dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-25 13:01:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
486 commits 10 branches 160 tags 9.9 MiB
Commit graph

68 commits

Author SHA1 Message Date
Filip Skokan
7a8418eadd feat: added "KeyLike to JWK" module 
resolves #109
 2020-11-22 12:44:27 +01:00
Filip Skokan
357fe0b964 feat: Revised API, No dependencies, Browser Support, Promises 
BREAKING CHANGE: Revised, Promise-based API
BREAKING CHANGE: No dependencies
BREAKING CHANGE: Browser support (using [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/))
BREAKING CHANGE: Support for verification using a remote JWKS endpoint
BREAKING CHANGE: Experimental Node.js libuv thread pool based runtime (non-blocking 🎉)
 2020-11-14 18:26:46 +01:00
Filip Skokan
921737fa83 style: upgrade standard 2020-10-29 20:43:19 +01:00
Filip Skokan
6c35c519c9 refactor: removed deprecated methods and utilities 
BREAKING CHANGE: deprecated method `JWK.importKey` was removed
BREAKING CHANGE: deprecated method `JWKS.KeyStore.fromJWKS` was removed
BREAKING CHANGE: the use of unregistered curve name P-256K for secp256k1
was removed
 2020-09-08 14:12:04 +02:00
Filip Skokan
e8ad38993e
fix: handle private EC keys without public component (#86) 
Only possible to handle when KeyObject API is available in the runtime.

closes #85
 2020-07-01 13:13:34 +02:00
Filip Skokan
7c1cab196e feat: add opt-in objects to verify using embedded JWS Header public keys 2020-05-04 22:37:11 +02:00
Filip Skokan
f86bda3bb7 fix: allow importing simpler passphrases as oct keys 2020-03-05 20:36:15 +01:00
Filip Skokan
f7e463d0dd improvement: private / public key input support improved in node 10 2020-02-14 21:17:19 +01:00
Filip Skokan
38369ea3d7 feat: add ECDH-ES with X25519 and X448 OKP keys 2020-02-13 16:26:09 +01:00
Filip Skokan
7477f0831b feat: add RSA-OAEP-384 and RSA-OAEP-512 JWE Key Management Algorithms 
These are registered for JOSE by W3C Web Cryptography Working Group in
[Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/)
 2020-02-13 15:24:37 +01:00
Filip Skokan
2fb1d8ed85 style: remove unused requires 2020-01-29 20:38:03 +01:00
Filip Skokan
470b4c7315 perf: base64url decode, JWT.verify, JWK.Key instance re-use 
I'm done trying to educate other JOSE producers about interoperability
so i'm going to be accepting their non-conform base64url so that users
of this module don't suffer performance loss.
 2020-01-29 20:33:30 +01:00
Filip Skokan
bc81e5dec2 fix: expose JOSENotSupported key import errors on unsupported runtimes 2020-01-08 13:17:45 +01:00
Filip Skokan
bee574457f fix: properly fail to import unsupported openssh keys 2019-12-10 17:06:34 +01:00
Filip Skokan
25a7a71915 feat: importing a certificate populates x5c and x5t thumbprints 
closes #59
 2019-12-10 14:58:54 +01:00
Filip Skokan
a9f1d4b195 refactor: introduce various registries to prepare for extension modules 2019-12-03 18:54:37 +01:00
Filip Skokan
5e1009a63e feat: allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations 2019-11-27 22:04:14 +01:00
Filip Skokan
8ea968312e feat: expose crypto.KeyObject instances in supported runtimes 2019-11-03 17:27:44 +01:00
Filip Skokan
98cdad46ee test: fix secp256k1 tests 2019-10-29 15:31:52 +01:00
Filip Skokan
95882232d6 fix: only use secp256k1 keys for signing/verification 2019-10-29 15:21:57 +01:00
Filip Skokan
0a16efb961 fix: throw proper error when runtime doesn't support OKP 
closes #48
 2019-10-04 12:21:08 +02:00
Filip Skokan
1db9fc9cd1 refactor: don't swallow invalid encoding errors 2019-09-25 22:18:47 +02:00
Filip Skokan
06758102b2 refactor: rename node_support to runtime_support 2019-09-10 12:14:15 +02:00
Filip Skokan
fae3e7943f style: upgrade standard linter and fix lint issues 2019-08-22 20:46:00 +02:00
Filip Skokan
67a8601b09 feat: added Node.js lts/dubnium support for runtime supported features 2019-08-22 20:40:02 +02:00
Filip Skokan
28d7cf8c78 feat: add RSA-OAEP-256 support (when a node version supports it) 
resolves #29
 2019-08-20 19:22:42 +02:00
Filip Skokan
caeb6910d6 Revert "test: fix flaky tests" 
This reverts commit 1cf0da0812.
 2019-07-29 15:34:53 +02:00
Filip Skokan
51db802f39 style: fix lint 2019-07-27 21:39:33 +02:00
Filip Skokan
1cf0da0812 test: fix flaky tests 2019-07-27 21:33:02 +02:00
Filip Skokan
e7ad82cbbc feat: electron v6.x support 2019-07-27 21:19:14 +02:00
Filip Skokan
418e311c8d chore: update dev deps, code lint 2019-07-21 18:05:57 +02:00
Filip Skokan
211d7af5db feat: add secp256k1 EC Key curve and ES256K 
This is as per
- https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-01
- https://mailarchive.ietf.org/arch/msg/cose/91MouVA43DefbpQOB7l5daCEeIc
 2019-07-08 22:04:29 +02:00
Filip Skokan
5b53cb0155 fix: limit calculation of missing RSA private components 
- this deprecates the use of `JWK.importKey` in favor of
`JWK.asKey`
- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
`JWKS.asKeyStore`

Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
in the process getting blocked when large bitsize RSA private keys
were missing their components and could also result in an endless
calculation loop when the private key's private exponent was outright
invalid or tampered with.

The new methods still allow to import private RSA keys with these
optimization key parameters missing but its disabled by default and one
should choose to enable it when working with keys from trusted sources

It is recommended not to use @panva/jose versions with this feature in
its original on-by-default form - v1.1.0 and v1.2.0 These will
 2019-06-20 23:32:13 +02:00
Filip Skokan
9d46c48fd5 feat: add support for JWK x5c, x5t and x5t#S256 2019-05-25 22:34:28 +02:00
Filip Skokan
6e3d6fd111 feat: compute private RSA key p, q, dp, dq, qi when omitted 
resolves #26
 2019-05-23 19:51:45 +02:00
Filip Skokan
b0ff436daf fix: reject rsa keys without all factors and exponents with a specific message 2019-05-23 19:20:30 +02:00
Filip Skokan
46eb7edb80 refactor: mention thumbprint rather then kid in ref oct key thumbprint 2019-03-01 19:42:10 +02:00
Filip Skokan
857dc2b51b fix: fail to import invalid PEM formatted strings and buffers 2019-04-23 14:30:51 +02:00
Filip Skokan
23b874cc20 feat: add JWK key_ops support, fix .algorithms() op returns 
BREAKING CHANGE: key.algorithms(op) un+wrapKey was split into correct
wrapKey/unwrapKey/deriveKey returns

BREAKING CHANGE: keystore.all and keystore.get `operation` option was
removed, `key_ops: string[]` supersedes it
 2019-04-23 14:30:51 +02:00
Filip Skokan
4ace4be99d test: check kid/thumbprint is not the same when kid is provided 2019-04-23 14:30:50 +02:00
Filip Skokan
2dbd3ed43a feat: add OKP Key and EdDSA sign/verify support 
BREAKING CHANGE: node.js minimal version is now v12.0.0 due to its
added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)

resolves #12
 2019-04-23 14:30:49 +02:00
Filip Skokan
e21fea106b revert: add EC P-256K JWK and ES256K sign/verify support 
BREAKING CHANGE: removing ES256K alg and EC P-256K crv support until the
IETF WG decides on what the final names will be.
 2019-04-07 14:13:10 +02:00
Filip Skokan
2dd7053a4a feat: add key.secret<boolean> and key.type<string> for completeness 2019-04-01 20:26:47 +02:00
Filip Skokan
764b86309c fix: properly restrict EC curves in generate(Sync) 2019-03-28 09:42:27 +01:00
Filip Skokan
cfa4222e6c fix: throw on unsupported EC curves 2019-03-27 11:13:01 +01:00
Filip Skokan
2e33e1cc2b feat: add EC P-256K JWK and ES256K sign/verify support 2019-03-27 10:35:02 +01:00
Filip Skokan
fe0003603d refactor: remove ec length, generate only returns keyobject 2019-03-20 18:46:36 +01:00
Filip Skokan
9af295bdb2 fix: restrict RS key algorithms by the key's bit size 2019-03-17 17:44:36 +01:00
Filip Skokan
cc70c5d4ec fix: all JWA defined RSA operations require key of 2048 or more 
BREAKING CHANGE: all [JWA](https://tools.ietf.org/html/rfc7518) defined
RSA based operations require key size of 2048 bits or more.
 2019-03-16 09:44:34 +01:00
Filip Skokan
d15be00284 test: check unsupported key object import fails 2019-03-11 22:29:07 +01:00