@sphereon/ssi-sdk-ext.jwt-service 0.28.1-feature.esm.cjs.9 → 0.28.1-feature.oyd.cmsm.improv.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent/JwtService.d.ts +17 -0
- package/dist/agent/JwtService.d.ts.map +1 -0
- package/dist/agent/JwtService.js +137 -0
- package/dist/agent/JwtService.js.map +1 -0
- package/dist/functions/JWE.d.ts +75 -0
- package/dist/functions/JWE.d.ts.map +1 -0
- package/dist/functions/JWE.js +280 -0
- package/dist/functions/JWE.js.map +1 -0
- package/dist/functions/index.d.ts +35 -0
- package/dist/functions/index.d.ts.map +1 -0
- package/dist/functions/index.js +385 -0
- package/dist/functions/index.js.map +1 -0
- package/dist/index.d.ts +8 -273
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +30 -14772
- package/dist/index.js.map +1 -1
- package/dist/tsdoc-metadata.json +1 -1
- package/dist/types/IJwtService.d.ts +222 -0
- package/dist/types/IJwtService.d.ts.map +1 -0
- package/dist/types/IJwtService.js +75 -0
- package/dist/types/IJwtService.js.map +1 -0
- package/package.json +22 -34
- package/plugin.schema.json +4315 -12439
- package/src/agent/JwtService.ts +3 -6
- package/src/functions/JWE.ts +4 -10
- package/src/functions/index.ts +3 -5
- package/dist/index.cjs +0 -14774
- package/dist/index.cjs.map +0 -1
- package/dist/index.d.cts +0 -278
package/src/agent/JwtService.ts
CHANGED
|
@@ -2,10 +2,7 @@ import { IAgentPlugin } from '@veramo/core'
|
|
|
2
2
|
import debug from 'debug'
|
|
3
3
|
import { importJWK } from 'jose'
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
import { fromString } from 'uint8arrays/from-string'
|
|
7
|
-
// @ts-ignore
|
|
8
|
-
import { toString } from 'uint8arrays/to-string'
|
|
5
|
+
import * as u8a from 'uint8arrays'
|
|
9
6
|
import {
|
|
10
7
|
createJwsCompact,
|
|
11
8
|
CreateJwsCompactArgs,
|
|
@@ -91,9 +88,9 @@ export class JwtService implements IAgentPlugin {
|
|
|
91
88
|
return Promise.reject(Error(`Currently only ECDH-ES is supported for encryption. JWK alg ${jwkInfo.jwk.kty}, header alg ${alg}`)) // TODO: Probably we support way more already
|
|
92
89
|
}
|
|
93
90
|
const apuVal = protectedHeader.apu ?? args.apu
|
|
94
|
-
const apu = apuVal ? fromString(apuVal, 'base64url') : undefined
|
|
91
|
+
const apu = apuVal ? u8a.fromString(apuVal, 'base64url') : undefined
|
|
95
92
|
const apvVal = protectedHeader.apv ?? args.apv
|
|
96
|
-
const apv = apvVal ? fromString(apvVal, 'base64url') : undefined
|
|
93
|
+
const apv = apvVal ? u8a.fromString(apvVal, 'base64url') : undefined
|
|
97
94
|
|
|
98
95
|
const pubKey = await importJWK(jwkInfo.jwk)
|
|
99
96
|
const encrypter = new CompactJwtEncrypter({
|
package/src/functions/JWE.ts
CHANGED
|
@@ -2,14 +2,8 @@ import { defaultRandomSource, randomBytes, RandomSource } from '@stablelib/rando
|
|
|
2
2
|
import { base64ToBytes, bytesToBase64url, decodeBase64url } from '@veramo/utils'
|
|
3
3
|
import * as jose from 'jose'
|
|
4
4
|
import { JWEKeyManagementHeaderParameters, JWTDecryptOptions } from 'jose'
|
|
5
|
-
// @ts-ignore
|
|
6
5
|
import type { KeyLike } from 'jose/dist/types/types'
|
|
7
|
-
|
|
8
|
-
import { fromString } from 'uint8arrays/from-string'
|
|
9
|
-
// @ts-ignore
|
|
10
|
-
import { toString } from 'uint8arrays/to-string'
|
|
11
|
-
// @ts-ignore
|
|
12
|
-
import { concat } from 'uint8arrays/concat'
|
|
6
|
+
import * as u8a from 'uint8arrays'
|
|
13
7
|
import {
|
|
14
8
|
JweAlg,
|
|
15
9
|
JweAlgs,
|
|
@@ -243,7 +237,7 @@ export class CompactJwtEncrypter implements JweEncrypter {
|
|
|
243
237
|
}
|
|
244
238
|
|
|
245
239
|
async encrypt(payload: Uint8Array, jweProtectedHeader: JweProtectedHeader, aad?: Uint8Array | undefined): Promise<EncryptionResult> {
|
|
246
|
-
const jwt = await this.encryptCompactJWT(JSON.parse(toString(payload)), jweProtectedHeader, aad)
|
|
240
|
+
const jwt = await this.encryptCompactJWT(JSON.parse(u8a.toString(payload)), jweProtectedHeader, aad)
|
|
247
241
|
const [protectedHeader, encryptedKey, ivB64, payloadB64, tagB64] = jwt.split('.')
|
|
248
242
|
//[jwe.protected, jwe.encrypted_key, jwe.iv, jwe.ciphertext, jwe.tag].join('.');
|
|
249
243
|
console.log(`FIXME: TO EncryptionResult`)
|
|
@@ -341,7 +335,7 @@ export async function decryptJwe(jwe: JweJsonGeneral, decrypter: JweDecrypter):
|
|
|
341
335
|
return Promise.reject(Error(`Decrypter enc '${decrypter.enc}' does not support header enc '${protectedHeader.enc}'`))
|
|
342
336
|
}
|
|
343
337
|
const sealed = toWebCryptoCiphertext(jwe.ciphertext, jwe.tag)
|
|
344
|
-
const aad = fromString(jwe.aad ? `${jwe.protected}.${jwe.aad}` : jwe.protected)
|
|
338
|
+
const aad = u8a.fromString(jwe.aad ? `${jwe.protected}.${jwe.aad}` : jwe.protected)
|
|
345
339
|
let cleartext = null
|
|
346
340
|
if (protectedHeader.alg === 'dir' && decrypter.alg === 'dir') {
|
|
347
341
|
cleartext = await decrypter.decrypt(sealed, base64ToBytes(jwe.iv), aad)
|
|
@@ -361,5 +355,5 @@ export async function decryptJwe(jwe: JweJsonGeneral, decrypter: JweDecrypter):
|
|
|
361
355
|
}
|
|
362
356
|
|
|
363
357
|
export function toWebCryptoCiphertext(ciphertext: string, tag: string): Uint8Array {
|
|
364
|
-
return concat([base64ToBytes(ciphertext), base64ToBytes(tag)])
|
|
358
|
+
return u8a.concat([base64ToBytes(ciphertext), base64ToBytes(tag)])
|
|
365
359
|
}
|
package/src/functions/index.ts
CHANGED
|
@@ -13,9 +13,7 @@ import { verifyRawSignature } from '@sphereon/ssi-sdk-ext.key-utils'
|
|
|
13
13
|
import { JWK } from '@sphereon/ssi-types'
|
|
14
14
|
import { IAgentContext } from '@veramo/core'
|
|
15
15
|
import { base64ToBytes, bytesToBase64url, decodeJoseBlob, encodeJoseBlob } from '@veramo/utils'
|
|
16
|
-
|
|
17
|
-
import { fromString } from 'uint8arrays/from-string'
|
|
18
|
-
|
|
16
|
+
import * as u8a from 'uint8arrays'
|
|
19
17
|
import {
|
|
20
18
|
CreateJwsCompactArgs,
|
|
21
19
|
CreateJwsFlattenedArgs,
|
|
@@ -43,7 +41,7 @@ import {
|
|
|
43
41
|
const payloadToBytes = (payload: string | JwsPayload | Uint8Array): Uint8Array => {
|
|
44
42
|
const isBytes = payload instanceof Uint8Array
|
|
45
43
|
const isString = typeof payload === 'string'
|
|
46
|
-
return isBytes ? payload : isString ? fromString(payload, 'base64url') : fromString(JSON.stringify(payload), 'utf-8')
|
|
44
|
+
return isBytes ? payload : isString ? u8a.fromString(payload, 'base64url') : u8a.fromString(JSON.stringify(payload), 'utf-8')
|
|
47
45
|
}
|
|
48
46
|
|
|
49
47
|
export const prepareJwsObject = async (args: CreateJwsJsonArgs, context: IRequiredContext): Promise<PreparedJwsObject> => {
|
|
@@ -314,7 +312,7 @@ export const verifyJws = async (args: VerifyJwsArgs, context: IAgentContext<IIde
|
|
|
314
312
|
// If we have a specific KMS agent plugin that can do the verification prefer that over the generic verification
|
|
315
313
|
index++
|
|
316
314
|
let valid: boolean
|
|
317
|
-
const data = fromString(`${sigWithId.protected}.${jws.payload}`, 'utf-8')
|
|
315
|
+
const data = u8a.fromString(`${sigWithId.protected}.${jws.payload}`, 'utf-8')
|
|
318
316
|
const jwkInfo = sigWithId.identifier.jwks[0]
|
|
319
317
|
/* if (sigWithId.header?.alg === 'RSA' && contextHasPlugin(context, 'keyManagerVerify')) {
|
|
320
318
|
const publicKeyHex = jwkTtoPublicKeyHex(jwkInfo.jwk)
|