@oari/jose 0.0.0

package/dist/webapi/lib/crypto_key.js

@@ -0,0 +1,136 @@
+const unusable = (name, prop = 'algorithm.name') => new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
+const isAlgorithm = (algorithm, name) => algorithm.name === name;
+function getHashLength(hash) {
+    return parseInt(hash.name.slice(4), 10);
+}
+function checkHashLength(algorithm, expected) {
+    const actual = getHashLength(algorithm.hash);
+    if (actual !== expected)
+        throw unusable(`SHA-${expected}`, 'algorithm.hash');
+}
+function getNamedCurve(alg) {
+    switch (alg) {
+        case 'ES256':
+            return 'P-256';
+        case 'ES384':
+            return 'P-384';
+        case 'ES512':
+            return 'P-521';
+        default:
+            throw new Error('unreachable');
+    }
+}
+function checkUsage(key, usage) {
+    if (usage && !key.usages.includes(usage)) {
+        throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
+    }
+}
+export function checkSigCryptoKey(key, alg, usage) {
+    switch (alg) {
+        case 'HS256':
+        case 'HS384':
+        case 'HS512': {
+            if (!isAlgorithm(key.algorithm, 'HMAC'))
+                throw unusable('HMAC');
+            checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
+            break;
+        }
+        case 'RS256':
+        case 'RS384':
+        case 'RS512': {
+            if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))
+                throw unusable('RSASSA-PKCS1-v1_5');
+            checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
+            break;
+        }
+        case 'PS256':
+        case 'PS384':
+        case 'PS512': {
+            if (!isAlgorithm(key.algorithm, 'RSA-PSS'))
+                throw unusable('RSA-PSS');
+            checkHashLength(key.algorithm, parseInt(alg.slice(2), 10));
+            break;
+        }
+        case 'Ed25519':
+        case 'EdDSA': {
+            if (!isAlgorithm(key.algorithm, 'Ed25519'))
+                throw unusable('Ed25519');
+            break;
+        }
+        case 'ML-DSA-44':
+        case 'ML-DSA-65':
+        case 'ML-DSA-87': {
+            if (!isAlgorithm(key.algorithm, alg))
+                throw unusable(alg);
+            break;
+        }
+        case 'ES256':
+        case 'ES384':
+        case 'ES512': {
+            if (!isAlgorithm(key.algorithm, 'ECDSA'))
+                throw unusable('ECDSA');
+            const expected = getNamedCurve(alg);
+            const actual = key.algorithm.namedCurve;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.namedCurve');
+            break;
+        }
+        default:
+            throw new TypeError('CryptoKey does not support this operation');
+    }
+    checkUsage(key, usage);
+}
+export function checkEncCryptoKey(key, alg, usage) {
+    switch (alg) {
+        case 'A128GCM':
+        case 'A192GCM':
+        case 'A256GCM': {
+            if (!isAlgorithm(key.algorithm, 'AES-GCM'))
+                throw unusable('AES-GCM');
+            const expected = parseInt(alg.slice(1, 4), 10);
+            const actual = key.algorithm.length;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.length');
+            break;
+        }
+        case 'A128KW':
+        case 'A192KW':
+        case 'A256KW': {
+            if (!isAlgorithm(key.algorithm, 'AES-KW'))
+                throw unusable('AES-KW');
+            const expected = parseInt(alg.slice(1, 4), 10);
+            const actual = key.algorithm.length;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.length');
+            break;
+        }
+        case 'ECDH': {
+            switch (key.algorithm.name) {
+                case 'ECDH':
+                case 'X25519':
+                    break;
+                default:
+                    throw unusable('ECDH or X25519');
+            }
+            break;
+        }
+        case 'PBES2-HS256+A128KW':
+        case 'PBES2-HS384+A192KW':
+        case 'PBES2-HS512+A256KW':
+            if (!isAlgorithm(key.algorithm, 'PBKDF2'))
+                throw unusable('PBKDF2');
+            break;
+        case 'RSA-OAEP':
+        case 'RSA-OAEP-256':
+        case 'RSA-OAEP-384':
+        case 'RSA-OAEP-512': {
+            if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))
+                throw unusable('RSA-OAEP');
+            checkHashLength(key.algorithm, parseInt(alg.slice(9), 10) || 1);
+            break;
+        }
+        default:
+            throw new TypeError('CryptoKey does not support this operation');
+    }
+    checkUsage(key, usage);
+}

package/dist/webapi/lib/deflate.js

@@ -0,0 +1,44 @@
+import { JOSENotSupported, JWEInvalid } from '../util/errors.js';
+import { concat } from './buffer_utils.js';
+function supported(name) {
+    if (typeof globalThis[name] === 'undefined') {
+        throw new JOSENotSupported(`JWE "zip" (Compression Algorithm) Header Parameter requires the ${name} API.`);
+    }
+}
+export async function compress(input) {
+    supported('CompressionStream');
+    const cs = new CompressionStream('deflate-raw');
+    const writer = cs.writable.getWriter();
+    writer.write(input).catch(() => { });
+    writer.close().catch(() => { });
+    const chunks = [];
+    const reader = cs.readable.getReader();
+    for (;;) {
+        const { value, done } = await reader.read();
+        if (done)
+            break;
+        chunks.push(value);
+    }
+    return concat(...chunks);
+}
+export async function decompress(input, maxLength) {
+    supported('DecompressionStream');
+    const ds = new DecompressionStream('deflate-raw');
+    const writer = ds.writable.getWriter();
+    writer.write(input).catch(() => { });
+    writer.close().catch(() => { });
+    const chunks = [];
+    let length = 0;
+    const reader = ds.readable.getReader();
+    for (;;) {
+        const { value, done } = await reader.read();
+        if (done)
+            break;
+        chunks.push(value);
+        length += value.byteLength;
+        if (maxLength !== Infinity && length > maxLength) {
+            throw new JWEInvalid('Decompressed plaintext exceeded the configured limit');
+        }
+    }
+    return concat(...chunks);
+}

package/dist/webapi/lib/ecdhes.js

@@ -0,0 +1,52 @@
+import { encode, concat, uint32be } from './buffer_utils.js';
+import { checkEncCryptoKey } from './crypto_key.js';
+import { digest } from './helpers.js';
+function lengthAndInput(input) {
+    return concat(uint32be(input.length), input);
+}
+async function concatKdf(Z, L, OtherInfo) {
+    const dkLen = L >> 3;
+    const hashLen = 32;
+    const reps = Math.ceil(dkLen / hashLen);
+    const dk = new Uint8Array(reps * hashLen);
+    for (let i = 1; i <= reps; i++) {
+        const hashInput = new Uint8Array(4 + Z.length + OtherInfo.length);
+        hashInput.set(uint32be(i), 0);
+        hashInput.set(Z, 4);
+        hashInput.set(OtherInfo, 4 + Z.length);
+        const hashResult = await digest('sha256', hashInput);
+        dk.set(hashResult, (i - 1) * hashLen);
+    }
+    return dk.slice(0, dkLen);
+}
+export async function deriveKey(publicKey, privateKey, algorithm, keyLength, apu = new Uint8Array(), apv = new Uint8Array()) {
+    checkEncCryptoKey(publicKey, 'ECDH');
+    checkEncCryptoKey(privateKey, 'ECDH', 'deriveBits');
+    const algorithmID = lengthAndInput(encode(algorithm));
+    const partyUInfo = lengthAndInput(apu);
+    const partyVInfo = lengthAndInput(apv);
+    const suppPubInfo = uint32be(keyLength);
+    const suppPrivInfo = new Uint8Array();
+    const otherInfo = concat(algorithmID, partyUInfo, partyVInfo, suppPubInfo, suppPrivInfo);
+    const Z = new Uint8Array(await crypto.subtle.deriveBits({
+        name: publicKey.algorithm.name,
+        public: publicKey,
+    }, privateKey, getEcdhBitLength(publicKey)));
+    return concatKdf(Z, keyLength, otherInfo);
+}
+function getEcdhBitLength(publicKey) {
+    if (publicKey.algorithm.name === 'X25519') {
+        return 256;
+    }
+    return (Math.ceil(parseInt(publicKey.algorithm.namedCurve.slice(-3), 10) / 8) << 3);
+}
+export function allowed(key) {
+    switch (key.algorithm.namedCurve) {
+        case 'P-256':
+        case 'P-384':
+        case 'P-521':
+            return true;
+        default:
+            return key.algorithm.name === 'X25519';
+    }
+}

package/dist/webapi/lib/helpers.js

@@ -0,0 +1,19 @@
+import { decode } from '../util/base64url.js';
+export const unprotected = Symbol();
+export function assertNotSet(value, name) {
+    if (value) {
+        throw new TypeError(`${name} can only be called once`);
+    }
+}
+export function decodeBase64url(value, label, ErrorClass) {
+    try {
+        return decode(value);
+    }
+    catch {
+        throw new ErrorClass(`Failed to base64url decode the ${label}`);
+    }
+}
+export async function digest(algorithm, data) {
+    const subtleDigest = `SHA-${algorithm.slice(-3)}`;
+    return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));
+}

package/dist/webapi/lib/invalid_key_input.js

@@ -0,0 +1,27 @@
+function message(msg, actual, ...types) {
+    types = types.filter(Boolean);
+    if (types.length > 2) {
+        const last = types.pop();
+        msg += `one of type ${types.join(', ')}, or ${last}.`;
+    }
+    else if (types.length === 2) {
+        msg += `one of type ${types[0]} or ${types[1]}.`;
+    }
+    else {
+        msg += `of type ${types[0]}.`;
+    }
+    if (actual == null) {
+        msg += ` Received ${actual}`;
+    }
+    else if (typeof actual === 'function' && actual.name) {
+        msg += ` Received function ${actual.name}`;
+    }
+    else if (typeof actual === 'object' && actual != null) {
+        if (actual.constructor?.name) {
+            msg += ` Received an instance of ${actual.constructor.name}`;
+        }
+    }
+    return msg;
+}
+export const invalidKeyInput = (actual, ...types) => message('Key must be ', actual, ...types);
+export const withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);

package/dist/webapi/lib/is_key_like.js

@@ -0,0 +1,17 @@
+export function assertCryptoKey(key) {
+    if (!isCryptoKey(key)) {
+        throw new Error('CryptoKey instance expected');
+    }
+}
+export const isCryptoKey = (key) => {
+    if (key?.[Symbol.toStringTag] === 'CryptoKey')
+        return true;
+    try {
+        return key instanceof CryptoKey;
+    }
+    catch {
+        return false;
+    }
+};
+export const isKeyObject = (key) => key?.[Symbol.toStringTag] === 'KeyObject';
+export const isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);

package/dist/webapi/lib/jwk_to_key.js

@@ -0,0 +1,107 @@
+import { JOSENotSupported } from '../util/errors.js';
+const unsupportedAlg = 'Invalid or unsupported JWK "alg" (Algorithm) Parameter value';
+function subtleMapping(jwk) {
+    let algorithm;
+    let keyUsages;
+    switch (jwk.kty) {
+        case 'AKP': {
+            switch (jwk.alg) {
+                case 'ML-DSA-44':
+                case 'ML-DSA-65':
+                case 'ML-DSA-87':
+                    algorithm = { name: jwk.alg };
+                    keyUsages = jwk.priv ? ['sign'] : ['verify'];
+                    break;
+                default:
+                    throw new JOSENotSupported(unsupportedAlg);
+            }
+            break;
+        }
+        case 'RSA': {
+            switch (jwk.alg) {
+                case 'PS256':
+                case 'PS384':
+                case 'PS512':
+                    algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };
+                    keyUsages = jwk.d ? ['sign'] : ['verify'];
+                    break;
+                case 'RS256':
+                case 'RS384':
+                case 'RS512':
+                    algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };
+                    keyUsages = jwk.d ? ['sign'] : ['verify'];
+                    break;
+                case 'RSA-OAEP':
+                case 'RSA-OAEP-256':
+                case 'RSA-OAEP-384':
+                case 'RSA-OAEP-512':
+                    algorithm = {
+                        name: 'RSA-OAEP',
+                        hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,
+                    };
+                    keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];
+                    break;
+                default:
+                    throw new JOSENotSupported(unsupportedAlg);
+            }
+            break;
+        }
+        case 'EC': {
+            switch (jwk.alg) {
+                case 'ES256':
+                case 'ES384':
+                case 'ES512':
+                    algorithm = {
+                        name: 'ECDSA',
+                        namedCurve: { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' }[jwk.alg],
+                    };
+                    keyUsages = jwk.d ? ['sign'] : ['verify'];
+                    break;
+                case 'ECDH-ES':
+                case 'ECDH-ES+A128KW':
+                case 'ECDH-ES+A192KW':
+                case 'ECDH-ES+A256KW':
+                    algorithm = { name: 'ECDH', namedCurve: jwk.crv };
+                    keyUsages = jwk.d ? ['deriveBits'] : [];
+                    break;
+                default:
+                    throw new JOSENotSupported(unsupportedAlg);
+            }
+            break;
+        }
+        case 'OKP': {
+            switch (jwk.alg) {
+                case 'Ed25519':
+                case 'EdDSA':
+                    algorithm = { name: 'Ed25519' };
+                    keyUsages = jwk.d ? ['sign'] : ['verify'];
+                    break;
+                case 'ECDH-ES':
+                case 'ECDH-ES+A128KW':
+                case 'ECDH-ES+A192KW':
+                case 'ECDH-ES+A256KW':
+                    algorithm = { name: jwk.crv };
+                    keyUsages = jwk.d ? ['deriveBits'] : [];
+                    break;
+                default:
+                    throw new JOSENotSupported(unsupportedAlg);
+            }
+            break;
+        }
+        default:
+            throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
+    }
+    return { algorithm, keyUsages };
+}
+export async function jwkToKey(jwk) {
+    if (!jwk.alg) {
+        throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
+    }
+    const { algorithm, keyUsages } = subtleMapping(jwk);
+    const keyData = { ...jwk };
+    if (keyData.kty !== 'AKP') {
+        delete keyData.alg;
+    }
+    delete keyData.use;
+    return crypto.subtle.importKey('jwk', keyData, algorithm, jwk.ext ?? (jwk.d || jwk.priv ? false : true), jwk.key_ops ?? keyUsages);
+}

package/dist/webapi/lib/jwt_claims_set.js

@@ -0,0 +1,238 @@
+import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';
+import { encoder, decoder } from './buffer_utils.js';
+import { isObject } from './type_checks.js';
+const epoch = (date) => Math.floor(date.getTime() / 1000);
+const minute = 60;
+const hour = minute * 60;
+const day = hour * 24;
+const week = day * 7;
+const year = day * 365.25;
+const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
+export function secs(str) {
+    const matched = REGEX.exec(str);
+    if (!matched || (matched[4] && matched[1])) {
+        throw new TypeError('Invalid time period format');
+    }
+    const value = parseFloat(matched[2]);
+    const unit = matched[3].toLowerCase();
+    let numericDate;
+    switch (unit) {
+        case 'sec':
+        case 'secs':
+        case 'second':
+        case 'seconds':
+        case 's':
+            numericDate = Math.round(value);
+            break;
+        case 'minute':
+        case 'minutes':
+        case 'min':
+        case 'mins':
+        case 'm':
+            numericDate = Math.round(value * minute);
+            break;
+        case 'hour':
+        case 'hours':
+        case 'hr':
+        case 'hrs':
+        case 'h':
+            numericDate = Math.round(value * hour);
+            break;
+        case 'day':
+        case 'days':
+        case 'd':
+            numericDate = Math.round(value * day);
+            break;
+        case 'week':
+        case 'weeks':
+        case 'w':
+            numericDate = Math.round(value * week);
+            break;
+        default:
+            numericDate = Math.round(value * year);
+            break;
+    }
+    if (matched[1] === '-' || matched[4] === 'ago') {
+        return -numericDate;
+    }
+    return numericDate;
+}
+function validateInput(label, input) {
+    if (!Number.isFinite(input)) {
+        throw new TypeError(`Invalid ${label} input`);
+    }
+    return input;
+}
+const normalizeTyp = (value) => {
+    if (value.includes('/')) {
+        return value.toLowerCase();
+    }
+    return `application/${value.toLowerCase()}`;
+};
+const checkAudiencePresence = (audPayload, audOption) => {
+    if (typeof audPayload === 'string') {
+        return audOption.includes(audPayload);
+    }
+    if (Array.isArray(audPayload)) {
+        return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
+    }
+    return false;
+};
+export function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
+    let payload;
+    try {
+        payload = JSON.parse(decoder.decode(encodedPayload));
+    }
+    catch {
+    }
+    if (!isObject(payload)) {
+        throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');
+    }
+    const { typ } = options;
+    if (typ &&
+        (typeof protectedHeader.typ !== 'string' ||
+            normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {
+        throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, 'typ', 'check_failed');
+    }
+    const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;
+    const presenceCheck = [...requiredClaims];
+    if (maxTokenAge !== undefined)
+        presenceCheck.push('iat');
+    if (audience !== undefined)
+        presenceCheck.push('aud');
+    if (subject !== undefined)
+        presenceCheck.push('sub');
+    if (issuer !== undefined)
+        presenceCheck.push('iss');
+    for (const claim of new Set(presenceCheck.reverse())) {
+        if (!(claim in payload)) {
+            throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, 'missing');
+        }
+    }
+    if (issuer &&
+        !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {
+        throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, 'iss', 'check_failed');
+    }
+    if (subject && payload.sub !== subject) {
+        throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, 'sub', 'check_failed');
+    }
+    if (audience &&
+        !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {
+        throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, 'aud', 'check_failed');
+    }
+    let tolerance;
+    switch (typeof options.clockTolerance) {
+        case 'string':
+            tolerance = secs(options.clockTolerance);
+            break;
+        case 'number':
+            tolerance = options.clockTolerance;
+            break;
+        case 'undefined':
+            tolerance = 0;
+            break;
+        default:
+            throw new TypeError('Invalid clockTolerance option type');
+    }
+    const { currentDate } = options;
+    const now = epoch(currentDate || new Date());
+    if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {
+        throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, 'iat', 'invalid');
+    }
+    if (payload.nbf !== undefined) {
+        if (typeof payload.nbf !== 'number') {
+            throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, 'nbf', 'invalid');
+        }
+        if (payload.nbf > now + tolerance) {
+            throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, 'nbf', 'check_failed');
+        }
+    }
+    if (payload.exp !== undefined) {
+        if (typeof payload.exp !== 'number') {
+            throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, 'exp', 'invalid');
+        }
+        if (payload.exp <= now - tolerance) {
+            throw new JWTExpired('"exp" claim timestamp check failed', payload, 'exp', 'check_failed');
+        }
+    }
+    if (maxTokenAge) {
+        const age = now - payload.iat;
+        const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);
+        if (age - tolerance > max) {
+            throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');
+        }
+        if (age < 0 - tolerance) {
+            throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');
+        }
+    }
+    return payload;
+}
+export class JWTClaimsBuilder {
+    #payload;
+    constructor(payload) {
+        if (!isObject(payload)) {
+            throw new TypeError('JWT Claims Set MUST be an object');
+        }
+        this.#payload = structuredClone(payload);
+    }
+    data() {
+        return encoder.encode(JSON.stringify(this.#payload));
+    }
+    get iss() {
+        return this.#payload.iss;
+    }
+    set iss(value) {
+        this.#payload.iss = value;
+    }
+    get sub() {
+        return this.#payload.sub;
+    }
+    set sub(value) {
+        this.#payload.sub = value;
+    }
+    get aud() {
+        return this.#payload.aud;
+    }
+    set aud(value) {
+        this.#payload.aud = value;
+    }
+    set jti(value) {
+        this.#payload.jti = value;
+    }
+    set nbf(value) {
+        if (typeof value === 'number') {
+            this.#payload.nbf = validateInput('setNotBefore', value);
+        }
+        else if (value instanceof Date) {
+            this.#payload.nbf = validateInput('setNotBefore', epoch(value));
+        }
+        else {
+            this.#payload.nbf = epoch(new Date()) + secs(value);
+        }
+    }
+    set exp(value) {
+        if (typeof value === 'number') {
+            this.#payload.exp = validateInput('setExpirationTime', value);
+        }
+        else if (value instanceof Date) {
+            this.#payload.exp = validateInput('setExpirationTime', epoch(value));
+        }
+        else {
+            this.#payload.exp = epoch(new Date()) + secs(value);
+        }
+    }
+    set iat(value) {
+        if (value === undefined) {
+            this.#payload.iat = epoch(new Date());
+        }
+        else if (value instanceof Date) {
+            this.#payload.iat = validateInput('setIssuedAt', epoch(value));
+        }
+        else if (typeof value === 'string') {
+            this.#payload.iat = validateInput('setIssuedAt', epoch(new Date()) + secs(value));
+        }
+        else {
+            this.#payload.iat = validateInput('setIssuedAt', value);
+        }
+    }
+}