dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-24 20:41:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
269 commits 10 branches 160 tags 9.9 MiB
Commit graph

137 commits

Author SHA1 Message Date
Filip Skokan
af635be8ac refactor: allow ECDH-ES to be pluggable with extensions 2019-12-04 11:46:09 +01:00
Filip Skokan
b103874208 refactor: improve extra KW header parameter handling 2019-12-03 19:06:00 +01:00
Filip Skokan
a9f1d4b195 refactor: introduce various registries to prepare for extension modules 2019-12-03 18:54:37 +01:00
Filip Skokan
d5af0c364d refactor: set authTagLength option for Content Encryption with AES GCM 
Node uses 16 by default, this is just making it explicit.
 2019-12-01 19:01:47 +01:00
Filip Skokan
99eeb43d0e refactor: use dsaEncoding for ECDSA when supported 2019-11-29 10:57:20 +01:00
Filip Skokan
ce77388254 fix: default JWT.sign kid option value is false for HMAC signatures 2019-11-27 22:04:15 +01:00
Filip Skokan
d45f845c45 refactor: backwards compatibility for node < 12 2019-11-27 22:04:15 +01:00
Filip Skokan
3a6906278d refactor: less overhead + truly private API for JWK.Key#algorithms 2019-11-27 22:04:15 +01:00
Filip Skokan
5e1009a63e feat: allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations 2019-11-27 22:04:14 +01:00
Filip Skokan
ea60338ca6 feat: allow JWKS.KeyStore .all and .get to filter for key curves 2019-11-26 16:01:49 +01:00
Filip Skokan
c3eb8450b9 feat: return the CEK from JWE.decrypt operation with { complete: true } 2019-11-23 12:06:15 +01:00
Filip Skokan
6bb66d4f0b feat: add JWS.verify encoding and parsing options 2019-11-05 20:09:34 +01:00
Filip Skokan
8ea968312e feat: expose crypto.KeyObject instances in supported runtimes 2019-11-03 17:27:44 +01:00
Filip Skokan
95882232d6 fix: only use secp256k1 keys for signing/verification 2019-10-29 15:21:57 +01:00
Filip Skokan
6d839c6ed6 refactor: remove Object.assign where ... is possible 2019-10-23 16:44:40 +02:00
Filip Skokan
34b755afcf refactor: xt5 -> x5t 2019-10-17 14:56:53 +02:00
Filip Skokan
0a16efb961 fix: throw proper error when runtime doesn't support OKP 
closes #48
 2019-10-04 12:21:08 +02:00
Filip Skokan
809e3cb682 ci: coverage with electron 2019-09-26 14:59:57 +02:00
Filip Skokan
1db9fc9cd1 refactor: don't swallow invalid encoding errors 2019-09-25 22:18:47 +02:00
Filip Skokan
81abdfabc5 fix: keystore.toJWKS(true) does not throw on public keys 
closes #42
 2019-09-16 14:46:38 +02:00
Filip Skokan
06758102b2 refactor: rename node_support to runtime_support 2019-09-10 12:14:15 +02:00
Filip Skokan
2ac7f79463 chore: remove forgotten lib/index.d.ts 2019-09-09 10:47:59 +02:00
Filip Skokan
78398d3cdf feat: allow JWKS.asKeyStore to swallow errors 2019-08-24 22:03:37 +02:00
Filip Skokan
67a8601b09 feat: added Node.js lts/dubnium support for runtime supported features 2019-08-22 20:40:02 +02:00
Filip Skokan
28d7cf8c78 feat: add RSA-OAEP-256 support (when a node version supports it) 
resolves #29
 2019-08-20 19:22:42 +02:00
Filip Skokan
dd121ce38d fix: properly pad calculated RSA primes 2019-07-29 15:30:25 +02:00
Filip Skokan
e7ad82cbbc feat: electron v6.x support 2019-07-27 21:19:14 +02:00
Filip Skokan
24acd201b6 fix: use the correct ECPrivateKey version when importing EC JWK 2019-07-27 16:35:39 +02:00
Filip Skokan
181fd0954e fix: importing x5c in electron requires the input split 2019-07-27 15:31:24 +02:00
Filip Skokan
1dc7f35bd2 fix: correctly pad integers when importing RSA JWK 2019-07-27 11:14:01 +02:00
Filip Skokan
6c98b61597 feat: validate JWTs according to a JWT profile - ID Token 
It is now possible to pass a profile to `JWT.verify` and have the JWT
validated according to it. This makes sure you pass all the right
options and that required claims are present, prohibited claims are
missing and that the right JWT typ is used.

More profiles will be added in the future.
 2019-07-23 14:50:16 +02:00
Filip Skokan
baa2f4d04b style: indent index.d.ts 2019-07-22 22:40:15 +02:00
Filip Skokan
418e311c8d chore: update dev deps, code lint 2019-07-21 18:05:57 +02:00
Filip Skokan
36c9ce20c5 fix: honour the JWT.sign jti option 
fixes #33
 2019-07-14 19:30:04 +03:00
Filip Skokan
211d7af5db feat: add secp256k1 EC Key curve and ES256K 
This is as per
- https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-01
- https://mailarchive.ietf.org/arch/msg/cose/91MouVA43DefbpQOB7l5daCEeIc
 2019-07-08 22:04:29 +02:00
Filip Skokan
5b53cb0155 fix: limit calculation of missing RSA private components 
- this deprecates the use of `JWK.importKey` in favor of
`JWK.asKey`
- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
`JWKS.asKeyStore`

Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
in the process getting blocked when large bitsize RSA private keys
were missing their components and could also result in an endless
calculation loop when the private key's private exponent was outright
invalid or tampered with.

The new methods still allow to import private RSA keys with these
optimization key parameters missing but its disabled by default and one
should choose to enable it when working with keys from trusted sources

It is recommended not to use @panva/jose versions with this feature in
its original on-by-default form - v1.1.0 and v1.2.0 These will
 2019-06-20 23:32:13 +02:00
Filip Skokan
67beaae815 style: enable lint with esnext features 2019-05-27 17:23:07 +02:00
Filip Skokan
9d46c48fd5 feat: add support for JWK x5c, x5t and x5t#S256 2019-05-25 22:34:28 +02:00
Filip Skokan
2eae293760 feat: instances of JWKS.KeyStore are now iterable (e.g. for ... of) 2019-05-25 22:18:27 +02:00
Filip Skokan
2557e50dc0 test: update test coverage tool to c8 2019-05-23 20:03:51 +02:00
Filip Skokan
6e3d6fd111 feat: compute private RSA key p, q, dp, dq, qi when omitted 
resolves #26
 2019-05-23 19:51:45 +02:00
Filip Skokan
b0ff436daf fix: reject rsa keys without all factors and exponents with a specific message 2019-05-23 19:20:30 +02:00
Filip Skokan
ce69aee4dd style: index.d.ts 4 spaces 
[skip ci]
 2019-05-13 10:57:03 +02:00
Filip Skokan
c7a8606e4d fix: add missing keystore.toJWKS() .d.ts definition 
fixes #25
 2019-05-13 10:34:46 +02:00
Filip Skokan
46eb7edb80 refactor: mention thumbprint rather then kid in ref oct key thumbprint 2019-03-01 19:42:10 +02:00
Filip Skokan
0750d2c466 fix: oct key ts "k" type fix 2019-04-27 18:09:41 +02:00
Filip Skokan
bfc3991e08 style: disable lint for now until tools catch up to private fields 2019-04-23 18:09:45 +02:00
Filip Skokan
857dc2b51b fix: fail to import invalid PEM formatted strings and buffers 2019-04-23 14:30:51 +02:00
Filip Skokan
23b874cc20 feat: add JWK key_ops support, fix .algorithms() op returns 
BREAKING CHANGE: key.algorithms(op) un+wrapKey was split into correct
wrapKey/unwrapKey/deriveKey returns

BREAKING CHANGE: keystore.all and keystore.get `operation` option was
removed, `key_ops: string[]` supersedes it
 2019-04-23 14:30:51 +02:00
Filip Skokan
a8ef20e450 refactor: use private instance fields where possible 2019-04-23 14:30:50 +02:00