jose-browser-runtime - npm Package Compare versions

Comparing version 5.9.6 to 5.10.0

dist/browser/jwks/local.js

@@ -57,5 +57,2 @@ import { importJWK } from '../key/import.js';
             }
-            if (candidate && alg === 'EdDSA') {
-                candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';
-            }
             if (candidate) {
@@ -75,2 +72,8 @@ switch (alg) {
                         break;
+                    case 'Ed25519':
+                        candidate = jwk.crv === 'Ed25519';
+                        break;
+                    case 'EdDSA':
+                        candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';
+                        break;
                 }
@@ -77,0 +80,0 @@ }

dist/browser/jwks/remote.js

@@ -13,3 +13,3 @@ import fetchJwks from '../runtime/fetch_jwks.js';
     const NAME = 'jose';
-    const VERSION = 'v5.9.6';
+    const VERSION = 'v5.10.0';
     USER_AGENT = `${NAME}/${VERSION}`;
@@ -16,0 +16,0 @@ }

dist/browser/key/import.js

@@ -36,3 +36,3 @@ import { decode as decodeBase64URL } from '../runtime/base64url.js';
         case 'RSA':
-            if (jwk.oth !== undefined) {
+            if ('oth' in jwk && jwk.oth !== undefined) {
                 throw new JOSENotSupported('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');
@@ -39,0 +39,0 @@ }

dist/browser/lib/crypto_key.js

@@ -79,2 +79,7 @@ function unusable(name, prop = 'algorithm.name') {
         }
+        case 'Ed25519': {
+            if (!isAlgorithm(key.algorithm, 'Ed25519'))
+                throw unusable('Ed25519');
+            break;
+        }
         case 'ES256':
@@ -81,0 +86,0 @@ case 'ES384':

dist/browser/runtime/asn1.js

@@ -109,2 +109,6 @@ import crypto, { isCryptoKey } from './webcrypto.js';
         }
+        case 'Ed25519':
+            algorithm = { name: 'Ed25519' };
+            keyUsages = isPublic ? ['verify'] : ['sign'];
+            break;
         case 'EdDSA':
@@ -111,0 +115,0 @@ algorithm = { name: getNamedCurve(keyData) };

dist/browser/runtime/generate.js

@@ -100,2 +100,6 @@ import crypto from './webcrypto.js';
             break;
+        case 'Ed25519':
+            algorithm = { name: 'Ed25519' };
+            keyUsages = ['sign', 'verify'];
+            break;
         case 'EdDSA': {
@@ -102,0 +106,0 @@ keyUsages = ['sign', 'verify'];

dist/browser/runtime/jwk_to_key.js

@@ -64,2 +64,6 @@ import crypto from './webcrypto.js';
             switch (jwk.alg) {
+                case 'Ed25519':
+                    algorithm = { name: 'Ed25519' };
+                    keyUsages = jwk.d ? ['sign'] : ['verify'];
+                    break;
                 case 'EdDSA':
@@ -66,0 +70,0 @@ algorithm = { name: jwk.crv };

dist/browser/runtime/subtle_dsa.js

@@ -21,2 +21,4 @@ import { JOSENotSupported } from '../util/errors.js';
             return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };
+        case 'Ed25519':
+            return { name: 'Ed25519' };
         case 'EdDSA':
@@ -23,0 +25,0 @@ return { name: algorithm.name };

dist/types/types.d.ts

@@ -99,12 +99,2 @@ /**
   dq: string
-  /**
-   * RSA JWK "oth" (Other Primes Info) Parameter
-   *
-   * This parameter is not supported
-   */
-  oth?: Array<{
-    d?: string
-    r?: string
-    t?: string
-  }>
   /** RSA JWK "p" (First Prime Factor) Parameter */
@@ -158,12 +148,2 @@ p: string
   n?: string
-  /**
-   * Private RSA JWK "oth" (Other Primes Info) Parameter
-   *
-   * This parameter is not supported
-   */
-  oth?: Array<{
-    d?: string
-    r?: string
-    t?: string
-  }>
   /** Private RSA JWK "p" (First Prime Factor) Parameter */
@@ -504,6 +484,9 @@ p?: string
   /**
-   * Expected clock tolerance
+   * Clock skew tolerance
    *
    * - In seconds when number (e.g. 5)
-   * - Parsed as seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
+   * - Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
+   *
+   * Used when validating the JWT "nbf" (Not Before) and "exp" (Expiration Time) claims, and when
+   * validating the "iat" (Issued At) claim if the {@link maxTokenAge `maxTokenAge` option} is set.
    */
@@ -523,3 +506,3 @@ clockTolerance?: string | number
    * - In seconds when number (e.g. 5)
-   * - Parsed as seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
+   * - Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
    *
@@ -549,9 +532,7 @@ * This option makes the JWT "iat" (Issued At) Claim presence required.
    * Array of required Claim Names that must be present in the JWT Claims Set. Default is that: if
-   * the {@link JWTClaimVerificationOptions.issuer `issuer` option} is set, then JWT "iss" (Issuer)
-   * Claim must be present; if the {@link JWTClaimVerificationOptions.audience `audience` option} is
-   * set, then JWT "aud" (Audience) Claim must be present; if the
-   * {@link JWTClaimVerificationOptions.subject `subject` option} is set, then JWT "sub" (Subject)
-   * Claim must be present; if the
-   * {@link JWTClaimVerificationOptions.maxTokenAge `maxTokenAge` option} is set, then JWT "iat"
-   * (Issued At) Claim must be present.
+   * the {@link issuer `issuer` option} is set, then JWT "iss" (Issuer) Claim must be present; if the
+   * {@link audience `audience` option} is set, then JWT "aud" (Audience) Claim must be present; if
+   * the {@link subject `subject` option} is set, then JWT "sub" (Subject) Claim must be present; if
+   * the {@link maxTokenAge `maxTokenAge` option} is set, then JWT "iat" (Issued At) Claim must be
+   * present.
    */
@@ -558,0 +539,0 @@ requiredClaims?: string[]

package.json

 {
   "name": "jose-browser-runtime",
-  "version": "5.9.6",
+  "version": "5.10.0",
   "homepage": "https://github.com/panva/jose",
@@ -5,0 +5,0 @@ "repository": "panva/jose",

No alert changes

Improved metrics

Total package byte prevSize

617859

increased by0.43%

Lines of code

13161

increased by0.37%

No dependency changes