jose-browser-runtime - npm Package Compare versions

Comparing version 3.11.1 to 3.11.2

dist/browser/runtime/get_sign_verify_key.js

dist/browser/jwks/remote.js

		@@ -17,2 +17,5 @@ import parseJWK from '../jwk/parse.js';
		}
		function isJWKLike(key) {
		return key && typeof key === 'object';
		}
		class RemoteJWKSet {
		@@ -108,6 +111,6 @@ constructor(url, options) {
		!Array.isArray(json.keys) \|\|
		json.keys.some((key) => typeof key !== 'object' \|\| !key)) {
		!json.keys.every(isJWKLike)) {
		throw new JWKSInvalid('JSON Web Key Set malformed');
		}
		this._jwks = json;
		this._jwks = { keys: json.keys };
		this._cooldownStarted = Date.now();
		@@ -114,0 +117,0 @@ this._pendingFetch = undefined;

dist/browser/lib/buffer_utils.js

		@@ -48,6 +48,6 @@ export const encoder = new TextEncoder();
		if (!res) {
		res = await digest(buf);
		res = await digest('sha256', buf);
		}
		else {
		res = concat(res, await digest(buf));
		res = concat(res, await digest('sha256', buf));
		}
		@@ -54,0 +54,0 @@ }

dist/browser/lib/is_object.js

		export default function isObject(input) {
		return !!input && input.constructor === Object;
		return typeof input === 'object' && !!input && input.constructor === Object;
		}

dist/browser/lib/jwt_claims_set.js

		@@ -10,3 +10,6 @@ import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';
		}
		return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
		if (Array.isArray(audPayload)) {
		return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
		}
		return false;
		};
		@@ -30,3 +33,3 @@ export default (protectedHeader, encodedPayload, options = {}) => {
		const { issuer } = options;
		if (issuer && !(typeof issuer === 'string' ? [issuer] : issuer).includes(payload.iss)) {
		if (issuer && !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {
		throw new JWTClaimValidationFailed('unexpected "iss" claim value', 'iss', 'check_failed');
		@@ -33,0 +36,0 @@ }

dist/browser/runtime/aeskw.js

		import bogusWebCrypto from './bogus.js';
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		function checkKeySize(key, alg) {
		@@ -8,10 +8,13 @@ if (key.algorithm.length !== parseInt(alg.substr(1, 3), 10)) {
		}
		export const wrap = async (alg, key, cek) => {
		let cryptoKey;
		function getCryptoKey(key, usage) {
		if (isCryptoKey(key)) {
		return key;
		}
		if (key instanceof Uint8Array) {
		cryptoKey = await crypto.subtle.importKey('raw', key, 'AES-KW', true, ['wrapKey']);
		return crypto.subtle.importKey('raw', key, 'AES-KW', true, [usage]);
		}
		else {
		cryptoKey = key;
		}
		throw new TypeError('invalid key input');
		}
		export const wrap = async (alg, key, cek) => {
		const cryptoKey = await getCryptoKey(key, 'wrapKey');
		checkKeySize(cryptoKey, alg);
		@@ -22,9 +25,3 @@ const cryptoKeyCek = await crypto.subtle.importKey('raw', cek, ...bogusWebCrypto);
		export const unwrap = async (alg, key, encryptedKey) => {
		let cryptoKey;
		if (key instanceof Uint8Array) {
		cryptoKey = await crypto.subtle.importKey('raw', key, 'AES-KW', true, ['unwrapKey']);
		}
		else {
		cryptoKey = key;
		}
		const cryptoKey = await getCryptoKey(key, 'unwrapKey');
		checkKeySize(cryptoKey, alg);
		@@ -31,0 +28,0 @@ const cryptoKeyCek = await crypto.subtle.unwrapKey('raw', encryptedKey, cryptoKey, 'AES-KW', ...bogusWebCrypto);

dist/browser/runtime/decrypt.js

		@@ -6,3 +6,3 @@ import { concat, uint64be } from '../lib/buffer_utils.js';
		import { JWEDecryptionFailed } from '../util/errors.js';
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {
		@@ -51,2 +51,5 @@ const keySize = parseInt(enc.substr(1, 3), 10);
		const decrypt = async (enc, cek, ciphertext, iv, tag, aad) => {
		if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
		throw new TypeError('invalid key input');
		}
		checkCekLength(enc, cek);
		@@ -53,0 +56,0 @@ checkIvLength(enc, iv);

dist/browser/runtime/ecdhes.js

		@@ -1,6 +0,11 @@
		import { encoder, concat, uint32be, lengthAndInput, concatKdf as KDF, } from '../lib/buffer_utils.js';
		import crypto from './webcrypto.js';
		import { encoder, concat, uint32be, lengthAndInput, concatKdf } from '../lib/buffer_utils.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		import digest from './digest.js';
		const concatKdf = KDF.bind(undefined, digest.bind(undefined, 'sha256'));
		export const deriveKey = async (publicKey, privateKey, algorithm, keyLength, apu = new Uint8Array(0), apv = new Uint8Array(0)) => {
		if (!isCryptoKey(publicKey)) {
		throw new TypeError('invalid key input');
		}
		if (!isCryptoKey(privateKey)) {
		throw new TypeError('invalid key input');
		}
		const value = concat(lengthAndInput(encoder.encode(algorithm)), lengthAndInput(apu), lengthAndInput(apv), uint32be(keyLength));
		@@ -15,11 +20,24 @@ if (!privateKey.usages.includes('deriveBits')) {
		3));
		return concatKdf(sharedSecret, keyLength, value);
		return concatKdf(digest, sharedSecret, keyLength, value);
		};
		export const ephemeralKeyToPublicJWK = async function ephemeralKeyToPublicJWK(key) {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		const { crv, kty, x, y } = await crypto.subtle.exportKey('jwk', key);
		return { crv, kty, x, y };
		};
		export const generateEpk = async (key) => (await crypto.subtle.generateKey({ name: 'ECDH', namedCurve: key.algorithm.namedCurve }, true, ['deriveBits'])).privateKey;
		export const generateEpk = async (key) => {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		return (await crypto.subtle.generateKey({ name: 'ECDH', namedCurve: key.algorithm.namedCurve }, true, ['deriveBits'])).privateKey;
		};
		export const publicJwkToEphemeralKey = (jwk) => crypto.subtle.importKey('jwk', jwk, { name: 'ECDH', namedCurve: jwk.crv }, true, []);
		const curves = ['P-256', 'P-384', 'P-521'];
		export const ecdhAllowed = (key) => curves.includes(key.algorithm.namedCurve);
		export const ecdhAllowed = (key) => {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		return curves.includes(key.algorithm.namedCurve);
		};

dist/browser/runtime/encrypt.js

		import { concat, uint64be } from '../lib/buffer_utils.js';
		import checkIvLength from '../lib/check_iv_length.js';
		import checkCekLength from './check_cek_length.js';
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		async function cbcEncrypt(enc, plaintext, cek, iv, aad) {
		@@ -35,2 +35,5 @@ const keySize = parseInt(enc.substr(1, 3), 10);
		const encrypt = async (enc, plaintext, cek, iv, aad) => {
		if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
		throw new TypeError('invalid key input');
		}
		checkCekLength(enc, cek);
		@@ -37,0 +40,0 @@ checkIvLength(enc, iv);

dist/browser/runtime/key_to_jwk.js

		@@ -1,3 +0,6 @@
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		const keyToJWK = async (key) => {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		if (!key.extractable) {
		@@ -4,0 +7,0 @@ throw new TypeError('non-extractable key cannot be extracted as a JWK');

dist/browser/runtime/pbes2kw.js

		@@ -6,3 +6,12 @@ import random from './random.js';
		import checkP2s from '../lib/check_p2s.js';
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		function getCryptoKey(key) {
		if (key instanceof Uint8Array) {
		return crypto.subtle.importKey('raw', key, 'PBKDF2', false, ['deriveBits']);
		}
		if (isCryptoKey(key)) {
		return key;
		}
		throw new TypeError('invalid key input');
		}
		export const encrypt = async (alg, key, cek, p2c = Math.floor(Math.random() * 2049) + 2048, p2s = random(new Uint8Array(16))) => {
		@@ -22,9 +31,3 @@ checkP2s(p2s);
		};
		let cryptoKey;
		if (key instanceof Uint8Array) {
		cryptoKey = await crypto.subtle.importKey('raw', key, 'PBKDF2', false, ['deriveBits']);
		}
		else {
		cryptoKey = key;
		}
		const cryptoKey = await getCryptoKey(key);
		let derived;
		@@ -57,9 +60,3 @@ if (cryptoKey.usages.includes('deriveBits')) {
		};
		let cryptoKey;
		if (key instanceof Uint8Array) {
		cryptoKey = await crypto.subtle.importKey('raw', key, 'PBKDF2', false, ['deriveBits']);
		}
		else {
		cryptoKey = key;
		}
		const cryptoKey = await getCryptoKey(key);
		let derived;
		@@ -66,0 +63,0 @@ if (cryptoKey.usages.includes('deriveBits')) {

dist/browser/runtime/rsaes.js

		import subtleAlgorithm from './subtle_rsaes.js';
		import bogusWebCrypto from './bogus.js';
		import crypto from './webcrypto.js';
		import crypto, { isCryptoKey } from './webcrypto.js';
		import checkKeyLength from './check_key_length.js';
		export const encrypt = async (alg, key, cek) => {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		checkKeyLength(alg, key);
		@@ -17,2 +20,5 @@ if (key.usages.includes('encrypt')) {
		export const decrypt = async (alg, key, encryptedKey) => {
		if (!isCryptoKey(key)) {
		throw new TypeError('invalid key input');
		}
		checkKeyLength(alg, key);
		@@ -19,0 +25,0 @@ if (key.usages.includes('decrypt')) {

dist/browser/runtime/sign.js

		import subtleAlgorithm from './subtle_dsa.js';
		import crypto from './webcrypto.js';
		import checkKeyLength from './check_key_length.js';
		import getSignKey from './get_sign_verify_key.js';
		const sign = async (alg, key, data) => {
		let cryptoKey;
		if (key instanceof Uint8Array) {
		if (!alg.startsWith('HS')) {
		throw new TypeError('symmetric keys are only applicable for HMAC-based algorithms');
		}
		cryptoKey = await crypto.subtle.importKey('raw', key, { hash: { name: `SHA-${alg.substr(-3)}` }, name: 'HMAC' }, false, ['sign']);
		}
		else {
		cryptoKey = key;
		}
		const cryptoKey = await getSignKey(alg, key, 'sign');
		checkKeyLength(alg, cryptoKey);
		@@ -16,0 +8,0 @@ const signature = await crypto.subtle.sign(subtleAlgorithm(alg), cryptoKey, data);

dist/browser/runtime/verify.js

		import subtleAlgorithm from './subtle_dsa.js';
		import crypto from './webcrypto.js';
		import checkKeyLength from './check_key_length.js';
		import getVerifyKey from './get_sign_verify_key.js';
		const verify = async (alg, key, signature, data) => {
		let cryptoKey;
		if (key instanceof Uint8Array) {
		if (!alg.startsWith('HS')) {
		throw new TypeError('symmetric keys are only applicable for HMAC-based algorithms');
		}
		cryptoKey = await crypto.subtle.importKey('raw', key, { hash: { name: `SHA-${alg.substr(-3)}` }, name: 'HMAC' }, false, ['verify']);
		}
		else {
		cryptoKey = key;
		}
		const cryptoKey = await getVerifyKey(alg, key, 'verify');
		checkKeyLength(alg, cryptoKey);
		@@ -16,0 +8,0 @@ const algorithm = subtleAlgorithm(alg);

dist/browser/runtime/webcrypto.js

		import globalThis from './global.js';
		export default globalThis.crypto;
		export function isCryptoKey(key) {
		return key instanceof globalThis.CryptoKey;
		}

dist/types/types.d.ts

		@@ -83,2 +83,3 @@ /// <reference lib="dom"/>

		/* eslint-disable jsdoc/check-indentation */
		/**
		@@ -88,7 +89,11 @@ * KeyLike are platform-specific references to keying material.
		* - [KeyObject](https://nodejs.org/api/crypto.html#crypto_class_keyobject) instances come from
		* node's [crypto module](https://nodejs.org/api/crypto.html) (see crypto.generateKeyPair,
		* crypto.createPublicKey, crypto.createPrivateKey, crypto.createSecretKey).
		* - [CryptoKey](https://www.w3.org/TR/WebCryptoAPI) instances come from
		* [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI) (see SubtleCrypto.importKey,
		* SubtleCrypto.generateKey, SubtleCrypto.deriveKey, SubtleCrypto.unwrapKey).
		* node's [crypto module](https://nodejs.org/api/crypto.html), e.g.:
		* - [crypto.generateKeyPair](https://nodejs.org/api/crypto.html#crypto_crypto_generatekeypair_type_options_callback)
		* - [crypto.createPublicKey](https://nodejs.org/api/crypto.html#crypto_crypto_createpublickey_key)
		* - [crypto.createPrivateKey](https://nodejs.org/api/crypto.html#crypto_crypto_createprivatekey_key)
		* - [crypto.createSecretKey](https://nodejs.org/api/crypto.html#crypto_crypto_createsecretkey_key_encoding)
		* - [CryptoKey](https://developer.mozilla.org/en-US/docs/Web/API/CryptoKey) instances come from
		* [Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI), e.g.:
		* - [SubtleCrypto.importKey](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey)
		* - [SubtleCrypto.generateKey](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey)
		* - [Uint8Array](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array)
		@@ -99,2 +104,3 @@ * is used exclusively for symmetric secret representations, a CryptoKey or KeyObject is
		export type KeyLike = KeyObject \| CryptoKey \| Uint8Array
		/* eslint-enable */

		@@ -239,3 +245,3 @@ /**
		*/
		[propName: string]: any
		[propName: string]: unknown
		}
		@@ -355,3 +361,3 @@
		*/
		[propName: string]: any
		[propName: string]: unknown
		}
		@@ -522,3 +528,3 @@
		*/
		[propName: string]: any
		[propName: string]: unknown
		}
		@@ -525,0 +531,0 @@

package.json

		{
		"name": "jose-browser-runtime",
		"version": "3.11.1",
		"version": "3.11.2",
		"description": "(Browser Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies",
		@@ -5,0 +5,0 @@ "keywords": [

jose-browser-runtime - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics