@lindorm/oct 0.2.10 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -0
- package/README.md +22 -13
- package/dist/classes/OctKit.d.ts +2 -2
- package/dist/classes/OctKit.d.ts.map +1 -1
- package/dist/classes/OctKit.js +11 -15
- package/dist/classes/OctKit.js.map +1 -1
- package/dist/classes/index.d.ts +1 -1
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +1 -17
- package/dist/classes/index.js.map +1 -1
- package/dist/errors/OctError.js +2 -6
- package/dist/errors/OctError.js.map +1 -1
- package/dist/errors/index.d.ts +1 -1
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +1 -17
- package/dist/errors/index.js.map +1 -1
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -19
- package/dist/index.js.map +1 -1
- package/dist/internal/assert-key-size.d.ts +3 -0
- package/dist/internal/assert-key-size.d.ts.map +1 -0
- package/dist/internal/assert-key-size.js +20 -0
- package/dist/internal/assert-key-size.js.map +1 -0
- package/dist/internal/get-key.d.ts +3 -0
- package/dist/internal/get-key.d.ts.map +1 -0
- package/dist/internal/get-key.js +9 -0
- package/dist/internal/get-key.js.map +1 -0
- package/dist/internal/index.d.ts +5 -0
- package/dist/internal/index.d.ts.map +1 -0
- package/dist/internal/index.js +5 -0
- package/dist/internal/index.js.map +1 -0
- package/dist/internal/map-algorithm.d.ts +4 -0
- package/dist/internal/map-algorithm.d.ts.map +1 -0
- package/dist/internal/map-algorithm.js +16 -0
- package/dist/internal/map-algorithm.js.map +1 -0
- package/dist/{utils/private → internal}/oct-signature.d.ts +1 -1
- package/dist/internal/oct-signature.d.ts.map +1 -0
- package/dist/internal/oct-signature.js +25 -0
- package/dist/internal/oct-signature.js.map +1 -0
- package/dist/types/index.d.ts +1 -1
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +1 -17
- package/dist/types/index.js.map +1 -1
- package/dist/types/oct-kit.d.ts +2 -2
- package/dist/types/oct-kit.d.ts.map +1 -1
- package/dist/types/oct-kit.js +1 -2
- package/package.json +16 -12
- package/vitest.config.mjs +3 -0
- package/dist/utils/private/assert-key-size.d.ts +0 -3
- package/dist/utils/private/assert-key-size.d.ts.map +0 -1
- package/dist/utils/private/assert-key-size.js +0 -24
- package/dist/utils/private/assert-key-size.js.map +0 -1
- package/dist/utils/private/get-key.d.ts +0 -3
- package/dist/utils/private/get-key.d.ts.map +0 -1
- package/dist/utils/private/get-key.js +0 -13
- package/dist/utils/private/get-key.js.map +0 -1
- package/dist/utils/private/index.d.ts +0 -5
- package/dist/utils/private/index.d.ts.map +0 -1
- package/dist/utils/private/index.js +0 -21
- package/dist/utils/private/index.js.map +0 -1
- package/dist/utils/private/map-algorithm.d.ts +0 -4
- package/dist/utils/private/map-algorithm.d.ts.map +0 -1
- package/dist/utils/private/map-algorithm.js +0 -20
- package/dist/utils/private/map-algorithm.js.map +0 -1
- package/dist/utils/private/oct-signature.d.ts.map +0 -1
- package/dist/utils/private/oct-signature.js +0 -31
- package/dist/utils/private/oct-signature.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,16 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
# [0.3.0](https://github.com/lindorm-io/monorepo/compare/@lindorm/oct@0.2.11...@lindorm/oct@0.3.0) (2026-05-02)
|
|
7
|
+
|
|
8
|
+
### Features
|
|
9
|
+
|
|
10
|
+
- migrate 20 packages from jest to vitest ([d8bfda8](https://github.com/lindorm-io/monorepo/commit/d8bfda8854dc1cb9537ba0b3e47ec4e4c7bded08))
|
|
11
|
+
|
|
12
|
+
## [0.2.11](https://github.com/lindorm-io/monorepo/compare/@lindorm/oct@0.2.10...@lindorm/oct@0.2.11) (2026-04-19)
|
|
13
|
+
|
|
14
|
+
**Note:** Version bump only for package @lindorm/oct
|
|
15
|
+
|
|
6
16
|
## [0.2.10](https://github.com/lindorm-io/monorepo/compare/@lindorm/oct@0.2.9...@lindorm/oct@0.2.10) (2026-04-15)
|
|
7
17
|
|
|
8
18
|
**Note:** Version bump only for package @lindorm/oct
|
package/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
# @lindorm/oct
|
|
2
2
|
|
|
3
|
-
HMAC
|
|
3
|
+
HMAC signing kit built on Node's `crypto` module and [`@lindorm/kryptos`](https://www.npmjs.com/package/@lindorm/kryptos). Provides an `OctKit` class that implements the `IKeyKit` contract used across the Lindorm cryptography packages.
|
|
4
|
+
|
|
5
|
+
This package is **ESM-only**.
|
|
4
6
|
|
|
5
7
|
## Installation
|
|
6
8
|
|
|
@@ -8,6 +10,16 @@ HMAC signature kit built on Node's `crypto` module and [`@lindorm/kryptos`](../k
|
|
|
8
10
|
npm install @lindorm/oct
|
|
9
11
|
```
|
|
10
12
|
|
|
13
|
+
`OctKit` accepts an `IKryptos` instance constructed by the consumer, so [`@lindorm/kryptos`](https://www.npmjs.com/package/@lindorm/kryptos) must also be installed in your project.
|
|
14
|
+
|
|
15
|
+
## Features
|
|
16
|
+
|
|
17
|
+
- Sign, verify, and assert HMAC signatures over `Buffer` or `string` input
|
|
18
|
+
- Supports `HS256`, `HS384`, and `HS512`
|
|
19
|
+
- Timing-safe signature comparison via `crypto.timingSafeEqual`
|
|
20
|
+
- Configurable string output encoding via Node's `BufferEncoding`
|
|
21
|
+
- Rejects non-oct keys and oct encryption algorithms at construction time
|
|
22
|
+
|
|
11
23
|
## Quick Start
|
|
12
24
|
|
|
13
25
|
```typescript
|
|
@@ -17,16 +29,12 @@ import { KryptosKit } from "@lindorm/kryptos";
|
|
|
17
29
|
const kryptos = KryptosKit.generate.sig.oct({ algorithm: "HS256" });
|
|
18
30
|
const kit = new OctKit({ kryptos });
|
|
19
31
|
|
|
20
|
-
// Sign
|
|
21
32
|
const signature = kit.sign("hello world");
|
|
22
33
|
|
|
23
|
-
// Verify (timing-safe comparison)
|
|
24
34
|
kit.verify("hello world", signature); // true
|
|
25
35
|
|
|
26
|
-
//
|
|
27
|
-
kit.assert("hello world", signature);
|
|
36
|
+
kit.assert("hello world", signature); // throws OctError if invalid
|
|
28
37
|
|
|
29
|
-
// Format Buffer to string
|
|
30
38
|
kit.format(signature); // base64 string
|
|
31
39
|
```
|
|
32
40
|
|
|
@@ -35,11 +43,11 @@ kit.format(signature); // base64 string
|
|
|
35
43
|
```typescript
|
|
36
44
|
new OctKit({
|
|
37
45
|
kryptos, // IKryptos — must be an oct key with a signing algorithm
|
|
38
|
-
encoding: "base64", // BufferEncoding —
|
|
46
|
+
encoding: "base64", // BufferEncoding — string encoding for verify/format (default: "base64")
|
|
39
47
|
});
|
|
40
48
|
```
|
|
41
49
|
|
|
42
|
-
The constructor validates that the key is an oct
|
|
50
|
+
The constructor validates that the key is an oct key with one of the supported signing algorithms (`HS256`, `HS384`, `HS512`). Non-oct keys and oct encryption algorithms are rejected with an `OctError`.
|
|
43
51
|
|
|
44
52
|
## API
|
|
45
53
|
|
|
@@ -54,6 +62,11 @@ class OctKit implements IKeyKit {
|
|
|
54
62
|
|
|
55
63
|
`KeyData` is `Buffer | string`.
|
|
56
64
|
|
|
65
|
+
- `sign(data)` — produces an HMAC digest as a `Buffer`.
|
|
66
|
+
- `verify(data, signature)` — returns `true` if the signature matches. String signatures are decoded using the configured `encoding`. Comparison is timing-safe.
|
|
67
|
+
- `assert(data, signature)` — same as `verify`, but throws `OctError` instead of returning `false`.
|
|
68
|
+
- `format(buffer)` — encodes a signature `Buffer` to a string using the configured `encoding`.
|
|
69
|
+
|
|
57
70
|
## Supported Algorithms
|
|
58
71
|
|
|
59
72
|
| Algorithm | Hash |
|
|
@@ -62,13 +75,9 @@ class OctKit implements IKeyKit {
|
|
|
62
75
|
| HS384 | SHA-384 |
|
|
63
76
|
| HS512 | SHA-512 |
|
|
64
77
|
|
|
65
|
-
## Security
|
|
66
|
-
|
|
67
|
-
Signature verification uses `crypto.timingSafeEqual` to prevent timing attacks.
|
|
68
|
-
|
|
69
78
|
## Error Handling
|
|
70
79
|
|
|
71
|
-
All errors are `OctError
|
|
80
|
+
All errors thrown by this package are instances of `OctError`:
|
|
72
81
|
|
|
73
82
|
```typescript
|
|
74
83
|
import { OctError } from "@lindorm/oct";
|
package/dist/classes/OctKit.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { IKeyKit, KeyData } from "@lindorm/types";
|
|
2
|
-
import { OctKitOptions } from "../types";
|
|
1
|
+
import type { IKeyKit, KeyData } from "@lindorm/types";
|
|
2
|
+
import type { OctKitOptions } from "../types/index.js";
|
|
3
3
|
export declare class OctKit implements IKeyKit {
|
|
4
4
|
private readonly encoding;
|
|
5
5
|
private readonly kryptos;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OctKit.d.ts","sourceRoot":"","sources":["../../src/classes/OctKit.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"OctKit.d.ts","sourceRoot":"","sources":["../../src/classes/OctKit.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAOvD,qBAAa,MAAO,YAAW,OAAO;IACpC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;gBAEnB,OAAO,EAAE,aAAa;IAclC,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM;IAO3B,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,OAAO;IASlD,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,IAAI;IAS/C,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;CAGpC"}
|
package/dist/classes/OctKit.js
CHANGED
|
@@ -1,30 +1,27 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const errors_1 = require("../errors");
|
|
6
|
-
const private_1 = require("../utils/private");
|
|
7
|
-
class OctKit {
|
|
1
|
+
import { KryptosKit, OCT_SIG_ALGORITHMS, } from "@lindorm/kryptos";
|
|
2
|
+
import { OctError } from "../errors/index.js";
|
|
3
|
+
import { assertOctSignature, createOctSignature, verifyOctSignature, } from "../internal/index.js";
|
|
4
|
+
export class OctKit {
|
|
8
5
|
encoding;
|
|
9
6
|
kryptos;
|
|
10
7
|
constructor(options) {
|
|
11
8
|
this.encoding = options.encoding ?? "base64";
|
|
12
|
-
if (!
|
|
13
|
-
throw new
|
|
9
|
+
if (!KryptosKit.isOct(options.kryptos)) {
|
|
10
|
+
throw new OctError("Invalid Kryptos instance");
|
|
14
11
|
}
|
|
15
|
-
if (!
|
|
16
|
-
throw new
|
|
12
|
+
if (!OCT_SIG_ALGORITHMS.includes(options.kryptos.algorithm)) {
|
|
13
|
+
throw new OctError("OctKit only supports signing algorithms (HS256, HS384, HS512)");
|
|
17
14
|
}
|
|
18
15
|
this.kryptos = options.kryptos;
|
|
19
16
|
}
|
|
20
17
|
sign(data) {
|
|
21
|
-
return
|
|
18
|
+
return createOctSignature({
|
|
22
19
|
data,
|
|
23
20
|
kryptos: this.kryptos,
|
|
24
21
|
});
|
|
25
22
|
}
|
|
26
23
|
verify(data, signature) {
|
|
27
|
-
return
|
|
24
|
+
return verifyOctSignature({
|
|
28
25
|
data,
|
|
29
26
|
encoding: this.encoding,
|
|
30
27
|
kryptos: this.kryptos,
|
|
@@ -32,7 +29,7 @@ class OctKit {
|
|
|
32
29
|
});
|
|
33
30
|
}
|
|
34
31
|
assert(data, signature) {
|
|
35
|
-
return
|
|
32
|
+
return assertOctSignature({
|
|
36
33
|
data,
|
|
37
34
|
encoding: this.encoding,
|
|
38
35
|
kryptos: this.kryptos,
|
|
@@ -43,5 +40,4 @@ class OctKit {
|
|
|
43
40
|
return data.toString(this.encoding);
|
|
44
41
|
}
|
|
45
42
|
}
|
|
46
|
-
exports.OctKit = OctKit;
|
|
47
43
|
//# sourceMappingURL=OctKit.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OctKit.js","sourceRoot":"","sources":["../../src/classes/OctKit.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"OctKit.js","sourceRoot":"","sources":["../../src/classes/OctKit.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,UAAU,EACV,kBAAkB,GAEnB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,sBAAsB,CAAC;AAE9B,MAAM,OAAO,MAAM;IACA,QAAQ,CAAiB;IACzB,OAAO,CAAc;IAEtC,YAAmB,OAAsB;QACvC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAE7C,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,QAAQ,CAAC,0BAA0B,CAAC,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,SAA4B,CAAC,EAAE,CAAC;YAC/E,MAAM,IAAI,QAAQ,CAAC,+DAA+D,CAAC,CAAC;QACtF,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IACjC,CAAC;IAEM,IAAI,CAAC,IAAa;QACvB,OAAO,kBAAkB,CAAC;YACxB,IAAI;YACJ,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,kBAAkB,CAAC;YACxB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,kBAAkB,CAAC;YACxB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAY;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;CACF"}
|
package/dist/classes/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from "./OctKit";
|
|
1
|
+
export * from "./OctKit.js";
|
|
2
2
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/classes/index.ts"],"names":[],"mappings":"AAAA,cAAc,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/classes/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}
|
package/dist/classes/index.js
CHANGED
|
@@ -1,18 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./OctKit"), exports);
|
|
1
|
+
export * from "./OctKit.js";
|
|
18
2
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/classes/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/classes/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}
|
package/dist/errors/OctError.js
CHANGED
|
@@ -1,8 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.OctError = void 0;
|
|
4
|
-
const errors_1 = require("@lindorm/errors");
|
|
5
|
-
class OctError extends errors_1.LindormError {
|
|
1
|
+
import { LindormError } from "@lindorm/errors";
|
|
2
|
+
export class OctError extends LindormError {
|
|
6
3
|
}
|
|
7
|
-
exports.OctError = OctError;
|
|
8
4
|
//# sourceMappingURL=OctError.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OctError.js","sourceRoot":"","sources":["../../src/errors/OctError.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"OctError.js","sourceRoot":"","sources":["../../src/errors/OctError.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,MAAM,OAAO,QAAS,SAAQ,YAAY;CAAG"}
|
package/dist/errors/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from "./OctError";
|
|
1
|
+
export * from "./OctError.js";
|
|
2
2
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC"}
|
package/dist/errors/index.js
CHANGED
|
@@ -1,18 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./OctError"), exports);
|
|
1
|
+
export * from "./OctError.js";
|
|
18
2
|
//# sourceMappingURL=index.js.map
|
package/dist/errors/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export * from "./classes";
|
|
2
|
-
export * from "./errors";
|
|
3
|
-
export * from "./types";
|
|
1
|
+
export * from "./classes/index.js";
|
|
2
|
+
export * from "./errors/index.js";
|
|
3
|
+
export * from "./types/index.js";
|
|
4
4
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,20 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./classes"), exports);
|
|
18
|
-
__exportStar(require("./errors"), exports);
|
|
19
|
-
__exportStar(require("./types"), exports);
|
|
1
|
+
export * from "./classes/index.js";
|
|
2
|
+
export * from "./errors/index.js";
|
|
3
|
+
export * from "./types/index.js";
|
|
20
4
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assert-key-size.d.ts","sourceRoot":"","sources":["../../src/internal/assert-key-size.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAGnD,eAAO,MAAM,aAAa,GAAI,WAAW,YAAY,EAAE,YAAY,MAAM,KAAG,IAiB3E,CAAC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { OctError } from "../errors/index.js";
|
|
2
|
+
export const assertKeySize = (algorithm, privateKey) => {
|
|
3
|
+
switch (algorithm) {
|
|
4
|
+
case "SHA256":
|
|
5
|
+
if (privateKey.length >= 16)
|
|
6
|
+
return;
|
|
7
|
+
throw new OctError("Invalid key size for SHA256");
|
|
8
|
+
case "SHA384":
|
|
9
|
+
if (privateKey.length >= 24)
|
|
10
|
+
return;
|
|
11
|
+
throw new OctError("Invalid key size for SHA384");
|
|
12
|
+
case "SHA512":
|
|
13
|
+
if (privateKey.length >= 32)
|
|
14
|
+
return;
|
|
15
|
+
throw new OctError("Invalid key size for SHA512");
|
|
16
|
+
default:
|
|
17
|
+
throw new OctError("Unsupported algorithm", { debug: { algorithm } });
|
|
18
|
+
}
|
|
19
|
+
};
|
|
20
|
+
//# sourceMappingURL=assert-key-size.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assert-key-size.js","sourceRoot":"","sources":["../../src/internal/assert-key-size.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,SAAuB,EAAE,UAAkB,EAAQ,EAAE;IACjF,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD;YACE,MAAM,IAAI,QAAQ,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-key.d.ts","sourceRoot":"","sources":["../../src/internal/get-key.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,eAAO,MAAM,aAAa,GAAI,SAAS,WAAW,KAAG,MAQpD,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { OctError } from "../errors/index.js";
|
|
2
|
+
export const getPrivateKey = (kryptos) => {
|
|
3
|
+
const { privateKey } = kryptos.export("der");
|
|
4
|
+
if (!privateKey) {
|
|
5
|
+
throw new OctError("Missing private key");
|
|
6
|
+
}
|
|
7
|
+
return privateKey;
|
|
8
|
+
};
|
|
9
|
+
//# sourceMappingURL=get-key.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-key.js","sourceRoot":"","sources":["../../src/internal/get-key.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,OAAoB,EAAU,EAAE;IAC5D,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,QAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/internal/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAC;AACrC,cAAc,cAAc,CAAC;AAC7B,cAAc,oBAAoB,CAAC;AACnC,cAAc,oBAAoB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/internal/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAC;AACrC,cAAc,cAAc,CAAC;AAC7B,cAAc,oBAAoB,CAAC;AACnC,cAAc,oBAAoB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"map-algorithm.d.ts","sourceRoot":"","sources":["../../src/internal/map-algorithm.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,WAAW,EAGjB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AASnD,eAAO,MAAM,eAAe,GAAI,SAAS,WAAW,KAAG,YAQtD,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { OCT_SIG_ALGORITHMS, } from "@lindorm/kryptos";
|
|
2
|
+
import { OctError } from "../errors/index.js";
|
|
3
|
+
const OCT_SIG_ALGORITHM_MAP = {
|
|
4
|
+
HS256: "SHA256",
|
|
5
|
+
HS384: "SHA384",
|
|
6
|
+
HS512: "SHA512",
|
|
7
|
+
};
|
|
8
|
+
export const mapOctAlgorithm = (kryptos) => {
|
|
9
|
+
if (!OCT_SIG_ALGORITHMS.includes(kryptos.algorithm)) {
|
|
10
|
+
throw new OctError("Unsupported OCT algorithm for signing", {
|
|
11
|
+
debug: { algorithm: kryptos.algorithm },
|
|
12
|
+
});
|
|
13
|
+
}
|
|
14
|
+
return OCT_SIG_ALGORITHM_MAP[kryptos.algorithm];
|
|
15
|
+
};
|
|
16
|
+
//# sourceMappingURL=map-algorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"map-algorithm.js","sourceRoot":"","sources":["../../src/internal/map-algorithm.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,kBAAkB,GAEnB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,MAAM,qBAAqB,GAA0C;IACnE,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;CAChB,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,OAAoB,EAAgB,EAAE;IACpE,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAA4B,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,QAAQ,CAAC,uCAAuC,EAAE;YAC1D,KAAK,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,qBAAqB,CAAC,OAAO,CAAC,SAA4B,CAAC,CAAC;AACrE,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CreateOctSignatureOptions, VerifyOctSignatureOptions } from "
|
|
1
|
+
import type { CreateOctSignatureOptions, VerifyOctSignatureOptions } from "../types/index.js";
|
|
2
2
|
export declare const createOctSignature: ({ data, kryptos, }: CreateOctSignatureOptions) => Buffer;
|
|
3
3
|
export declare const verifyOctSignature: ({ data, encoding, kryptos, signature, }: VerifyOctSignatureOptions) => boolean;
|
|
4
4
|
export declare const assertOctSignature: (options: VerifyOctSignatureOptions) => void;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oct-signature.d.ts","sourceRoot":"","sources":["../../src/internal/oct-signature.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,yBAAyB,EACzB,yBAAyB,EAC1B,MAAM,mBAAmB,CAAC;AAK3B,eAAO,MAAM,kBAAkB,GAAI,oBAGhC,yBAAyB,KAAG,MAO9B,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,yCAKhC,yBAAyB,KAAG,OAO9B,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,SAAS,yBAAyB,KAAG,IAGvE,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { isString } from "@lindorm/is";
|
|
2
|
+
import { createHmac, timingSafeEqual } from "crypto";
|
|
3
|
+
import { OctError } from "../errors/index.js";
|
|
4
|
+
import { assertKeySize } from "./assert-key-size.js";
|
|
5
|
+
import { getPrivateKey } from "./get-key.js";
|
|
6
|
+
import { mapOctAlgorithm } from "./map-algorithm.js";
|
|
7
|
+
export const createOctSignature = ({ data, kryptos, }) => {
|
|
8
|
+
const algorithm = mapOctAlgorithm(kryptos);
|
|
9
|
+
const privateKey = getPrivateKey(kryptos);
|
|
10
|
+
assertKeySize(algorithm, privateKey);
|
|
11
|
+
return createHmac(algorithm, privateKey).update(data).digest();
|
|
12
|
+
};
|
|
13
|
+
export const verifyOctSignature = ({ data, encoding, kryptos, signature, }) => {
|
|
14
|
+
const expected = createOctSignature({ data, kryptos });
|
|
15
|
+
const actual = isString(signature) ? Buffer.from(signature, encoding) : signature;
|
|
16
|
+
if (expected.length !== actual.length)
|
|
17
|
+
return false;
|
|
18
|
+
return timingSafeEqual(expected, actual);
|
|
19
|
+
};
|
|
20
|
+
export const assertOctSignature = (options) => {
|
|
21
|
+
if (verifyOctSignature(options))
|
|
22
|
+
return;
|
|
23
|
+
throw new OctError("OctSignature does not match");
|
|
24
|
+
};
|
|
25
|
+
//# sourceMappingURL=oct-signature.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oct-signature.js","sourceRoot":"","sources":["../../src/internal/oct-signature.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAK9C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,EACjC,IAAI,EACJ,OAAO,GACmB,EAAU,EAAE;IACtC,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IAE1C,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAErC,OAAO,UAAU,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;AACjE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,EACjC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,SAAS,GACiB,EAAW,EAAE;IACvC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACvD,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAElF,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAEpD,OAAO,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,OAAkC,EAAQ,EAAE;IAC7E,IAAI,kBAAkB,CAAC,OAAO,CAAC;QAAE,OAAO;IACxC,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;AACpD,CAAC,CAAC"}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from "./oct-kit";
|
|
1
|
+
export * from "./oct-kit.js";
|
|
2
2
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC"}
|
package/dist/types/index.js
CHANGED
|
@@ -1,18 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./oct-kit"), exports);
|
|
1
|
+
export * from "./oct-kit.js";
|
|
18
2
|
//# sourceMappingURL=index.js.map
|
package/dist/types/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC"}
|
package/dist/types/oct-kit.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { IKryptos, IKryptosOct } from "@lindorm/kryptos";
|
|
2
|
-
import { KeyData } from "@lindorm/types";
|
|
1
|
+
import type { IKryptos, IKryptosOct } from "@lindorm/kryptos";
|
|
2
|
+
import type { KeyData } from "@lindorm/types";
|
|
3
3
|
export type CreateOctSignatureOptions = {
|
|
4
4
|
data: KeyData;
|
|
5
5
|
kryptos: IKryptosOct;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oct-kit.d.ts","sourceRoot":"","sources":["../../src/types/oct-kit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"oct-kit.d.ts","sourceRoot":"","sources":["../../src/types/oct-kit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAE9C,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,WAAW,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,EAAE,OAAO,CAAC;IACd,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,WAAW,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,OAAO,EAAE,QAAQ,CAAC;CACnB,CAAC"}
|
package/dist/types/oct-kit.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lindorm/oct",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"license": "AGPL-3.0-or-later",
|
|
5
5
|
"author": "Jonn Nilsson",
|
|
6
6
|
"repository": {
|
|
@@ -11,15 +11,21 @@
|
|
|
11
11
|
"publishConfig": {
|
|
12
12
|
"access": "public"
|
|
13
13
|
},
|
|
14
|
-
"
|
|
14
|
+
"type": "module",
|
|
15
15
|
"typings": "dist/index.d.ts",
|
|
16
|
+
"exports": {
|
|
17
|
+
".": {
|
|
18
|
+
"types": "./dist/index.d.ts",
|
|
19
|
+
"default": "./dist/index.js"
|
|
20
|
+
}
|
|
21
|
+
},
|
|
16
22
|
"scripts": {
|
|
17
23
|
"build": "rimraf dist && tsc -b ./tsconfig.build.json",
|
|
18
24
|
"example": "ts-node example",
|
|
19
25
|
"prettier": "prettier --write ./src/*",
|
|
20
|
-
"test": "
|
|
21
|
-
"test:
|
|
22
|
-
"test:watch": "
|
|
26
|
+
"test": "vitest run",
|
|
27
|
+
"test:unit": "vitest run --exclude '**/*.integration.test.ts'",
|
|
28
|
+
"test:watch": "vitest",
|
|
23
29
|
"typecheck": "tsc",
|
|
24
30
|
"typecheck:watch": "tsc --watch",
|
|
25
31
|
"update": "ncu -i",
|
|
@@ -27,12 +33,10 @@
|
|
|
27
33
|
"verify": "npm run typecheck && npm run build && npm test"
|
|
28
34
|
},
|
|
29
35
|
"dependencies": {
|
|
30
|
-
"@lindorm/errors": "^0.
|
|
31
|
-
"@lindorm/is": "^0.
|
|
32
|
-
"@lindorm/kryptos": "^0.
|
|
33
|
-
|
|
34
|
-
"devDependencies": {
|
|
35
|
-
"@lindorm/types": "^0.5.0"
|
|
36
|
+
"@lindorm/errors": "^0.2.0",
|
|
37
|
+
"@lindorm/is": "^0.2.0",
|
|
38
|
+
"@lindorm/kryptos": "^0.8.0",
|
|
39
|
+
"@lindorm/types": "^0.6.0"
|
|
36
40
|
},
|
|
37
|
-
"gitHead": "
|
|
41
|
+
"gitHead": "a2b0a53295aebda806b4057f34707e8583570265"
|
|
38
42
|
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"assert-key-size.d.ts","sourceRoot":"","sources":["../../../src/utils/private/assert-key-size.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,eAAO,MAAM,aAAa,GAAI,WAAW,YAAY,EAAE,YAAY,MAAM,KAAG,IAiB3E,CAAC"}
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.assertKeySize = void 0;
|
|
4
|
-
const errors_1 = require("../../errors");
|
|
5
|
-
const assertKeySize = (algorithm, privateKey) => {
|
|
6
|
-
switch (algorithm) {
|
|
7
|
-
case "SHA256":
|
|
8
|
-
if (privateKey.length >= 16)
|
|
9
|
-
return;
|
|
10
|
-
throw new errors_1.OctError("Invalid key size for SHA256");
|
|
11
|
-
case "SHA384":
|
|
12
|
-
if (privateKey.length >= 24)
|
|
13
|
-
return;
|
|
14
|
-
throw new errors_1.OctError("Invalid key size for SHA384");
|
|
15
|
-
case "SHA512":
|
|
16
|
-
if (privateKey.length >= 32)
|
|
17
|
-
return;
|
|
18
|
-
throw new errors_1.OctError("Invalid key size for SHA512");
|
|
19
|
-
default:
|
|
20
|
-
throw new errors_1.OctError("Unsupported algorithm", { debug: { algorithm } });
|
|
21
|
-
}
|
|
22
|
-
};
|
|
23
|
-
exports.assertKeySize = assertKeySize;
|
|
24
|
-
//# sourceMappingURL=assert-key-size.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"assert-key-size.js","sourceRoot":"","sources":["../../../src/utils/private/assert-key-size.ts"],"names":[],"mappings":";;;AACA,yCAAwC;AAEjC,MAAM,aAAa,GAAG,CAAC,SAAuB,EAAE,UAAkB,EAAQ,EAAE;IACjF,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD,KAAK,QAAQ;YACX,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE;gBAAE,OAAO;YACpC,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;QAEpD;YACE,MAAM,IAAI,iBAAQ,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC,CAAC;AAjBW,QAAA,aAAa,iBAiBxB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-key.d.ts","sourceRoot":"","sources":["../../../src/utils/private/get-key.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/C,eAAO,MAAM,aAAa,GAAI,SAAS,WAAW,KAAG,MAQpD,CAAC"}
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.getPrivateKey = void 0;
|
|
4
|
-
const errors_1 = require("../../errors");
|
|
5
|
-
const getPrivateKey = (kryptos) => {
|
|
6
|
-
const { privateKey } = kryptos.export("der");
|
|
7
|
-
if (!privateKey) {
|
|
8
|
-
throw new errors_1.OctError("Missing private key");
|
|
9
|
-
}
|
|
10
|
-
return privateKey;
|
|
11
|
-
};
|
|
12
|
-
exports.getPrivateKey = getPrivateKey;
|
|
13
|
-
//# sourceMappingURL=get-key.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"get-key.js","sourceRoot":"","sources":["../../../src/utils/private/get-key.ts"],"names":[],"mappings":";;;AACA,yCAAwC;AAEjC,MAAM,aAAa,GAAG,CAAC,OAAoB,EAAU,EAAE;IAC5D,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,iBAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC,CAAC;AARW,QAAA,aAAa,iBAQxB"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,WAAW,CAAC;AAC1B,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC"}
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./assert-key-size"), exports);
|
|
18
|
-
__exportStar(require("./get-key"), exports);
|
|
19
|
-
__exportStar(require("./map-algorithm"), exports);
|
|
20
|
-
__exportStar(require("./oct-signature"), exports);
|
|
21
|
-
//# sourceMappingURL=index.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/private/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oDAAkC;AAClC,4CAA0B;AAC1B,kDAAgC;AAChC,kDAAgC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"map-algorithm.d.ts","sourceRoot":"","sources":["../../../src/utils/private/map-algorithm.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAuC,MAAM,kBAAkB,CAAC;AACpF,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAS9C,eAAO,MAAM,eAAe,GAAI,SAAS,WAAW,KAAG,YAQtD,CAAC"}
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.mapOctAlgorithm = void 0;
|
|
4
|
-
const kryptos_1 = require("@lindorm/kryptos");
|
|
5
|
-
const errors_1 = require("../../errors");
|
|
6
|
-
const OCT_SIG_ALGORITHM_MAP = {
|
|
7
|
-
HS256: "SHA256",
|
|
8
|
-
HS384: "SHA384",
|
|
9
|
-
HS512: "SHA512",
|
|
10
|
-
};
|
|
11
|
-
const mapOctAlgorithm = (kryptos) => {
|
|
12
|
-
if (!kryptos_1.OCT_SIG_ALGORITHMS.includes(kryptos.algorithm)) {
|
|
13
|
-
throw new errors_1.OctError("Unsupported OCT algorithm for signing", {
|
|
14
|
-
debug: { algorithm: kryptos.algorithm },
|
|
15
|
-
});
|
|
16
|
-
}
|
|
17
|
-
return OCT_SIG_ALGORITHM_MAP[kryptos.algorithm];
|
|
18
|
-
};
|
|
19
|
-
exports.mapOctAlgorithm = mapOctAlgorithm;
|
|
20
|
-
//# sourceMappingURL=map-algorithm.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"map-algorithm.js","sourceRoot":"","sources":["../../../src/utils/private/map-algorithm.ts"],"names":[],"mappings":";;;AAAA,8CAAoF;AAEpF,yCAAwC;AAExC,MAAM,qBAAqB,GAA0C;IACnE,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;CAChB,CAAC;AAEK,MAAM,eAAe,GAAG,CAAC,OAAoB,EAAgB,EAAE;IACpE,IAAI,CAAC,4BAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAA4B,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,iBAAQ,CAAC,uCAAuC,EAAE;YAC1D,KAAK,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,qBAAqB,CAAC,OAAO,CAAC,SAA4B,CAAC,CAAC;AACrE,CAAC,CAAC;AARW,QAAA,eAAe,mBAQ1B"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"oct-signature.d.ts","sourceRoot":"","sources":["../../../src/utils/private/oct-signature.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAKnF,eAAO,MAAM,kBAAkB,GAAI,oBAGhC,yBAAyB,KAAG,MAO9B,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,yCAKhC,yBAAyB,KAAG,OAO9B,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,SAAS,yBAAyB,KAAG,IAGvE,CAAC"}
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.assertOctSignature = exports.verifyOctSignature = exports.createOctSignature = void 0;
|
|
4
|
-
const is_1 = require("@lindorm/is");
|
|
5
|
-
const crypto_1 = require("crypto");
|
|
6
|
-
const errors_1 = require("../../errors");
|
|
7
|
-
const assert_key_size_1 = require("./assert-key-size");
|
|
8
|
-
const get_key_1 = require("./get-key");
|
|
9
|
-
const map_algorithm_1 = require("./map-algorithm");
|
|
10
|
-
const createOctSignature = ({ data, kryptos, }) => {
|
|
11
|
-
const algorithm = (0, map_algorithm_1.mapOctAlgorithm)(kryptos);
|
|
12
|
-
const privateKey = (0, get_key_1.getPrivateKey)(kryptos);
|
|
13
|
-
(0, assert_key_size_1.assertKeySize)(algorithm, privateKey);
|
|
14
|
-
return (0, crypto_1.createHmac)(algorithm, privateKey).update(data).digest();
|
|
15
|
-
};
|
|
16
|
-
exports.createOctSignature = createOctSignature;
|
|
17
|
-
const verifyOctSignature = ({ data, encoding, kryptos, signature, }) => {
|
|
18
|
-
const expected = (0, exports.createOctSignature)({ data, kryptos });
|
|
19
|
-
const actual = (0, is_1.isString)(signature) ? Buffer.from(signature, encoding) : signature;
|
|
20
|
-
if (expected.length !== actual.length)
|
|
21
|
-
return false;
|
|
22
|
-
return (0, crypto_1.timingSafeEqual)(expected, actual);
|
|
23
|
-
};
|
|
24
|
-
exports.verifyOctSignature = verifyOctSignature;
|
|
25
|
-
const assertOctSignature = (options) => {
|
|
26
|
-
if ((0, exports.verifyOctSignature)(options))
|
|
27
|
-
return;
|
|
28
|
-
throw new errors_1.OctError("OctSignature does not match");
|
|
29
|
-
};
|
|
30
|
-
exports.assertOctSignature = assertOctSignature;
|
|
31
|
-
//# sourceMappingURL=oct-signature.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"oct-signature.js","sourceRoot":"","sources":["../../../src/utils/private/oct-signature.ts"],"names":[],"mappings":";;;AAAA,oCAAuC;AACvC,mCAAqD;AACrD,yCAAwC;AAExC,uDAAkD;AAClD,uCAA0C;AAC1C,mDAAkD;AAE3C,MAAM,kBAAkB,GAAG,CAAC,EACjC,IAAI,EACJ,OAAO,GACmB,EAAU,EAAE;IACtC,MAAM,SAAS,GAAG,IAAA,+BAAe,EAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,OAAO,CAAC,CAAC;IAE1C,IAAA,+BAAa,EAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAErC,OAAO,IAAA,mBAAU,EAAC,SAAS,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;AACjE,CAAC,CAAC;AAVW,QAAA,kBAAkB,sBAU7B;AAEK,MAAM,kBAAkB,GAAG,CAAC,EACjC,IAAI,EACJ,QAAQ,EACR,OAAO,EACP,SAAS,GACiB,EAAW,EAAE;IACvC,MAAM,QAAQ,GAAG,IAAA,0BAAkB,EAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACvD,MAAM,MAAM,GAAG,IAAA,aAAQ,EAAC,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAElF,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAEpD,OAAO,IAAA,wBAAe,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;AAC3C,CAAC,CAAC;AAZW,QAAA,kBAAkB,sBAY7B;AAEK,MAAM,kBAAkB,GAAG,CAAC,OAAkC,EAAQ,EAAE;IAC7E,IAAI,IAAA,0BAAkB,EAAC,OAAO,CAAC;QAAE,OAAO;IACxC,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;AACpD,CAAC,CAAC;AAHW,QAAA,kBAAkB,sBAG7B"}
|