dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-24 20:41:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
191 commits 10 branches 160 tags 9.9 MiB
Commit graph

112 commits

Author SHA1 Message Date
Filip Skokan
dd121ce38d fix: properly pad calculated RSA primes 2019-07-29 15:30:25 +02:00
Filip Skokan
e7ad82cbbc feat: electron v6.x support 2019-07-27 21:19:14 +02:00
Filip Skokan
24acd201b6 fix: use the correct ECPrivateKey version when importing EC JWK 2019-07-27 16:35:39 +02:00
Filip Skokan
181fd0954e fix: importing x5c in electron requires the input split 2019-07-27 15:31:24 +02:00
Filip Skokan
1dc7f35bd2 fix: correctly pad integers when importing RSA JWK 2019-07-27 11:14:01 +02:00
Filip Skokan
6c98b61597 feat: validate JWTs according to a JWT profile - ID Token 
It is now possible to pass a profile to `JWT.verify` and have the JWT
validated according to it. This makes sure you pass all the right
options and that required claims are present, prohibited claims are
missing and that the right JWT typ is used.

More profiles will be added in the future.
 2019-07-23 14:50:16 +02:00
Filip Skokan
baa2f4d04b style: indent index.d.ts 2019-07-22 22:40:15 +02:00
Filip Skokan
418e311c8d chore: update dev deps, code lint 2019-07-21 18:05:57 +02:00
Filip Skokan
36c9ce20c5 fix: honour the JWT.sign jti option 
fixes #33
 2019-07-14 19:30:04 +03:00
Filip Skokan
211d7af5db feat: add secp256k1 EC Key curve and ES256K 
This is as per
- https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-01
- https://mailarchive.ietf.org/arch/msg/cose/91MouVA43DefbpQOB7l5daCEeIc
 2019-07-08 22:04:29 +02:00
Filip Skokan
5b53cb0155 fix: limit calculation of missing RSA private components 
- this deprecates the use of `JWK.importKey` in favor of
`JWK.asKey`
- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
`JWKS.asKeyStore`

Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
in the process getting blocked when large bitsize RSA private keys
were missing their components and could also result in an endless
calculation loop when the private key's private exponent was outright
invalid or tampered with.

The new methods still allow to import private RSA keys with these
optimization key parameters missing but its disabled by default and one
should choose to enable it when working with keys from trusted sources

It is recommended not to use @panva/jose versions with this feature in
its original on-by-default form - v1.1.0 and v1.2.0 These will
 2019-06-20 23:32:13 +02:00
Filip Skokan
67beaae815 style: enable lint with esnext features 2019-05-27 17:23:07 +02:00
Filip Skokan
9d46c48fd5 feat: add support for JWK x5c, x5t and x5t#S256 2019-05-25 22:34:28 +02:00
Filip Skokan
2eae293760 feat: instances of JWKS.KeyStore are now iterable (e.g. for ... of) 2019-05-25 22:18:27 +02:00
Filip Skokan
2557e50dc0 test: update test coverage tool to c8 2019-05-23 20:03:51 +02:00
Filip Skokan
6e3d6fd111 feat: compute private RSA key p, q, dp, dq, qi when omitted 
resolves #26
 2019-05-23 19:51:45 +02:00
Filip Skokan
b0ff436daf fix: reject rsa keys without all factors and exponents with a specific message 2019-05-23 19:20:30 +02:00
Filip Skokan
ce69aee4dd style: index.d.ts 4 spaces 
[skip ci]
 2019-05-13 10:57:03 +02:00
Filip Skokan
c7a8606e4d fix: add missing keystore.toJWKS() .d.ts definition 
fixes #25
 2019-05-13 10:34:46 +02:00
Filip Skokan
46eb7edb80 refactor: mention thumbprint rather then kid in ref oct key thumbprint 2019-03-01 19:42:10 +02:00
Filip Skokan
0750d2c466 fix: oct key ts "k" type fix 2019-04-27 18:09:41 +02:00
Filip Skokan
bfc3991e08 style: disable lint for now until tools catch up to private fields 2019-04-23 18:09:45 +02:00
Filip Skokan
857dc2b51b fix: fail to import invalid PEM formatted strings and buffers 2019-04-23 14:30:51 +02:00
Filip Skokan
23b874cc20 feat: add JWK key_ops support, fix .algorithms() op returns 
BREAKING CHANGE: key.algorithms(op) un+wrapKey was split into correct
wrapKey/unwrapKey/deriveKey returns

BREAKING CHANGE: keystore.all and keystore.get `operation` option was
removed, `key_ops: string[]` supersedes it
 2019-04-23 14:30:51 +02:00
Filip Skokan
a8ef20e450 refactor: use private instance fields where possible 2019-04-23 14:30:50 +02:00
Filip Skokan
1159b0df4e feat: add key.toPEM() export function with optional encryption 2019-04-23 14:30:50 +02:00
Filip Skokan
2dbd3ed43a feat: add OKP Key and EdDSA sign/verify support 
BREAKING CHANGE: node.js minimal version is now v12.0.0 due to its
added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)

resolves #12
 2019-04-23 14:30:49 +02:00
Filip Skokan
e21fea106b revert: add EC P-256K JWK and ES256K sign/verify support 
BREAKING CHANGE: removing ES256K alg and EC P-256K crv support until the
IETF WG decides on what the final names will be.
 2019-04-07 14:13:10 +02:00
Filip Skokan
65db7e0ddd feat: add key.thumbprint always returning the JWK Thumbprint (RFC7638) 2019-04-04 11:04:06 +02:00
Filip Skokan
2dd7053a4a feat: add key.secret<boolean> and key.type<string> for completeness 2019-04-01 20:26:47 +02:00
Filip Skokan
946d9df1ca fix: remove unintended exposure of private material via enumerables 2019-03-28 23:45:20 +01:00
Filip Skokan
988bbafdd6 refactor: skip validating jws disjoint when header's missing 2019-03-28 23:32:02 +01:00
Filip Skokan
2ad22792ff refactor: use exported KeyObject when available 2019-03-28 20:51:00 +01:00
Filip Skokan
764b86309c fix: properly restrict EC curves in generate(Sync) 2019-03-28 09:42:27 +01:00
Filip Skokan
fb7ae33ce2 chore: remove done todos 
[skip ci]
 2019-03-27 11:17:59 +01:00
Filip Skokan
cfa4222e6c fix: throw on unsupported EC curves 2019-03-27 11:13:01 +01:00
Filip Skokan
2e33e1cc2b feat: add EC P-256K JWK and ES256K sign/verify support 2019-03-27 10:35:02 +01:00
Filip Skokan
c5c985b1ab refactor: use pem from asn1.js 2019-03-26 20:47:01 +01:00
Filip Skokan
12357f8ae1 refactor: source in asn1.js to remove some transitive dependencies 2019-03-26 18:24:10 +01:00
Filip Skokan
6172bcb18e refactor: dry resolveNodeAlg 2019-03-26 12:57:21 +01:00
Filip Skokan
a6d83d1d8e refactor: explicitly check EC curves supported 2019-03-26 09:42:22 +01:00
Filip Skokan
8892994922 refactor: revert the windows fix, bump keyto 2019-03-25 09:49:50 +01:00
Filip Skokan
fe0003603d refactor: remove ec length, generate only returns keyobject 2019-03-20 18:46:36 +01:00
Filip Skokan
57f1692d99
fix: key.toJWK() fixed on windows 
* ci: try different os builds
* fix: key.toJWK() fixed on windows

resolves #17
 2019-03-19 18:26:42 +01:00
Filip Skokan
925d47c65f fix: internal symbol method is now really a symbol 2019-03-17 18:34:22 +01:00
Filip Skokan
6acd6d42d4 style: alg containers 2019-03-17 17:55:55 +01:00
Filip Skokan
9af295bdb2 fix: restrict RS key algorithms by the key's bit size 2019-03-17 17:44:36 +01:00
Filip Skokan
e936d547ce fix: use correct salt length for RSASSA-PSS 
https://tools.ietf.org/html/rfc7518 section 3.5 states that the size of
the salt value is the same size as the hash function output.

This is to accomodate that requirement and achieve interop with other
conform implementations. This also prompted enforcing the proper key
sizes.
 2019-03-16 09:48:47 +01:00
Filip Skokan
cc70c5d4ec fix: all JWA defined RSA operations require key of 2048 or more 
BREAKING CHANGE: all [JWA](https://tools.ietf.org/html/rfc7518) defined
RSA based operations require key size of 2048 bits or more.
 2019-03-16 09:44:34 +01:00
Filip Skokan
d3853f0182 refactor: move defineLazyComponents to a private Base key function 2019-03-13 22:40:28 +01:00