@fedify/vocab-runtime 2.0.0-pr.451.1730

package/src/jwk.ts

@@ -0,0 +1,70 @@
+export function validateCryptoKey(
+  key: CryptoKey,
+  type?: "public" | "private",
+): void {
+  if (type != null && key.type !== type) {
+    throw new TypeError(`The key is not a ${type} key.`);
+  }
+  if (!key.extractable) {
+    throw new TypeError("The key is not extractable.");
+  }
+  if (
+    key.algorithm.name !== "RSASSA-PKCS1-v1_5" &&
+    key.algorithm.name !== "Ed25519"
+  ) {
+    throw new TypeError(
+      "Currently only RSASSA-PKCS1-v1_5 and Ed25519 keys are supported.  " +
+        "More algorithms will be added in the future!",
+    );
+  }
+  if (key.algorithm.name === "RSASSA-PKCS1-v1_5") {
+    // @ts-ignore TS2304
+    const algorithm = key.algorithm as unknown as RsaHashedKeyAlgorithm;
+    if (algorithm.hash.name !== "SHA-256") {
+      throw new TypeError(
+        "For compatibility with the existing Fediverse software " +
+          "(e.g., Mastodon), hash algorithm for RSASSA-PKCS1-v1_5 keys " +
+          "must be SHA-256.",
+      );
+    }
+  }
+}
+
+export async function exportJwk(key: CryptoKey): Promise<JsonWebKey> {
+  validateCryptoKey(key);
+  const jwk = await crypto.subtle.exportKey("jwk", key);
+  if (jwk.crv === "Ed25519") jwk.alg = "Ed25519";
+  return jwk;
+}
+
+export async function importJwk(
+  jwk: JsonWebKey,
+  type: "public" | "private",
+): Promise<CryptoKey> {
+  let key: CryptoKey;
+  if (jwk.kty === "RSA" && jwk.alg === "RS256") {
+    key = await crypto.subtle.importKey(
+      "jwk",
+      jwk,
+      { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+      true,
+      type === "public" ? ["verify"] : ["sign"],
+    );
+  } else if (jwk.kty === "OKP" && jwk.crv === "Ed25519") {
+    if (navigator?.userAgent === "Cloudflare-Workers") {
+      jwk = { ...jwk };
+      delete jwk.alg;
+    }
+    key = await crypto.subtle.importKey(
+      "jwk",
+      jwk,
+      "Ed25519",
+      true,
+      type === "public" ? ["verify"] : ["sign"],
+    );
+  } else {
+    throw new TypeError("Unsupported JWK format.");
+  }
+  validateCryptoKey(key, type);
+  return key;
+}

package/src/key.test.ts

@@ -0,0 +1,179 @@
+import { deepStrictEqual } from "node:assert";
+import { test } from "node:test";
+import { exportJwk, importJwk } from "./jwk.ts";
+import {
+  exportMultibaseKey,
+  exportSpki,
+  importMultibaseKey,
+  importPem,
+  importPkcs1,
+  importSpki,
+} from "./key.ts";
+
+// cSpell: disable
+const rsaSpki = "-----BEGIN PUBLIC KEY-----\n" +
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsRuvCkgJtflBTl4OVsm\n" +
+  "nt/J1mQfZasfJtN33dcZ3d1lJroxmgmMu69zjGEAwkNbMQaWNLqC4eogkJaeJ4RR\n" +
+  "5MHYXkL9nNilVoTkjX5BVit3puzs7XJ7WQnKQgQMI+ezn24GHsZ/v1JIo77lerX5\n" +
+  "k4HNwTNVt+yaZVQWaOMR3+6FwziQR6kd0VuG9/a9dgAnz2cEoORRC1i4W7IZaB1s\n" +
+  "Znh1WbHbevlGd72HSXll5rocPIHn8gq6xpBgpHwRphlRsgn4KHaJ6brXDIJjrnQh\n" +
+  "Ie/YUBOGj/ImSEXhRwlFerKsoAVnZ0Hwbfa46qk44TAt8CyoPMWmpK6pt0ng4pQ2\n" +
+  "uwIDAQAB\n" +
+  "-----END PUBLIC KEY-----\n";
+// cSpell: enable
+
+// cSpell: disable
+const rsaPkcs1 = "-----BEGIN RSA PUBLIC KEY-----\n" +
+  "MIIBCgKCAQEAxsRuvCkgJtflBTl4OVsmnt/J1mQfZasfJtN33dcZ3d1lJroxmgmM\n" +
+  "u69zjGEAwkNbMQaWNLqC4eogkJaeJ4RR5MHYXkL9nNilVoTkjX5BVit3puzs7XJ7\n" +
+  "WQnKQgQMI+ezn24GHsZ/v1JIo77lerX5k4HNwTNVt+yaZVQWaOMR3+6FwziQR6kd\n" +
+  "0VuG9/a9dgAnz2cEoORRC1i4W7IZaB1sZnh1WbHbevlGd72HSXll5rocPIHn8gq6\n" +
+  "xpBgpHwRphlRsgn4KHaJ6brXDIJjrnQhIe/YUBOGj/ImSEXhRwlFerKsoAVnZ0Hw\n" +
+  "bfa46qk44TAt8CyoPMWmpK6pt0ng4pQ2uwIDAQAB\n" +
+  "-----END RSA PUBLIC KEY-----\n";
+// cSpell: enable
+
+const rsaJwk: JsonWebKey = {
+  alg: "RS256",
+  // cSpell: disable
+  e: "AQAB",
+  // cSpell: enable
+  ext: true,
+  key_ops: ["verify"],
+  kty: "RSA",
+  // cSpell: disable
+  n: "xsRuvCkgJtflBTl4OVsmnt_J1mQfZasfJtN33dcZ3d1lJroxmgmMu69zjGEAwkNbMQaWN" +
+    "LqC4eogkJaeJ4RR5MHYXkL9nNilVoTkjX5BVit3puzs7XJ7WQnKQgQMI-ezn24GHsZ_v1J" +
+    "Io77lerX5k4HNwTNVt-yaZVQWaOMR3-6FwziQR6kd0VuG9_a9dgAnz2cEoORRC1i4W7IZa" +
+    "B1sZnh1WbHbevlGd72HSXll5rocPIHn8gq6xpBgpHwRphlRsgn4KHaJ6brXDIJjrnQhIe_" +
+    "YUBOGj_ImSEXhRwlFerKsoAVnZ0Hwbfa46qk44TAt8CyoPMWmpK6pt0ng4pQ2uw",
+  // cSpell: enable
+};
+
+const rsaMultibase =
+  // cSpell: disable
+  "z4MXj1wBzi9jUstyPqYMn6Gum79JtbKFiHTibtPRoPeufjdimA24Kg8Q5N7E2eMpgVUtD61kUv" +
+  "my4FaT5D5G8XU3ktxeduwEw5FHTtiLCzaruadf6rit1AUPL34UtcPuHh6GxBzTxgFKMMuzcHiU" +
+  "zG9wvbxn7toS4H2gbmUn1r91836ET2EVgmSdzju614Wu67ukyBGivcboncdfxPSR5JXwURBaL8" +
+  "K2P6yhKn3NyprFV8s6QpN4zgQMAD3Q6fjAsEvGNwXaQTZmEN2yd1NQ7uBE3RJ2XywZnehmfLQT" +
+  "EqD7Ad5XM3qfLLd9CtdzJGBkRfunHhkH1kz8dHL7hXwtk5EMXktY4QF5gZ1uisUV5mpPjEgqz7uDz";
+// cSpell: enable
+
+// cSpell: disable
+const ed25519Pem = "-----BEGIN PUBLIC KEY-----\n" +
+  "MCowBQYDK2VwAyEAvrabdlLgVI5jWl7GpF+fLFJVF4ccI8D7h+v5ulBCYwo=\n" +
+  "-----END PUBLIC KEY-----\n";
+// cSpell: enable
+
+const ed25519Jwk: JsonWebKey = {
+  alg: "Ed25519",
+  kty: "OKP",
+  crv: "Ed25519",
+  // cSpell: disable
+  x: "vrabdlLgVI5jWl7GpF-fLFJVF4ccI8D7h-v5ulBCYwo",
+  // cSpell: enable
+  key_ops: ["verify"],
+  ext: true,
+};
+
+// cSpell: disable
+const ed25519Multibase = "z6MksHj1MJnidCtDiyYW9ugNFftoX9fLK4bornTxmMZ6X7vq";
+// cSpell: enable
+
+test("importSpki()", async () => {
+  const rsaKey = await importSpki(rsaSpki);
+  deepStrictEqual(await exportJwk(rsaKey), rsaJwk);
+
+  const ed25519Key = await importSpki(ed25519Pem);
+  deepStrictEqual(await exportJwk(ed25519Key), ed25519Jwk);
+});
+
+test("exportSpki()", async () => {
+  const rsaKey = await importJwk(rsaJwk, "public");
+  const rsaSpki = await exportSpki(rsaKey);
+  deepStrictEqual(rsaSpki, rsaSpki);
+
+  const ed25519Key = await importJwk(ed25519Jwk, "public");
+  const ed25519Spki = await exportSpki(ed25519Key);
+  deepStrictEqual(ed25519Spki, ed25519Pem);
+});
+
+test("importPkcs1()", async () => {
+  const rsaKey = await importPkcs1(rsaPkcs1);
+  deepStrictEqual(await exportJwk(rsaKey), rsaJwk);
+});
+
+test("importPem()", async () => {
+  const rsaPkcs1Key = await importPem(rsaPkcs1);
+  deepStrictEqual(await exportJwk(rsaPkcs1Key), rsaJwk);
+
+  const rsaSpkiKey = await importPem(rsaSpki);
+  deepStrictEqual(await exportJwk(rsaSpkiKey), rsaJwk);
+
+  const ed25519Key = await importPem(ed25519Pem);
+  deepStrictEqual(await exportJwk(ed25519Key), ed25519Jwk);
+});
+
+test("importMultibase()", async () => {
+  const rsaKey = await importMultibaseKey(rsaMultibase);
+  deepStrictEqual(await exportJwk(rsaKey), rsaJwk);
+
+  const ed25519Key = await importMultibaseKey(ed25519Multibase);
+  deepStrictEqual(await exportJwk(ed25519Key), ed25519Jwk);
+});
+
+test("exportMultibaseKey()", async () => {
+  const rsaKey = await importJwk(rsaJwk, "public");
+  const rsaMb = await exportMultibaseKey(rsaKey);
+  deepStrictEqual(rsaMb, rsaMultibase);
+
+  const ed25519Key = await importJwk(ed25519Jwk, "public");
+  const ed25519Mb = await exportMultibaseKey(ed25519Key);
+  deepStrictEqual(ed25519Mb, ed25519Multibase);
+
+  // Test vectors from <https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.feature>:
+  const rsaKey2 = await importJwk({
+    alg: "RS256",
+    ext: true,
+    key_ops: ["verify"],
+    // cSpell: disable
+    e: "AQAB",
+    kty: "RSA",
+    n: "sbX82NTV6IylxCh7MfV4hlyvaniCajuP97GyOqSvTmoEdBOflFvZ06kR_9D6ctt45Fk6h" +
+      "skfnag2GG69NALVH2o4RCR6tQiLRpKcMRtDYE_thEmfBvDzm_VVkOIYfxu-Ipuo9J_S5XD" +
+      "NDjczx2v-3oDh5-CIHkU46hvFeCvpUS-L8TJSbgX0kjVk_m4eIb9wh63rtmD6Uz_KBtCo5" +
+      "mmR4TEtcLZKYdqMp3wCjN-TlgHiz_4oVXWbHUefCEe8rFnX1iQnpDHU49_SaXQoud1jCae" +
+      "xFn25n-Aa8f8bc5Vm-5SeRwidHa6ErvEhTvf1dz6GoNPp2iRvm-wJ1gxwWJEYPQ",
+    // cSpell: enable
+  }, "public");
+  const rsaMb2 = await exportMultibaseKey(rsaKey2);
+  deepStrictEqual(
+    rsaMb2,
+    // cSpell: disable
+    "z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm" +
+      "9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdk" +
+      "ULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3" +
+      "DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2" +
+      "CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qR" +
+      "MMmyjnjCMfR4pXbRMZa3i",
+    // cSpell: enable
+  );
+
+  const ed25519Key2 = await importJwk({
+    alg: "Ed25519",
+    crv: "Ed25519",
+    ext: true,
+    key_ops: ["verify"],
+    kty: "OKP",
+    // cSpell: disable
+    x: "Lm_M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY",
+    // cSpell: enable
+  }, "public");
+  const ed25519Mb2 = await exportMultibaseKey(ed25519Key2);
+  deepStrictEqual(
+    ed25519Mb2,
+    // cSpell: disable
+    "z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
+    // cSpell: enable
+  );
+});

package/src/key.ts

@@ -0,0 +1,187 @@
+import { Integer, Sequence } from "asn1js";
+import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
+import { decodeBase64Url } from "byte-encodings/base64url";
+import { decodeHex } from "byte-encodings/hex";
+import { addPrefix, getCodeFromData, rmPrefix } from "multicodec";
+import { createPublicKey } from "node:crypto";
+import { PublicKeyInfo } from "pkijs";
+import { validateCryptoKey } from "./jwk.ts";
+import { decodeMultibase, encodeMultibase } from "./multibase/mod.ts";
+
+const algorithms: Record<
+  string,
+  | AlgorithmIdentifier
+  | HmacImportParams
+  | RsaHashedImportParams
+  | EcKeyImportParams
+> = {
+  "1.2.840.113549.1.1.1": { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+  "1.3.101.112": "Ed25519",
+};
+
+/**
+ * Imports a PEM-SPKI formatted public key.
+ * @param pem The PEM-SPKI formatted public key.
+ * @returns The imported public key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.5.0
+ */
+export async function importSpki(pem: string): Promise<CryptoKey> {
+  pem = pem.replace(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "");
+  let spki: Uint8Array<ArrayBuffer>;
+  try {
+    spki = decodeBase64(pem);
+  } catch (_) {
+    throw new TypeError("Invalid PEM-SPKI format.");
+  }
+  const pki = PublicKeyInfo.fromBER(spki);
+  const oid = pki.algorithm.algorithmId;
+  const algorithm = algorithms[oid];
+  if (algorithm == null) {
+    throw new TypeError("Unsupported algorithm: " + oid);
+  }
+  return await crypto.subtle.importKey(
+    "spki",
+    spki,
+    algorithm,
+    true,
+    ["verify"],
+  );
+}
+
+/**
+ * Exports a public key in PEM-SPKI format.
+ * @param key The public key to export.
+ * @returns The exported public key in PEM-SPKI format.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.5.0
+ */
+export async function exportSpki(key: CryptoKey): Promise<string> {
+  validateCryptoKey(key);
+  const spki = await crypto.subtle.exportKey("spki", key);
+  let pem = encodeBase64(spki);
+  pem = (pem.match(/.{1,64}/g) || []).join("\n");
+  return `-----BEGIN PUBLIC KEY-----\n${pem}\n-----END PUBLIC KEY-----\n`;
+}
+
+/**
+ * Imports a PEM-PKCS#1 formatted public key.
+ * @param pem The PEM-PKCS#1 formatted public key.
+ * @returns The imported public key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 1.5.0
+ */
+export function importPkcs1(pem: string): Promise<CryptoKey> {
+  const key = createPublicKey({ key: pem, format: "pem", type: "pkcs1" });
+  const spki = key.export({ type: "spki", format: "pem" }) as string;
+  return importSpki(spki);
+}
+
+const PKCS1_HEADER = /^\s*-----BEGIN\s+RSA\s+PUBLIC\s+KEY-----\s*\n/;
+
+/**
+ * Imports a PEM formatted public key (SPKI or PKCS#1).
+ * @param pem The PEM formatted public key to import (SPKI or PKCS#1).
+ * @returns The imported public key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 1.5.0
+ */
+export function importPem(pem: string): Promise<CryptoKey> {
+  return PKCS1_HEADER.test(pem) ? importPkcs1(pem) : importSpki(pem);
+}
+
+/**
+ * Imports a [Multibase]-encoded public key.
+ *
+ * [Multibase]: https://www.w3.org/TR/vc-data-integrity/#multibase-0
+ * @param key The Multibase-encoded public key.
+ * @returns The imported public key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.10.0
+ */
+export async function importMultibaseKey(key: string): Promise<CryptoKey> {
+  const decoded = decodeMultibase(key);
+  const code: number = getCodeFromData(decoded);
+  const content = rmPrefix(decoded);
+  if (code === 0x1205) { // rsa-pub
+    const keyObject = createPublicKey({
+      // deno-lint-ignore no-explicit-any
+      key: content as any,
+      format: "der",
+      type: "pkcs1",
+    });
+    const exported = keyObject.export({ type: "spki", format: "der" });
+    const spki = exported instanceof Uint8Array
+      ? exported
+      : new Uint8Array(exported);
+    return await crypto.subtle.importKey(
+      "spki",
+      new Uint8Array(spki),
+      { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
+      true,
+      ["verify"],
+    );
+  } else if (code === 0xed) { // ed25519-pub
+    return await crypto.subtle.importKey(
+      "raw",
+      content.slice(),
+      "Ed25519",
+      true,
+      ["verify"],
+    );
+  } else {
+    throw new TypeError("Unsupported key type: 0x" + code.toString(16));
+  }
+}
+
+/**
+ * Exports a public key in [Multibase] format.
+ *
+ * [Multibase]: https://www.w3.org/TR/vc-data-integrity/#multibase-0
+ * @param key The public key to export.
+ * @returns The exported public key in Multibase format.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.10.0
+ */
+export async function exportMultibaseKey(key: CryptoKey): Promise<string> {
+  let content: ArrayBuffer;
+  let code: number;
+  if (key.algorithm.name === "Ed25519") {
+    content = await crypto.subtle.exportKey("raw", key);
+    code = 0xed; // ed25519-pub
+  } else if (
+    key.algorithm.name === "RSASSA-PKCS1-v1_5" &&
+    (key.algorithm as unknown as { hash: { name: string } }).hash.name ===
+      "SHA-256"
+  ) {
+    const jwk = await crypto.subtle.exportKey("jwk", key);
+    const decodedN = decodeBase64Url(jwk.n!);
+    const n = new Uint8Array(decodedN.length + 1);
+    n.set(decodedN, 1);
+    const sequence = new Sequence({
+      value: [
+        new Integer({
+          isHexOnly: true,
+          valueHex: n,
+        }),
+        new Integer({
+          isHexOnly: true,
+          valueHex: decodeBase64Url(jwk.e!),
+        }),
+      ],
+    });
+    content = sequence.toBER(false);
+    code = 0x1205; // rsa-pub
+  } else {
+    throw new TypeError(
+      "Unsupported key type: " + JSON.stringify(key.algorithm),
+    );
+  }
+  const codeHex = code.toString(16);
+  const codeBytes = decodeHex(codeHex.length % 2 < 1 ? codeHex : "0" + codeHex);
+  const prefixed = addPrefix(codeBytes, new Uint8Array(content));
+  const encoded = encodeMultibase("base58btc", prefixed);
+  return new TextDecoder().decode(encoded);
+}
+
+// cSpell: ignore multicodec pkijs

package/src/langstr.test.ts

@@ -0,0 +1,28 @@
+import { deepStrictEqual } from "node:assert";
+import { test } from "node:test";
+import util from "node:util";
+import { LanguageString } from "./langstr.ts";
+
+test("new LanguageString()", () => {
+  const langStr = new LanguageString("Hello", "en");
+  deepStrictEqual(langStr.toString(), "Hello");
+  deepStrictEqual(langStr.locale, new Intl.Locale("en"));
+
+  deepStrictEqual(new LanguageString("Hello", new Intl.Locale("en")), langStr);
+});
+
+test("Deno.inspect(LanguageString)", () => {
+  const langStr = new LanguageString("Hello, 'world'", "en");
+  deepStrictEqual(
+    util.inspect(langStr, { colors: false }),
+    "<en> \"Hello, 'world'\"",
+  );
+});
+
+test("util.inspect(LanguageString)", () => {
+  const langStr = new LanguageString("Hello, 'world'", "en");
+  deepStrictEqual(
+    util.inspect(langStr, { colors: false }),
+    "<en> \"Hello, 'world'\"",
+  );
+});

package/src/langstr.ts

@@ -0,0 +1,38 @@
+/**
+ * A language-tagged string which corresponds to the `rdf:langString` type.
+ */
+export class LanguageString extends String {
+  /**
+   * The locale of the string.
+   * @since 2.0.0
+   */
+  readonly locale: Intl.Locale;
+
+  /**
+   * Constructs a new `LanguageString`.
+   * @param value A string value written in the given language.
+   * @param locale The language of the string.  If a string is given, it will
+   *               be parsed as a `Intl.Locale` object.
+   */
+  constructor(value: string, language: Intl.Locale | string) {
+    super(value);
+    this.locale = typeof language === "string"
+      ? new Intl.Locale(language)
+      : language;
+  }
+
+  [Symbol.for("Deno.customInspect")](
+    inspect: typeof Deno.inspect,
+    options: Deno.InspectOptions,
+  ): string {
+    return `<${this.locale.baseName}> ${inspect(this.toString(), options)}`;
+  }
+
+  [Symbol.for("nodejs.util.inspect.custom")](
+    _depth: number,
+    options: unknown,
+    inspect: (value: unknown, options: unknown) => string,
+  ): string {
+    return `<${this.locale.baseName}> ${inspect(this.toString(), options)}`;
+  }
+}

package/src/link.test.ts

@@ -0,0 +1,82 @@
+// Borrowed from https://github.com/hugoalh/http-header-link-es
+import { deepStrictEqual, throws } from "node:assert";
+import { test } from "node:test";
+import { HttpHeaderLink } from "./link.ts";
+
+test("String Good 1", () => {
+  const instance = new HttpHeaderLink(
+    `<https://example.com>; rel="preconnect"`,
+  );
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), true);
+  deepStrictEqual(instance.hasParameter("rel", "connect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "postconnect"), false);
+  deepStrictEqual(instance.getByRel("preconnect")[0][0], "https://example.com");
+});
+
+test("String Good 2", () => {
+  const instance = new HttpHeaderLink(`<https://example.com>; rel=preconnect`);
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), true);
+  deepStrictEqual(instance.hasParameter("rel", "connect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "postconnect"), false);
+  deepStrictEqual(instance.getByRel("preconnect")[0][0], "https://example.com");
+});
+
+test("String Good 3", () => {
+  const instance = new HttpHeaderLink(
+    `<https://example.com/%E8%8B%97%E6%9D%A1>; rel="preconnect"`,
+  );
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), true);
+  deepStrictEqual(instance.hasParameter("rel", "connect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "postconnect"), false);
+  deepStrictEqual(
+    instance.getByRel("preconnect")[0][0],
+    "https://example.com/苗条",
+  );
+});
+
+test("String Good 4", () => {
+  const instance = new HttpHeaderLink(
+    `<https://one.example.com>; rel="preconnect", <https://two.example.com>; rel="preconnect", <https://three.example.com>; rel="preconnect"`,
+  );
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), true);
+  deepStrictEqual(instance.hasParameter("rel", "connect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "postconnect"), false);
+  deepStrictEqual(
+    instance.getByRel("preconnect")[0][0],
+    "https://one.example.com",
+  );
+  deepStrictEqual(
+    instance.getByRel("preconnect")[1][0],
+    "https://two.example.com",
+  );
+  deepStrictEqual(
+    instance.getByRel("preconnect")[2][0],
+    "https://three.example.com",
+  );
+});
+
+test("String Good 5", () => {
+  const instance = new HttpHeaderLink();
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "connect"), false);
+  deepStrictEqual(instance.hasParameter("rel", "postconnect"), false);
+  deepStrictEqual(instance.entries().length, 0);
+});
+
+test("Entries Good 1", () => {
+  const instance = new HttpHeaderLink([["https://one.example.com", {
+    rel: "preconnect",
+  }]]);
+  deepStrictEqual(instance.hasParameter("rel", "preconnect"), true);
+  deepStrictEqual(instance.entries().length, 1);
+  deepStrictEqual(
+    instance.toString(),
+    `<https://one.example.com>; rel="preconnect"`,
+  );
+});
+
+test("String Bad 1", () => {
+  throws(() => {
+    new HttpHeaderLink(`https://bad.example; rel="preconnect"`);
+  });
+});