dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-24 20:41:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
314 commits 10 branches 160 tags 9.9 MiB
Commit graph

23 commits

Author SHA1 Message Date
Filip Skokan
5e1009a63e feat: allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations 2019-11-27 22:04:14 +01:00
Filip Skokan
8ea968312e feat: expose crypto.KeyObject instances in supported runtimes 2019-11-03 17:27:44 +01:00
Filip Skokan
1db9fc9cd1 refactor: don't swallow invalid encoding errors 2019-09-25 22:18:47 +02:00
Filip Skokan
06758102b2 refactor: rename node_support to runtime_support 2019-09-10 12:14:15 +02:00
Filip Skokan
67a8601b09 feat: added Node.js lts/dubnium support for runtime supported features 2019-08-22 20:40:02 +02:00
Filip Skokan
e7ad82cbbc feat: electron v6.x support 2019-07-27 21:19:14 +02:00
Filip Skokan
211d7af5db feat: add secp256k1 EC Key curve and ES256K 
This is as per
- https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-01
- https://mailarchive.ietf.org/arch/msg/cose/91MouVA43DefbpQOB7l5daCEeIc
 2019-07-08 22:04:29 +02:00
Filip Skokan
5b53cb0155 fix: limit calculation of missing RSA private components 
- this deprecates the use of `JWK.importKey` in favor of
`JWK.asKey`
- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
`JWKS.asKeyStore`

Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
in the process getting blocked when large bitsize RSA private keys
were missing their components and could also result in an endless
calculation loop when the private key's private exponent was outright
invalid or tampered with.

The new methods still allow to import private RSA keys with these
optimization key parameters missing but its disabled by default and one
should choose to enable it when working with keys from trusted sources

It is recommended not to use @panva/jose versions with this feature in
its original on-by-default form - v1.1.0 and v1.2.0 These will
 2019-06-20 23:32:13 +02:00
Filip Skokan
2dbd3ed43a feat: add OKP Key and EdDSA sign/verify support 
BREAKING CHANGE: node.js minimal version is now v12.0.0 due to its
added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)

resolves #12
 2019-04-23 14:30:49 +02:00
Filip Skokan
2e33e1cc2b feat: add EC P-256K JWK and ES256K sign/verify support 2019-03-27 10:35:02 +01:00
Filip Skokan
a6d83d1d8e refactor: explicitly check EC curves supported 2019-03-26 09:42:22 +01:00
Filip Skokan
2ad441831d refactor: use import rather then new 2019-03-11 21:28:45 +01:00
Filip Skokan
6453e1ffc9 refactor: require order and base64url split encode buffer/string 2019-03-06 22:12:43 +01:00
Filip Skokan
d5fc18e4d2 refactor: less relying on KeyObject prototype 2019-03-04 20:04:42 +01:00
Filip Skokan
ca4355be19 chore: include third party license 2019-02-27 22:51:38 +01:00
Filip Skokan
dba1abdaf3 feat: add JWT.sign/verify/decode 2019-02-27 22:38:30 +01:00
Filip Skokan
546840d55c feat: throw JOSEMultiError when general formats and keystore use 2019-02-24 14:05:57 +01:00
Filip Skokan
7bc3cc4c71 feat: resolving alg/enc, crit members, add tests 2019-02-20 23:12:08 +01:00
Filip Skokan
44848fd879 test: add timingSafeEqual tests 2019-02-16 14:18:30 +01:00
Filip Skokan
cc89d4e02b refactor: cleanup, TODO chores 2019-02-10 21:39:59 +01:00
Filip Skokan
faa45bc03b refactor: remove generic errors 2019-01-20 19:37:27 +01:00
Filip Skokan
db7ae073ef test: ec key 2018-11-04 11:15:59 +01:00
Filip Skokan
7f84ce9252 feat: add ES521 support, start test suite 2018-11-03 14:30:20 +01:00