dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-25 13:01:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
889 commits 10 branches 160 tags 9.9 MiB
Commit graph

62 commits

Author SHA1 Message Date
Filip Skokan
cfc93f5daf feat: add GeneralSign signature and GeneralEncrypt recipient builder chaining 2021-11-11 16:16:01 +01:00
Filip Skokan
4a5e89d4e1 test(node): refactor to run only cjs in node 12, else esm 2021-11-10 16:47:41 +01:00
Filip Skokan
dda1e2fdbd test: split ecdh-es kw and dir 2021-11-09 15:40:05 +01:00
Filip Skokan
94eca81687 feat: General JWE Encryption 2021-11-08 22:30:58 +01:00
Filip Skokan
29e03ada92 refactor: update JWE Header disjoint error message 2021-11-08 21:38:49 +01:00
Filip Skokan
92df7032fe
style: global prettierc 2021-10-27 17:47:13 +02:00
Filip Skokan
4b296f08f5
test: fix conditional calls 2021-10-15 14:35:18 +02:00
Filip Skokan
dd2cf9ed2d
refactor: redo exports to support broader tooling 
BREAKING CHANGE: All module named exports have moved from subpaths to
just "jose". For example, `import { jwtVerify } from 'jose/jwt/verify'`
is now just `import { jwtVerify } from 'jose'`.

BREAKING CHANGE: All submodule default exports and named have been
removed in favour of just "jose" named exports.
 2021-10-14 14:08:05 +02:00
Filip Skokan
a51a9f6770
refactor: remove public API default exports in favour of named ones 2021-10-14 13:45:03 +02:00
Filip Skokan
914e47fc9b
refactor: remove util/random 
BREAKING CHANGE: The undocumented `jose/util/random` was removed.
 2021-10-14 13:44:53 +02:00
Filip Skokan
8d3cc3bb46
refactor: removed the deprecated jwk/parse module 
BREAKING CHANGE: The deprecated `jose/jwk/parse` module was
removed, use `import { importJWK } from 'jose'` instead.
 2021-10-14 13:44:33 +02:00
Filip Skokan
4128c16ca0
Revert "test: skip process crashing tests on electron@15" 
This reverts commit 137c473700.
 2021-10-03 10:22:29 +02:00
Filip Skokan
137c473700
test: skip process crashing tests on electron@15 
see https://github.com/electron/electron/issues/31064
 2021-09-22 23:50:08 +02:00
Filip Skokan
244a9f8433 test: fix conditional def 2021-09-09 15:44:48 +02:00
Filip Skokan
10a18f28a0 fix: guard Sign payloads and Encrypt plaintext argument types 2021-09-08 10:06:24 +02:00
Filip Skokan
5c7d2656b6 feat: experimental Deno build & publish 2021-08-20 12:01:17 +02:00
Filip Skokan
1a4092f89b chore: lint 2021-08-16 15:12:57 +02:00
Filip Skokan
991d4350d0 fix: throw JWEInvalid when jwe protected header is invalid 2021-08-16 12:38:04 +02:00
Filip Skokan
b84d6a307d style: prettier lint 2021-05-12 13:27:02 +02:00
Filip Skokan
5110a6b7c6 lint: prettier tests 2021-03-09 10:06:21 +01:00
Filip Skokan
8fffd3e2e1 feat: electron >=12.0.0 is now supported (and tested on ci) 2021-03-03 00:19:04 +01:00
Filip Skokan
c037e5907c style: lint cookbooks 2021-02-05 12:43:42 +01:00
Filip Skokan
e8d41a9335 feat: allow CryptoKey instances in a regular non-webcrypto node runtime 2021-02-04 17:39:28 +01:00
Filip Skokan
69a7edea0a refactor: explicit new uint8array arg 2021-01-28 16:16:12 +01:00
Filip Skokan
16dea9ec7d feat: added JWE General JSON Serialization decryption 2020-12-17 12:18:13 +01:00
Filip Skokan
ce521d567b refactor: less for in, added type checks, error messages 2020-11-22 12:44:27 +01:00
Filip Skokan
e39c3dba75 feat: allow compact verify/decrypt tokens to be uint8array encoded 
This means that when Nested JWT is used the decrypted plaintext can
be piped directly to verify.
 2020-11-22 12:44:27 +01:00
Filip Skokan
a6fa15e64d test: add coverage 2020-11-22 12:35:38 +01:00
Filip Skokan
87b80a6c9c test: deflake cbc hmac 2020-11-15 16:46:34 +01:00
Filip Skokan
78d424c886 lint: tests 2020-11-15 13:16:38 +01:00
Filip Skokan
4fd035f03e test: deflake a cbc test 2020-11-15 12:47:54 +01:00
Filip Skokan
357fe0b964 feat: Revised API, No dependencies, Browser Support, Promises 
BREAKING CHANGE: Revised, Promise-based API
BREAKING CHANGE: No dependencies
BREAKING CHANGE: Browser support (using [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/))
BREAKING CHANGE: Support for verification using a remote JWKS endpoint
BREAKING CHANGE: Experimental Node.js libuv thread pool based runtime (non-blocking 🎉)
 2020-11-14 18:26:46 +01:00
Filip Skokan
30e5c46ecf feat: decrypt allowlists for both key management and content encryption 
BREAKING CHANGE: the `JWE.decrypt` option `algorithms` was removed and
replaced with contentEncryptionAlgorithms (handles `enc` allowlist) and
keyManagementAlgorithms (handles `alg` allowlist)
 2020-09-08 14:12:04 +02:00
Filip Skokan
70bd4ae6b2 refactor: encrypt APIs unprotectedHeader and aad arguments swapped 
BREAKING CHANGE: jose.JWE.Encrypt constructor aad and unprotectedHeader
arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.flattened header (unprotectedHeader)
and aad arguments swapped places
BREAKING CHANGE: jose.JWE.encrypt.general header (unprotectedHeader)
and aad arguments swapped places
 2020-09-08 14:12:04 +02:00
Filip Skokan
734a9dc2ab test: refactor jwe long running tests 2020-02-19 10:53:08 +01:00
Filip Skokan
3e3d7dd381 perf: various codepaths refactored 2020-02-06 14:18:48 +01:00
Filip Skokan
70ff22227a fix: contactKDF iteration count fixed for key sizes larger than 256 bits 2020-01-25 16:43:53 +01:00
Filip Skokan
e3ad39fea0 test: add test for rfc7518#appendix-C 2020-01-25 10:15:35 +01:00
Filip Skokan
62bdee7b29 refactor: improve error message when JWE "enc" value is invalid 2019-12-06 16:09:49 +01:00
Filip Skokan
8976027c97 refactor: improve error message when key use mismatches the operation 2019-12-06 15:35:15 +01:00
Filip Skokan
5e1009a63e feat: allow JWK.asKey inputs for sign/verify/encrypt/decrypt operations 2019-11-27 22:04:14 +01:00
Filip Skokan
c3eb8450b9 feat: return the CEK from JWE.decrypt operation with { complete: true } 2019-11-23 12:06:15 +01:00
Filip Skokan
1db9fc9cd1 refactor: don't swallow invalid encoding errors 2019-09-25 22:18:47 +02:00
Filip Skokan
06758102b2 refactor: rename node_support to runtime_support 2019-09-10 12:14:15 +02:00
Filip Skokan
67a8601b09 feat: added Node.js lts/dubnium support for runtime supported features 2019-08-22 20:40:02 +02:00
Filip Skokan
e7ad82cbbc feat: electron v6.x support 2019-07-27 21:19:14 +02:00
Filip Skokan
418e311c8d chore: update dev deps, code lint 2019-07-21 18:05:57 +02:00
Filip Skokan
211d7af5db feat: add secp256k1 EC Key curve and ES256K 
This is as per
- https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-01
- https://mailarchive.ietf.org/arch/msg/cose/91MouVA43DefbpQOB7l5daCEeIc
 2019-07-08 22:04:29 +02:00
Filip Skokan
5b53cb0155 fix: limit calculation of missing RSA private components 
- this deprecates the use of `JWK.importKey` in favor of
`JWK.asKey`
- this deprecates the use of `JWKS.KeyStore.fromJWKS` in favor of
`JWKS.asKeyStore`

Both `JWK.importKey` and `JWKS.KeyStore.fromJWKS` could have resulted
in the process getting blocked when large bitsize RSA private keys
were missing their components and could also result in an endless
calculation loop when the private key's private exponent was outright
invalid or tampered with.

The new methods still allow to import private RSA keys with these
optimization key parameters missing but its disabled by default and one
should choose to enable it when working with keys from trusted sources

It is recommended not to use @panva/jose versions with this feature in
its original on-by-default form - v1.1.0 and v1.2.0 These will
 2019-06-20 23:32:13 +02:00
Filip Skokan
6e3d6fd111 feat: compute private RSA key p, q, dp, dq, qi when omitted 
resolves #26
 2019-05-23 19:51:45 +02:00