dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-21 05:18:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
990 commits 10 branches 160 tags 9.9 MiB
Commit graph

68 commits

Author SHA1 Message Date
Filip Skokan
6fc1d4388c test,ci: refactor and add tests using node's experimental globals 2022-03-06 13:53:09 +01:00
Filip Skokan
7036a09004 test: add empty jws payload tests 2022-03-04 22:15:55 +01:00
Filip Skokan
b36a4e627e docs: use rfc-editor instead of datatracker for linking RFCs 2022-02-15 16:47:12 +01:00
Filip Skokan
80741cb32a refactor: substr > slice 2021-12-13 10:29:41 +01:00
Filip Skokan
188c1f7090 fix(electron): rsa-pss keys are never supported 2021-11-16 13:00:36 +01:00
Filip Skokan
7c70e7b970 fix: Compact JWS verification handles a zero-length payload string 2021-11-12 11:18:42 +01:00
Filip Skokan
cfc93f5daf feat: add GeneralSign signature and GeneralEncrypt recipient builder chaining 2021-11-11 16:16:01 +01:00
Filip Skokan
4a5e89d4e1 test(node): refactor to run only cjs in node 12, else esm 2021-11-10 16:47:41 +01:00
Filip Skokan
50d45f79db test: fix testECDSASigEncoding under @peculiar/webcrypto 2021-11-10 09:13:25 +01:00
Filip Skokan
57126f1806 fix: allow shorter HMAC secrets 
With workarounds available its enforcement is just adding extra code
that annoys developers.
 2021-11-01 17:52:04 +01:00
Filip Skokan
92df7032fe
style: global prettierc 2021-10-27 17:47:13 +02:00
Filip Skokan
dd2cf9ed2d
refactor: redo exports to support broader tooling 
BREAKING CHANGE: All module named exports have moved from subpaths to
just "jose". For example, `import { jwtVerify } from 'jose/jwt/verify'`
is now just `import { jwtVerify } from 'jose'`.

BREAKING CHANGE: All submodule default exports and named have been
removed in favour of just "jose" named exports.
 2021-10-14 14:08:05 +02:00
Filip Skokan
a51a9f6770
refactor: remove public API default exports in favour of named ones 2021-10-14 13:45:03 +02:00
Filip Skokan
914e47fc9b
refactor: remove util/random 
BREAKING CHANGE: The undocumented `jose/util/random` was removed.
 2021-10-14 13:44:53 +02:00
Filip Skokan
8d3cc3bb46
refactor: removed the deprecated jwk/parse module 
BREAKING CHANGE: The deprecated `jose/jwk/parse` module was
removed, use `import { importJWK } from 'jose'` instead.
 2021-10-14 13:44:33 +02:00
Filip Skokan
a13eb045d8
feat: improve key input type errors, remove dependency on @types/node 2021-10-06 11:57:48 +02:00
Filip Skokan
4128c16ca0
Revert "test: skip process crashing tests on electron@15" 
This reverts commit 137c473700.
 2021-10-03 10:22:29 +02:00
Filip Skokan
137c473700
test: skip process crashing tests on electron@15 
see https://github.com/electron/electron/issues/31064
 2021-09-22 23:50:08 +02:00
Filip Skokan
99eeb5ca95 refactor: error messages 2021-09-10 10:41:47 +02:00
Filip Skokan
0967369402 feat(cloudflare workers): add support for EdDSA using Ed25519 2021-09-10 10:36:37 +02:00
Filip Skokan
244a9f8433 test: fix conditional def 2021-09-09 15:44:48 +02:00
Filip Skokan
10a18f28a0 fix: guard Sign payloads and Encrypt plaintext argument types 2021-09-08 10:06:24 +02:00
Filip Skokan
71a2bae874 style: prettier lint 2021-09-06 14:00:53 +02:00
Filip Skokan
0b112cf63e feat(node): support rsa-pss keys in Node.js >= 16.9.0 for sign/verify 2021-09-06 11:14:01 +02:00
Filip Skokan
5c7d2656b6 feat: experimental Deno build & publish 2021-08-20 12:01:17 +02:00
Filip Skokan
59aa96d28d fix(typescript): allow sign results to be passed to verify 2021-08-20 11:57:16 +02:00
Andrey Trebler
1fc79aa831
fix: throw JWSInvalid when jws protected header is invalid (#244) 2021-08-16 12:34:44 +02:00
Filip Skokan
b84d6a307d style: prettier lint 2021-05-12 13:27:02 +02:00
Filip Skokan
e0adf49e57 fix: swallow invalid signature encoding errors 2021-03-11 14:56:57 +01:00
Filip Skokan
8fffd3e2e1 feat: electron >=12.0.0 is now supported (and tested on ci) 2021-03-03 00:19:04 +01:00
Filip Skokan
c037e5907c style: lint cookbooks 2021-02-05 12:43:42 +01:00
Filip Skokan
e8d41a9335 feat: allow CryptoKey instances in a regular non-webcrypto node runtime 2021-02-04 17:39:28 +01:00
Filip Skokan
69a7edea0a refactor: explicit new uint8array arg 2021-01-28 16:16:12 +01:00
Filip Skokan
47d7001c02 test: deflake different payload produce test 2020-12-16 19:10:50 +01:00
Filip Skokan
6fb862cf12 feat: added JWS General JSON Serialization signing 
resolves #129
 2020-12-16 18:43:35 +01:00
Filip Skokan
55b77810d0 feat: added JWS General JSON Serialization verification 
resolves #129
 2020-12-16 18:29:05 +01:00
Filip Skokan
5163116ca1 feat: support recognizing proprietary crit header parameters 
closes #123
 2020-12-06 17:54:38 +01:00
Filip Skokan
ce521d567b refactor: less for in, added type checks, error messages 2020-11-22 12:44:27 +01:00
Filip Skokan
e39c3dba75 feat: allow compact verify/decrypt tokens to be uint8array encoded 
This means that when Nested JWT is used the decrypted plaintext can
be piped directly to verify.
 2020-11-22 12:44:27 +01:00
Filip Skokan
a6fa15e64d test: add coverage 2020-11-22 12:35:38 +01:00
Filip Skokan
357fe0b964 feat: Revised API, No dependencies, Browser Support, Promises 
BREAKING CHANGE: Revised, Promise-based API
BREAKING CHANGE: No dependencies
BREAKING CHANGE: Browser support (using [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/))
BREAKING CHANGE: Support for verification using a remote JWKS endpoint
BREAKING CHANGE: Experimental Node.js libuv thread pool based runtime (non-blocking 🎉)
 2020-11-14 18:26:46 +01:00
Filip Skokan
6c35c519c9 refactor: removed deprecated methods and utilities 
BREAKING CHANGE: deprecated method `JWK.importKey` was removed
BREAKING CHANGE: deprecated method `JWKS.KeyStore.fromJWKS` was removed
BREAKING CHANGE: the use of unregistered curve name P-256K for secp256k1
was removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
ba5c897919 refactor: removed payload parsing from JWS.verify 
BREAKING CHANGE: JWS.verify returned payloads are now always buffers
BREAKING CHANGE: JWS.verify options `encoding` and `parse` were removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
d56ec9f5dd fix: ensure "b64" is the same for all recipients edge cases 2020-08-04 14:37:52 +02:00
Filip Skokan
169542363f fix: do not mutate unencoded payload when signing for multiple parties 
resolves #89
 2020-08-04 14:36:52 +02:00
Filip Skokan
3e3d7dd381 perf: various codepaths refactored 2020-02-06 14:18:48 +01:00
Filip Skokan
470b4c7315 perf: base64url decode, JWT.verify, JWK.Key instance re-use 
I'm done trying to educate other JOSE producers about interoperability
so i'm going to be accepting their non-conform base64url so that users
of this module don't suffer performance loss.
 2020-01-29 20:33:30 +01:00
Filip Skokan
3a6d17fdd1 feat: add opt-in support for Unsecured JWS algorithm "none" 2020-01-23 18:38:00 +01:00
Filip Skokan
8976027c97 refactor: improve error message when key use mismatches the operation 2019-12-06 15:35:15 +01:00
Filip Skokan
daabedc776 fix: handle Unencoded Payload (b64:false) with arbitrary buffer payloads 
fixes #57
 2019-12-05 20:54:43 +01:00