修改后台权限
This commit is contained in:
yoyuzh
15
node_modules/jose/dist/webapi/lib/aesgcmkw.js
generated
vendored
Normal file
15
node_modules/jose/dist/webapi/lib/aesgcmkw.js
generated
vendored
Normal file
@@ -0,0 +1,15 @@
|
||||
import { encrypt, decrypt } from './content_encryption.js';
|
||||
import { encode as b64u } from '../util/base64url.js';
|
||||
export async function wrap(alg, key, cek, iv) {
|
||||
const jweAlgorithm = alg.slice(0, 7);
|
||||
const wrapped = await encrypt(jweAlgorithm, cek, key, iv, new Uint8Array());
|
||||
return {
|
||||
encryptedKey: wrapped.ciphertext,
|
||||
iv: b64u(wrapped.iv),
|
||||
tag: b64u(wrapped.tag),
|
||||
};
|
||||
}
|
||||
export async function unwrap(alg, key, encryptedKey, iv, tag) {
|
||||
const jweAlgorithm = alg.slice(0, 7);
|
||||
return decrypt(jweAlgorithm, key, encryptedKey, iv, tag, new Uint8Array());
|
||||
}
|
||||
25
node_modules/jose/dist/webapi/lib/aeskw.js
generated
vendored
Normal file
25
node_modules/jose/dist/webapi/lib/aeskw.js
generated
vendored
Normal file
@@ -0,0 +1,25 @@
|
||||
import { checkEncCryptoKey } from './crypto_key.js';
|
||||
function checkKeySize(key, alg) {
|
||||
if (key.algorithm.length !== parseInt(alg.slice(1, 4), 10)) {
|
||||
throw new TypeError(`Invalid key size for alg: ${alg}`);
|
||||
}
|
||||
}
|
||||
function getCryptoKey(key, alg, usage) {
|
||||
if (key instanceof Uint8Array) {
|
||||
return crypto.subtle.importKey('raw', key, 'AES-KW', true, [usage]);
|
||||
}
|
||||
checkEncCryptoKey(key, alg, usage);
|
||||
return key;
|
||||
}
|
||||
export async function wrap(alg, key, cek) {
|
||||
const cryptoKey = await getCryptoKey(key, alg, 'wrapKey');
|
||||
checkKeySize(cryptoKey, alg);
|
||||
const cryptoKeyCek = await crypto.subtle.importKey('raw', cek, { hash: 'SHA-256', name: 'HMAC' }, true, ['sign']);
|
||||
return new Uint8Array(await crypto.subtle.wrapKey('raw', cryptoKeyCek, cryptoKey, 'AES-KW'));
|
||||
}
|
||||
export async function unwrap(alg, key, encryptedKey) {
|
||||
const cryptoKey = await getCryptoKey(key, alg, 'unwrapKey');
|
||||
checkKeySize(cryptoKey, alg);
|
||||
const cryptoKeyCek = await crypto.subtle.unwrapKey('raw', encryptedKey, cryptoKey, 'AES-KW', { hash: 'SHA-256', name: 'HMAC' }, true, ['sign']);
|
||||
return new Uint8Array(await crypto.subtle.exportKey('raw', cryptoKeyCek));
|
||||
}
|
||||
243
node_modules/jose/dist/webapi/lib/asn1.js
generated
vendored
Normal file
243
node_modules/jose/dist/webapi/lib/asn1.js
generated
vendored
Normal file
@@ -0,0 +1,243 @@
|
||||
import { invalidKeyInput } from './invalid_key_input.js';
|
||||
import { encodeBase64, decodeBase64 } from '../lib/base64.js';
|
||||
import { JOSENotSupported } from '../util/errors.js';
|
||||
import { isCryptoKey, isKeyObject } from './is_key_like.js';
|
||||
const formatPEM = (b64, descriptor) => {
|
||||
const newlined = (b64.match(/.{1,64}/g) || []).join('\n');
|
||||
return `-----BEGIN ${descriptor}-----\n${newlined}\n-----END ${descriptor}-----`;
|
||||
};
|
||||
const genericExport = async (keyType, keyFormat, key) => {
|
||||
if (isKeyObject(key)) {
|
||||
if (key.type !== keyType) {
|
||||
throw new TypeError(`key is not a ${keyType} key`);
|
||||
}
|
||||
return key.export({ format: 'pem', type: keyFormat });
|
||||
}
|
||||
if (!isCryptoKey(key)) {
|
||||
throw new TypeError(invalidKeyInput(key, 'CryptoKey', 'KeyObject'));
|
||||
}
|
||||
if (!key.extractable) {
|
||||
throw new TypeError('CryptoKey is not extractable');
|
||||
}
|
||||
if (key.type !== keyType) {
|
||||
throw new TypeError(`key is not a ${keyType} key`);
|
||||
}
|
||||
return formatPEM(encodeBase64(new Uint8Array(await crypto.subtle.exportKey(keyFormat, key))), `${keyType.toUpperCase()} KEY`);
|
||||
};
|
||||
export const toSPKI = (key) => genericExport('public', 'spki', key);
|
||||
export const toPKCS8 = (key) => genericExport('private', 'pkcs8', key);
|
||||
const bytesEqual = (a, b) => {
|
||||
if (a.byteLength !== b.length)
|
||||
return false;
|
||||
for (let i = 0; i < a.byteLength; i++) {
|
||||
if (a[i] !== b[i])
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
};
|
||||
const createASN1State = (data) => ({ data, pos: 0 });
|
||||
const parseLength = (state) => {
|
||||
const first = state.data[state.pos++];
|
||||
if (first & 0x80) {
|
||||
const lengthOfLen = first & 0x7f;
|
||||
let length = 0;
|
||||
for (let i = 0; i < lengthOfLen; i++) {
|
||||
length = (length << 8) | state.data[state.pos++];
|
||||
}
|
||||
return length;
|
||||
}
|
||||
return first;
|
||||
};
|
||||
const skipElement = (state, count = 1) => {
|
||||
if (count <= 0)
|
||||
return;
|
||||
state.pos++;
|
||||
const length = parseLength(state);
|
||||
state.pos += length;
|
||||
if (count > 1) {
|
||||
skipElement(state, count - 1);
|
||||
}
|
||||
};
|
||||
const expectTag = (state, expectedTag, errorMessage) => {
|
||||
if (state.data[state.pos++] !== expectedTag) {
|
||||
throw new Error(errorMessage);
|
||||
}
|
||||
};
|
||||
const getSubarray = (state, length) => {
|
||||
const result = state.data.subarray(state.pos, state.pos + length);
|
||||
state.pos += length;
|
||||
return result;
|
||||
};
|
||||
const parseAlgorithmOID = (state) => {
|
||||
expectTag(state, 0x06, 'Expected algorithm OID');
|
||||
const oidLen = parseLength(state);
|
||||
return getSubarray(state, oidLen);
|
||||
};
|
||||
function parsePKCS8Header(state) {
|
||||
expectTag(state, 0x30, 'Invalid PKCS#8 structure');
|
||||
parseLength(state);
|
||||
expectTag(state, 0x02, 'Expected version field');
|
||||
const verLen = parseLength(state);
|
||||
state.pos += verLen;
|
||||
expectTag(state, 0x30, 'Expected algorithm identifier');
|
||||
const algIdLen = parseLength(state);
|
||||
const algIdStart = state.pos;
|
||||
return { algIdStart, algIdLength: algIdLen };
|
||||
}
|
||||
function parseSPKIHeader(state) {
|
||||
expectTag(state, 0x30, 'Invalid SPKI structure');
|
||||
parseLength(state);
|
||||
expectTag(state, 0x30, 'Expected algorithm identifier');
|
||||
const algIdLen = parseLength(state);
|
||||
const algIdStart = state.pos;
|
||||
return { algIdStart, algIdLength: algIdLen };
|
||||
}
|
||||
const parseECAlgorithmIdentifier = (state) => {
|
||||
const algOid = parseAlgorithmOID(state);
|
||||
if (bytesEqual(algOid, [0x2b, 0x65, 0x6e])) {
|
||||
return 'X25519';
|
||||
}
|
||||
if (!bytesEqual(algOid, [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01])) {
|
||||
throw new Error('Unsupported key algorithm');
|
||||
}
|
||||
expectTag(state, 0x06, 'Expected curve OID');
|
||||
const curveOidLen = parseLength(state);
|
||||
const curveOid = getSubarray(state, curveOidLen);
|
||||
for (const { name, oid } of [
|
||||
{ name: 'P-256', oid: [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07] },
|
||||
{ name: 'P-384', oid: [0x2b, 0x81, 0x04, 0x00, 0x22] },
|
||||
{ name: 'P-521', oid: [0x2b, 0x81, 0x04, 0x00, 0x23] },
|
||||
]) {
|
||||
if (bytesEqual(curveOid, oid)) {
|
||||
return name;
|
||||
}
|
||||
}
|
||||
throw new Error('Unsupported named curve');
|
||||
};
|
||||
const genericImport = async (keyFormat, keyData, alg, options) => {
|
||||
let algorithm;
|
||||
let keyUsages;
|
||||
const isPublic = keyFormat === 'spki';
|
||||
const getSigUsages = () => (isPublic ? ['verify'] : ['sign']);
|
||||
const getEncUsages = () => isPublic ? ['encrypt', 'wrapKey'] : ['decrypt', 'unwrapKey'];
|
||||
switch (alg) {
|
||||
case 'PS256':
|
||||
case 'PS384':
|
||||
case 'PS512':
|
||||
algorithm = { name: 'RSA-PSS', hash: `SHA-${alg.slice(-3)}` };
|
||||
keyUsages = getSigUsages();
|
||||
break;
|
||||
case 'RS256':
|
||||
case 'RS384':
|
||||
case 'RS512':
|
||||
algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${alg.slice(-3)}` };
|
||||
keyUsages = getSigUsages();
|
||||
break;
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512':
|
||||
algorithm = {
|
||||
name: 'RSA-OAEP',
|
||||
hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,
|
||||
};
|
||||
keyUsages = getEncUsages();
|
||||
break;
|
||||
case 'ES256':
|
||||
case 'ES384':
|
||||
case 'ES512': {
|
||||
const curveMap = { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' };
|
||||
algorithm = { name: 'ECDSA', namedCurve: curveMap[alg] };
|
||||
keyUsages = getSigUsages();
|
||||
break;
|
||||
}
|
||||
case 'ECDH-ES':
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW': {
|
||||
try {
|
||||
const namedCurve = options.getNamedCurve(keyData);
|
||||
algorithm = namedCurve === 'X25519' ? { name: 'X25519' } : { name: 'ECDH', namedCurve };
|
||||
}
|
||||
catch (cause) {
|
||||
throw new JOSENotSupported('Invalid or unsupported key format');
|
||||
}
|
||||
keyUsages = isPublic ? [] : ['deriveBits'];
|
||||
break;
|
||||
}
|
||||
case 'Ed25519':
|
||||
case 'EdDSA':
|
||||
algorithm = { name: 'Ed25519' };
|
||||
keyUsages = getSigUsages();
|
||||
break;
|
||||
case 'ML-DSA-44':
|
||||
case 'ML-DSA-65':
|
||||
case 'ML-DSA-87':
|
||||
algorithm = { name: alg };
|
||||
keyUsages = getSigUsages();
|
||||
break;
|
||||
default:
|
||||
throw new JOSENotSupported('Invalid or unsupported "alg" (Algorithm) value');
|
||||
}
|
||||
return crypto.subtle.importKey(keyFormat, keyData, algorithm, options?.extractable ?? (isPublic ? true : false), keyUsages);
|
||||
};
|
||||
const processPEMData = (pem, pattern) => {
|
||||
return decodeBase64(pem.replace(pattern, ''));
|
||||
};
|
||||
export const fromPKCS8 = (pem, alg, options) => {
|
||||
const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g);
|
||||
let opts = options;
|
||||
if (alg?.startsWith?.('ECDH-ES')) {
|
||||
opts ||= {};
|
||||
opts.getNamedCurve = (keyData) => {
|
||||
const state = createASN1State(keyData);
|
||||
parsePKCS8Header(state);
|
||||
return parseECAlgorithmIdentifier(state);
|
||||
};
|
||||
}
|
||||
return genericImport('pkcs8', keyData, alg, opts);
|
||||
};
|
||||
export const fromSPKI = (pem, alg, options) => {
|
||||
const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g);
|
||||
let opts = options;
|
||||
if (alg?.startsWith?.('ECDH-ES')) {
|
||||
opts ||= {};
|
||||
opts.getNamedCurve = (keyData) => {
|
||||
const state = createASN1State(keyData);
|
||||
parseSPKIHeader(state);
|
||||
return parseECAlgorithmIdentifier(state);
|
||||
};
|
||||
}
|
||||
return genericImport('spki', keyData, alg, opts);
|
||||
};
|
||||
function spkiFromX509(buf) {
|
||||
const state = createASN1State(buf);
|
||||
expectTag(state, 0x30, 'Invalid certificate structure');
|
||||
parseLength(state);
|
||||
expectTag(state, 0x30, 'Invalid tbsCertificate structure');
|
||||
parseLength(state);
|
||||
if (buf[state.pos] === 0xa0) {
|
||||
skipElement(state, 6);
|
||||
}
|
||||
else {
|
||||
skipElement(state, 5);
|
||||
}
|
||||
const spkiStart = state.pos;
|
||||
expectTag(state, 0x30, 'Invalid SPKI structure');
|
||||
const spkiContentLen = parseLength(state);
|
||||
return buf.subarray(spkiStart, spkiStart + spkiContentLen + (state.pos - spkiStart));
|
||||
}
|
||||
function extractX509SPKI(x509) {
|
||||
const derBytes = processPEMData(x509, /(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g);
|
||||
return spkiFromX509(derBytes);
|
||||
}
|
||||
export const fromX509 = (pem, alg, options) => {
|
||||
let spki;
|
||||
try {
|
||||
spki = extractX509SPKI(pem);
|
||||
}
|
||||
catch (cause) {
|
||||
throw new TypeError('Failed to parse the X.509 certificate', { cause });
|
||||
}
|
||||
return fromSPKI(formatPEM(encodeBase64(spki), 'PUBLIC KEY'), alg, options);
|
||||
};
|
||||
22
node_modules/jose/dist/webapi/lib/base64.js
generated
vendored
Normal file
22
node_modules/jose/dist/webapi/lib/base64.js
generated
vendored
Normal file
@@ -0,0 +1,22 @@
|
||||
export function encodeBase64(input) {
|
||||
if (Uint8Array.prototype.toBase64) {
|
||||
return input.toBase64();
|
||||
}
|
||||
const CHUNK_SIZE = 0x8000;
|
||||
const arr = [];
|
||||
for (let i = 0; i < input.length; i += CHUNK_SIZE) {
|
||||
arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
|
||||
}
|
||||
return btoa(arr.join(''));
|
||||
}
|
||||
export function decodeBase64(encoded) {
|
||||
if (Uint8Array.fromBase64) {
|
||||
return Uint8Array.fromBase64(encoded);
|
||||
}
|
||||
const binary = atob(encoded);
|
||||
const bytes = new Uint8Array(binary.length);
|
||||
for (let i = 0; i < binary.length; i++) {
|
||||
bytes[i] = binary.charCodeAt(i);
|
||||
}
|
||||
return bytes;
|
||||
}
|
||||
43
node_modules/jose/dist/webapi/lib/buffer_utils.js
generated
vendored
Normal file
43
node_modules/jose/dist/webapi/lib/buffer_utils.js
generated
vendored
Normal file
@@ -0,0 +1,43 @@
|
||||
export const encoder = new TextEncoder();
|
||||
export const decoder = new TextDecoder();
|
||||
const MAX_INT32 = 2 ** 32;
|
||||
export function concat(...buffers) {
|
||||
const size = buffers.reduce((acc, { length }) => acc + length, 0);
|
||||
const buf = new Uint8Array(size);
|
||||
let i = 0;
|
||||
for (const buffer of buffers) {
|
||||
buf.set(buffer, i);
|
||||
i += buffer.length;
|
||||
}
|
||||
return buf;
|
||||
}
|
||||
function writeUInt32BE(buf, value, offset) {
|
||||
if (value < 0 || value >= MAX_INT32) {
|
||||
throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);
|
||||
}
|
||||
buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);
|
||||
}
|
||||
export function uint64be(value) {
|
||||
const high = Math.floor(value / MAX_INT32);
|
||||
const low = value % MAX_INT32;
|
||||
const buf = new Uint8Array(8);
|
||||
writeUInt32BE(buf, high, 0);
|
||||
writeUInt32BE(buf, low, 4);
|
||||
return buf;
|
||||
}
|
||||
export function uint32be(value) {
|
||||
const buf = new Uint8Array(4);
|
||||
writeUInt32BE(buf, value);
|
||||
return buf;
|
||||
}
|
||||
export function encode(string) {
|
||||
const bytes = new Uint8Array(string.length);
|
||||
for (let i = 0; i < string.length; i++) {
|
||||
const code = string.charCodeAt(i);
|
||||
if (code > 127) {
|
||||
throw new TypeError('non-ASCII string encountered in encode()');
|
||||
}
|
||||
bytes[i] = code;
|
||||
}
|
||||
return bytes;
|
||||
}
|
||||
122
node_modules/jose/dist/webapi/lib/check_key_type.js
generated
vendored
Normal file
122
node_modules/jose/dist/webapi/lib/check_key_type.js
generated
vendored
Normal file
@@ -0,0 +1,122 @@
|
||||
import { withAlg as invalidKeyInput } from './invalid_key_input.js';
|
||||
import { isKeyLike } from './is_key_like.js';
|
||||
import * as jwk from './type_checks.js';
|
||||
const tag = (key) => key?.[Symbol.toStringTag];
|
||||
const jwkMatchesOp = (alg, key, usage) => {
|
||||
if (key.use !== undefined) {
|
||||
let expected;
|
||||
switch (usage) {
|
||||
case 'sign':
|
||||
case 'verify':
|
||||
expected = 'sig';
|
||||
break;
|
||||
case 'encrypt':
|
||||
case 'decrypt':
|
||||
expected = 'enc';
|
||||
break;
|
||||
}
|
||||
if (key.use !== expected) {
|
||||
throw new TypeError(`Invalid key for this operation, its "use" must be "${expected}" when present`);
|
||||
}
|
||||
}
|
||||
if (key.alg !== undefined && key.alg !== alg) {
|
||||
throw new TypeError(`Invalid key for this operation, its "alg" must be "${alg}" when present`);
|
||||
}
|
||||
if (Array.isArray(key.key_ops)) {
|
||||
let expectedKeyOp;
|
||||
switch (true) {
|
||||
case usage === 'sign' || usage === 'verify':
|
||||
case alg === 'dir':
|
||||
case alg.includes('CBC-HS'):
|
||||
expectedKeyOp = usage;
|
||||
break;
|
||||
case alg.startsWith('PBES2'):
|
||||
expectedKeyOp = 'deriveBits';
|
||||
break;
|
||||
case /^A\d{3}(?:GCM)?(?:KW)?$/.test(alg):
|
||||
if (!alg.includes('GCM') && alg.endsWith('KW')) {
|
||||
expectedKeyOp = usage === 'encrypt' ? 'wrapKey' : 'unwrapKey';
|
||||
}
|
||||
else {
|
||||
expectedKeyOp = usage;
|
||||
}
|
||||
break;
|
||||
case usage === 'encrypt' && alg.startsWith('RSA'):
|
||||
expectedKeyOp = 'wrapKey';
|
||||
break;
|
||||
case usage === 'decrypt':
|
||||
expectedKeyOp = alg.startsWith('RSA') ? 'unwrapKey' : 'deriveBits';
|
||||
break;
|
||||
}
|
||||
if (expectedKeyOp && key.key_ops?.includes?.(expectedKeyOp) === false) {
|
||||
throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${expectedKeyOp}" when present`);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
};
|
||||
const symmetricTypeCheck = (alg, key, usage) => {
|
||||
if (key instanceof Uint8Array)
|
||||
return;
|
||||
if (jwk.isJWK(key)) {
|
||||
if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))
|
||||
return;
|
||||
throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
|
||||
}
|
||||
if (!isKeyLike(key)) {
|
||||
throw new TypeError(invalidKeyInput(alg, key, 'CryptoKey', 'KeyObject', 'JSON Web Key', 'Uint8Array'));
|
||||
}
|
||||
if (key.type !== 'secret') {
|
||||
throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
|
||||
}
|
||||
};
|
||||
const asymmetricTypeCheck = (alg, key, usage) => {
|
||||
if (jwk.isJWK(key)) {
|
||||
switch (usage) {
|
||||
case 'decrypt':
|
||||
case 'sign':
|
||||
if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))
|
||||
return;
|
||||
throw new TypeError(`JSON Web Key for this operation must be a private JWK`);
|
||||
case 'encrypt':
|
||||
case 'verify':
|
||||
if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))
|
||||
return;
|
||||
throw new TypeError(`JSON Web Key for this operation must be a public JWK`);
|
||||
}
|
||||
}
|
||||
if (!isKeyLike(key)) {
|
||||
throw new TypeError(invalidKeyInput(alg, key, 'CryptoKey', 'KeyObject', 'JSON Web Key'));
|
||||
}
|
||||
if (key.type === 'secret') {
|
||||
throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
|
||||
}
|
||||
if (key.type === 'public') {
|
||||
switch (usage) {
|
||||
case 'sign':
|
||||
throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
|
||||
case 'decrypt':
|
||||
throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
|
||||
}
|
||||
}
|
||||
if (key.type === 'private') {
|
||||
switch (usage) {
|
||||
case 'verify':
|
||||
throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
|
||||
case 'encrypt':
|
||||
throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
|
||||
}
|
||||
}
|
||||
};
|
||||
export function checkKeyType(alg, key, usage) {
|
||||
switch (alg.substring(0, 2)) {
|
||||
case 'A1':
|
||||
case 'A2':
|
||||
case 'di':
|
||||
case 'HS':
|
||||
case 'PB':
|
||||
symmetricTypeCheck(alg, key, usage);
|
||||
break;
|
||||
default:
|
||||
asymmetricTypeCheck(alg, key, usage);
|
||||
}
|
||||
}
|
||||
217
node_modules/jose/dist/webapi/lib/content_encryption.js
generated
vendored
Normal file
217
node_modules/jose/dist/webapi/lib/content_encryption.js
generated
vendored
Normal file
@@ -0,0 +1,217 @@
|
||||
import { concat, uint64be } from './buffer_utils.js';
|
||||
import { checkEncCryptoKey } from './crypto_key.js';
|
||||
import { invalidKeyInput } from './invalid_key_input.js';
|
||||
import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.js';
|
||||
import { isCryptoKey } from './is_key_like.js';
|
||||
export function cekLength(alg) {
|
||||
switch (alg) {
|
||||
case 'A128GCM':
|
||||
return 128;
|
||||
case 'A192GCM':
|
||||
return 192;
|
||||
case 'A256GCM':
|
||||
case 'A128CBC-HS256':
|
||||
return 256;
|
||||
case 'A192CBC-HS384':
|
||||
return 384;
|
||||
case 'A256CBC-HS512':
|
||||
return 512;
|
||||
default:
|
||||
throw new JOSENotSupported(`Unsupported JWE Algorithm: ${alg}`);
|
||||
}
|
||||
}
|
||||
export const generateCek = (alg) => crypto.getRandomValues(new Uint8Array(cekLength(alg) >> 3));
|
||||
function checkCekLength(cek, expected) {
|
||||
const actual = cek.byteLength << 3;
|
||||
if (actual !== expected) {
|
||||
throw new JWEInvalid(`Invalid Content Encryption Key length. Expected ${expected} bits, got ${actual} bits`);
|
||||
}
|
||||
}
|
||||
function ivBitLength(alg) {
|
||||
switch (alg) {
|
||||
case 'A128GCM':
|
||||
case 'A128GCMKW':
|
||||
case 'A192GCM':
|
||||
case 'A192GCMKW':
|
||||
case 'A256GCM':
|
||||
case 'A256GCMKW':
|
||||
return 96;
|
||||
case 'A128CBC-HS256':
|
||||
case 'A192CBC-HS384':
|
||||
case 'A256CBC-HS512':
|
||||
return 128;
|
||||
default:
|
||||
throw new JOSENotSupported(`Unsupported JWE Algorithm: ${alg}`);
|
||||
}
|
||||
}
|
||||
export const generateIv = (alg) => crypto.getRandomValues(new Uint8Array(ivBitLength(alg) >> 3));
|
||||
export function checkIvLength(enc, iv) {
|
||||
if (iv.length << 3 !== ivBitLength(enc)) {
|
||||
throw new JWEInvalid('Invalid Initialization Vector length');
|
||||
}
|
||||
}
|
||||
async function cbcKeySetup(enc, cek, usage) {
|
||||
if (!(cek instanceof Uint8Array)) {
|
||||
throw new TypeError(invalidKeyInput(cek, 'Uint8Array'));
|
||||
}
|
||||
const keySize = parseInt(enc.slice(1, 4), 10);
|
||||
const encKey = await crypto.subtle.importKey('raw', cek.subarray(keySize >> 3), 'AES-CBC', false, [usage]);
|
||||
const macKey = await crypto.subtle.importKey('raw', cek.subarray(0, keySize >> 3), {
|
||||
hash: `SHA-${keySize << 1}`,
|
||||
name: 'HMAC',
|
||||
}, false, ['sign']);
|
||||
return { encKey, macKey, keySize };
|
||||
}
|
||||
async function cbcHmacTag(macKey, macData, keySize) {
|
||||
return new Uint8Array((await crypto.subtle.sign('HMAC', macKey, macData)).slice(0, keySize >> 3));
|
||||
}
|
||||
async function cbcEncrypt(enc, plaintext, cek, iv, aad) {
|
||||
const { encKey, macKey, keySize } = await cbcKeySetup(enc, cek, 'encrypt');
|
||||
const ciphertext = new Uint8Array(await crypto.subtle.encrypt({
|
||||
iv: iv,
|
||||
name: 'AES-CBC',
|
||||
}, encKey, plaintext));
|
||||
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
|
||||
const tag = await cbcHmacTag(macKey, macData, keySize);
|
||||
return { ciphertext, tag, iv };
|
||||
}
|
||||
async function timingSafeEqual(a, b) {
|
||||
if (!(a instanceof Uint8Array)) {
|
||||
throw new TypeError('First argument must be a buffer');
|
||||
}
|
||||
if (!(b instanceof Uint8Array)) {
|
||||
throw new TypeError('Second argument must be a buffer');
|
||||
}
|
||||
const algorithm = { name: 'HMAC', hash: 'SHA-256' };
|
||||
const key = (await crypto.subtle.generateKey(algorithm, false, ['sign']));
|
||||
const aHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, a));
|
||||
const bHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, b));
|
||||
let out = 0;
|
||||
let i = -1;
|
||||
while (++i < 32) {
|
||||
out |= aHmac[i] ^ bHmac[i];
|
||||
}
|
||||
return out === 0;
|
||||
}
|
||||
async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {
|
||||
const { encKey, macKey, keySize } = await cbcKeySetup(enc, cek, 'decrypt');
|
||||
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
|
||||
const expectedTag = await cbcHmacTag(macKey, macData, keySize);
|
||||
let macCheckPassed;
|
||||
try {
|
||||
macCheckPassed = await timingSafeEqual(tag, expectedTag);
|
||||
}
|
||||
catch {
|
||||
}
|
||||
if (!macCheckPassed) {
|
||||
throw new JWEDecryptionFailed();
|
||||
}
|
||||
let plaintext;
|
||||
try {
|
||||
plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv: iv, name: 'AES-CBC' }, encKey, ciphertext));
|
||||
}
|
||||
catch {
|
||||
}
|
||||
if (!plaintext) {
|
||||
throw new JWEDecryptionFailed();
|
||||
}
|
||||
return plaintext;
|
||||
}
|
||||
async function gcmEncrypt(enc, plaintext, cek, iv, aad) {
|
||||
let encKey;
|
||||
if (cek instanceof Uint8Array) {
|
||||
encKey = await crypto.subtle.importKey('raw', cek, 'AES-GCM', false, ['encrypt']);
|
||||
}
|
||||
else {
|
||||
checkEncCryptoKey(cek, enc, 'encrypt');
|
||||
encKey = cek;
|
||||
}
|
||||
const encrypted = new Uint8Array(await crypto.subtle.encrypt({
|
||||
additionalData: aad,
|
||||
iv: iv,
|
||||
name: 'AES-GCM',
|
||||
tagLength: 128,
|
||||
}, encKey, plaintext));
|
||||
const tag = encrypted.slice(-16);
|
||||
const ciphertext = encrypted.slice(0, -16);
|
||||
return { ciphertext, tag, iv };
|
||||
}
|
||||
async function gcmDecrypt(enc, cek, ciphertext, iv, tag, aad) {
|
||||
let encKey;
|
||||
if (cek instanceof Uint8Array) {
|
||||
encKey = await crypto.subtle.importKey('raw', cek, 'AES-GCM', false, ['decrypt']);
|
||||
}
|
||||
else {
|
||||
checkEncCryptoKey(cek, enc, 'decrypt');
|
||||
encKey = cek;
|
||||
}
|
||||
try {
|
||||
return new Uint8Array(await crypto.subtle.decrypt({
|
||||
additionalData: aad,
|
||||
iv: iv,
|
||||
name: 'AES-GCM',
|
||||
tagLength: 128,
|
||||
}, encKey, concat(ciphertext, tag)));
|
||||
}
|
||||
catch {
|
||||
throw new JWEDecryptionFailed();
|
||||
}
|
||||
}
|
||||
const unsupportedEnc = 'Unsupported JWE Content Encryption Algorithm';
|
||||
export async function encrypt(enc, plaintext, cek, iv, aad) {
|
||||
if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
|
||||
throw new TypeError(invalidKeyInput(cek, 'CryptoKey', 'KeyObject', 'Uint8Array', 'JSON Web Key'));
|
||||
}
|
||||
if (iv) {
|
||||
checkIvLength(enc, iv);
|
||||
}
|
||||
else {
|
||||
iv = generateIv(enc);
|
||||
}
|
||||
switch (enc) {
|
||||
case 'A128CBC-HS256':
|
||||
case 'A192CBC-HS384':
|
||||
case 'A256CBC-HS512':
|
||||
if (cek instanceof Uint8Array) {
|
||||
checkCekLength(cek, parseInt(enc.slice(-3), 10));
|
||||
}
|
||||
return cbcEncrypt(enc, plaintext, cek, iv, aad);
|
||||
case 'A128GCM':
|
||||
case 'A192GCM':
|
||||
case 'A256GCM':
|
||||
if (cek instanceof Uint8Array) {
|
||||
checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
|
||||
}
|
||||
return gcmEncrypt(enc, plaintext, cek, iv, aad);
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedEnc);
|
||||
}
|
||||
}
|
||||
export async function decrypt(enc, cek, ciphertext, iv, tag, aad) {
|
||||
if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
|
||||
throw new TypeError(invalidKeyInput(cek, 'CryptoKey', 'KeyObject', 'Uint8Array', 'JSON Web Key'));
|
||||
}
|
||||
if (!iv) {
|
||||
throw new JWEInvalid('JWE Initialization Vector missing');
|
||||
}
|
||||
if (!tag) {
|
||||
throw new JWEInvalid('JWE Authentication Tag missing');
|
||||
}
|
||||
checkIvLength(enc, iv);
|
||||
switch (enc) {
|
||||
case 'A128CBC-HS256':
|
||||
case 'A192CBC-HS384':
|
||||
case 'A256CBC-HS512':
|
||||
if (cek instanceof Uint8Array)
|
||||
checkCekLength(cek, parseInt(enc.slice(-3), 10));
|
||||
return cbcDecrypt(enc, cek, ciphertext, iv, tag, aad);
|
||||
case 'A128GCM':
|
||||
case 'A192GCM':
|
||||
case 'A256GCM':
|
||||
if (cek instanceof Uint8Array)
|
||||
checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
|
||||
return gcmDecrypt(enc, cek, ciphertext, iv, tag, aad);
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedEnc);
|
||||
}
|
||||
}
|
||||
136
node_modules/jose/dist/webapi/lib/crypto_key.js
generated
vendored
Normal file
136
node_modules/jose/dist/webapi/lib/crypto_key.js
generated
vendored
Normal file
@@ -0,0 +1,136 @@
|
||||
const unusable = (name, prop = 'algorithm.name') => new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
|
||||
const isAlgorithm = (algorithm, name) => algorithm.name === name;
|
||||
function getHashLength(hash) {
|
||||
return parseInt(hash.name.slice(4), 10);
|
||||
}
|
||||
function checkHashLength(algorithm, expected) {
|
||||
const actual = getHashLength(algorithm.hash);
|
||||
if (actual !== expected)
|
||||
throw unusable(`SHA-${expected}`, 'algorithm.hash');
|
||||
}
|
||||
function getNamedCurve(alg) {
|
||||
switch (alg) {
|
||||
case 'ES256':
|
||||
return 'P-256';
|
||||
case 'ES384':
|
||||
return 'P-384';
|
||||
case 'ES512':
|
||||
return 'P-521';
|
||||
default:
|
||||
throw new Error('unreachable');
|
||||
}
|
||||
}
|
||||
function checkUsage(key, usage) {
|
||||
if (usage && !key.usages.includes(usage)) {
|
||||
throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
|
||||
}
|
||||
}
|
||||
export function checkSigCryptoKey(key, alg, usage) {
|
||||
switch (alg) {
|
||||
case 'HS256':
|
||||
case 'HS384':
|
||||
case 'HS512': {
|
||||
if (!isAlgorithm(key.algorithm, 'HMAC'))
|
||||
throw unusable('HMAC');
|
||||
checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
|
||||
break;
|
||||
}
|
||||
case 'RS256':
|
||||
case 'RS384':
|
||||
case 'RS512': {
|
||||
if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))
|
||||
throw unusable('RSASSA-PKCS1-v1_5');
|
||||
checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
|
||||
break;
|
||||
}
|
||||
case 'PS256':
|
||||
case 'PS384':
|
||||
case 'PS512': {
|
||||
if (!isAlgorithm(key.algorithm, 'RSA-PSS'))
|
||||
throw unusable('RSA-PSS');
|
||||
checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
|
||||
break;
|
||||
}
|
||||
case 'Ed25519':
|
||||
case 'EdDSA': {
|
||||
if (!isAlgorithm(key.algorithm, 'Ed25519'))
|
||||
throw unusable('Ed25519');
|
||||
break;
|
||||
}
|
||||
case 'ML-DSA-44':
|
||||
case 'ML-DSA-65':
|
||||
case 'ML-DSA-87': {
|
||||
if (!isAlgorithm(key.algorithm, alg))
|
||||
throw unusable(alg);
|
||||
break;
|
||||
}
|
||||
case 'ES256':
|
||||
case 'ES384':
|
||||
case 'ES512': {
|
||||
if (!isAlgorithm(key.algorithm, 'ECDSA'))
|
||||
throw unusable('ECDSA');
|
||||
const expected = getNamedCurve(alg);
|
||||
const actual = key.algorithm.namedCurve;
|
||||
if (actual !== expected)
|
||||
throw unusable(expected, 'algorithm.namedCurve');
|
||||
break;
|
||||
}
|
||||
default:
|
||||
throw new TypeError('CryptoKey does not support this operation');
|
||||
}
|
||||
checkUsage(key, usage);
|
||||
}
|
||||
export function checkEncCryptoKey(key, alg, usage) {
|
||||
switch (alg) {
|
||||
case 'A128GCM':
|
||||
case 'A192GCM':
|
||||
case 'A256GCM': {
|
||||
if (!isAlgorithm(key.algorithm, 'AES-GCM'))
|
||||
throw unusable('AES-GCM');
|
||||
const expected = parseInt(alg.slice(1, 4), 10);
|
||||
const actual = key.algorithm.length;
|
||||
if (actual !== expected)
|
||||
throw unusable(expected, 'algorithm.length');
|
||||
break;
|
||||
}
|
||||
case 'A128KW':
|
||||
case 'A192KW':
|
||||
case 'A256KW': {
|
||||
if (!isAlgorithm(key.algorithm, 'AES-KW'))
|
||||
throw unusable('AES-KW');
|
||||
const expected = parseInt(alg.slice(1, 4), 10);
|
||||
const actual = key.algorithm.length;
|
||||
if (actual !== expected)
|
||||
throw unusable(expected, 'algorithm.length');
|
||||
break;
|
||||
}
|
||||
case 'ECDH': {
|
||||
switch (key.algorithm.name) {
|
||||
case 'ECDH':
|
||||
case 'X25519':
|
||||
break;
|
||||
default:
|
||||
throw unusable('ECDH or X25519');
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 'PBES2-HS256+A128KW':
|
||||
case 'PBES2-HS384+A192KW':
|
||||
case 'PBES2-HS512+A256KW':
|
||||
if (!isAlgorithm(key.algorithm, 'PBKDF2'))
|
||||
throw unusable('PBKDF2');
|
||||
break;
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512': {
|
||||
if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))
|
||||
throw unusable('RSA-OAEP');
|
||||
checkHashLength(key.algorithm, parseInt(alg.slice(9), 10) || 1);
|
||||
break;
|
||||
}
|
||||
default:
|
||||
throw new TypeError('CryptoKey does not support this operation');
|
||||
}
|
||||
checkUsage(key, usage);
|
||||
}
|
||||
44
node_modules/jose/dist/webapi/lib/deflate.js
generated
vendored
Normal file
44
node_modules/jose/dist/webapi/lib/deflate.js
generated
vendored
Normal file
@@ -0,0 +1,44 @@
|
||||
import { JOSENotSupported, JWEInvalid } from '../util/errors.js';
|
||||
import { concat } from './buffer_utils.js';
|
||||
function supported(name) {
|
||||
if (typeof globalThis[name] === 'undefined') {
|
||||
throw new JOSENotSupported(`JWE "zip" (Compression Algorithm) Header Parameter requires the ${name} API.`);
|
||||
}
|
||||
}
|
||||
export async function compress(input) {
|
||||
supported('CompressionStream');
|
||||
const cs = new CompressionStream('deflate-raw');
|
||||
const writer = cs.writable.getWriter();
|
||||
writer.write(input).catch(() => { });
|
||||
writer.close().catch(() => { });
|
||||
const chunks = [];
|
||||
const reader = cs.readable.getReader();
|
||||
for (;;) {
|
||||
const { value, done } = await reader.read();
|
||||
if (done)
|
||||
break;
|
||||
chunks.push(value);
|
||||
}
|
||||
return concat(...chunks);
|
||||
}
|
||||
export async function decompress(input, maxLength) {
|
||||
supported('DecompressionStream');
|
||||
const ds = new DecompressionStream('deflate-raw');
|
||||
const writer = ds.writable.getWriter();
|
||||
writer.write(input).catch(() => { });
|
||||
writer.close().catch(() => { });
|
||||
const chunks = [];
|
||||
let length = 0;
|
||||
const reader = ds.readable.getReader();
|
||||
for (;;) {
|
||||
const { value, done } = await reader.read();
|
||||
if (done)
|
||||
break;
|
||||
chunks.push(value);
|
||||
length += value.byteLength;
|
||||
if (maxLength !== Infinity && length > maxLength) {
|
||||
throw new JWEInvalid('Decompressed plaintext exceeded the configured limit');
|
||||
}
|
||||
}
|
||||
return concat(...chunks);
|
||||
}
|
||||
52
node_modules/jose/dist/webapi/lib/ecdhes.js
generated
vendored
Normal file
52
node_modules/jose/dist/webapi/lib/ecdhes.js
generated
vendored
Normal file
@@ -0,0 +1,52 @@
|
||||
import { encode, concat, uint32be } from './buffer_utils.js';
|
||||
import { checkEncCryptoKey } from './crypto_key.js';
|
||||
import { digest } from './helpers.js';
|
||||
function lengthAndInput(input) {
|
||||
return concat(uint32be(input.length), input);
|
||||
}
|
||||
async function concatKdf(Z, L, OtherInfo) {
|
||||
const dkLen = L >> 3;
|
||||
const hashLen = 32;
|
||||
const reps = Math.ceil(dkLen / hashLen);
|
||||
const dk = new Uint8Array(reps * hashLen);
|
||||
for (let i = 1; i <= reps; i++) {
|
||||
const hashInput = new Uint8Array(4 + Z.length + OtherInfo.length);
|
||||
hashInput.set(uint32be(i), 0);
|
||||
hashInput.set(Z, 4);
|
||||
hashInput.set(OtherInfo, 4 + Z.length);
|
||||
const hashResult = await digest('sha256', hashInput);
|
||||
dk.set(hashResult, (i - 1) * hashLen);
|
||||
}
|
||||
return dk.slice(0, dkLen);
|
||||
}
|
||||
export async function deriveKey(publicKey, privateKey, algorithm, keyLength, apu = new Uint8Array(), apv = new Uint8Array()) {
|
||||
checkEncCryptoKey(publicKey, 'ECDH');
|
||||
checkEncCryptoKey(privateKey, 'ECDH', 'deriveBits');
|
||||
const algorithmID = lengthAndInput(encode(algorithm));
|
||||
const partyUInfo = lengthAndInput(apu);
|
||||
const partyVInfo = lengthAndInput(apv);
|
||||
const suppPubInfo = uint32be(keyLength);
|
||||
const suppPrivInfo = new Uint8Array();
|
||||
const otherInfo = concat(algorithmID, partyUInfo, partyVInfo, suppPubInfo, suppPrivInfo);
|
||||
const Z = new Uint8Array(await crypto.subtle.deriveBits({
|
||||
name: publicKey.algorithm.name,
|
||||
public: publicKey,
|
||||
}, privateKey, getEcdhBitLength(publicKey)));
|
||||
return concatKdf(Z, keyLength, otherInfo);
|
||||
}
|
||||
function getEcdhBitLength(publicKey) {
|
||||
if (publicKey.algorithm.name === 'X25519') {
|
||||
return 256;
|
||||
}
|
||||
return (Math.ceil(parseInt(publicKey.algorithm.namedCurve.slice(-3), 10) / 8) << 3);
|
||||
}
|
||||
export function allowed(key) {
|
||||
switch (key.algorithm.namedCurve) {
|
||||
case 'P-256':
|
||||
case 'P-384':
|
||||
case 'P-521':
|
||||
return true;
|
||||
default:
|
||||
return key.algorithm.name === 'X25519';
|
||||
}
|
||||
}
|
||||
19
node_modules/jose/dist/webapi/lib/helpers.js
generated
vendored
Normal file
19
node_modules/jose/dist/webapi/lib/helpers.js
generated
vendored
Normal file
@@ -0,0 +1,19 @@
|
||||
import { decode } from '../util/base64url.js';
|
||||
export const unprotected = Symbol();
|
||||
export function assertNotSet(value, name) {
|
||||
if (value) {
|
||||
throw new TypeError(`${name} can only be called once`);
|
||||
}
|
||||
}
|
||||
export function decodeBase64url(value, label, ErrorClass) {
|
||||
try {
|
||||
return decode(value);
|
||||
}
|
||||
catch {
|
||||
throw new ErrorClass(`Failed to base64url decode the ${label}`);
|
||||
}
|
||||
}
|
||||
export async function digest(algorithm, data) {
|
||||
const subtleDigest = `SHA-${algorithm.slice(-3)}`;
|
||||
return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));
|
||||
}
|
||||
27
node_modules/jose/dist/webapi/lib/invalid_key_input.js
generated
vendored
Normal file
27
node_modules/jose/dist/webapi/lib/invalid_key_input.js
generated
vendored
Normal file
@@ -0,0 +1,27 @@
|
||||
function message(msg, actual, ...types) {
|
||||
types = types.filter(Boolean);
|
||||
if (types.length > 2) {
|
||||
const last = types.pop();
|
||||
msg += `one of type ${types.join(', ')}, or ${last}.`;
|
||||
}
|
||||
else if (types.length === 2) {
|
||||
msg += `one of type ${types[0]} or ${types[1]}.`;
|
||||
}
|
||||
else {
|
||||
msg += `of type ${types[0]}.`;
|
||||
}
|
||||
if (actual == null) {
|
||||
msg += ` Received ${actual}`;
|
||||
}
|
||||
else if (typeof actual === 'function' && actual.name) {
|
||||
msg += ` Received function ${actual.name}`;
|
||||
}
|
||||
else if (typeof actual === 'object' && actual != null) {
|
||||
if (actual.constructor?.name) {
|
||||
msg += ` Received an instance of ${actual.constructor.name}`;
|
||||
}
|
||||
}
|
||||
return msg;
|
||||
}
|
||||
export const invalidKeyInput = (actual, ...types) => message('Key must be ', actual, ...types);
|
||||
export const withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);
|
||||
17
node_modules/jose/dist/webapi/lib/is_key_like.js
generated
vendored
Normal file
17
node_modules/jose/dist/webapi/lib/is_key_like.js
generated
vendored
Normal file
@@ -0,0 +1,17 @@
|
||||
export function assertCryptoKey(key) {
|
||||
if (!isCryptoKey(key)) {
|
||||
throw new Error('CryptoKey instance expected');
|
||||
}
|
||||
}
|
||||
export const isCryptoKey = (key) => {
|
||||
if (key?.[Symbol.toStringTag] === 'CryptoKey')
|
||||
return true;
|
||||
try {
|
||||
return key instanceof CryptoKey;
|
||||
}
|
||||
catch {
|
||||
return false;
|
||||
}
|
||||
};
|
||||
export const isKeyObject = (key) => key?.[Symbol.toStringTag] === 'KeyObject';
|
||||
export const isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);
|
||||
107
node_modules/jose/dist/webapi/lib/jwk_to_key.js
generated
vendored
Normal file
107
node_modules/jose/dist/webapi/lib/jwk_to_key.js
generated
vendored
Normal file
@@ -0,0 +1,107 @@
|
||||
import { JOSENotSupported } from '../util/errors.js';
|
||||
const unsupportedAlg = 'Invalid or unsupported JWK "alg" (Algorithm) Parameter value';
|
||||
function subtleMapping(jwk) {
|
||||
let algorithm;
|
||||
let keyUsages;
|
||||
switch (jwk.kty) {
|
||||
case 'AKP': {
|
||||
switch (jwk.alg) {
|
||||
case 'ML-DSA-44':
|
||||
case 'ML-DSA-65':
|
||||
case 'ML-DSA-87':
|
||||
algorithm = { name: jwk.alg };
|
||||
keyUsages = jwk.priv ? ['sign'] : ['verify'];
|
||||
break;
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedAlg);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 'RSA': {
|
||||
switch (jwk.alg) {
|
||||
case 'PS256':
|
||||
case 'PS384':
|
||||
case 'PS512':
|
||||
algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };
|
||||
keyUsages = jwk.d ? ['sign'] : ['verify'];
|
||||
break;
|
||||
case 'RS256':
|
||||
case 'RS384':
|
||||
case 'RS512':
|
||||
algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };
|
||||
keyUsages = jwk.d ? ['sign'] : ['verify'];
|
||||
break;
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512':
|
||||
algorithm = {
|
||||
name: 'RSA-OAEP',
|
||||
hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,
|
||||
};
|
||||
keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];
|
||||
break;
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedAlg);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 'EC': {
|
||||
switch (jwk.alg) {
|
||||
case 'ES256':
|
||||
case 'ES384':
|
||||
case 'ES512':
|
||||
algorithm = {
|
||||
name: 'ECDSA',
|
||||
namedCurve: { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' }[jwk.alg],
|
||||
};
|
||||
keyUsages = jwk.d ? ['sign'] : ['verify'];
|
||||
break;
|
||||
case 'ECDH-ES':
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW':
|
||||
algorithm = { name: 'ECDH', namedCurve: jwk.crv };
|
||||
keyUsages = jwk.d ? ['deriveBits'] : [];
|
||||
break;
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedAlg);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 'OKP': {
|
||||
switch (jwk.alg) {
|
||||
case 'Ed25519':
|
||||
case 'EdDSA':
|
||||
algorithm = { name: 'Ed25519' };
|
||||
keyUsages = jwk.d ? ['sign'] : ['verify'];
|
||||
break;
|
||||
case 'ECDH-ES':
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW':
|
||||
algorithm = { name: jwk.crv };
|
||||
keyUsages = jwk.d ? ['deriveBits'] : [];
|
||||
break;
|
||||
default:
|
||||
throw new JOSENotSupported(unsupportedAlg);
|
||||
}
|
||||
break;
|
||||
}
|
||||
default:
|
||||
throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
|
||||
}
|
||||
return { algorithm, keyUsages };
|
||||
}
|
||||
export async function jwkToKey(jwk) {
|
||||
if (!jwk.alg) {
|
||||
throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
|
||||
}
|
||||
const { algorithm, keyUsages } = subtleMapping(jwk);
|
||||
const keyData = { ...jwk };
|
||||
if (keyData.kty !== 'AKP') {
|
||||
delete keyData.alg;
|
||||
}
|
||||
delete keyData.use;
|
||||
return crypto.subtle.importKey('jwk', keyData, algorithm, jwk.ext ?? (jwk.d || jwk.priv ? false : true), jwk.key_ops ?? keyUsages);
|
||||
}
|
||||
238
node_modules/jose/dist/webapi/lib/jwt_claims_set.js
generated
vendored
Normal file
238
node_modules/jose/dist/webapi/lib/jwt_claims_set.js
generated
vendored
Normal file
@@ -0,0 +1,238 @@
|
||||
import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';
|
||||
import { encoder, decoder } from './buffer_utils.js';
|
||||
import { isObject } from './type_checks.js';
|
||||
const epoch = (date) => Math.floor(date.getTime() / 1000);
|
||||
const minute = 60;
|
||||
const hour = minute * 60;
|
||||
const day = hour * 24;
|
||||
const week = day * 7;
|
||||
const year = day * 365.25;
|
||||
const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
|
||||
export function secs(str) {
|
||||
const matched = REGEX.exec(str);
|
||||
if (!matched || (matched[4] && matched[1])) {
|
||||
throw new TypeError('Invalid time period format');
|
||||
}
|
||||
const value = parseFloat(matched[2]);
|
||||
const unit = matched[3].toLowerCase();
|
||||
let numericDate;
|
||||
switch (unit) {
|
||||
case 'sec':
|
||||
case 'secs':
|
||||
case 'second':
|
||||
case 'seconds':
|
||||
case 's':
|
||||
numericDate = Math.round(value);
|
||||
break;
|
||||
case 'minute':
|
||||
case 'minutes':
|
||||
case 'min':
|
||||
case 'mins':
|
||||
case 'm':
|
||||
numericDate = Math.round(value * minute);
|
||||
break;
|
||||
case 'hour':
|
||||
case 'hours':
|
||||
case 'hr':
|
||||
case 'hrs':
|
||||
case 'h':
|
||||
numericDate = Math.round(value * hour);
|
||||
break;
|
||||
case 'day':
|
||||
case 'days':
|
||||
case 'd':
|
||||
numericDate = Math.round(value * day);
|
||||
break;
|
||||
case 'week':
|
||||
case 'weeks':
|
||||
case 'w':
|
||||
numericDate = Math.round(value * week);
|
||||
break;
|
||||
default:
|
||||
numericDate = Math.round(value * year);
|
||||
break;
|
||||
}
|
||||
if (matched[1] === '-' || matched[4] === 'ago') {
|
||||
return -numericDate;
|
||||
}
|
||||
return numericDate;
|
||||
}
|
||||
function validateInput(label, input) {
|
||||
if (!Number.isFinite(input)) {
|
||||
throw new TypeError(`Invalid ${label} input`);
|
||||
}
|
||||
return input;
|
||||
}
|
||||
const normalizeTyp = (value) => {
|
||||
if (value.includes('/')) {
|
||||
return value.toLowerCase();
|
||||
}
|
||||
return `application/${value.toLowerCase()}`;
|
||||
};
|
||||
const checkAudiencePresence = (audPayload, audOption) => {
|
||||
if (typeof audPayload === 'string') {
|
||||
return audOption.includes(audPayload);
|
||||
}
|
||||
if (Array.isArray(audPayload)) {
|
||||
return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
|
||||
}
|
||||
return false;
|
||||
};
|
||||
export function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
|
||||
let payload;
|
||||
try {
|
||||
payload = JSON.parse(decoder.decode(encodedPayload));
|
||||
}
|
||||
catch {
|
||||
}
|
||||
if (!isObject(payload)) {
|
||||
throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');
|
||||
}
|
||||
const { typ } = options;
|
||||
if (typ &&
|
||||
(typeof protectedHeader.typ !== 'string' ||
|
||||
normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {
|
||||
throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, 'typ', 'check_failed');
|
||||
}
|
||||
const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;
|
||||
const presenceCheck = [...requiredClaims];
|
||||
if (maxTokenAge !== undefined)
|
||||
presenceCheck.push('iat');
|
||||
if (audience !== undefined)
|
||||
presenceCheck.push('aud');
|
||||
if (subject !== undefined)
|
||||
presenceCheck.push('sub');
|
||||
if (issuer !== undefined)
|
||||
presenceCheck.push('iss');
|
||||
for (const claim of new Set(presenceCheck.reverse())) {
|
||||
if (!(claim in payload)) {
|
||||
throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, 'missing');
|
||||
}
|
||||
}
|
||||
if (issuer &&
|
||||
!(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {
|
||||
throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, 'iss', 'check_failed');
|
||||
}
|
||||
if (subject && payload.sub !== subject) {
|
||||
throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, 'sub', 'check_failed');
|
||||
}
|
||||
if (audience &&
|
||||
!checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {
|
||||
throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, 'aud', 'check_failed');
|
||||
}
|
||||
let tolerance;
|
||||
switch (typeof options.clockTolerance) {
|
||||
case 'string':
|
||||
tolerance = secs(options.clockTolerance);
|
||||
break;
|
||||
case 'number':
|
||||
tolerance = options.clockTolerance;
|
||||
break;
|
||||
case 'undefined':
|
||||
tolerance = 0;
|
||||
break;
|
||||
default:
|
||||
throw new TypeError('Invalid clockTolerance option type');
|
||||
}
|
||||
const { currentDate } = options;
|
||||
const now = epoch(currentDate || new Date());
|
||||
if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {
|
||||
throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, 'iat', 'invalid');
|
||||
}
|
||||
if (payload.nbf !== undefined) {
|
||||
if (typeof payload.nbf !== 'number') {
|
||||
throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, 'nbf', 'invalid');
|
||||
}
|
||||
if (payload.nbf > now + tolerance) {
|
||||
throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, 'nbf', 'check_failed');
|
||||
}
|
||||
}
|
||||
if (payload.exp !== undefined) {
|
||||
if (typeof payload.exp !== 'number') {
|
||||
throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, 'exp', 'invalid');
|
||||
}
|
||||
if (payload.exp <= now - tolerance) {
|
||||
throw new JWTExpired('"exp" claim timestamp check failed', payload, 'exp', 'check_failed');
|
||||
}
|
||||
}
|
||||
if (maxTokenAge) {
|
||||
const age = now - payload.iat;
|
||||
const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);
|
||||
if (age - tolerance > max) {
|
||||
throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');
|
||||
}
|
||||
if (age < 0 - tolerance) {
|
||||
throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');
|
||||
}
|
||||
}
|
||||
return payload;
|
||||
}
|
||||
export class JWTClaimsBuilder {
|
||||
#payload;
|
||||
constructor(payload) {
|
||||
if (!isObject(payload)) {
|
||||
throw new TypeError('JWT Claims Set MUST be an object');
|
||||
}
|
||||
this.#payload = structuredClone(payload);
|
||||
}
|
||||
data() {
|
||||
return encoder.encode(JSON.stringify(this.#payload));
|
||||
}
|
||||
get iss() {
|
||||
return this.#payload.iss;
|
||||
}
|
||||
set iss(value) {
|
||||
this.#payload.iss = value;
|
||||
}
|
||||
get sub() {
|
||||
return this.#payload.sub;
|
||||
}
|
||||
set sub(value) {
|
||||
this.#payload.sub = value;
|
||||
}
|
||||
get aud() {
|
||||
return this.#payload.aud;
|
||||
}
|
||||
set aud(value) {
|
||||
this.#payload.aud = value;
|
||||
}
|
||||
set jti(value) {
|
||||
this.#payload.jti = value;
|
||||
}
|
||||
set nbf(value) {
|
||||
if (typeof value === 'number') {
|
||||
this.#payload.nbf = validateInput('setNotBefore', value);
|
||||
}
|
||||
else if (value instanceof Date) {
|
||||
this.#payload.nbf = validateInput('setNotBefore', epoch(value));
|
||||
}
|
||||
else {
|
||||
this.#payload.nbf = epoch(new Date()) + secs(value);
|
||||
}
|
||||
}
|
||||
set exp(value) {
|
||||
if (typeof value === 'number') {
|
||||
this.#payload.exp = validateInput('setExpirationTime', value);
|
||||
}
|
||||
else if (value instanceof Date) {
|
||||
this.#payload.exp = validateInput('setExpirationTime', epoch(value));
|
||||
}
|
||||
else {
|
||||
this.#payload.exp = epoch(new Date()) + secs(value);
|
||||
}
|
||||
}
|
||||
set iat(value) {
|
||||
if (value === undefined) {
|
||||
this.#payload.iat = epoch(new Date());
|
||||
}
|
||||
else if (value instanceof Date) {
|
||||
this.#payload.iat = validateInput('setIssuedAt', epoch(value));
|
||||
}
|
||||
else if (typeof value === 'string') {
|
||||
this.#payload.iat = validateInput('setIssuedAt', epoch(new Date()) + secs(value));
|
||||
}
|
||||
else {
|
||||
this.#payload.iat = validateInput('setIssuedAt', value);
|
||||
}
|
||||
}
|
||||
}
|
||||
186
node_modules/jose/dist/webapi/lib/key_management.js
generated
vendored
Normal file
186
node_modules/jose/dist/webapi/lib/key_management.js
generated
vendored
Normal file
@@ -0,0 +1,186 @@
|
||||
import * as aeskw from './aeskw.js';
|
||||
import * as ecdhes from './ecdhes.js';
|
||||
import * as pbes2kw from './pbes2kw.js';
|
||||
import * as rsaes from './rsaes.js';
|
||||
import { encode as b64u } from '../util/base64url.js';
|
||||
import { normalizeKey } from './normalize_key.js';
|
||||
import { JOSENotSupported, JWEInvalid } from '../util/errors.js';
|
||||
import { decodeBase64url } from './helpers.js';
|
||||
import { generateCek, cekLength } from './content_encryption.js';
|
||||
import { importJWK } from '../key/import.js';
|
||||
import { exportJWK } from '../key/export.js';
|
||||
import { isObject } from './type_checks.js';
|
||||
import { wrap as aesGcmKwWrap, unwrap as aesGcmKwUnwrap } from './aesgcmkw.js';
|
||||
import { assertCryptoKey } from './is_key_like.js';
|
||||
const unsupportedAlgHeader = 'Invalid or unsupported "alg" (JWE Algorithm) header value';
|
||||
function assertEncryptedKey(encryptedKey) {
|
||||
if (encryptedKey === undefined)
|
||||
throw new JWEInvalid('JWE Encrypted Key missing');
|
||||
}
|
||||
export async function decryptKeyManagement(alg, key, encryptedKey, joseHeader, options) {
|
||||
switch (alg) {
|
||||
case 'dir': {
|
||||
if (encryptedKey !== undefined)
|
||||
throw new JWEInvalid('Encountered unexpected JWE Encrypted Key');
|
||||
return key;
|
||||
}
|
||||
case 'ECDH-ES':
|
||||
if (encryptedKey !== undefined)
|
||||
throw new JWEInvalid('Encountered unexpected JWE Encrypted Key');
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW': {
|
||||
if (!isObject(joseHeader.epk))
|
||||
throw new JWEInvalid(`JOSE Header "epk" (Ephemeral Public Key) missing or invalid`);
|
||||
assertCryptoKey(key);
|
||||
if (!ecdhes.allowed(key))
|
||||
throw new JOSENotSupported('ECDH with the provided key is not allowed or not supported by your javascript runtime');
|
||||
const epk = await importJWK(joseHeader.epk, alg);
|
||||
assertCryptoKey(epk);
|
||||
let partyUInfo;
|
||||
let partyVInfo;
|
||||
if (joseHeader.apu !== undefined) {
|
||||
if (typeof joseHeader.apu !== 'string')
|
||||
throw new JWEInvalid(`JOSE Header "apu" (Agreement PartyUInfo) invalid`);
|
||||
partyUInfo = decodeBase64url(joseHeader.apu, 'apu', JWEInvalid);
|
||||
}
|
||||
if (joseHeader.apv !== undefined) {
|
||||
if (typeof joseHeader.apv !== 'string')
|
||||
throw new JWEInvalid(`JOSE Header "apv" (Agreement PartyVInfo) invalid`);
|
||||
partyVInfo = decodeBase64url(joseHeader.apv, 'apv', JWEInvalid);
|
||||
}
|
||||
const sharedSecret = await ecdhes.deriveKey(epk, key, alg === 'ECDH-ES' ? joseHeader.enc : alg, alg === 'ECDH-ES' ? cekLength(joseHeader.enc) : parseInt(alg.slice(-5, -2), 10), partyUInfo, partyVInfo);
|
||||
if (alg === 'ECDH-ES')
|
||||
return sharedSecret;
|
||||
assertEncryptedKey(encryptedKey);
|
||||
return aeskw.unwrap(alg.slice(-6), sharedSecret, encryptedKey);
|
||||
}
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512': {
|
||||
assertEncryptedKey(encryptedKey);
|
||||
assertCryptoKey(key);
|
||||
return rsaes.decrypt(alg, key, encryptedKey);
|
||||
}
|
||||
case 'PBES2-HS256+A128KW':
|
||||
case 'PBES2-HS384+A192KW':
|
||||
case 'PBES2-HS512+A256KW': {
|
||||
assertEncryptedKey(encryptedKey);
|
||||
if (typeof joseHeader.p2c !== 'number')
|
||||
throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) missing or invalid`);
|
||||
const p2cLimit = options?.maxPBES2Count || 10_000;
|
||||
if (joseHeader.p2c > p2cLimit)
|
||||
throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds`);
|
||||
if (typeof joseHeader.p2s !== 'string')
|
||||
throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`);
|
||||
let p2s;
|
||||
p2s = decodeBase64url(joseHeader.p2s, 'p2s', JWEInvalid);
|
||||
return pbes2kw.unwrap(alg, key, encryptedKey, joseHeader.p2c, p2s);
|
||||
}
|
||||
case 'A128KW':
|
||||
case 'A192KW':
|
||||
case 'A256KW': {
|
||||
assertEncryptedKey(encryptedKey);
|
||||
return aeskw.unwrap(alg, key, encryptedKey);
|
||||
}
|
||||
case 'A128GCMKW':
|
||||
case 'A192GCMKW':
|
||||
case 'A256GCMKW': {
|
||||
assertEncryptedKey(encryptedKey);
|
||||
if (typeof joseHeader.iv !== 'string')
|
||||
throw new JWEInvalid(`JOSE Header "iv" (Initialization Vector) missing or invalid`);
|
||||
if (typeof joseHeader.tag !== 'string')
|
||||
throw new JWEInvalid(`JOSE Header "tag" (Authentication Tag) missing or invalid`);
|
||||
let iv;
|
||||
iv = decodeBase64url(joseHeader.iv, 'iv', JWEInvalid);
|
||||
let tag;
|
||||
tag = decodeBase64url(joseHeader.tag, 'tag', JWEInvalid);
|
||||
return aesGcmKwUnwrap(alg, key, encryptedKey, iv, tag);
|
||||
}
|
||||
default: {
|
||||
throw new JOSENotSupported(unsupportedAlgHeader);
|
||||
}
|
||||
}
|
||||
}
|
||||
export async function encryptKeyManagement(alg, enc, key, providedCek, providedParameters = {}) {
|
||||
let encryptedKey;
|
||||
let parameters;
|
||||
let cek;
|
||||
switch (alg) {
|
||||
case 'dir': {
|
||||
cek = key;
|
||||
break;
|
||||
}
|
||||
case 'ECDH-ES':
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW': {
|
||||
assertCryptoKey(key);
|
||||
if (!ecdhes.allowed(key)) {
|
||||
throw new JOSENotSupported('ECDH with the provided key is not allowed or not supported by your javascript runtime');
|
||||
}
|
||||
const { apu, apv } = providedParameters;
|
||||
let ephemeralKey;
|
||||
if (providedParameters.epk) {
|
||||
ephemeralKey = (await normalizeKey(providedParameters.epk, alg));
|
||||
}
|
||||
else {
|
||||
ephemeralKey = (await crypto.subtle.generateKey(key.algorithm, true, ['deriveBits'])).privateKey;
|
||||
}
|
||||
const { x, y, crv, kty } = await exportJWK(ephemeralKey);
|
||||
const sharedSecret = await ecdhes.deriveKey(key, ephemeralKey, alg === 'ECDH-ES' ? enc : alg, alg === 'ECDH-ES' ? cekLength(enc) : parseInt(alg.slice(-5, -2), 10), apu, apv);
|
||||
parameters = { epk: { x, crv, kty } };
|
||||
if (kty === 'EC')
|
||||
parameters.epk.y = y;
|
||||
if (apu)
|
||||
parameters.apu = b64u(apu);
|
||||
if (apv)
|
||||
parameters.apv = b64u(apv);
|
||||
if (alg === 'ECDH-ES') {
|
||||
cek = sharedSecret;
|
||||
break;
|
||||
}
|
||||
cek = providedCek || generateCek(enc);
|
||||
const kwAlg = alg.slice(-6);
|
||||
encryptedKey = await aeskw.wrap(kwAlg, sharedSecret, cek);
|
||||
break;
|
||||
}
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512': {
|
||||
cek = providedCek || generateCek(enc);
|
||||
assertCryptoKey(key);
|
||||
encryptedKey = await rsaes.encrypt(alg, key, cek);
|
||||
break;
|
||||
}
|
||||
case 'PBES2-HS256+A128KW':
|
||||
case 'PBES2-HS384+A192KW':
|
||||
case 'PBES2-HS512+A256KW': {
|
||||
cek = providedCek || generateCek(enc);
|
||||
const { p2c, p2s } = providedParameters;
|
||||
({ encryptedKey, ...parameters } = await pbes2kw.wrap(alg, key, cek, p2c, p2s));
|
||||
break;
|
||||
}
|
||||
case 'A128KW':
|
||||
case 'A192KW':
|
||||
case 'A256KW': {
|
||||
cek = providedCek || generateCek(enc);
|
||||
encryptedKey = await aeskw.wrap(alg, key, cek);
|
||||
break;
|
||||
}
|
||||
case 'A128GCMKW':
|
||||
case 'A192GCMKW':
|
||||
case 'A256GCMKW': {
|
||||
cek = providedCek || generateCek(enc);
|
||||
const { iv } = providedParameters;
|
||||
({ encryptedKey, ...parameters } = await aesGcmKwWrap(alg, key, cek, iv));
|
||||
break;
|
||||
}
|
||||
default: {
|
||||
throw new JOSENotSupported(unsupportedAlgHeader);
|
||||
}
|
||||
}
|
||||
return { cek, encryptedKey, parameters };
|
||||
}
|
||||
31
node_modules/jose/dist/webapi/lib/key_to_jwk.js
generated
vendored
Normal file
31
node_modules/jose/dist/webapi/lib/key_to_jwk.js
generated
vendored
Normal file
@@ -0,0 +1,31 @@
|
||||
import { invalidKeyInput } from './invalid_key_input.js';
|
||||
import { encode as b64u } from '../util/base64url.js';
|
||||
import { isCryptoKey, isKeyObject } from './is_key_like.js';
|
||||
export async function keyToJWK(key) {
|
||||
if (isKeyObject(key)) {
|
||||
if (key.type === 'secret') {
|
||||
key = key.export();
|
||||
}
|
||||
else {
|
||||
return key.export({ format: 'jwk' });
|
||||
}
|
||||
}
|
||||
if (key instanceof Uint8Array) {
|
||||
return {
|
||||
kty: 'oct',
|
||||
k: b64u(key),
|
||||
};
|
||||
}
|
||||
if (!isCryptoKey(key)) {
|
||||
throw new TypeError(invalidKeyInput(key, 'CryptoKey', 'KeyObject', 'Uint8Array'));
|
||||
}
|
||||
if (!key.extractable) {
|
||||
throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK');
|
||||
}
|
||||
const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key);
|
||||
if (jwk.kty === 'AKP') {
|
||||
;
|
||||
jwk.alg = alg;
|
||||
}
|
||||
return jwk;
|
||||
}
|
||||
166
node_modules/jose/dist/webapi/lib/normalize_key.js
generated
vendored
Normal file
166
node_modules/jose/dist/webapi/lib/normalize_key.js
generated
vendored
Normal file
@@ -0,0 +1,166 @@
|
||||
import { isJWK } from './type_checks.js';
|
||||
import { decode } from '../util/base64url.js';
|
||||
import { jwkToKey } from './jwk_to_key.js';
|
||||
import { isCryptoKey, isKeyObject } from './is_key_like.js';
|
||||
const unusableForAlg = 'given KeyObject instance cannot be used for this algorithm';
|
||||
let cache;
|
||||
const handleJWK = async (key, jwk, alg, freeze = false) => {
|
||||
cache ||= new WeakMap();
|
||||
let cached = cache.get(key);
|
||||
if (cached?.[alg]) {
|
||||
return cached[alg];
|
||||
}
|
||||
const cryptoKey = await jwkToKey({ ...jwk, alg });
|
||||
if (freeze)
|
||||
Object.freeze(key);
|
||||
if (!cached) {
|
||||
cache.set(key, { [alg]: cryptoKey });
|
||||
}
|
||||
else {
|
||||
cached[alg] = cryptoKey;
|
||||
}
|
||||
return cryptoKey;
|
||||
};
|
||||
const handleKeyObject = (keyObject, alg) => {
|
||||
cache ||= new WeakMap();
|
||||
let cached = cache.get(keyObject);
|
||||
if (cached?.[alg]) {
|
||||
return cached[alg];
|
||||
}
|
||||
const isPublic = keyObject.type === 'public';
|
||||
const extractable = isPublic ? true : false;
|
||||
let cryptoKey;
|
||||
if (keyObject.asymmetricKeyType === 'x25519') {
|
||||
switch (alg) {
|
||||
case 'ECDH-ES':
|
||||
case 'ECDH-ES+A128KW':
|
||||
case 'ECDH-ES+A192KW':
|
||||
case 'ECDH-ES+A256KW':
|
||||
break;
|
||||
default:
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, isPublic ? [] : ['deriveBits']);
|
||||
}
|
||||
if (keyObject.asymmetricKeyType === 'ed25519') {
|
||||
if (alg !== 'EdDSA' && alg !== 'Ed25519') {
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [
|
||||
isPublic ? 'verify' : 'sign',
|
||||
]);
|
||||
}
|
||||
switch (keyObject.asymmetricKeyType) {
|
||||
case 'ml-dsa-44':
|
||||
case 'ml-dsa-65':
|
||||
case 'ml-dsa-87': {
|
||||
if (alg !== keyObject.asymmetricKeyType.toUpperCase()) {
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [
|
||||
isPublic ? 'verify' : 'sign',
|
||||
]);
|
||||
}
|
||||
}
|
||||
if (keyObject.asymmetricKeyType === 'rsa') {
|
||||
let hash;
|
||||
switch (alg) {
|
||||
case 'RSA-OAEP':
|
||||
hash = 'SHA-1';
|
||||
break;
|
||||
case 'RS256':
|
||||
case 'PS256':
|
||||
case 'RSA-OAEP-256':
|
||||
hash = 'SHA-256';
|
||||
break;
|
||||
case 'RS384':
|
||||
case 'PS384':
|
||||
case 'RSA-OAEP-384':
|
||||
hash = 'SHA-384';
|
||||
break;
|
||||
case 'RS512':
|
||||
case 'PS512':
|
||||
case 'RSA-OAEP-512':
|
||||
hash = 'SHA-512';
|
||||
break;
|
||||
default:
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
if (alg.startsWith('RSA-OAEP')) {
|
||||
return keyObject.toCryptoKey({
|
||||
name: 'RSA-OAEP',
|
||||
hash,
|
||||
}, extractable, isPublic ? ['encrypt'] : ['decrypt']);
|
||||
}
|
||||
cryptoKey = keyObject.toCryptoKey({
|
||||
name: alg.startsWith('PS') ? 'RSA-PSS' : 'RSASSA-PKCS1-v1_5',
|
||||
hash,
|
||||
}, extractable, [isPublic ? 'verify' : 'sign']);
|
||||
}
|
||||
if (keyObject.asymmetricKeyType === 'ec') {
|
||||
const nist = new Map([
|
||||
['prime256v1', 'P-256'],
|
||||
['secp384r1', 'P-384'],
|
||||
['secp521r1', 'P-521'],
|
||||
]);
|
||||
const namedCurve = nist.get(keyObject.asymmetricKeyDetails?.namedCurve);
|
||||
if (!namedCurve) {
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
const expectedCurve = { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' };
|
||||
if (expectedCurve[alg] && namedCurve === expectedCurve[alg]) {
|
||||
cryptoKey = keyObject.toCryptoKey({
|
||||
name: 'ECDSA',
|
||||
namedCurve,
|
||||
}, extractable, [isPublic ? 'verify' : 'sign']);
|
||||
}
|
||||
if (alg.startsWith('ECDH-ES')) {
|
||||
cryptoKey = keyObject.toCryptoKey({
|
||||
name: 'ECDH',
|
||||
namedCurve,
|
||||
}, extractable, isPublic ? [] : ['deriveBits']);
|
||||
}
|
||||
}
|
||||
if (!cryptoKey) {
|
||||
throw new TypeError(unusableForAlg);
|
||||
}
|
||||
if (!cached) {
|
||||
cache.set(keyObject, { [alg]: cryptoKey });
|
||||
}
|
||||
else {
|
||||
cached[alg] = cryptoKey;
|
||||
}
|
||||
return cryptoKey;
|
||||
};
|
||||
export async function normalizeKey(key, alg) {
|
||||
if (key instanceof Uint8Array) {
|
||||
return key;
|
||||
}
|
||||
if (isCryptoKey(key)) {
|
||||
return key;
|
||||
}
|
||||
if (isKeyObject(key)) {
|
||||
if (key.type === 'secret') {
|
||||
return key.export();
|
||||
}
|
||||
if ('toCryptoKey' in key && typeof key.toCryptoKey === 'function') {
|
||||
try {
|
||||
return handleKeyObject(key, alg);
|
||||
}
|
||||
catch (err) {
|
||||
if (err instanceof TypeError) {
|
||||
throw err;
|
||||
}
|
||||
}
|
||||
}
|
||||
let jwk = key.export({ format: 'jwk' });
|
||||
return handleJWK(key, jwk, alg);
|
||||
}
|
||||
if (isJWK(key)) {
|
||||
if (key.k) {
|
||||
return decode(key.k);
|
||||
}
|
||||
return handleJWK(key, key, alg, true);
|
||||
}
|
||||
throw new Error('unreachable');
|
||||
}
|
||||
39
node_modules/jose/dist/webapi/lib/pbes2kw.js
generated
vendored
Normal file
39
node_modules/jose/dist/webapi/lib/pbes2kw.js
generated
vendored
Normal file
@@ -0,0 +1,39 @@
|
||||
import { encode as b64u } from '../util/base64url.js';
|
||||
import * as aeskw from './aeskw.js';
|
||||
import { checkEncCryptoKey } from './crypto_key.js';
|
||||
import { concat, encode } from './buffer_utils.js';
|
||||
import { JWEInvalid } from '../util/errors.js';
|
||||
function getCryptoKey(key, alg) {
|
||||
if (key instanceof Uint8Array) {
|
||||
return crypto.subtle.importKey('raw', key, 'PBKDF2', false, [
|
||||
'deriveBits',
|
||||
]);
|
||||
}
|
||||
checkEncCryptoKey(key, alg, 'deriveBits');
|
||||
return key;
|
||||
}
|
||||
const concatSalt = (alg, p2sInput) => concat(encode(alg), Uint8Array.of(0x00), p2sInput);
|
||||
async function deriveKey(p2s, alg, p2c, key) {
|
||||
if (!(p2s instanceof Uint8Array) || p2s.length < 8) {
|
||||
throw new JWEInvalid('PBES2 Salt Input must be 8 or more octets');
|
||||
}
|
||||
const salt = concatSalt(alg, p2s);
|
||||
const keylen = parseInt(alg.slice(13, 16), 10);
|
||||
const subtleAlg = {
|
||||
hash: `SHA-${alg.slice(8, 11)}`,
|
||||
iterations: p2c,
|
||||
name: 'PBKDF2',
|
||||
salt,
|
||||
};
|
||||
const cryptoKey = await getCryptoKey(key, alg);
|
||||
return new Uint8Array(await crypto.subtle.deriveBits(subtleAlg, cryptoKey, keylen));
|
||||
}
|
||||
export async function wrap(alg, key, cek, p2c = 2048, p2s = crypto.getRandomValues(new Uint8Array(16))) {
|
||||
const derived = await deriveKey(p2s, alg, p2c, key);
|
||||
const encryptedKey = await aeskw.wrap(alg.slice(-6), derived, cek);
|
||||
return { encryptedKey, p2c, p2s: b64u(p2s) };
|
||||
}
|
||||
export async function unwrap(alg, key, encryptedKey, p2c, p2s) {
|
||||
const derived = await deriveKey(p2s, alg, p2c, key);
|
||||
return aeskw.unwrap(alg.slice(-6), derived, encryptedKey);
|
||||
}
|
||||
24
node_modules/jose/dist/webapi/lib/rsaes.js
generated
vendored
Normal file
24
node_modules/jose/dist/webapi/lib/rsaes.js
generated
vendored
Normal file
@@ -0,0 +1,24 @@
|
||||
import { checkEncCryptoKey } from './crypto_key.js';
|
||||
import { checkKeyLength } from './signing.js';
|
||||
import { JOSENotSupported } from '../util/errors.js';
|
||||
const subtleAlgorithm = (alg) => {
|
||||
switch (alg) {
|
||||
case 'RSA-OAEP':
|
||||
case 'RSA-OAEP-256':
|
||||
case 'RSA-OAEP-384':
|
||||
case 'RSA-OAEP-512':
|
||||
return 'RSA-OAEP';
|
||||
default:
|
||||
throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
|
||||
}
|
||||
};
|
||||
export async function encrypt(alg, key, cek) {
|
||||
checkEncCryptoKey(key, alg, 'encrypt');
|
||||
checkKeyLength(alg, key);
|
||||
return new Uint8Array(await crypto.subtle.encrypt(subtleAlgorithm(alg), key, cek));
|
||||
}
|
||||
export async function decrypt(alg, key, encryptedKey) {
|
||||
checkEncCryptoKey(key, alg, 'decrypt');
|
||||
checkKeyLength(alg, key);
|
||||
return new Uint8Array(await crypto.subtle.decrypt(subtleAlgorithm(alg), key, encryptedKey));
|
||||
}
|
||||
68
node_modules/jose/dist/webapi/lib/signing.js
generated
vendored
Normal file
68
node_modules/jose/dist/webapi/lib/signing.js
generated
vendored
Normal file
@@ -0,0 +1,68 @@
|
||||
import { JOSENotSupported } from '../util/errors.js';
|
||||
import { checkSigCryptoKey } from './crypto_key.js';
|
||||
import { invalidKeyInput } from './invalid_key_input.js';
|
||||
export function checkKeyLength(alg, key) {
|
||||
if (alg.startsWith('RS') || alg.startsWith('PS')) {
|
||||
const { modulusLength } = key.algorithm;
|
||||
if (typeof modulusLength !== 'number' || modulusLength < 2048) {
|
||||
throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
|
||||
}
|
||||
}
|
||||
}
|
||||
function subtleAlgorithm(alg, algorithm) {
|
||||
const hash = `SHA-${alg.slice(-3)}`;
|
||||
switch (alg) {
|
||||
case 'HS256':
|
||||
case 'HS384':
|
||||
case 'HS512':
|
||||
return { hash, name: 'HMAC' };
|
||||
case 'PS256':
|
||||
case 'PS384':
|
||||
case 'PS512':
|
||||
return { hash, name: 'RSA-PSS', saltLength: parseInt(alg.slice(-3), 10) >> 3 };
|
||||
case 'RS256':
|
||||
case 'RS384':
|
||||
case 'RS512':
|
||||
return { hash, name: 'RSASSA-PKCS1-v1_5' };
|
||||
case 'ES256':
|
||||
case 'ES384':
|
||||
case 'ES512':
|
||||
return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };
|
||||
case 'Ed25519':
|
||||
case 'EdDSA':
|
||||
return { name: 'Ed25519' };
|
||||
case 'ML-DSA-44':
|
||||
case 'ML-DSA-65':
|
||||
case 'ML-DSA-87':
|
||||
return { name: alg };
|
||||
default:
|
||||
throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
|
||||
}
|
||||
}
|
||||
async function getSigKey(alg, key, usage) {
|
||||
if (key instanceof Uint8Array) {
|
||||
if (!alg.startsWith('HS')) {
|
||||
throw new TypeError(invalidKeyInput(key, 'CryptoKey', 'KeyObject', 'JSON Web Key'));
|
||||
}
|
||||
return crypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]);
|
||||
}
|
||||
checkSigCryptoKey(key, alg, usage);
|
||||
return key;
|
||||
}
|
||||
export async function sign(alg, key, data) {
|
||||
const cryptoKey = await getSigKey(alg, key, 'sign');
|
||||
checkKeyLength(alg, cryptoKey);
|
||||
const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);
|
||||
return new Uint8Array(signature);
|
||||
}
|
||||
export async function verify(alg, key, signature, data) {
|
||||
const cryptoKey = await getSigKey(alg, key, 'verify');
|
||||
checkKeyLength(alg, cryptoKey);
|
||||
const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);
|
||||
try {
|
||||
return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);
|
||||
}
|
||||
catch {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
40
node_modules/jose/dist/webapi/lib/type_checks.js
generated
vendored
Normal file
40
node_modules/jose/dist/webapi/lib/type_checks.js
generated
vendored
Normal file
@@ -0,0 +1,40 @@
|
||||
const isObjectLike = (value) => typeof value === 'object' && value !== null;
|
||||
export function isObject(input) {
|
||||
if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') {
|
||||
return false;
|
||||
}
|
||||
if (Object.getPrototypeOf(input) === null) {
|
||||
return true;
|
||||
}
|
||||
let proto = input;
|
||||
while (Object.getPrototypeOf(proto) !== null) {
|
||||
proto = Object.getPrototypeOf(proto);
|
||||
}
|
||||
return Object.getPrototypeOf(input) === proto;
|
||||
}
|
||||
export function isDisjoint(...headers) {
|
||||
const sources = headers.filter(Boolean);
|
||||
if (sources.length === 0 || sources.length === 1) {
|
||||
return true;
|
||||
}
|
||||
let acc;
|
||||
for (const header of sources) {
|
||||
const parameters = Object.keys(header);
|
||||
if (!acc || acc.size === 0) {
|
||||
acc = new Set(parameters);
|
||||
continue;
|
||||
}
|
||||
for (const parameter of parameters) {
|
||||
if (acc.has(parameter)) {
|
||||
return false;
|
||||
}
|
||||
acc.add(parameter);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
export const isJWK = (key) => isObject(key) && typeof key.kty === 'string';
|
||||
export const isPrivateJWK = (key) => key.kty !== 'oct' &&
|
||||
((key.kty === 'AKP' && typeof key.priv === 'string') || typeof key.d === 'string');
|
||||
export const isPublicJWK = (key) => key.kty !== 'oct' && key.d === undefined && key.priv === undefined;
|
||||
export const isSecretJWK = (key) => key.kty === 'oct' && typeof key.k === 'string';
|
||||
10
node_modules/jose/dist/webapi/lib/validate_algorithms.js
generated
vendored
Normal file
10
node_modules/jose/dist/webapi/lib/validate_algorithms.js
generated
vendored
Normal file
@@ -0,0 +1,10 @@
|
||||
export function validateAlgorithms(option, algorithms) {
|
||||
if (algorithms !== undefined &&
|
||||
(!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) {
|
||||
throw new TypeError(`"${option}" option must be an array of strings`);
|
||||
}
|
||||
if (!algorithms) {
|
||||
return undefined;
|
||||
}
|
||||
return new Set(algorithms);
|
||||
}
|
||||
33
node_modules/jose/dist/webapi/lib/validate_crit.js
generated
vendored
Normal file
33
node_modules/jose/dist/webapi/lib/validate_crit.js
generated
vendored
Normal file
@@ -0,0 +1,33 @@
|
||||
import { JOSENotSupported, JWEInvalid, JWSInvalid } from '../util/errors.js';
|
||||
export function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
|
||||
if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) {
|
||||
throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
|
||||
}
|
||||
if (!protectedHeader || protectedHeader.crit === undefined) {
|
||||
return new Set();
|
||||
}
|
||||
if (!Array.isArray(protectedHeader.crit) ||
|
||||
protectedHeader.crit.length === 0 ||
|
||||
protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) {
|
||||
throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
|
||||
}
|
||||
let recognized;
|
||||
if (recognizedOption !== undefined) {
|
||||
recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);
|
||||
}
|
||||
else {
|
||||
recognized = recognizedDefault;
|
||||
}
|
||||
for (const parameter of protectedHeader.crit) {
|
||||
if (!recognized.has(parameter)) {
|
||||
throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
|
||||
}
|
||||
if (joseHeader[parameter] === undefined) {
|
||||
throw new Err(`Extension Header Parameter "${parameter}" is missing`);
|
||||
}
|
||||
if (recognized.get(parameter) && protectedHeader[parameter] === undefined) {
|
||||
throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
|
||||
}
|
||||
}
|
||||
return new Set(protectedHeader.crit);
|
||||
}
|
||||
Reference in New Issue
Block a user