did-jwt - npm Package Compare versions

Comparing version 5.12.4 to 6.0.0

lib/index.d.ts

		@@ -13,2 +13,3 @@ import SimpleSigner from './signers/SimpleSigner';
		export { JWTOptions, JWTVerifyOptions } from './JWT';
		export { base64ToBytes, base58ToBytes, hexToBytes } from './util';
		//# sourceMappingURL=index.d.ts.map

lib/signers/EdDSASigner.d.ts

		@@ -13,6 +13,6 @@ import { Signer } from '../JWT';
		*
		* @param {String} secretKey a 64 byte secret key as `Uint8Array` or encoded as `base64`, `base58`, or `hex` string
		* @param {String} secretKey a 64 byte secret key as `Uint8Array`
		* @return {Function} a configured signer function `(data: string \| Uint8Array): Promise<string>`
		*/
		export declare function EdDSASigner(secretKey: string \| Uint8Array): Signer;
		export declare function EdDSASigner(secretKey: Uint8Array): Signer;
		//# sourceMappingURL=EdDSASigner.d.ts.map

lib/signers/ES256KSigner.d.ts

		@@ -13,7 +13,7 @@ import { Signer } from '../JWT';
		*
		* @param {String} privateKey a private key as `Uint8Array` or encoded as `base64`, `base58`, or `hex` string
		* @param {String} privateKey a private key as `Uint8Array`
		* @param {Boolean} recoverable an optional flag to add the recovery param to the generated signatures
		* @return {Function} a configured signer function `(data: string \| Uint8Array): Promise<string>`
		*/
		export declare function ES256KSigner(privateKey: string \| Uint8Array, recoverable?: boolean): Signer;
		export declare function ES256KSigner(privateKey: Uint8Array, recoverable?: boolean): Signer;
		//# sourceMappingURL=ES256KSigner.d.ts.map

lib/util.d.ts

		@@ -28,12 +28,3 @@ import { bases } from 'multiformats/basics';
		export declare function toSealed(ciphertext: string, tag: string): Uint8Array;
		/**
		* Parses a private key and returns the Uint8Array representation.
		* This method uses an heuristic to determine the key encoding to then be able to parse it into 32 or 64 bytes.
		*
		* @param input a 32 or 64 byte key presented either as a Uint8Array or as a hex, base64, or base58btc encoded string
		*
		* @throws TypeError('Invalid private key format') if the key doesn't match any of the accepted formats or length
		*/
		export declare function parseKey(input: string \| Uint8Array): Uint8Array;
		export declare function leftpad(data: string, size?: number): string;
		//# sourceMappingURL=util.d.ts.map

package.json

		{
		"name": "did-jwt",
		"version": "5.12.4",
		"version": "6.0.0",
		"description": "Library for Signing and Verifying JWTs that use DIDs as issuers and JWEs that use DIDs as recipients",
		@@ -61,27 +61,27 @@ "type": "module",
		"devDependencies": {
		"@babel/core": "7.16.5",
		"@babel/preset-env": "7.16.5",
		"@babel/preset-typescript": "7.16.5",
		"@semantic-release/changelog": "5.0.1",
		"@semantic-release/git": "9.0.1",
		"@babel/core": "7.17.8",
		"@babel/preset-env": "7.16.11",
		"@babel/preset-typescript": "7.16.7",
		"@semantic-release/changelog": "6.0.1",
		"@semantic-release/git": "10.0.1",
		"@types/elliptic": "6.4.14",
		"@types/jest": "27.0.3",
		"@typescript-eslint/eslint-plugin": "4.33.0",
		"@typescript-eslint/parser": "4.33.0",
		"codecov": "3.8.2",
		"eslint": "7.32.0",
		"eslint-config-prettier": "8.3.0",
		"eslint-plugin-jest": "24.7.0",
		"@types/jest": "27.4.1",
		"@typescript-eslint/eslint-plugin": "5.16.0",
		"@typescript-eslint/parser": "5.16.0",
		"codecov": "3.8.3",
		"eslint": "8.12.0",
		"eslint-config-prettier": "8.5.0",
		"eslint-plugin-jest": "26.1.3",
		"eslint-plugin-prettier": "4.0.0",
		"jest": "27.4.5",
		"jest": "27.5.1",
		"jsontokens": "3.0.0",
		"microbundle": "0.14.2",
		"mockdate": "3.0.5",
		"prettier": "2.5.1",
		"prettier": "2.6.1",
		"regenerator-runtime": "0.13.9",
		"semantic-release": "17.4.7",
		"semantic-release": "19.0.2",
		"tweetnacl": "1.0.3",
		"typescript": "4.5.4",
		"webpack": "5.65.0",
		"webpack-cli": "4.9.1"
		"typescript": "4.6.3",
		"webpack": "5.70.0",
		"webpack-cli": "4.9.2"
		},
		@@ -92,10 +92,10 @@ "dependencies": {
		"@stablelib/sha256": "^1.0.1",
		"@stablelib/x25519": "^1.0.1",
		"@stablelib/x25519": "^1.0.2",
		"@stablelib/xchacha20poly1305": "^1.0.1",
		"bech32": "^2.0.0",
		"canonicalize": "^1.0.5",
		"canonicalize": "^1.0.8",
		"did-resolver": "^3.1.5",
		"elliptic": "^6.5.4",
		"js-sha3": "^0.8.0",
		"multiformats": "^9.4.10",
		"multiformats": "^9.6.4",
		"uint8arrays": "^3.0.0"
		@@ -102,0 +102,0 @@ },

README.md

		@@ -43,3 +43,3 @@ [![npm](https://img.shields.io/npm/dt/did-jwt.svg)](https://www.npmjs.com/package/did-jwt)
		const didJWT = require('did-jwt')
		const signer = didJWT.ES256KSigner('278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f')
		const signer = didJWT.ES256KSigner(didJWT.hexToBytes('278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'))

		@@ -46,0 +46,0 @@ let jwt = await didJWT.createJWT(

src/__tests__/EdDSASigner.test.ts

		@@ -0,1 +1,2 @@
		import { base64ToBytes, base58ToBytes, hexToBytes } from '../util'
		import { EdDSASigner } from '../signers/EdDSASigner'
		@@ -7,3 +8,3 @@
		const privKey = 'nlXR4aofRVuLqtn9+XVQNlX4s1nVQvp+TOhBBtYls1IG+sHyIkDP/WN+rWZHGIQp+v2pyct+rkM4asF/YRFQdQ=='
		const signer = EdDSASigner(privKey)
		const signer = EdDSASigner(base64ToBytes(privKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -18,3 +19,3 @@ return expect(signer(plaintext)).resolves.toEqual(
		const privKey = 'nlXR4aofRVuLqtn9-XVQNlX4s1nVQvp-TOhBBtYls1IG-sHyIkDP_WN-rWZHGIQp-v2pyct-rkM4asF_YRFQdQ'
		const signer = EdDSASigner(privKey)
		const signer = EdDSASigner(base64ToBytes(privKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -29,3 +30,3 @@ return expect(signer(plaintext)).resolves.toEqual(
		const privKey = '4AcB6rb1mUBf82U7pBzPZ53ZAQycdi4Q1LWoUREvHSRXBRo9Sus9bzCJPKVTQQeDpjHMJN7fBAGWKEnJw5SPbaC4'
		const signer = EdDSASigner(privKey)
		const signer = EdDSASigner(base58ToBytes(privKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -41,3 +42,3 @@ return expect(signer(plaintext)).resolves.toEqual(
		'9e55d1e1aa1f455b8baad9fdf975503655f8b359d542fa7e4ce84106d625b35206fac1f22240cffd637ead6647188429fafda9c9cb7eae43386ac17f61115075'
		const signer = EdDSASigner(privKey)
		const signer = EdDSASigner(hexToBytes(privKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -53,3 +54,3 @@ return expect(signer(plaintext)).resolves.toEqual(
		'0x9e55d1e1aa1f455b8baad9fdf975503655f8b359d542fa7e4ce84106d625b35206fac1f22240cffd637ead6647188429fafda9c9cb7eae43386ac17f61115075'
		const signer = EdDSASigner(privKey)
		const signer = EdDSASigner(hexToBytes(privKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -65,3 +66,3 @@ return expect(signer(plaintext)).resolves.toEqual(
		expect(() => {
		EdDSASigner(privateKey)
		EdDSASigner(hexToBytes(privateKey))
		}).toThrowError(/^bad_key: Invalid private key format.*/)
		@@ -75,5 +76,5 @@ })
		expect(() => {
		EdDSASigner(privateKey)
		EdDSASigner(hexToBytes(privateKey))
		}).toThrowError(/^bad_key: Invalid private key format.*/)
		})
		})

src/__tests__/ES256KSigner.test.ts

		@@ -0,1 +1,2 @@
		import { hexToBytes, base58ToBytes, base64ToBytes } from '../util'
		import { ES256KSigner } from '../signers/ES256KSigner'
		@@ -7,3 +8,3 @@
		const privateKey = '278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'
		const signer = ES256KSigner(privateKey)
		const signer = ES256KSigner(hexToBytes(privateKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -18,3 +19,3 @@ await expect(signer(plaintext)).resolves.toEqual(
		const privateKey = '0x278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'
		const signer = ES256KSigner(privateKey)
		const signer = ES256KSigner(hexToBytes(privateKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -29,3 +30,3 @@ await expect(signer(plaintext)).resolves.toEqual(
		const privateKey = '3fMGokRKc5yGVqbCXyGNTrp3vP1cXs86tsVSVwzhNvXQ'
		const signer = ES256KSigner(privateKey)
		const signer = ES256KSigner(base58ToBytes(privateKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -40,3 +41,3 @@ await expect(signer(plaintext)).resolves.toEqual(
		const privateKey = 'J4pd5wDin6ro5A42bsUBK17GPTbsd-iiQXFUzB0lOD8'
		const signer = ES256KSigner(privateKey)
		const signer = ES256KSigner(base64ToBytes(privateKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -51,3 +52,3 @@ await expect(signer(plaintext)).resolves.toEqual(
		const privateKey = 'J4pd5wDin6ro5A42bsUBK17GPTbsd+iiQXFUzB0lOD8='
		const signer = ES256KSigner(privateKey)
		const signer = ES256KSigner(base64ToBytes(privateKey))
		const plaintext = 'thequickbrownfoxjumpedoverthelazyprogrammer'
		@@ -63,3 +64,3 @@ await expect(signer(plaintext)).resolves.toEqual(
		expect(() => {
		ES256KSigner(privateKey)
		ES256KSigner(hexToBytes(privateKey))
		}).toThrowError(/^bad_key: Invalid private key format.*/)
		@@ -73,5 +74,5 @@ })
		expect(() => {
		ES256KSigner(privateKey)
		ES256KSigner(hexToBytes(privateKey))
		}).toThrowError(/^bad_key: Invalid private key format.*/)
		})
		})

src/__tests__/JWT.test.ts

		@@ -0,1 +1,2 @@
		import { hexToBytes, base64ToBytes } from '../util'
		import { VerificationMethod } from 'did-resolver'
		@@ -5,3 +6,2 @@ import { TokenVerifier } from 'jsontokens'
		import { fromString } from 'uint8arrays/from-string'
		import { toString } from 'uint8arrays/to-string'
		import {
		@@ -13,4 +13,4 @@ createJWS,
		resolveAuthenticator,
		SELF_ISSUED_V0_1,
		SELF_ISSUED_V2,
		SELF_ISSUED_V0_1,
		verifyJWS,
		@@ -35,5 +35,12 @@ verifyJWT,
		const verifier = new TokenVerifier(alg, publicKey)
		const signer = ES256KSigner(privateKey)
		const recoverySigner = ES256KSigner(privateKey, true)
		const signer = ES256KSigner(hexToBytes(privateKey))
		const recoverySigner = ES256KSigner(hexToBytes(privateKey), true)

		const publicKeyJwk = {
		crv: 'secp256k1',
		kty: 'EC',
		x: '_dV63sPUOOojf-RrM-4eAW7aa1hcPifqZmhsLqU1hHk',
		y: 'Rjk_gUUlLupor-Z-KHs-2bMWhbpsOwAGCnO5sSQtaPc',
		}

		const didDocLegacy = {
		@@ -58,2 +65,16 @@ '@context': 'https://w3id.org/did/v1',

		const didDocJwk = {
		'@context': 'https://w3id.org/did/v1',
		id: did,
		verificationMethod: [
		{
		id: `#keys-1`,
		type: 'EcdsaSecp256k1VerificationKey2019',
		controller: did,
		publicKeyJwk,
		},
		],
		authentication: [`#keys-1`],
		}

		const didDoc = {
		@@ -179,3 +200,3 @@ didDocument: {
		const did = 'did:nacl:BvrB8iJAz_1jfq1mRxiEKfr9qcnLfq5DOGrBf2ERUHU'
		const signer = EdDSASigner(ed25519PrivateKey)
		const signer = EdDSASigner(base64ToBytes(ed25519PrivateKey))
		const alg = 'Ed25519'
		@@ -352,2 +373,28 @@ const resolver = {

		describe('pregenerated JWT with publicKeyJwk in DID doc', () => {
		const incomingJwt =
		'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE0ODUzMjExMzMsImlzcyI6ImRpZDpldGhyOjB4OTBlNDVkNzViZDEyNDZlMDkyNDg3MjAxODY0N2RiYTk5NmE4ZTdiOSIsInJlcXVlc3RlZCI6WyJuYW1lIiwicGhvbmUiXX0.KIG2zUO8Quf3ucb9jIncZ1CmH0v-fAZlsKvesfsd9x4RzU0qrvinVd9d30DOeZOwdwEdXkET_wuPoOECwU0IKA'
		const jwkResolver = { resolve: jest.fn().mockReturnValue(didDocJwk) }

		it('verifies the JWT and return correct payload', async () => {
		expect.assertions(1)
		const { payload } = await verifyJWT(incomingJwt, { resolver: jwkResolver })
		return expect(payload).toMatchObject({
		iat: 1485321133,
		iss: 'did:ethr:0x90e45d75bd1246e0924872018647dba996a8e7b9',
		requested: ['name', 'phone'],
		})
		})

		it('verifies the JWT and return correct payload when using assertionMethod', async () => {
		expect.assertions(1)
		const { payload } = await verifyJWT(incomingJwt, { resolver: jwkResolver, proofPurpose: 'assertionMethod' })
		return expect(payload).toMatchObject({
		iat: 1485321133,
		iss: 'did:ethr:0x90e45d75bd1246e0924872018647dba996a8e7b9',
		requested: ['name', 'phone'],
		})
		})
		})

		describe('pregenerated JWT with legacy resolver', () => {
		@@ -354,0 +401,0 @@ const incomingJwt =

src/__tests__/VerifierAlgorithm.test.ts

		@@ -52,7 +52,7 @@ import VerifierAlgorithm from '../VerifierAlgorithm'
		const cosmos = toCosmosAddressWithoutPrefix(publicKey, cosmosPrefix)
		const signer = ES256KSigner(privateKey)
		const recoverySigner = ES256KSigner(privateKey, true)
		const signer = ES256KSigner(hexToBytes(privateKey))
		const recoverySigner = ES256KSigner(hexToBytes(privateKey), true)

		const ed25519PrivateKey = 'nlXR4aofRVuLqtn9+XVQNlX4s1nVQvp+TOhBBtYls1IG+sHyIkDP/WN+rWZHGIQp+v2pyct+rkM4asF/YRFQdQ=='
		const edSigner = EdDSASigner(ed25519PrivateKey)
		const edSigner = EdDSASigner(base64ToBytes(ed25519PrivateKey))
		const edKp = nacl.sign.keyPair.fromSecretKey(base64ToBytes(ed25519PrivateKey))
		@@ -59,0 +59,0 @@ const edPublicKey = bytesToBase64(edKp.publicKey)

src/index.ts

		@@ -53,1 +53,3 @@ import SimpleSigner from './signers/SimpleSigner'
		export { JWTOptions, JWTVerifyOptions } from './JWT'

		export { base64ToBytes, base58ToBytes, hexToBytes } from './util'

src/signers/EdDSASigner.ts

		import { sign } from '@stablelib/ed25519'
		import { Signer } from '../JWT'
		import { bytesToBase64url, parseKey, stringToBytes } from '../util'
		import { bytesToBase64url, stringToBytes } from '../util'

		@@ -16,7 +16,7 @@ /**
		*
		* @param {String} secretKey a 64 byte secret key as `Uint8Array` or encoded as `base64`, `base58`, or `hex` string
		* @param {String} secretKey a 64 byte secret key as `Uint8Array`
		* @return {Function} a configured signer function `(data: string \| Uint8Array): Promise<string>`
		*/
		export function EdDSASigner(secretKey: string \| Uint8Array): Signer {
		const privateKeyBytes: Uint8Array = parseKey(secretKey)
		export function EdDSASigner(secretKey: Uint8Array): Signer {
		const privateKeyBytes: Uint8Array = secretKey
		if (privateKeyBytes.length !== 64) {
		@@ -23,0 +23,0 @@ throw new Error(`bad_key: Invalid private key format. Expecting 64 bytes, but got ${privateKeyBytes.length}`)

src/signers/EllipticSigner.ts

		@@ -0,1 +1,2 @@
		import { hexToBytes } from '../util'
		import { Signer } from '../JWT'
		@@ -20,5 +21,5 @@ import { ES256KSigner } from './ES256KSigner'
		function EllipticSigner(hexPrivateKey: string): Signer {
		return ES256KSigner(hexPrivateKey)
		return ES256KSigner(hexToBytes(hexPrivateKey))
		}

		export default EllipticSigner

src/signers/ES256KSigner.ts

		@@ -1,2 +0,2 @@
		import { parseKey, leftpad } from '../util'
		import { leftpad } from '../util'
		import { toJose } from '../util'
		@@ -20,8 +20,8 @@ import { Signer } from '../JWT'
		*
		* @param {String} privateKey a private key as `Uint8Array` or encoded as `base64`, `base58`, or `hex` string
		* @param {String} privateKey a private key as `Uint8Array`
		* @param {Boolean} recoverable an optional flag to add the recovery param to the generated signatures
		* @return {Function} a configured signer function `(data: string \| Uint8Array): Promise<string>`
		*/
		export function ES256KSigner(privateKey: string \| Uint8Array, recoverable = false): Signer {
		const privateKeyBytes: Uint8Array = parseKey(privateKey)
		export function ES256KSigner(privateKey: Uint8Array, recoverable = false): Signer {
		const privateKeyBytes: Uint8Array = privateKey
		if (privateKeyBytes.length !== 32) {
		@@ -28,0 +28,0 @@ throw new Error(`bad_key: Invalid private key format. Expecting 32 bytes, but got ${privateKeyBytes.length}`)

src/signers/NaclSigner.ts

		import { EdDSASigner as EdDSASigner } from './EdDSASigner'
		import { Signer } from '../JWT'
		import { base64ToBytes } from '../util'

		@@ -23,5 +24,5 @@ /**
		function NaclSigner(base64PrivateKey: string): Signer {
		return EdDSASigner(base64PrivateKey)
		return EdDSASigner(base64ToBytes(base64PrivateKey))
		}

		export default NaclSigner

src/signers/SimpleSigner.ts

		@@ -1,2 +0,2 @@
		import { fromJose } from '../util'
		import { fromJose, hexToBytes } from '../util'
		import { Signer } from '../JWT'
		@@ -19,3 +19,3 @@ import { ES256KSigner } from './ES256KSigner'
		function SimpleSigner(hexPrivateKey: string): Signer {
		const signer = ES256KSigner(hexPrivateKey, true)
		const signer = ES256KSigner(hexToBytes(hexPrivateKey), true)
		return async (data) => {
		@@ -22,0 +22,0 @@ const signature = (await signer(data)) as string

src/util.ts

		@@ -87,32 +87,2 @@ import * as u8a from 'uint8arrays'

		const hexMatcher = /^(0x)?([a-fA-F0-9]{64}\|[a-fA-F0-9]{128})$/
		const base58Matcher = /^([1-9A-HJ-NP-Za-km-z]{44}\|[1-9A-HJ-NP-Za-km-z]{88})$/
		const base64Matcher = /^([0-9a-zA-Z=\-_+/]{43}\|[0-9a-zA-Z=\-_+/]{86})(={0,2})$/

		/**
		* Parses a private key and returns the Uint8Array representation.
		* This method uses an heuristic to determine the key encoding to then be able to parse it into 32 or 64 bytes.
		*
		* @param input a 32 or 64 byte key presented either as a Uint8Array or as a hex, base64, or base58btc encoded string
		*
		* @throws TypeError('Invalid private key format') if the key doesn't match any of the accepted formats or length
		*/
		export function parseKey(input: string \| Uint8Array): Uint8Array {
		if (typeof input === 'string') {
		if (hexMatcher.test(input)) {
		return hexToBytes(input)
		} else if (base58Matcher.test(input)) {
		return base58ToBytes(input)
		} else if (base64Matcher.test(input)) {
		return base64ToBytes(input)
		} else {
		throw TypeError('bad_key: Invalid private key format')
		}
		} else if (input instanceof Uint8Array) {
		return input
		} else {
		throw TypeError('bad_key: Invalid private key format')
		}
		}

		export function leftpad(data: string, size = 64): string {
		@@ -119,0 +89,0 @@ if (data.length === size) return data

src/__tests__/util.test.ts

dist/did-jwt.js

Sorry, the diff of this file is too big to display

lib/index.cjs