@atproto/jwk-webcrypto 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # @atproto/jwk-webcrypto
2
2
 
3
+ ## 0.3.3
4
+
5
+ ### Patch Changes
6
+
7
+ - [#5099](https://github.com/bluesky-social/atproto/pull/5099) [`b43ec31`](https://github.com/bluesky-social/atproto/commit/b43ec31f247f4461725b01226885f88bd430ca07) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Update TypeScript build to rely on references to composite internal projects
8
+
9
+ - [#5099](https://github.com/bluesky-social/atproto/pull/5099) [`b43ec31`](https://github.com/bluesky-social/atproto/commit/b43ec31f247f4461725b01226885f88bd430ca07) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Bundle only necessary files in the NPM tarball, including the `CHANGELOG.md` and `README.md` files (if present).
10
+
11
+ - Updated dependencies [[`b43ec31`](https://github.com/bluesky-social/atproto/commit/b43ec31f247f4461725b01226885f88bd430ca07), [`b43ec31`](https://github.com/bluesky-social/atproto/commit/b43ec31f247f4461725b01226885f88bd430ca07)]:
12
+ - @atproto/jwk-jose@0.2.3
13
+ - @atproto/jwk@0.7.3
14
+
3
15
  ## 0.3.2
4
16
 
5
17
  ### Patch Changes
package/package.json CHANGED
@@ -1,9 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/jwk-webcrypto",
3
- "version": "0.3.2",
4
- "engines": {
5
- "node": ">=22"
6
- },
3
+ "version": "0.3.3",
7
4
  "license": "MIT",
8
5
  "description": "Webcrypto based implementation of @atproto/jwk Key's",
9
6
  "keywords": [
@@ -17,6 +14,10 @@
17
14
  "url": "https://github.com/bluesky-social/atproto",
18
15
  "directory": "packages/oauth/jwk-webcrypto"
19
16
  },
17
+ "files": [
18
+ "./dist",
19
+ "./CHANGELOG.md"
20
+ ],
20
21
  "type": "module",
21
22
  "exports": {
22
23
  ".": {
@@ -24,12 +25,14 @@
24
25
  "default": "./dist/index.js"
25
26
  }
26
27
  },
28
+ "engines": {
29
+ "node": ">=22"
30
+ },
27
31
  "dependencies": {
28
32
  "zod": "^3.23.8",
29
- "@atproto/jwk": "^0.7.2",
30
- "@atproto/jwk-jose": "^0.2.2"
33
+ "@atproto/jwk": "^0.7.3",
34
+ "@atproto/jwk-jose": "^0.2.3"
31
35
  },
32
- "devDependencies": {},
33
36
  "scripts": {
34
37
  "build": "tsgo --build tsconfig.build.json"
35
38
  }
package/src/index.ts DELETED
@@ -1 +0,0 @@
1
- export * from './webcrypto-key.js'
package/src/util.ts DELETED
@@ -1,122 +0,0 @@
1
- export type JWSAlgorithm =
2
- // HMAC
3
- | 'HS256'
4
- | 'HS384'
5
- | 'HS512'
6
- // RSA
7
- | 'PS256'
8
- | 'PS384'
9
- | 'PS512'
10
- | 'RS256'
11
- | 'RS384'
12
- | 'RS512'
13
- // EC
14
- | 'ES256'
15
- | 'ES256K'
16
- | 'ES384'
17
- | 'ES512'
18
- // OKP
19
- | 'EdDSA'
20
-
21
- export type SubtleAlgorithm = RsaHashedKeyGenParams | EcKeyGenParams
22
-
23
- export function toSubtleAlgorithm(
24
- alg: string,
25
- crv?: string,
26
- options?: { modulusLength?: number },
27
- ): SubtleAlgorithm {
28
- switch (alg) {
29
- case 'PS256':
30
- case 'PS384':
31
- case 'PS512':
32
- return {
33
- name: 'RSA-PSS',
34
- hash: `SHA-${alg.slice(-3) as '256' | '384' | '512'}`,
35
- modulusLength: options?.modulusLength ?? 2048,
36
- publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
37
- }
38
- case 'RS256':
39
- case 'RS384':
40
- case 'RS512':
41
- return {
42
- name: 'RSASSA-PKCS1-v1_5',
43
- hash: `SHA-${alg.slice(-3) as '256' | '384' | '512'}`,
44
- modulusLength: options?.modulusLength ?? 2048,
45
- publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
46
- }
47
- case 'ES256':
48
- case 'ES384':
49
- return {
50
- name: 'ECDSA',
51
- namedCurve: `P-${alg.slice(-3) as '256' | '384'}`,
52
- }
53
- case 'ES512':
54
- return {
55
- name: 'ECDSA',
56
- namedCurve: 'P-521',
57
- }
58
- default:
59
- // https://github.com/w3c/webcrypto/issues/82#issuecomment-849856773
60
-
61
- throw new TypeError(`Unsupported alg "${alg}"`)
62
- }
63
- }
64
-
65
- export function fromSubtleAlgorithm(algorithm: KeyAlgorithm): JWSAlgorithm {
66
- switch (algorithm.name) {
67
- case 'RSA-PSS':
68
- case 'RSASSA-PKCS1-v1_5': {
69
- const hash = (<RsaHashedKeyAlgorithm>algorithm).hash.name
70
- switch (hash) {
71
- case 'SHA-256':
72
- case 'SHA-384':
73
- case 'SHA-512': {
74
- const prefix = algorithm.name === 'RSA-PSS' ? 'PS' : 'RS'
75
- return `${prefix}${hash.slice(-3) as '256' | '384' | '512'}`
76
- }
77
- default:
78
- throw new TypeError('unsupported RsaHashedKeyAlgorithm hash')
79
- }
80
- }
81
- case 'ECDSA': {
82
- const namedCurve = (<EcKeyAlgorithm>algorithm).namedCurve
83
- switch (namedCurve) {
84
- case 'P-256':
85
- case 'P-384':
86
- case 'P-512':
87
- return `ES${namedCurve.slice(-3) as '256' | '384' | '512'}`
88
- case 'P-521':
89
- return 'ES512'
90
- default:
91
- throw new TypeError('unsupported EcKeyAlgorithm namedCurve')
92
- }
93
- }
94
- case 'Ed448':
95
- case 'Ed25519':
96
- return 'EdDSA'
97
- default:
98
- // https://github.com/w3c/webcrypto/issues/82#issuecomment-849856773
99
-
100
- throw new TypeError(`Unexpected algorithm "${algorithm.name}"`)
101
- }
102
- }
103
-
104
- export function isCryptoKeyPair(
105
- v: unknown,
106
- extractable?: boolean,
107
- ): v is CryptoKeyPair {
108
- return (
109
- typeof v === 'object' &&
110
- v !== null &&
111
- 'privateKey' in v &&
112
- v.privateKey instanceof CryptoKey &&
113
- v.privateKey.type === 'private' &&
114
- (extractable == null || v.privateKey.extractable === extractable) &&
115
- v.privateKey.usages.includes('sign') &&
116
- 'publicKey' in v &&
117
- v.publicKey instanceof CryptoKey &&
118
- v.publicKey.type === 'public' &&
119
- v.publicKey.extractable === true &&
120
- v.publicKey.usages.includes('verify')
121
- )
122
- }
@@ -1,63 +0,0 @@
1
- import { Jwk, JwkError, jwkSchema } from '@atproto/jwk'
2
- import { GenerateKeyPairOptions, JoseKey } from '@atproto/jwk-jose'
3
- import { fromSubtleAlgorithm, isCryptoKeyPair } from './util.js'
4
-
5
- export class WebcryptoKey<J extends Jwk = Jwk> extends JoseKey<J> {
6
- // We need to override the static method generate from JoseKey because
7
- // the browser needs both the private and public keys
8
- static override async generate(
9
- allowedAlgos: string[] = ['ES256'],
10
- kid: string = crypto.randomUUID(),
11
- options?: GenerateKeyPairOptions,
12
- ): Promise<WebcryptoKey> {
13
- const keyPair = await this.generateKeyPair(allowedAlgos, options)
14
-
15
- // Type safety only: in the browser, 'jose' always generates a CryptoKeyPair
16
- if (!isCryptoKeyPair(keyPair)) {
17
- throw new TypeError('Invalid CryptoKeyPair')
18
- }
19
-
20
- return this.fromKeypair(keyPair, kid)
21
- }
22
-
23
- static async fromKeypair(
24
- cryptoKeyPair: CryptoKeyPair,
25
- kid?: string,
26
- ): Promise<WebcryptoKey> {
27
- const {
28
- alg = fromSubtleAlgorithm(cryptoKeyPair.privateKey.algorithm),
29
- ...jwk
30
- } = await crypto.subtle.exportKey(
31
- 'jwk',
32
- cryptoKeyPair.privateKey.extractable
33
- ? cryptoKeyPair.privateKey
34
- : cryptoKeyPair.publicKey,
35
- )
36
-
37
- return new WebcryptoKey<Jwk>(
38
- jwkSchema.parse({ ...jwk, kid, alg }),
39
- cryptoKeyPair,
40
- )
41
- }
42
-
43
- constructor(
44
- jwk: Readonly<J>,
45
- readonly cryptoKeyPair: CryptoKeyPair,
46
- ) {
47
- // Webcrypto keys are bound to a single algorithm
48
- if (!jwk.alg) throw new JwkError('JWK "alg" is required for Webcrypto keys')
49
-
50
- super(jwk)
51
- }
52
-
53
- get isPrivate() {
54
- return true
55
- }
56
-
57
- protected override async getKeyObj(alg: string) {
58
- if (this.jwk.alg !== alg) {
59
- throw new JwkError(`Key cannot be used with algorithm "${alg}"`)
60
- }
61
- return this.cryptoKeyPair.privateKey
62
- }
63
- }
@@ -1,8 +0,0 @@
1
- {
2
- "extends": ["../../../tsconfig/isomorphic.json"],
3
- "compilerOptions": {
4
- "rootDir": "./src",
5
- "outDir": "./dist",
6
- },
7
- "include": ["./src"],
8
- }
@@ -1 +0,0 @@
1
- {"version":"7.0.0-dev.20260614.1","root":["./src/index.ts","./src/util.ts","./src/webcrypto-key.ts"]}
package/tsconfig.json DELETED
@@ -1,4 +0,0 @@
1
- {
2
- "include": [],
3
- "references": [{ "path": "./tsconfig.build.json" }],
4
- }