Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
By Douglas Coburn - Sep 13, 2024
node-jose
A JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers
What is node-jose?
The node-jose package is a comprehensive library for handling JSON Object Signing and Encryption (JOSE) in Node.js. It provides tools for creating, parsing, and validating JSON Web Tokens (JWT), JSON Web Signatures (JWS), JSON Web Encryption (JWE), and JSON Web Keys (JWK).
What are node-jose's main functionalities?
JSON Web Key (JWK) Management
This feature allows you to create and manage JSON Web Keys (JWK). The code sample demonstrates how to generate an RSA key and output its JSON representation.
const jose = require('node-jose');
async function createJWK() {
const keystore = jose.JWK.createKeyStore();
const key = await keystore.generate('RSA', 2048, { alg: 'RS256', use: 'sig' });
console.log(key.toJSON(true));
}
createJWK();JSON Web Signature (JWS)
This feature allows you to create JSON Web Signatures (JWS). The code sample demonstrates how to sign a message using an RSA key and output the resulting JWS in compact format.
const jose = require('node-jose');
async function createJWS() {
const keystore = jose.JWK.createKeyStore();
const key = await keystore.generate('RSA', 2048, { alg: 'RS256', use: 'sig' });
const input = 'Hello, world!';
const jws = await jose.JWS.createSign({ format: 'compact' }, key).update(input).final();
console.log(jws);
}
createJWS();JSON Web Encryption (JWE)
This feature allows you to create JSON Web Encryption (JWE). The code sample demonstrates how to encrypt a message using an RSA key and output the resulting JWE in compact format.
const jose = require('node-jose');
async function createJWE() {
const keystore = jose.JWK.createKeyStore();
const key = await keystore.generate('RSA', 2048, { alg: 'RSA-OAEP', use: 'enc' });
const input = 'Hello, world!';
const jwe = await jose.JWE.createEncrypt({ format: 'compact' }, key).update(input).final();
console.log(jwe);
}
createJWE();JSON Web Token (JWT) Handling
This feature allows you to create and handle JSON Web Tokens (JWT). The code sample demonstrates how to create a signed JWT with a payload and output the resulting token in compact format.
const jose = require('node-jose');
async function createJWT() {
const keystore = jose.JWK.createKeyStore();
const key = await keystore.generate('RSA', 2048, { alg: 'RS256', use: 'sig' });
const payload = { sub: '1234567890', name: 'John Doe', iat: 1516239022 };
const token = await jose.JWS.createSign({ format: 'compact' }, key).update(JSON.stringify(payload)).final();
console.log(token);
}
createJWT();Other packages similar to node-jose
jsonwebtoken
The jsonwebtoken package is a popular library for creating and verifying JSON Web Tokens (JWT). It is simpler and more focused on JWTs compared to node-jose, which offers a broader range of JOSE functionalities.
jose
The jose package is a modern, comprehensive library for JOSE (JWT, JWS, JWE, JWK) in JavaScript. It is similar to node-jose but is designed to be more modular and is actively maintained with a focus on modern JavaScript features.
node-jose
A JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. This library implements (wherever possible) all algorithms, formats, and options in JWS, JWE, JWK, and JWA and uses native cryptographic support (WebCrypto API or node.js' "crypto" module) where feasible.
Installing
To install the latest from NPM:
npm install node-jose
Or to install a specific release:
npm install node-jose@0.3.0
Alternatively, the latest unpublished code can be installed directly from the repository:
npm install git+ssh://git@github.com:cisco/node-jose.git
Basics
Require the library as normal:
var jose = require('node-jose');
This library uses Promises for nearly every operation.
This library supports Browserify and Webpack. To use in a web browser, require('node-jose') and bundle with the rest of your app.
The content to be signed/encrypted -- or returned from being verified/decrypted -- are Buffer objects.
Keys and Key Stores
The jose.JWK namespace deals with JWK and JWK-sets.
jose.JWK.Keyis a logical representation of a JWK, and is the "raw" entry point for various cryptographic operations (e.g., sign, verify, encrypt, decrypt).jose.JWK.KeyStorerepresents a collection of Keys.
Creating a JWE or JWS ultimately require one or more explicit Key objects.
Processing a JWE or JWS relies on a KeyStore.
Obtaining a KeyStore
To create an empty keystore:
keystore = jose.JWK.createKeyStore();
To import a JWK-set as a keystore:
// {input} is a String or JSON object representing the JWK-set
jose.JWK.asKeyStore(input).
then(function(result) {
// {result} is a jose.JWK.KeyStore
keystore = result;
});
Exporting a KeyStore
To export the public keys of a keystore as a JWK-set:
output = keystore.toJSON();
To export all the keys of a keystore:
output = keystore.toJSON(true);
Retrieving Keys
To retrieve a key from a keystore:
// by 'kid'
key = keystore.get(kid);
This retrieves the first key that matches the given {kid}. If multiple keys have the same {kid}, you can further narrow what to retrieve:
// ... and by 'kty'
key = keystore.get(kid, { kty: 'RSA' });
// ... and by 'use'
key = keystore.get(kid, { use: 'enc' });
// ... and by 'alg'
key = keystore.get(kid, { use: 'RSA-OAEP' });
// ... and by 'kty' and 'use'
key = keystore.get(kid, { kty: 'RSA', use: 'enc' });
// same as above, but with a single {props} argument
key = keystore.get({ kid: kid, kty: 'RSA', use: 'enc' });
Searching for Keys
To retrieve all the keys from a keystore:
everything = keystore.all();
all() can be filtered much like get():
// filter by 'kid'
everything = keystore.all({ kid: kid });
// filter by 'kty'
everything = keystore.all({ kty: 'RSA' });
// filter by 'use'
everything = keystore.all({ use: 'enc' });
// filter by 'alg'
everything = keystore.all({ alg: 'RSA-OAEP' });
// filter by 'kid' + 'kty' + 'alg'
everything = keystore.all({ kid: kid, kty: 'RSA', alg: 'RSA-OAEP' });
Managing Keys
To import an existing Key (as a JSON object or Key instance):
// input is either a:
// * jose.JWK.Key to copy from; or
// * JSON object representing a JWK; or
keystore.add(input).
then(function(result) {
// {result} is a jose.JWK.Key
key = result;
});
To import and existing Key from a PEM or DER:
// input is either a:
// * String serialization of a JSON JWK/(base64-encoded) PEM/(binary-encoded) DER
// * Buffer of a JSON JWK/(base64-encoded) PEM/(binary-encoded) DER
// form is either a:
// * "json" for a JSON stringified JWK
// * "private" for a DER encoded 'raw' private key
// * "pkcs8" for a DER encoded (unencrypted!) PKCS8 private key
// * "public" for a DER encoded SPKI public key (alternate to 'spki')
// * "spki" for a DER encoded SPKI public key
// * "pkix" for a DER encoded PKIX X.509 certificate
// * "x509" for a DER encoded PKIX X.509 certificate
// * "pem" for a PEM encoded of PKCS8 / SPKI / PKIX
keystore.add(input, form).
then(function(result) {
// {result} is a jose.JWK.Key
});
To generate a new Key:
// first argument is the key type (kty)
// second is the key size (in bits) or named curve ('crv') for "EC"
keystore.generate("oct", 256).
then(function(result) {
// {result} is a jose.JWK.Key
key = result;
});
// ... with properties
var props = {
kid: 'gBdaS-G8RLax2qgObTD94w',
alg: 'A256GCM',
use: 'enc'
};
keystore.generate("oct", 256, props).
then(function(result) {
// {result} is a jose.JWK.Key
key = result;
});
To remove a Key from its Keystore:
kestyore.remove(key);
// NOTE: key.keystore does not change!!
Importing and Exporting a Single Key
To import a single Key:
// where input is either a:
// * jose.JWK.Key instance
// * JSON Object representation of a JWK
jose.JWK.asKey(input).
then(function(result) {
// {result} is a jose.JWK.Key
// {result.keystore} is a unique jose.JWK.KeyStore
});
// where input is either a:
// * String serialization of a JSON JWK/(base64-encoded) PEM/(binary-encoded) DER
// * Buffer of a JSON JWK/(base64-encoded) PEM/(binary-encoded) DER
// form is either a:
// * "json" for a JSON stringified JWK
// * "pkcs8" for a DER encoded (unencrypted!) PKCS8 private key
// * "spki" for a DER encoded SPKI public key
// * "pkix" for a DER encoded PKIX X.509 certificate
// * "x509" for a DER encoded PKIX X.509 certificate
// * "pem" for a PEM encoded of PKCS8 / SPKI / PKIX
jose.JWK.asKey(input, form).
then(function(result) {
// {result} is a jose.JWK.Key
// {result.keystore} is a unique jose.JWK.KeyStore
});
To export the public portion of a Key as a JWK:
var output = key.toJSON();
To export the public and private portions of a Key:
var output = key.toJSON(true);
Obtaining a Key's Thumbprint
To get or calculate a RFC 7638 thumbprint for a key:
// where hash is a supported algorithm, currently one of:
// * SHA-1
// * SHA-256
// * SHA-384
// * SHA-512
key.thumbprint(hash).
then(function(print) {
// {print} is a Buffer containing the thumbprint binary value
});
When importing or generating a key that does not have a "kid" defined, a "SHA-256" thumbprint is calculated and used as the "kid".
Signatures
Signing Content
At its simplest, to create a JWS:
// {input} is a Buffer
jose.JWS.createSign(key).
update(input).
final().
then(function(result) {
// {result} is a JSON object -- JWS using the JSON General Serialization
});
The JWS is signed using the preferred algorithm appropriate for the given Key. The preferred algorithm is the first item returned by key.algorithms("sign").
To create a JWS using another serialization format:
jose.JWS.createSign({ format: 'flattened' }, key).
update(input).
final().
then(function(result) {
// {result} is a JSON object -- JWS using the JSON Flattened Serialization
});
jose.JWS.createSign({ format: 'compact' }, key).
update(input).
final().
then(function(result) {
// {result} is a String -- JWS using the Compact Serialization
});
To create a JWS using a specific algorithm:
jose.JWS.createSign({ alg: 'PS256' }, key).
update(input).
final().
then(function(result) {
// ....
});
To create a JWS for a specified content type:
jose.JWS.createSign({ fields: { cty: 'jwk+json' } }, key).
update(input).
final().
then(function(result) {
// ....
});
To create a JWS from String content:
jose.JWS.createSign(key).
update(input, "utf8").
final().
then(function(result) {
// ....
});
To create a JWS with multiple signatures:
// {keys} is an Array of jose.JWK.Key instances
jose.JWS.createSign(keys).
update(input).
final().
then(function(result) {
// ....
});
Verifying a JWS
To verify a JWS, and retrieve the payload:
jose.JWS.createVerify(keystore).
verify(input).
then(function(result) {
// {result} is a Object with:
// * header: the combined 'protected' and 'unprotected' header members
// * payload: Buffer of the signed content
// * signature: Buffer of the verified signature
// * key: The key used to verify the signature
});
To verify using an implied Key:
// {key} can be:
// * jose.JWK.Key
// * JSON object representing a JWK
jose.JWS.createVerify(key).
verify(input).
then(function(result) {
// ...
});
To verify using a key embedded in the JWS:
jose.JWS.createVerify().
verify(input).
then(function(result) {
// ...
});
The key can be embedded using either 'jwk' or 'x5c', and can be located in either the JWS Unprotected Header or JWS Protected Header.
NOTE: verify() will use the embedded key (if found) instead of any other key.
Handling crit Header Members
To accept 'crit' field members, add the handlers member to the options Object. The handlers member is itself an Object, where its member names are the crit header member, and the value is one of:
Boolean: accepts (iftrue) -- or rejects (iffalse) -- the JWS if the member is present.Function: takes the JWE decrypt output (just prior to decrypting) and returns a Promise for the processing of the member.Object: An object with the followingFunctionmembers:- "prepare" -- takes the JWE decrypt output (just prior to decrypting) and returns a Promise for the processing of the member.
- "complete" -- takes the JWE decrypt output (immediately after decrypting) and returns a Promise for the processing of the member.
NOTE If the handler function returns a promise, the fulfilled value is ignored. It is expected these handler functions will modify the provided value directly.
To simply accept a crit header member:
var opts = {
handlers: {
"exp": true
}
};
jose.JWS.createVerify(key, opts).
verify(input).
then(function(result) {
// ...
});
To perform additional (pre-verify) processing on a crit header member:
var opts = {
handlers: {
"exp": function(jws) {
// {jws} is the JWS verify output, pre-verification
jws.header.exp = new Date(jws.header.exp);
}
}
};
jose.JWS.createVerify(key, opts).
verify(input).
then(function(result) {
// ...
});
To perform additional (post-verify) processing on a crit header member:
var opts = {
handlers: {
"exp": {
complete: function(jws) {
// {jws} is the JWS verify output, post-verification
jws.header.exp = new Date(jws.header.exp);
}
}
}
};
jose.JWS.createVerify(key, opts).
verify(input).
then(function(result) {
// ...
});
Encryption
Encrypting Content
At its simplest, to create a JWE:
// {input} is a Buffer
jose.JWE.createEncrypt(key).
update(input).
final().
then(function(result) {
// {result} is a JSON Object -- JWE using the JSON General Serialization
});
How the JWE content is encrypted depends on the provided Key.
- If the Key only supports content encryption algorithms, then the preferred algorithm is used to encrypt the content and the key encryption algorithm (i.e., the "alg" member) is set to "dir". The preferred algorithm is the first item returned by
key.algorithms("encrypt"). - If the Key supports key management algorithms, then the JWE content is encrypted using "A128CBC-HS256" by default, and the Content Encryption Key is encrypted using the preferred algorithms for the given Key. The preferred algorithm is the first item returned by
key.algorithms("wrap").
To create a JWE using a different serialization format:
jose.JWE.createEncrypt({ format: 'compact' }, key).
update(input).
final().
then(function(result) {
// {result} is a String -- JWE using the Compact Serialization
});
jose.JWE.createEncrypt({ format: 'flattened' }, key).
update(input).
final().
then(function(result) {
// {result} is a JSON Object -- JWE using the JSON Flattened Serialization
});
To create a JWE and compressing the content before encrypting:
jose.JWE.createEncrypt({ zip: true }, key).
update(input).
final().
then(function(result) {
// ....
});
To create a JWE for a specific content type:
jose.JWE.createEncrypt({ fields: { cty : 'jwk+json' } }, key).
update(input).
final().
then(function(result) {
// ....
});
To create a JWE with multiple recipients:
// {keys} is an Array of jose.JWK.Key instances
jose.JWE.createEncrypt(keys).
update(input).
final().
then(function(result) {
// ....
});
Decrypting a JWE
To decrypt a JWE, and retrieve the plaintext:
jose.JWE.createDecrypt(keystore).
decrypt(input).
then(function(result) {
// {result} is a Object with:
// * header: the combined 'protected' and 'unprotected' header members
// * protected: an array of the member names from the "protected" member
// * key: Key used to decrypt
// * payload: Buffer of the decrypted content
// * plaintext: Buffer of the decrypted content (alternate)
});
To decrypt a JWE using an implied key:
jose.JWE.createDecrypt(key).
decrypt(input).
then(function(result) {
// ....
});
Handling crit Header Members
To accept 'crit' field members, add the handlers member to the options Object. The handlers member is itself an Object, where its member names are the crit header member, and the value is one of:
Boolean: accepts (iftrue) -- or rejects (iffalse) -- the JWE if the member is present.Function: takes the JWE decrypt output (just prior to decrypting) and returns a Promise for the processing of the member.Object: An object with the followingFunctionmembers:- "prepare" -- takes the JWE decrypt output (just prior to decrypting) and returns a Promise for the processing of the member.
- "complete" -- takes the JWE decrypt output (immediately after decrypting) and returns a Promise for the processing of the member.
NOTE If the handler function returns a promise, the fulfilled value is ignored. It is expected these handler functions will modify the provided value directly.
To simply accept a crit header member:
var opts = {
handlers: {
"exp": true
}
};
jose.JWE.createDecrypt(key, opts).
decrypt(input).
then(function(result) {
// ...
});
To perform additional (pre-decrypt) processing on a crit header member:
var opts = {
handlers: {
"exp": function(jwe) {
// {jwe} is the JWE decrypt output, pre-decryption
jwe.header.exp = new Date(jwe.header.exp);
}
}
};
jose.JWE.createDecrypt(key, opts).
decrypt(input).
then(function(result) {
// ...
});
To perform additional (post-decrypt) processing on a crit header member:
var opts = {
handlers: {
"exp": {
complete: function(jwe) {
// {jwe} is the JWE decrypt output, post-decryption
jwe.header.exp = new Date(jwe.header.exp);
}
}
}
};
jose.JWE.createDecrypt(key, opts).
decrypt(input).
then(function(result) {
// ...
});
Useful Utilities
Converting to Buffer
To convert a Typed Array, ArrayBuffer, or Array of Numbers to a Buffer:
buff = jose.util.asBuffer(input);
URI-Safe Base64
This exposes urlsafe-base64's encode and decode methods as encode and decode (respectively).
To convert from a Buffer to a base64uri-encoded String:
var output = jose.util.base64url.encode(input);
To convert a String to a base64uri-encoded String:
// explicit encoding
output = jose.util.base64url.encode(input, "utf8");
// implied "utf8" encoding
output = jose.util.base64url.encode(input);
To convert a base64uri-encoded String to a Buffer:
var output = jose.util.base64url.decode(input);
Random Bytes
To generate a Buffer of octets, regardless of platform:
// argument is size (in bytes)
var rnd = jose.util.randomBytes(32);
This function uses:
crypto.randomBytes()on node.jscrypto.getRandomValues()on modern browsers- A PRNG based on AES and SHA-1 for older platforms
0.9.4 (2017-04-13)
Update
- Use native RSA/OpenSSL crypto whenever possible (0d1a8cdc351988d74ac42398c3d973902db3d808)
- use npm-published base64url implementation (c6b30c91502ffef9b9d3addc8bdb1b8b0cc36e69), closes #96
- use npm-published node-forge implementation (0f4e0ab57839eaf6dd40c46be511afe3aec9ca44), closes #96
- Use WebCrypto API for PBKDF2 (5e5b9d376f334fa50bb69331e3065e2011c8e9c7)
Doc
- Fix wrong links to JWA and JWK specifications (538829dd4af480989422efec20a2c60f809d8d5c), closes #102
Build
- sourcemaps for karma tests (a571bd107d87df12bd9f076ade2a875c01b4b24d)
- update karma-firefox-launcher to version 1.0.1 (84f5f531783e4e50674532fa5c809dff4e6dc25c)
- update travis-ci for newer environments (55b91bb0b4bb158d9275dfc89c1de688e14163ed)
- update yargs to version 7.0.1 (af24f9e951b1078a088caf50acc13296c0076f68)
<a name="0.9.3"></a>
FAQs
A JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers
The npm package node-jose receives a total of 369,755 weekly downloads. As such, node-jose popularity was classified as popular.
We found that node-jose demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 13 Apr 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Wildcard Gamble: Understanding the Risks of Floating Dependency Ranges in npm
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
By Sarah Gooding - Sep 13, 2024
Security News
New Rust RFC Proposes Adding Support for Trusted Publishing to Crates.io
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.
By Sarah Gooding - Sep 12, 2024