@transmute/cose
Advanced tools
@transmute/cose - npm Package Compare versions
Comparing version 0.1.1 to 0.2.0
@@ -38,2 +38,3 @@ "use strict"; | ||
| const cbor_1 = require("../../cbor"); | ||
| const Params_1 = require("../Params"); | ||
| const signer = ({ remote }) => { | ||
@@ -43,2 +44,5 @@ const coseSign1Signer = sign1.signer({ remote }); | ||
| sign: (req) => __awaiter(void 0, void 0, void 0, function* () { | ||
| if (req.unprotectedHeader === undefined) { | ||
| req.unprotectedHeader = (0, Params_1.UnprotectedHeader)([]); | ||
| } | ||
| const coseSign1 = yield coseSign1Signer.sign(req); | ||
@@ -45,0 +49,0 @@ const decoded = (0, cbor_1.decodeFirstSync)(coseSign1); |
@@ -24,3 +24,4 @@ "use strict"; | ||
| const crv = coseKey.get(-1); | ||
| if (![2].includes(kty)) { | ||
| // kty EC, kty: EK | ||
| if (![2, 5].includes(kty)) { | ||
| throw new Error('This library requires does not support the given key type'); | ||
@@ -27,0 +28,0 @@ } |
@@ -21,3 +21,3 @@ /// <reference types="node" /> | ||
| protectedHeader: ProtectedHeaderMap; | ||
| unprotectedHeader: UnprotectedHeaderMap; | ||
| unprotectedHeader?: UnprotectedHeaderMap; | ||
| payload: ArrayBuffer; | ||
@@ -24,0 +24,0 @@ externalAAD?: ArrayBuffer; |
@@ -9,2 +9,4 @@ export * from './cose/algorithms'; | ||
| export * from './x509'; | ||
| export * from './cose/Params'; | ||
| export * from './cose/encrypt'; | ||
| import * as cbor from './cbor'; | ||
@@ -11,0 +13,0 @@ import * as receipt from './cose/receipt'; |
@@ -41,2 +41,4 @@ "use strict"; | ||
| __exportStar(require("./x509"), exports); | ||
| __exportStar(require("./cose/Params"), exports); | ||
| __exportStar(require("./cose/encrypt"), exports); | ||
| const cbor = __importStar(require("./cbor")); | ||
@@ -43,0 +45,0 @@ exports.cbor = cbor; |
| { | ||
| "name": "@transmute/cose", | ||
| "version": "0.1.1", | ||
| "version": "0.2.0", | ||
| "description": "COSE and related work.", | ||
@@ -40,5 +40,6 @@ "main": "./dist/index.js", | ||
| "axios": "^1.6.7", | ||
| "cose-js": "^0.8.4", | ||
| "csv-parser": "^3.0.0", | ||
| "eslint": "^8.30.0", | ||
| "hpke-js": "^1.2.4", | ||
| "hpke-js": "^1.2.7", | ||
| "jest": "^29.3.1", | ||
@@ -54,6 +55,6 @@ "moment": "^2.30.1", | ||
| "cbor-web": "^9.0.2", | ||
| "cose-js": "^0.8.4", | ||
| "jose": "^4.14.4", | ||
| "node-hkdf-sync": "^1.0.0", | ||
| "uuid": "^9.0.1" | ||
| } | ||
| } |
@@ -32,2 +32,4 @@ # cose | ||
| ### SCITT Receipts | ||
| ```ts | ||
@@ -60,11 +62,9 @@ const issuerSecretKeyJwk = await cose.key.generate<cose.SecretKeyJwk>( | ||
| }); | ||
| const content = fs.readFileSync("./examples/image.png"); | ||
| const signatureForImage = await issuer.sign({ | ||
| protectedHeader: new Map<number, any>([ | ||
| [1, -7], // signing algorithm ES256 | ||
| [3, "image/png"], // content type image/png | ||
| [4, issuerPublicKeyJwk.kid], // issuer key identifier | ||
| protectedHeader: cose.ProtectedHeader([ | ||
| [cose.Protected.Alg, cose.Signature.ES256], // signing algorithm ES256 | ||
| [cose.Protected.ContentType, "image/png"], // content type image/png | ||
| [cose.Protected.Kid, issuerPublicKeyJwk.kid], // issuer key identifier | ||
| ]), | ||
| unprotectedHeader: new Map(), | ||
| payload: content, | ||
@@ -76,6 +76,6 @@ }); | ||
| const receiptForImageSignature = await cose.receipt.inclusion.issue({ | ||
| protectedHeader: new Map<number, any>([ | ||
| [1, -7], // signing algorithm ES256 | ||
| [-111, 1], // inclusion proof from RFC9162 | ||
| [4, notaryPublicKeyJwk.kid], // notary key identifier | ||
| protectedHeader: cose.ProtectedHeader([ | ||
| [cose.Protected.Alg, cose.Signature.ES256], | ||
| [cose.Protected.ProofType, cose.Receipt.Inclusion], | ||
| [cose.Protected.Kid, notaryPublicKeyJwk.kid], | ||
| ]), | ||
@@ -94,3 +94,3 @@ entry: 0, | ||
| const { tag, value } = cose.cbor.decodeFirstSync(coseSign1); | ||
| if (tag !== 18) { | ||
| if (tag !== cose.COSE_Sign1) { | ||
| throw new Error("Only tagged cose sign 1 are supported"); | ||
@@ -100,3 +100,3 @@ } | ||
| const protectedHeaderMap = cose.cbor.decodeFirstSync(protectedHeaderBytes); | ||
| const kid = protectedHeaderMap.get(4); | ||
| const kid = protectedHeaderMap.get(cose.Protected.Kid); | ||
| if (kid === issuerPublicKeyJwk.kid) { | ||
@@ -119,2 +119,45 @@ return issuerPublicKeyJwk; | ||
| ### HPKE | ||
| ```ts | ||
| const message = "💀 My lungs taste the air of Time Blown past falling sands ⌛"; | ||
| const plaintext = new TextEncoder().encode(message); | ||
| const encryptionKeys = { | ||
| keys: [ | ||
| { | ||
| kid: "meriadoc.brandybuck@buckland.example", | ||
| alg: "HPKE-Base-P256-SHA256-AES128GCM", | ||
| kty: "EC", | ||
| crv: "P-256", | ||
| x: "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0", | ||
| y: "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw", | ||
| }, | ||
| ], | ||
| }; | ||
| const decryptionKeys = { | ||
| keys: [ | ||
| { | ||
| kid: "meriadoc.brandybuck@buckland.example", | ||
| alg: "HPKE-Base-P256-SHA256-AES128GCM", | ||
| kty: "EC", | ||
| crv: "P-256", | ||
| x: "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0", | ||
| y: "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw", | ||
| d: "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8", | ||
| }, | ||
| ], | ||
| }; | ||
| const ciphertext = await cose.encrypt.direct({ | ||
| protectedHeader: ProtectedHeader([ | ||
| [Protected.Alg, Direct["HPKE-Base-P256-SHA256-AES128GCM"]], | ||
| ]), | ||
| plaintext, | ||
| recipients: encryptionKeys, | ||
| }); | ||
| const decrypted = await cose.decrypt.direct({ | ||
| ciphertext, | ||
| recipients: decryptionKeys, | ||
| }); | ||
| ``` | ||
| ### COSE RFCs | ||
@@ -128,3 +171,4 @@ | ||
| - [Concise Encoding of Signed Merkle Tree Proofs](https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/) | ||
| - [COSE Receipts](https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/) | ||
| - [COSE HPKE](https://datatracker.ietf.org/doc/draft-ietf-cose-hpke/) | ||
@@ -131,0 +175,0 @@ ### SCITT Drafts |
| import * as sign1 from "../sign1" | ||
| import { decodeFirstSync, encodeAsync, Sign1Tag, Tagged, toArrayBuffer } from '../../cbor' | ||
| import { UnprotectedHeader } from "../Params" | ||
@@ -9,2 +10,5 @@ export const signer = ({ remote }: sign1.RequestCoseSign1Signer) => { | ||
| sign: async (req: sign1.RequestCoseSign1) => { | ||
| if (req.unprotectedHeader === undefined) { | ||
| req.unprotectedHeader = UnprotectedHeader([]) | ||
| } | ||
| const coseSign1 = await coseSign1Signer.sign(req) | ||
@@ -11,0 +15,0 @@ const decoded = decodeFirstSync(coseSign1) |
@@ -18,3 +18,4 @@ import { base64url, calculateJwkThumbprint } from "jose"; | ||
| const crv = coseKey.get(-1) | ||
| if (![2].includes(kty)) { | ||
| // kty EC, kty: EK | ||
| if (![2, 5].includes(kty)) { | ||
| throw new Error('This library requires does not support the given key type') | ||
@@ -21,0 +22,0 @@ } |
@@ -22,3 +22,3 @@ | ||
| protectedHeader: ProtectedHeaderMap, | ||
| unprotectedHeader: UnprotectedHeaderMap, | ||
| unprotectedHeader?: UnprotectedHeaderMap, | ||
| payload: ArrayBuffer, | ||
@@ -25,0 +25,0 @@ externalAAD?: ArrayBuffer |
@@ -13,5 +13,10 @@ | ||
| import * as detached from './cose/detached' | ||
| export * from './cose/sign1' | ||
| export * from './x509' | ||
| export * from './cose/Params' | ||
| export * from './cose/encrypt' | ||
| import * as cbor from './cbor' | ||
@@ -21,4 +26,5 @@ | ||
| import * as crypto from './crypto' | ||
| export { crypto, cbor, key, attached, detached, receipt } |
Improved metrics
- Total package byte prevSize
- increased by40.85%
313707
- Number of package files
- increased by32.61%
183
- Lines of code
- increased by38.27%
7772
- Number of lines in readme file
- increased by32.35%
180
Worsened metrics
- Dev dependency count
- increased by8.33%
13
Dependency changes
+ Addednode-hkdf-sync@^1.0.0
+ Added@transmute/cose@0.1.1(transitive)
- Removedcose-js@^0.8.4