PSS_PADDING,
saltLength: constants.RSA_PSS_SALTLEN_DIGEST,
};
case !rsaPssParams && 'PS256':
case !rsaPssParams && 'PS384':
case !rsaPssParams && 'PS512':
if (key.asymmetricKeyType !== 'rsa') {
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa');
}
14 changes: 7 additions & 7 deletions docs/classes/jwe_compact_encrypt.CompactEncrypt.md
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ const { CompactEncrypt } = require('jose/jwe/compact/encrypt')

**`example`** Deno import
```js
import { CompactEncrypt } from 'https://deno.land/x/jose@v3.15.5/jwe/compact/encrypt.ts'
import { CompactEncrypt } from 'https://deno.land/x/jose@v3.16.0/jwe/compact/encrypt.ts'
```

**`example`** Usage
@@ -58,7 +58,7 @@ console.log(jwe)

#### Defined in

[jwe/compact/encrypt.ts:44](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L44)
[jwe/compact/encrypt.ts:44](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L44)

## Methods

@@ -81,7 +81,7 @@ Encrypts and resolves the value of the Compact JWE string.

#### Defined in

[jwe/compact/encrypt.ts:102](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L102)
[jwe/compact/encrypt.ts:102](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L102)

___

@@ -106,7 +106,7 @@ test and vector validation purposes.

#### Defined in

[jwe/compact/encrypt.ts:56](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L56)
[jwe/compact/encrypt.ts:56](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L56)

___

@@ -131,7 +131,7 @@ intended for test and vector validation purposes.

#### Defined in

[jwe/compact/encrypt.ts:69](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L69)
[jwe/compact/encrypt.ts:69](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L69)

___

@@ -155,7 +155,7 @@ intended for test and vector validation purposes.

#### Defined in

[jwe/compact/encrypt.ts:91](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L91)
[jwe/compact/encrypt.ts:91](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L91)

___

@@ -177,4 +177,4 @@ Sets the JWE Protected Header on the CompactEncrypt object.

#### Defined in

[jwe/compact/encrypt.ts:79](https://github.com/panva/jose/blob/v3.15.5/src/jwe/compact/encrypt.ts#L79)
[jwe/compact/encrypt.ts:79](https://github.com/panva/jose/blob/v3.16.0/src/jwe/compact/encrypt.ts#L79)
Loading