@atproto/jwk-webcrypto 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  # @atproto/jwk-webcrypto
2
2
 
3
+ ## 0.1.4
4
+
5
+ ### Patch Changes
6
+
7
+ - [#3220](https://github.com/bluesky-social/atproto/pull/3220) [`61dc0d60e`](https://github.com/bluesky-social/atproto/commit/61dc0d60e19b88c6427a54c6d95a391b5f4da7bd) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Apply new linting rules regarding import order
8
+
9
+ - Updated dependencies [[`61dc0d60e`](https://github.com/bluesky-social/atproto/commit/61dc0d60e19b88c6427a54c6d95a391b5f4da7bd)]:
10
+ - @atproto/jwk-jose@0.1.4
11
+ - @atproto/jwk@0.1.3
12
+
13
+ ## 0.1.3
14
+
15
+ ### Patch Changes
16
+
17
+ - Updated dependencies [[`2889c7699`](https://github.com/bluesky-social/atproto/commit/2889c76995ce3c569f595ac3c678218e9ce659f0), [`2889c7699`](https://github.com/bluesky-social/atproto/commit/2889c76995ce3c569f595ac3c678218e9ce659f0), [`2889c7699`](https://github.com/bluesky-social/atproto/commit/2889c76995ce3c569f595ac3c678218e9ce659f0), [`2889c7699`](https://github.com/bluesky-social/atproto/commit/2889c76995ce3c569f595ac3c678218e9ce659f0), [`2889c7699`](https://github.com/bluesky-social/atproto/commit/2889c76995ce3c569f595ac3c678218e9ce659f0)]:
18
+ - @atproto/jwk@0.1.2
19
+ - @atproto/jwk-jose@0.1.3
20
+
3
21
  ## 0.1.2
4
22
 
5
23
  ### Patch Changes
package/dist/util.js CHANGED
@@ -1,6 +1,8 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.isCryptoKeyPair = exports.fromSubtleAlgorithm = exports.toSubtleAlgorithm = void 0;
3
+ exports.toSubtleAlgorithm = toSubtleAlgorithm;
4
+ exports.fromSubtleAlgorithm = fromSubtleAlgorithm;
5
+ exports.isCryptoKeyPair = isCryptoKeyPair;
4
6
  function toSubtleAlgorithm(alg, crv, options) {
5
7
  switch (alg) {
6
8
  case 'PS256':
@@ -37,7 +39,6 @@ function toSubtleAlgorithm(alg, crv, options) {
37
39
  throw new TypeError(`Unsupported alg "${alg}"`);
38
40
  }
39
41
  }
40
- exports.toSubtleAlgorithm = toSubtleAlgorithm;
41
42
  function fromSubtleAlgorithm(algorithm) {
42
43
  switch (algorithm.name) {
43
44
  case 'RSA-PSS':
@@ -75,7 +76,6 @@ function fromSubtleAlgorithm(algorithm) {
75
76
  throw new TypeError(`Unexpected algorithm "${algorithm.name}"`);
76
77
  }
77
78
  }
78
- exports.fromSubtleAlgorithm = fromSubtleAlgorithm;
79
79
  function isCryptoKeyPair(v, extractable) {
80
80
  return (typeof v === 'object' &&
81
81
  v !== null &&
@@ -90,5 +90,4 @@ function isCryptoKeyPair(v, extractable) {
90
90
  v.publicKey.extractable === true &&
91
91
  v.publicKey.usages.includes('verify'));
92
92
  }
93
- exports.isCryptoKeyPair = isCryptoKeyPair;
94
93
  //# sourceMappingURL=util.js.map
package/dist/util.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;AAsBA,SAAgB,iBAAiB,CAC/B,GAAW,EACX,GAAY,EACZ,OAAoC;IAEpC,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,OAAO,CAAC;QACb,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE;gBACrD,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,IAAI;gBAC7C,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;aACnD,CAAA;QACH,KAAK,OAAO,CAAC;QACb,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,mBAAmB;gBACzB,IAAI,EAAE,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE;gBACrD,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,IAAI;gBAC7C,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;aACnD,CAAA;QACH,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,KAAK,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAkB,EAAE;aAClD,CAAA;QACH,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,OAAO;aACpB,CAAA;QACH;YACE,oEAAoE;YAEpE,MAAM,IAAI,SAAS,CAAC,oBAAoB,GAAG,GAAG,CAAC,CAAA;IACnD,CAAC;AACH,CAAC;AAxCD,8CAwCC;AAED,SAAgB,mBAAmB,CAAC,SAAuB;IACzD,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;QACvB,KAAK,SAAS,CAAC;QACf,KAAK,mBAAmB,CAAC,CAAC,CAAC;YACzB,MAAM,IAAI,GAA2B,SAAU,CAAC,IAAI,CAAC,IAAI,CAAA;YACzD,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,SAAS,CAAC;gBACf,KAAK,SAAS,CAAC;gBACf,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAA;oBACzD,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE,CAAA;gBAC9D,CAAC;gBACD;oBACE,MAAM,IAAI,SAAS,CAAC,wCAAwC,CAAC,CAAA;YACjE,CAAC;QACH,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,UAAU,GAAoB,SAAU,CAAC,UAAU,CAAA;YACzD,QAAQ,UAAU,EAAE,CAAC;gBACnB,KAAK,OAAO,CAAC;gBACb,KAAK,OAAO,CAAC;gBACb,KAAK,OAAO;oBACV,OAAO,KAAK,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE,CAAA;gBAC7D,KAAK,OAAO;oBACV,OAAO,OAAO,CAAA;gBAChB;oBACE,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;YAChE,CAAC;QACH,CAAC;QACD,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB;YACE,oEAAoE;YAEpE,MAAM,IAAI,SAAS,CAAC,yBAAyB,SAAS,CAAC,IAAI,GAAG,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AArCD,kDAqCC;AAED,SAAgB,eAAe,CAC7B,CAAU,EACV,WAAqB;IAErB,OAAO,CACL,OAAO,CAAC,KAAK,QAAQ;QACrB,CAAC,KAAK,IAAI;QACV,YAAY,IAAI,CAAC;QACjB,CAAC,CAAC,UAAU,YAAY,SAAS;QACjC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS;QAC/B,CAAC,WAAW,IAAI,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,WAAW,KAAK,WAAW,CAAC;QACjE,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACpC,WAAW,IAAI,CAAC;QAChB,CAAC,CAAC,SAAS,YAAY,SAAS;QAChC,CAAC,CAAC,SAAS,CAAC,IAAI,KAAK,QAAQ;QAC7B,CAAC,CAAC,SAAS,CAAC,WAAW,KAAK,IAAI;QAChC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACtC,CAAA;AACH,CAAC;AAlBD,0CAkBC"}
1
+ {"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;AAsBA,8CAwCC;AAED,kDAqCC;AAED,0CAkBC;AAnGD,SAAgB,iBAAiB,CAC/B,GAAW,EACX,GAAY,EACZ,OAAoC;IAEpC,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,OAAO,CAAC;QACb,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE;gBACrD,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,IAAI;gBAC7C,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;aACnD,CAAA;QACH,KAAK,OAAO,CAAC;QACb,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,mBAAmB;gBACzB,IAAI,EAAE,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE;gBACrD,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,IAAI;gBAC7C,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;aACnD,CAAA;QACH,KAAK,OAAO,CAAC;QACb,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,KAAK,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAkB,EAAE;aAClD,CAAA;QACH,KAAK,OAAO;YACV,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,OAAO;aACpB,CAAA;QACH;YACE,oEAAoE;YAEpE,MAAM,IAAI,SAAS,CAAC,oBAAoB,GAAG,GAAG,CAAC,CAAA;IACnD,CAAC;AACH,CAAC;AAED,SAAgB,mBAAmB,CAAC,SAAuB;IACzD,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;QACvB,KAAK,SAAS,CAAC;QACf,KAAK,mBAAmB,CAAC,CAAC,CAAC;YACzB,MAAM,IAAI,GAA2B,SAAU,CAAC,IAAI,CAAC,IAAI,CAAA;YACzD,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,SAAS,CAAC;gBACf,KAAK,SAAS,CAAC;gBACf,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAA;oBACzD,OAAO,GAAG,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE,CAAA;gBAC9D,CAAC;gBACD;oBACE,MAAM,IAAI,SAAS,CAAC,wCAAwC,CAAC,CAAA;YACjE,CAAC;QACH,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,UAAU,GAAoB,SAAU,CAAC,UAAU,CAAA;YACzD,QAAQ,UAAU,EAAE,CAAC;gBACnB,KAAK,OAAO,CAAC;gBACb,KAAK,OAAO,CAAC;gBACb,KAAK,OAAO;oBACV,OAAO,KAAK,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAA0B,EAAE,CAAA;gBAC7D,KAAK,OAAO;oBACV,OAAO,OAAO,CAAA;gBAChB;oBACE,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;YAChE,CAAC;QACH,CAAC;QACD,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB;YACE,oEAAoE;YAEpE,MAAM,IAAI,SAAS,CAAC,yBAAyB,SAAS,CAAC,IAAI,GAAG,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AAED,SAAgB,eAAe,CAC7B,CAAU,EACV,WAAqB;IAErB,OAAO,CACL,OAAO,CAAC,KAAK,QAAQ;QACrB,CAAC,KAAK,IAAI;QACV,YAAY,IAAI,CAAC;QACjB,CAAC,CAAC,UAAU,YAAY,SAAS;QACjC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS;QAC/B,CAAC,WAAW,IAAI,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,WAAW,KAAK,WAAW,CAAC;QACjE,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACpC,WAAW,IAAI,CAAC;QAChB,CAAC,CAAC,SAAS,YAAY,SAAS;QAChC,CAAC,CAAC,SAAS,CAAC,IAAI,KAAK,QAAQ;QAC7B,CAAC,CAAC,SAAS,CAAC,WAAW,KAAK,IAAI;QAChC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACtC,CAAA;AACH,CAAC"}
@@ -1,12 +1,348 @@
1
- import { Jwk } from '@atproto/jwk';
1
+ import { z } from 'zod';
2
2
  import { GenerateKeyPairOptions, JoseKey } from '@atproto/jwk-jose';
3
- export declare class WebcryptoKey extends JoseKey {
3
+ export declare const jwkWithAlgSchema: z.ZodIntersection<z.ZodUnion<[z.ZodObject<z.objectUtil.extendShape<{
4
+ kty: z.ZodString;
5
+ alg: z.ZodOptional<z.ZodString>;
6
+ kid: z.ZodOptional<z.ZodString>;
7
+ ext: z.ZodOptional<z.ZodBoolean>;
8
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
9
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
10
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
11
+ x5t: z.ZodOptional<z.ZodString>;
12
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
13
+ x5u: z.ZodOptional<z.ZodString>;
14
+ }, {
15
+ kty: z.ZodEffects<z.ZodString, string, string>;
16
+ }>, "strip", z.ZodTypeAny, {
17
+ kty: string;
18
+ alg?: string | undefined;
19
+ kid?: string | undefined;
20
+ ext?: boolean | undefined;
21
+ use?: "sig" | "enc" | undefined;
22
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
23
+ x5c?: string[] | undefined;
24
+ x5t?: string | undefined;
25
+ 'x5t#S256'?: string | undefined;
26
+ x5u?: string | undefined;
27
+ }, {
28
+ kty: string;
29
+ alg?: string | undefined;
30
+ kid?: string | undefined;
31
+ ext?: boolean | undefined;
32
+ use?: "sig" | "enc" | undefined;
33
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
34
+ x5c?: string[] | undefined;
35
+ x5t?: string | undefined;
36
+ 'x5t#S256'?: string | undefined;
37
+ x5u?: string | undefined;
38
+ }>, z.ZodObject<z.objectUtil.extendShape<{
39
+ kty: z.ZodString;
40
+ alg: z.ZodOptional<z.ZodString>;
41
+ kid: z.ZodOptional<z.ZodString>;
42
+ ext: z.ZodOptional<z.ZodBoolean>;
43
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
44
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
45
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
46
+ x5t: z.ZodOptional<z.ZodString>;
47
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
48
+ x5u: z.ZodOptional<z.ZodString>;
49
+ }, {
50
+ kty: z.ZodLiteral<"RSA">;
51
+ alg: z.ZodOptional<z.ZodEnum<["RS256", "RS384", "RS512", "PS256", "PS384", "PS512"]>>;
52
+ n: z.ZodString;
53
+ e: z.ZodString;
54
+ d: z.ZodOptional<z.ZodString>;
55
+ p: z.ZodOptional<z.ZodString>;
56
+ q: z.ZodOptional<z.ZodString>;
57
+ dp: z.ZodOptional<z.ZodString>;
58
+ dq: z.ZodOptional<z.ZodString>;
59
+ qi: z.ZodOptional<z.ZodString>;
60
+ oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
61
+ r: z.ZodOptional<z.ZodString>;
62
+ d: z.ZodOptional<z.ZodString>;
63
+ t: z.ZodOptional<z.ZodString>;
64
+ }, "strip", z.ZodTypeAny, {
65
+ d?: string | undefined;
66
+ r?: string | undefined;
67
+ t?: string | undefined;
68
+ }, {
69
+ d?: string | undefined;
70
+ r?: string | undefined;
71
+ t?: string | undefined;
72
+ }>, "atleastone">>;
73
+ }>, "strip", z.ZodTypeAny, {
74
+ kty: "RSA";
75
+ n: string;
76
+ e: string;
77
+ alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
78
+ kid?: string | undefined;
79
+ ext?: boolean | undefined;
80
+ use?: "sig" | "enc" | undefined;
81
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
82
+ x5c?: string[] | undefined;
83
+ x5t?: string | undefined;
84
+ 'x5t#S256'?: string | undefined;
85
+ x5u?: string | undefined;
86
+ d?: string | undefined;
87
+ p?: string | undefined;
88
+ q?: string | undefined;
89
+ dp?: string | undefined;
90
+ dq?: string | undefined;
91
+ qi?: string | undefined;
92
+ oth?: [{
93
+ d?: string | undefined;
94
+ r?: string | undefined;
95
+ t?: string | undefined;
96
+ }, ...{
97
+ d?: string | undefined;
98
+ r?: string | undefined;
99
+ t?: string | undefined;
100
+ }[]] | undefined;
101
+ }, {
102
+ kty: "RSA";
103
+ n: string;
104
+ e: string;
105
+ alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
106
+ kid?: string | undefined;
107
+ ext?: boolean | undefined;
108
+ use?: "sig" | "enc" | undefined;
109
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
110
+ x5c?: string[] | undefined;
111
+ x5t?: string | undefined;
112
+ 'x5t#S256'?: string | undefined;
113
+ x5u?: string | undefined;
114
+ d?: string | undefined;
115
+ p?: string | undefined;
116
+ q?: string | undefined;
117
+ dp?: string | undefined;
118
+ dq?: string | undefined;
119
+ qi?: string | undefined;
120
+ oth?: [{
121
+ d?: string | undefined;
122
+ r?: string | undefined;
123
+ t?: string | undefined;
124
+ }, ...{
125
+ d?: string | undefined;
126
+ r?: string | undefined;
127
+ t?: string | undefined;
128
+ }[]] | undefined;
129
+ }>, z.ZodObject<z.objectUtil.extendShape<{
130
+ kty: z.ZodString;
131
+ alg: z.ZodOptional<z.ZodString>;
132
+ kid: z.ZodOptional<z.ZodString>;
133
+ ext: z.ZodOptional<z.ZodBoolean>;
134
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
135
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
136
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
137
+ x5t: z.ZodOptional<z.ZodString>;
138
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
139
+ x5u: z.ZodOptional<z.ZodString>;
140
+ }, {
141
+ kty: z.ZodLiteral<"EC">;
142
+ alg: z.ZodOptional<z.ZodEnum<["ES256", "ES384", "ES512"]>>;
143
+ crv: z.ZodEnum<["P-256", "P-384", "P-521"]>;
144
+ x: z.ZodString;
145
+ y: z.ZodString;
146
+ d: z.ZodOptional<z.ZodString>;
147
+ }>, "strip", z.ZodTypeAny, {
148
+ kty: "EC";
149
+ crv: "P-256" | "P-384" | "P-521";
150
+ x: string;
151
+ y: string;
152
+ alg?: "ES256" | "ES384" | "ES512" | undefined;
153
+ kid?: string | undefined;
154
+ ext?: boolean | undefined;
155
+ use?: "sig" | "enc" | undefined;
156
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
157
+ x5c?: string[] | undefined;
158
+ x5t?: string | undefined;
159
+ 'x5t#S256'?: string | undefined;
160
+ x5u?: string | undefined;
161
+ d?: string | undefined;
162
+ }, {
163
+ kty: "EC";
164
+ crv: "P-256" | "P-384" | "P-521";
165
+ x: string;
166
+ y: string;
167
+ alg?: "ES256" | "ES384" | "ES512" | undefined;
168
+ kid?: string | undefined;
169
+ ext?: boolean | undefined;
170
+ use?: "sig" | "enc" | undefined;
171
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
172
+ x5c?: string[] | undefined;
173
+ x5t?: string | undefined;
174
+ 'x5t#S256'?: string | undefined;
175
+ x5u?: string | undefined;
176
+ d?: string | undefined;
177
+ }>, z.ZodObject<z.objectUtil.extendShape<{
178
+ kty: z.ZodString;
179
+ alg: z.ZodOptional<z.ZodString>;
180
+ kid: z.ZodOptional<z.ZodString>;
181
+ ext: z.ZodOptional<z.ZodBoolean>;
182
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
183
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
184
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
185
+ x5t: z.ZodOptional<z.ZodString>;
186
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
187
+ x5u: z.ZodOptional<z.ZodString>;
188
+ }, {
189
+ kty: z.ZodLiteral<"EC">;
190
+ alg: z.ZodOptional<z.ZodEnum<["ES256K"]>>;
191
+ crv: z.ZodEnum<["secp256k1"]>;
192
+ x: z.ZodString;
193
+ y: z.ZodString;
194
+ d: z.ZodOptional<z.ZodString>;
195
+ }>, "strip", z.ZodTypeAny, {
196
+ kty: "EC";
197
+ crv: "secp256k1";
198
+ x: string;
199
+ y: string;
200
+ alg?: "ES256K" | undefined;
201
+ kid?: string | undefined;
202
+ ext?: boolean | undefined;
203
+ use?: "sig" | "enc" | undefined;
204
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
205
+ x5c?: string[] | undefined;
206
+ x5t?: string | undefined;
207
+ 'x5t#S256'?: string | undefined;
208
+ x5u?: string | undefined;
209
+ d?: string | undefined;
210
+ }, {
211
+ kty: "EC";
212
+ crv: "secp256k1";
213
+ x: string;
214
+ y: string;
215
+ alg?: "ES256K" | undefined;
216
+ kid?: string | undefined;
217
+ ext?: boolean | undefined;
218
+ use?: "sig" | "enc" | undefined;
219
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
220
+ x5c?: string[] | undefined;
221
+ x5t?: string | undefined;
222
+ 'x5t#S256'?: string | undefined;
223
+ x5u?: string | undefined;
224
+ d?: string | undefined;
225
+ }>, z.ZodObject<z.objectUtil.extendShape<{
226
+ kty: z.ZodString;
227
+ alg: z.ZodOptional<z.ZodString>;
228
+ kid: z.ZodOptional<z.ZodString>;
229
+ ext: z.ZodOptional<z.ZodBoolean>;
230
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
231
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
232
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
233
+ x5t: z.ZodOptional<z.ZodString>;
234
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
235
+ x5u: z.ZodOptional<z.ZodString>;
236
+ }, {
237
+ kty: z.ZodLiteral<"OKP">;
238
+ alg: z.ZodOptional<z.ZodEnum<["EdDSA"]>>;
239
+ crv: z.ZodEnum<["Ed25519", "Ed448"]>;
240
+ x: z.ZodString;
241
+ d: z.ZodOptional<z.ZodString>;
242
+ }>, "strip", z.ZodTypeAny, {
243
+ kty: "OKP";
244
+ crv: "Ed25519" | "Ed448";
245
+ x: string;
246
+ alg?: "EdDSA" | undefined;
247
+ kid?: string | undefined;
248
+ ext?: boolean | undefined;
249
+ use?: "sig" | "enc" | undefined;
250
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
251
+ x5c?: string[] | undefined;
252
+ x5t?: string | undefined;
253
+ 'x5t#S256'?: string | undefined;
254
+ x5u?: string | undefined;
255
+ d?: string | undefined;
256
+ }, {
257
+ kty: "OKP";
258
+ crv: "Ed25519" | "Ed448";
259
+ x: string;
260
+ alg?: "EdDSA" | undefined;
261
+ kid?: string | undefined;
262
+ ext?: boolean | undefined;
263
+ use?: "sig" | "enc" | undefined;
264
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
265
+ x5c?: string[] | undefined;
266
+ x5t?: string | undefined;
267
+ 'x5t#S256'?: string | undefined;
268
+ x5u?: string | undefined;
269
+ d?: string | undefined;
270
+ }>, z.ZodObject<z.objectUtil.extendShape<{
271
+ kty: z.ZodString;
272
+ alg: z.ZodOptional<z.ZodString>;
273
+ kid: z.ZodOptional<z.ZodString>;
274
+ ext: z.ZodOptional<z.ZodBoolean>;
275
+ use: z.ZodOptional<z.ZodEnum<["sig", "enc"]>>;
276
+ key_ops: z.ZodOptional<z.ZodArray<z.ZodEnum<["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"]>, "many">>;
277
+ x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
278
+ x5t: z.ZodOptional<z.ZodString>;
279
+ 'x5t#S256': z.ZodOptional<z.ZodString>;
280
+ x5u: z.ZodOptional<z.ZodString>;
281
+ }, {
282
+ kty: z.ZodLiteral<"oct">;
283
+ alg: z.ZodOptional<z.ZodEnum<["HS256", "HS384", "HS512"]>>;
284
+ k: z.ZodString;
285
+ }>, "strip", z.ZodTypeAny, {
286
+ kty: "oct";
287
+ k: string;
288
+ alg?: "HS256" | "HS384" | "HS512" | undefined;
289
+ kid?: string | undefined;
290
+ ext?: boolean | undefined;
291
+ use?: "sig" | "enc" | undefined;
292
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
293
+ x5c?: string[] | undefined;
294
+ x5t?: string | undefined;
295
+ 'x5t#S256'?: string | undefined;
296
+ x5u?: string | undefined;
297
+ }, {
298
+ kty: "oct";
299
+ k: string;
300
+ alg?: "HS256" | "HS384" | "HS512" | undefined;
301
+ kid?: string | undefined;
302
+ ext?: boolean | undefined;
303
+ use?: "sig" | "enc" | undefined;
304
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
305
+ x5c?: string[] | undefined;
306
+ x5t?: string | undefined;
307
+ 'x5t#S256'?: string | undefined;
308
+ x5u?: string | undefined;
309
+ }>]>, z.ZodObject<{
310
+ alg: z.ZodString;
311
+ }, "strip", z.ZodTypeAny, {
312
+ alg: string;
313
+ }, {
314
+ alg: string;
315
+ }>>;
316
+ export type JwkWithAlg = z.infer<typeof jwkWithAlgSchema>;
317
+ export declare class WebcryptoKey<J extends JwkWithAlg = JwkWithAlg> extends JoseKey<J> {
4
318
  readonly cryptoKeyPair: CryptoKeyPair;
5
- static generate(allowedAlgos?: string[], kid?: string, options?: GenerateKeyPairOptions): Promise<WebcryptoKey>;
6
- static fromKeypair(cryptoKeyPair: CryptoKeyPair, kid?: string): Promise<WebcryptoKey>;
7
- constructor(jwk: Jwk, cryptoKeyPair: CryptoKeyPair);
319
+ static generate(allowedAlgos?: string[], kid?: string, options?: GenerateKeyPairOptions): Promise<WebcryptoKey<{
320
+ kty: string;
321
+ alg: string;
322
+ kid?: string | undefined;
323
+ ext?: boolean | undefined;
324
+ use?: "sig" | "enc" | undefined;
325
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
326
+ x5c?: string[] | undefined;
327
+ x5t?: string | undefined;
328
+ 'x5t#S256'?: string | undefined;
329
+ x5u?: string | undefined;
330
+ }>>;
331
+ static fromKeypair(cryptoKeyPair: CryptoKeyPair, kid?: string): Promise<WebcryptoKey<{
332
+ kty: string;
333
+ alg: string;
334
+ kid?: string | undefined;
335
+ ext?: boolean | undefined;
336
+ use?: "sig" | "enc" | undefined;
337
+ key_ops?: ("sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
338
+ x5c?: string[] | undefined;
339
+ x5t?: string | undefined;
340
+ 'x5t#S256'?: string | undefined;
341
+ x5u?: string | undefined;
342
+ }>>;
343
+ constructor(jwk: Readonly<J>, cryptoKeyPair: CryptoKeyPair);
8
344
  get isPrivate(): boolean;
9
- get privateJwk(): Jwk | undefined;
10
- protected getKey(): Promise<CryptoKey>;
345
+ get privateJwk(): Readonly<J> | undefined;
346
+ protected getKeyObj(alg: string): Promise<CryptoKey>;
11
347
  }
12
348
  //# sourceMappingURL=webcrypto-key.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"webcrypto-key.d.ts","sourceRoot":"","sources":["../src/webcrypto-key.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAa,MAAM,cAAc,CAAA;AAC7C,OAAO,EAAE,sBAAsB,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAA;AAInE,qBAAa,YAAa,SAAQ,OAAO;IA8CrC,QAAQ,CAAC,aAAa,EAAE,aAAa;WA3CjB,QAAQ,CAC5B,YAAY,GAAE,MAAM,EAAc,EAClC,GAAG,GAAE,MAA4B,EACjC,OAAO,CAAC,EAAE,sBAAsB;WAYrB,WAAW,CAAC,aAAa,EAAE,aAAa,EAAE,GAAG,CAAC,EAAE,MAAM;gBA2BjE,GAAG,EAAE,GAAG,EACC,aAAa,EAAE,aAAa;IAKvC,IAAI,SAAS,YAEZ;IAED,IAAI,UAAU,IAAI,GAAG,GAAG,SAAS,CAGhC;cAEwB,MAAM;CAGhC"}
1
+ {"version":3,"file":"webcrypto-key.d.ts","sourceRoot":"","sources":["../src/webcrypto-key.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,OAAO,EAAE,sBAAsB,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAA;AAInE,eAAO,MAAM,gBAAgB;SAkFuiW,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU,CAAC,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;SAA44B,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU;SAAiB,EAAG,WAAW,CAAC,EAAE,OAAO;OAAiE,EAAG,SAAS;OAAQ,EAAG,SAAS;OAAQ,EAAG,WAAW,CAAC,EAAE,SAAS;OAAS,EAAG,WAAW,CAAC,EAAE,SAAS;OAAS,EAAG,WAAW,CAAC,EAAE,SAAS;QAAU,EAAG,WAAW,CAAC,EAAE,SAAS;QAAU,EAAG,WAAW,CAAC,EAAE,SAAS;QAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;WAAa,EAAG,WAAW,CAAC,EAAE,SAAS;WAAa,EAAG,WAAW,CAAC,EAAE,SAAS;WAAa,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,UAAU;SAAa,CAAC;SAA+B,CAAC;SAA+B,CAAC;;SAAwC,CAAC;SAA+B,CAAC;SAA+B,CAAC;;;;;;;;;;;;;;;;;;;;;;SAA8uB,CAAC;SAA+B,CAAC;SAA+B,CAAC;;SAA2C,CAAC;SAA+B,CAAC;SAA+B,CAAC;;;;;;;;;;;;;;;;;;;;;;SAAotB,CAAC;SAA+B,CAAC;SAA+B,CAAC;;SAA2C,CAAC;SAA+B,CAAC;SAA+B,CAAC;;;SAA+F,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU;SAAgB,EAAG,WAAW,CAAC,EAAE,OAAO;SAAwC,EAAG,OAAO;OAAqC,EAAG,SAAS;OAAQ,EAAG,SAAS;OAAQ,EAAG,WAAW,CAAC,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SAAkmC,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU;SAAgB,EAAG,WAAW,CAAC,EAAE,OAAO;SAAuB,EAAG,OAAO;OAAuB,EAAG,SAAS;OAAQ,EAAG,SAAS;OAAQ,EAAG,WAAW,CAAC,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SAA4hC,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU;SAAiB,EAAG,WAAW,CAAC,EAAE,OAAO;SAAsB,EAAG,OAAO;OAA8B,EAAG,SAAS;OAAQ,EAAG,WAAW,CAAC,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SAA8gC,EAAG,SAAS;SAAU,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,UAAU;SAAW,EAAG,WAAW,CAAC,EAAE,OAAO;aAA+B,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,OAAO;SAAiH,EAAG,WAAW,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;SAAoB,EAAG,WAAW,CAAC,EAAE,SAAS;gBAAkB,EAAG,WAAW,CAAC,EAAE,SAAS;SAAW,EAAG,WAAW,CAAC,EAAE,SAAS;;SAAgB,EAAG,UAAU;SAAiB,EAAG,WAAW,CAAC,EAAE,OAAO;OAAsC,EAAG,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA/E13qB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAA;AAEzD,qBAAa,YAAY,CACvB,CAAC,SAAS,UAAU,GAAG,UAAU,CACjC,SAAQ,OAAO,CAAC,CAAC,CAAC;IAoDhB,QAAQ,CAAC,aAAa,EAAE,aAAa;WAjDjB,QAAQ,CAC5B,YAAY,GAAE,MAAM,EAAc,EAClC,GAAG,GAAE,MAA4B,EACjC,OAAO,CAAC,EAAE,sBAAsB;;;;;;;;;;;;WAYrB,WAAW,CAAC,aAAa,EAAE,aAAa,EAAE,GAAG,CAAC,EAAE,MAAM;;;;;;;;;;;;gBAiCjE,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,EACP,aAAa,EAAE,aAAa;IAKvC,IAAI,SAAS,YAEZ;IAED,IAAI,UAAU,IAAI,QAAQ,CAAC,CAAC,CAAC,GAAG,SAAS,CAGxC;cAEwB,SAAS,CAAC,GAAG,EAAE,MAAM;CAM/C"}
@@ -1,9 +1,12 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.WebcryptoKey = void 0;
3
+ exports.WebcryptoKey = exports.jwkWithAlgSchema = void 0;
4
+ const zod_1 = require("zod");
4
5
  const jwk_1 = require("@atproto/jwk");
5
6
  const jwk_jose_1 = require("@atproto/jwk-jose");
6
7
  const util_js_1 = require("./util.js");
8
+ // Webcrypto keys are bound to a single algorithm
9
+ exports.jwkWithAlgSchema = zod_1.z.intersection(jwk_1.jwkSchema, zod_1.z.object({ alg: zod_1.z.string() }));
7
10
  class WebcryptoKey extends jwk_jose_1.JoseKey {
8
11
  // We need to override the static method generate from JoseKey because
9
12
  // the browser needs both the private and public keys
@@ -19,15 +22,17 @@ class WebcryptoKey extends jwk_jose_1.JoseKey {
19
22
  // https://datatracker.ietf.org/doc/html/rfc7517
20
23
  // > The "use" and "key_ops" JWK members SHOULD NOT be used together; [...]
21
24
  // > Applications should specify which of these members they use.
22
- const { key_ops: _, ...jwk } = await crypto.subtle.exportKey('jwk', cryptoKeyPair.privateKey.extractable
25
+ const { key_ops, use, alg = (0, util_js_1.fromSubtleAlgorithm)(cryptoKeyPair.privateKey.algorithm), ...jwk } = await crypto.subtle.exportKey('jwk', cryptoKeyPair.privateKey.extractable
23
26
  ? cryptoKeyPair.privateKey
24
27
  : cryptoKeyPair.publicKey);
25
- const use = jwk.use ?? 'sig';
26
- const alg = jwk.alg ?? (0, util_js_1.fromSubtleAlgorithm)(cryptoKeyPair.privateKey.algorithm);
27
- if (use !== 'sig') {
28
- throw new TypeError('Unsupported JWK use');
28
+ if (use && use !== 'sig') {
29
+ throw new TypeError(`Unsupported JWK use "${use}"`);
29
30
  }
30
- return new WebcryptoKey(jwk_1.jwkSchema.parse({ ...jwk, use, kid, alg }), cryptoKeyPair);
31
+ if (key_ops && !key_ops.some((o) => o === 'sign' || o === 'verify')) {
32
+ // Make sure that "key_ops", if present, is compatible with "use"
33
+ throw new TypeError(`Invalid key_ops "${key_ops}" for "sig" use`);
34
+ }
35
+ return new WebcryptoKey(exports.jwkWithAlgSchema.parse({ ...jwk, kid, alg, use: 'sig' }), cryptoKeyPair);
31
36
  }
32
37
  constructor(jwk, cryptoKeyPair) {
33
38
  super(jwk);
@@ -46,7 +51,10 @@ class WebcryptoKey extends jwk_jose_1.JoseKey {
46
51
  return this.jwk;
47
52
  throw new Error('Private Webcrypto Key not exportable');
48
53
  }
49
- async getKey() {
54
+ async getKeyObj(alg) {
55
+ if (this.jwk.alg !== alg) {
56
+ throw new jwk_1.JwkError(`Key cannot be used with algorithm "${alg}"`);
57
+ }
50
58
  return this.cryptoKeyPair.privateKey;
51
59
  }
52
60
  }
@@ -1 +1 @@
1
- {"version":3,"file":"webcrypto-key.js","sourceRoot":"","sources":["../src/webcrypto-key.ts"],"names":[],"mappings":";;;AAAA,sCAA6C;AAC7C,gDAAmE;AAEnE,uCAAgE;AAEhE,MAAa,YAAa,SAAQ,kBAAO;IACvC,sEAAsE;IACtE,qDAAqD;IACrD,MAAM,CAAU,KAAK,CAAC,QAAQ,CAC5B,eAAyB,CAAC,OAAO,CAAC,EAClC,MAAc,MAAM,CAAC,UAAU,EAAE,EACjC,OAAgC;QAEhC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;QAEjE,4EAA4E;QAC5E,IAAI,CAAC,IAAA,yBAAe,EAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,SAAS,CAAC,uBAAuB,CAAC,CAAA;QAC9C,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,aAA4B,EAAE,GAAY;QACjE,gDAAgD;QAChD,2EAA2E;QAC3E,iEAAiE;QAEjE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC1D,KAAK,EACL,aAAa,CAAC,UAAU,CAAC,WAAW;YAClC,CAAC,CAAC,aAAa,CAAC,UAAU;YAC1B,CAAC,CAAC,aAAa,CAAC,SAAS,CAC5B,CAAA;QAED,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,IAAI,KAAK,CAAA;QAC5B,MAAM,GAAG,GACP,GAAG,CAAC,GAAG,IAAI,IAAA,6BAAmB,EAAC,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;QAEpE,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,SAAS,CAAC,qBAAqB,CAAC,CAAA;QAC5C,CAAC;QAED,OAAO,IAAI,YAAY,CACrB,eAAS,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAC1C,aAAa,CACd,CAAA;IACH,CAAC;IAED,YACE,GAAQ,EACC,aAA4B;QAErC,KAAK,CAAC,GAAG,CAAC,CAAA;QAFV;;;;mBAAS,aAAa;WAAe;IAGvC,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,UAAU;QACZ,IAAI,KAAK,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC,GAAG,CAAA;QACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IACzD,CAAC;IAEkB,KAAK,CAAC,MAAM;QAC7B,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAA;IACtC,CAAC;CACF;AA/DD,oCA+DC"}
1
+ {"version":3,"file":"webcrypto-key.js","sourceRoot":"","sources":["../src/webcrypto-key.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sCAAkD;AAClD,gDAAmE;AACnE,uCAAgE;AAEhE,iDAAiD;AACpC,QAAA,gBAAgB,GAAG,OAAC,CAAC,YAAY,CAC5C,eAAS,EACT,OAAC,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAC9B,CAAA;AAID,MAAa,YAEX,SAAQ,kBAAU;IAClB,sEAAsE;IACtE,qDAAqD;IACrD,MAAM,CAAU,KAAK,CAAC,QAAQ,CAC5B,eAAyB,CAAC,OAAO,CAAC,EAClC,MAAc,MAAM,CAAC,UAAU,EAAE,EACjC,OAAgC;QAEhC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;QAEjE,4EAA4E;QAC5E,IAAI,CAAC,IAAA,yBAAe,EAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,SAAS,CAAC,uBAAuB,CAAC,CAAA;QAC9C,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,aAA4B,EAAE,GAAY;QACjE,gDAAgD;QAChD,2EAA2E;QAC3E,iEAAiE;QAEjE,MAAM,EACJ,OAAO,EACP,GAAG,EACH,GAAG,GAAG,IAAA,6BAAmB,EAAC,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,EAC7D,GAAG,GAAG,EACP,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC/B,KAAK,EACL,aAAa,CAAC,UAAU,CAAC,WAAW;YAClC,CAAC,CAAC,aAAa,CAAC,UAAU;YAC1B,CAAC,CAAC,aAAa,CAAC,SAAS,CAC5B,CAAA;QAED,IAAI,GAAG,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,SAAS,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QACrD,CAAC;QAED,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;YACpE,iEAAiE;YACjE,MAAM,IAAI,SAAS,CAAC,oBAAoB,OAAO,iBAAiB,CAAC,CAAA;QACnE,CAAC;QAED,OAAO,IAAI,YAAY,CACrB,wBAAgB,CAAC,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EACxD,aAAa,CACd,CAAA;IACH,CAAC;IAED,YACE,GAAgB,EACP,aAA4B;QAErC,KAAK,CAAC,GAAG,CAAC,CAAA;QAFV;;;;mBAAS,aAAa;WAAe;IAGvC,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,UAAU;QACZ,IAAI,KAAK,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC,GAAG,CAAA;QACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IACzD,CAAC;IAEkB,KAAK,CAAC,SAAS,CAAC,GAAW;QAC5C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC;YACzB,MAAM,IAAI,cAAQ,CAAC,sCAAsC,GAAG,GAAG,CAAC,CAAA;QAClE,CAAC;QACD,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAA;IACtC,CAAC;CACF;AA1ED,oCA0EC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/jwk-webcrypto",
3
- "version": "0.1.2",
3
+ "version": "0.1.4",
4
4
  "license": "MIT",
5
5
  "description": "Webcrypto based implementation of @atproto/jwk Key's",
6
6
  "keywords": [
@@ -24,11 +24,12 @@
24
24
  }
25
25
  },
26
26
  "dependencies": {
27
- "@atproto/jwk": "0.1.1",
28
- "@atproto/jwk-jose": "0.1.2"
27
+ "zod": "^3.23.8",
28
+ "@atproto/jwk": "0.1.3",
29
+ "@atproto/jwk-jose": "0.1.4"
29
30
  },
30
31
  "devDependencies": {
31
- "typescript": "^5.3.3"
32
+ "typescript": "^5.6.3"
32
33
  },
33
34
  "scripts": {
34
35
  "build": "tsc --build tsconfig.build.json"
@@ -1,9 +1,19 @@
1
- import { Jwk, jwkSchema } from '@atproto/jwk'
1
+ import { z } from 'zod'
2
+ import { JwkError, jwkSchema } from '@atproto/jwk'
2
3
  import { GenerateKeyPairOptions, JoseKey } from '@atproto/jwk-jose'
3
-
4
4
  import { fromSubtleAlgorithm, isCryptoKeyPair } from './util.js'
5
5
 
6
- export class WebcryptoKey extends JoseKey {
6
+ // Webcrypto keys are bound to a single algorithm
7
+ export const jwkWithAlgSchema = z.intersection(
8
+ jwkSchema,
9
+ z.object({ alg: z.string() }),
10
+ )
11
+
12
+ export type JwkWithAlg = z.infer<typeof jwkWithAlgSchema>
13
+
14
+ export class WebcryptoKey<
15
+ J extends JwkWithAlg = JwkWithAlg,
16
+ > extends JoseKey<J> {
7
17
  // We need to override the static method generate from JoseKey because
8
18
  // the browser needs both the private and public keys
9
19
  static override async generate(
@@ -26,29 +36,35 @@ export class WebcryptoKey extends JoseKey {
26
36
  // > The "use" and "key_ops" JWK members SHOULD NOT be used together; [...]
27
37
  // > Applications should specify which of these members they use.
28
38
 
29
- const { key_ops: _, ...jwk } = await crypto.subtle.exportKey(
39
+ const {
40
+ key_ops,
41
+ use,
42
+ alg = fromSubtleAlgorithm(cryptoKeyPair.privateKey.algorithm),
43
+ ...jwk
44
+ } = await crypto.subtle.exportKey(
30
45
  'jwk',
31
46
  cryptoKeyPair.privateKey.extractable
32
47
  ? cryptoKeyPair.privateKey
33
48
  : cryptoKeyPair.publicKey,
34
49
  )
35
50
 
36
- const use = jwk.use ?? 'sig'
37
- const alg =
38
- jwk.alg ?? fromSubtleAlgorithm(cryptoKeyPair.privateKey.algorithm)
51
+ if (use && use !== 'sig') {
52
+ throw new TypeError(`Unsupported JWK use "${use}"`)
53
+ }
39
54
 
40
- if (use !== 'sig') {
41
- throw new TypeError('Unsupported JWK use')
55
+ if (key_ops && !key_ops.some((o) => o === 'sign' || o === 'verify')) {
56
+ // Make sure that "key_ops", if present, is compatible with "use"
57
+ throw new TypeError(`Invalid key_ops "${key_ops}" for "sig" use`)
42
58
  }
43
59
 
44
60
  return new WebcryptoKey(
45
- jwkSchema.parse({ ...jwk, use, kid, alg }),
61
+ jwkWithAlgSchema.parse({ ...jwk, kid, alg, use: 'sig' }),
46
62
  cryptoKeyPair,
47
63
  )
48
64
  }
49
65
 
50
66
  constructor(
51
- jwk: Jwk,
67
+ jwk: Readonly<J>,
52
68
  readonly cryptoKeyPair: CryptoKeyPair,
53
69
  ) {
54
70
  super(jwk)
@@ -58,12 +74,15 @@ export class WebcryptoKey extends JoseKey {
58
74
  return true
59
75
  }
60
76
 
61
- get privateJwk(): Jwk | undefined {
77
+ get privateJwk(): Readonly<J> | undefined {
62
78
  if (super.isPrivate) return this.jwk
63
79
  throw new Error('Private Webcrypto Key not exportable')
64
80
  }
65
81
 
66
- protected override async getKey() {
82
+ protected override async getKeyObj(alg: string) {
83
+ if (this.jwk.alg !== alg) {
84
+ throw new JwkError(`Key cannot be used with algorithm "${alg}"`)
85
+ }
67
86
  return this.cryptoKeyPair.privateKey
68
87
  }
69
88
  }
@@ -0,0 +1 @@
1
+ {"root":["./src/index.ts","./src/util.ts","./src/webcrypto-key.ts"],"version":"5.6.3"}