@sphereon/ssi-sdk-ext.key-utils 0.23.1-unstable.49 → 0.23.1-unstable.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/x509/rsa-key.d.ts.map +1 -1
- package/dist/x509/rsa-key.js +26 -8
- package/dist/x509/rsa-key.js.map +1 -1
- package/dist/x509/rsa-signer.d.ts.map +1 -1
- package/dist/x509/rsa-signer.js +10 -6
- package/dist/x509/rsa-signer.js.map +1 -1
- package/package.json +2 -3
- package/src/x509/rsa-key.ts +21 -2
- package/src/x509/rsa-signer.ts +10 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rsa-key.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rsa-key.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAG9B,MAAM,MAAM,mBAAmB,GAAG,mBAAmB,GAAG,SAAS,CAAA;AAEjE,MAAM,MAAM,oBAAoB,GAAG,kBAAkB,GAAG,YAAY,CAAA;AA2BpE,eAAO,MAAM,+BAA+B,eAAgB,MAAM;;;CAajE,CAAA;AAED,eAAO,MAAM,wBAAwB,QAC9B,GAAG,UACA,oBAAoB,GAAG,mBAAmB,kBAClC,aAAa,KAC5B,QAAQ,SAAS,CAKnB,CAAA;AAED,eAAO,MAAM,mBAAmB,WACtB,oBAAoB,GAAG,mBAAmB,kBAClC,aAAa,kBACb,MAAM,KACrB,QAAQ,MAAM,CAgBhB,CAAA"}
|
package/dist/x509/rsa-key.js
CHANGED
|
@@ -31,17 +31,35 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
31
31
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
32
32
|
});
|
|
33
33
|
};
|
|
34
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
35
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
36
|
-
};
|
|
37
34
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
38
35
|
exports.generateRSAKeyAsPEM = exports.cryptoSubtleImportRSAKey = exports.signAlgorithmToSchemeAndHashAlg = void 0;
|
|
39
|
-
const isomorphic_webcrypto_1 = __importDefault(require("@sphereon/isomorphic-webcrypto"));
|
|
40
36
|
const u8a = __importStar(require("uint8arrays"));
|
|
41
37
|
const x509_utils_1 = require("./x509-utils");
|
|
42
38
|
const usage = (jwk) => {
|
|
39
|
+
var _a, _b, _c, _d;
|
|
40
|
+
if (jwk.key_ops && jwk.key_ops.length > 0) {
|
|
41
|
+
return jwk.key_ops;
|
|
42
|
+
}
|
|
43
|
+
if (jwk.use) {
|
|
44
|
+
const usages = [];
|
|
45
|
+
if (jwk.use.includes('sig')) {
|
|
46
|
+
usages.push('sign', 'verify');
|
|
47
|
+
}
|
|
48
|
+
else if (jwk.use.includes('enc')) {
|
|
49
|
+
usages.push('encrypt', 'decrypt');
|
|
50
|
+
}
|
|
51
|
+
if (usages.length > 0) {
|
|
52
|
+
return usages;
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
if (jwk.kty === 'RSA') {
|
|
56
|
+
if (jwk.d) {
|
|
57
|
+
return ((_b = (_a = jwk.alg) === null || _a === void 0 ? void 0 : _a.toUpperCase()) === null || _b === void 0 ? void 0 : _b.includes('QAEP')) ? ['encrypt'] : ['sign'];
|
|
58
|
+
}
|
|
59
|
+
return ((_d = (_c = jwk.alg) === null || _c === void 0 ? void 0 : _c.toUpperCase()) === null || _d === void 0 ? void 0 : _d.includes('QAEP')) ? ['decrypt'] : ['verify'];
|
|
60
|
+
}
|
|
43
61
|
// "decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey";
|
|
44
|
-
return jwk.d ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify'
|
|
62
|
+
return jwk.d && jwk.kty !== 'RSA' ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify'];
|
|
45
63
|
};
|
|
46
64
|
const signAlgorithmToSchemeAndHashAlg = (signingAlg) => {
|
|
47
65
|
const alg = signingAlg.toUpperCase();
|
|
@@ -62,7 +80,7 @@ exports.signAlgorithmToSchemeAndHashAlg = signAlgorithmToSchemeAndHashAlg;
|
|
|
62
80
|
const cryptoSubtleImportRSAKey = (jwk, scheme, hashAlgorithm) => __awaiter(void 0, void 0, void 0, function* () {
|
|
63
81
|
const hashName = hashAlgorithm ? hashAlgorithm : jwk.alg ? `SHA-${jwk.alg.substring(2)}` : 'SHA-256';
|
|
64
82
|
const importParams = { name: scheme, hash: hashName };
|
|
65
|
-
return yield
|
|
83
|
+
return yield crypto.subtle.importKey('jwk', jwk, importParams, false, usage(jwk));
|
|
66
84
|
});
|
|
67
85
|
exports.cryptoSubtleImportRSAKey = cryptoSubtleImportRSAKey;
|
|
68
86
|
const generateRSAKeyAsPEM = (scheme, hashAlgorithm, modulusLength) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -74,8 +92,8 @@ const generateRSAKeyAsPEM = (scheme, hashAlgorithm, modulusLength) => __awaiter(
|
|
|
74
92
|
publicExponent: new Uint8Array([1, 0, 1]),
|
|
75
93
|
};
|
|
76
94
|
const keyUsage = scheme === 'RSA-PSS' || scheme === 'RSASSA-PKCS1-V1_5' ? ['sign', 'verify'] : ['encrypt', 'decrypt'];
|
|
77
|
-
const keypair = yield
|
|
78
|
-
const pkcs8 = yield
|
|
95
|
+
const keypair = yield crypto.subtle.generateKey(params, true, keyUsage);
|
|
96
|
+
const pkcs8 = yield crypto.subtle.exportKey('pkcs8', keypair.privateKey);
|
|
79
97
|
const uint8Array = new Uint8Array(pkcs8);
|
|
80
98
|
return (0, x509_utils_1.base64ToPEM)(u8a.toString(uint8Array, 'base64pad'), 'RSA PRIVATE KEY');
|
|
81
99
|
});
|
package/dist/x509/rsa-key.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rsa-key.js","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rsa-key.js","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAGlC,6CAA0C;AAM1C,MAAM,KAAK,GAAG,CAAC,GAAQ,EAAc,EAAE;;IACrC,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,OAAO,GAAG,CAAC,OAAqB,CAAA;IAClC,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,MAAM,MAAM,GAAe,EAAE,CAAA;QAC7B,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;QAC/B,CAAC;aAAM,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACnC,CAAC;QACD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,MAAM,CAAA;QACf,CAAC;IACH,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;QACtB,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC;YACV,OAAO,CAAA,MAAA,MAAA,GAAG,CAAC,GAAG,0CAAE,WAAW,EAAE,0CAAE,QAAQ,CAAC,MAAM,CAAC,EAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;QAC1E,CAAC;QACD,OAAO,CAAA,MAAA,MAAA,GAAG,CAAC,GAAG,0CAAE,WAAW,EAAE,0CAAE,QAAQ,CAAC,MAAM,CAAC,EAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IAC5E,CAAC;IACD,oGAAoG;IACpG,OAAO,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;AAC3F,CAAC,CAAA;AAEM,MAAM,+BAA+B,GAAG,CAAC,UAAkB,EAAE,EAAE;IACpE,MAAM,GAAG,GAAG,UAAU,CAAC,WAAW,EAAE,CAAA;IACpC,IAAI,MAAkD,CAAA;IACtD,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,MAAM,GAAG,mBAAmB,CAAA;IAC9B,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,MAAM,GAAG,SAAS,CAAA;IACpB,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,CAAC,sCAAsC,UAAU,EAAE,CAAC,CAAA;IACjE,CAAC;IAED,MAAM,aAAa,GAAG,OAAO,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAmB,CAAA;IAChE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAA;AAClC,CAAC,CAAA;AAbY,QAAA,+BAA+B,mCAa3C;AAEM,MAAM,wBAAwB,GAAG,CACtC,GAAQ,EACR,MAAkD,EAClD,aAA6B,EACT,EAAE;IACtB,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;IAEpG,MAAM,YAAY,GAA0B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;IAC5E,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAiB,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAA;AACjG,CAAC,CAAA,CAAA;AATY,QAAA,wBAAwB,4BASpC;AAEM,MAAM,mBAAmB,GAAG,CACjC,MAAkD,EAClD,aAA6B,EAC7B,aAAsB,EACL,EAAE;IACnB,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAA;IAE1D,MAAM,MAAM,GAA0B;QACpC,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,QAAQ;QACd,aAAa,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI;QACnD,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;KAC1C,CAAA;IACD,MAAM,QAAQ,GAAe,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,mBAAmB,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAEjI,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;IACvE,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;IAExE,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAA;IACxC,OAAO,IAAA,wBAAW,EAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW,CAAC,EAAE,iBAAiB,CAAC,CAAA;AAC9E,CAAC,CAAA,CAAA;AApBY,QAAA,mBAAmB,uBAoB/B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rsa-signer.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rsa-signer.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,EAAE,GAAG,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAC7C,OAAO,EAA4B,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA;AAG/F,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAe;IAC7C,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAK;IAEzB,OAAO,CAAC,GAAG,CAAuB;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA4C;IAEnE;;;;OAIG;gBAED,GAAG,EAAE,MAAM,GAAG,GAAG,EACjB,IAAI,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,aAAa,CAAC;QAAC,MAAM,CAAC,EAAE,oBAAoB,GAAG,mBAAmB,CAAC;QAAC,UAAU,CAAC,EAAE,aAAa,CAAA;KAAE;IAY3H,OAAO,CAAC,eAAe;YAQT,MAAM;IAOpB,OAAO,CAAC,cAAc;IAKT,IAAI,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAYvC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAgBpF"}
|
package/dist/x509/rsa-signer.js
CHANGED
|
@@ -31,13 +31,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
31
31
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
32
32
|
});
|
|
33
33
|
};
|
|
34
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
35
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
36
|
-
};
|
|
37
34
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
38
35
|
exports.RSASigner = void 0;
|
|
39
36
|
const u8a = __importStar(require("uint8arrays"));
|
|
40
|
-
const isomorphic_webcrypto_1 = __importDefault(require("@sphereon/isomorphic-webcrypto"));
|
|
41
37
|
const rsa_key_1 = require("./rsa-key");
|
|
42
38
|
const x509_utils_1 = require("./x509-utils");
|
|
43
39
|
class RSASigner {
|
|
@@ -80,7 +76,7 @@ class RSASigner {
|
|
|
80
76
|
return __awaiter(this, void 0, void 0, function* () {
|
|
81
77
|
const input = data;
|
|
82
78
|
const key = yield this.getKey();
|
|
83
|
-
const signature = this.bufferToString(yield
|
|
79
|
+
const signature = this.bufferToString(yield crypto.subtle.sign(this.getImportParams(), key, input));
|
|
84
80
|
if (!signature) {
|
|
85
81
|
throw Error('Could not sign input data');
|
|
86
82
|
}
|
|
@@ -92,7 +88,15 @@ class RSASigner {
|
|
|
92
88
|
return __awaiter(this, void 0, void 0, function* () {
|
|
93
89
|
const jws = signature.includes('.') ? signature.split('.')[2] : signature;
|
|
94
90
|
const input = typeof data == 'string' ? u8a.fromString(data, 'utf-8') : data;
|
|
95
|
-
|
|
91
|
+
let key = yield this.getKey();
|
|
92
|
+
if (!key.usages.includes('verify')) {
|
|
93
|
+
const verifyJwk = Object.assign({}, this.jwk);
|
|
94
|
+
delete verifyJwk.d;
|
|
95
|
+
delete verifyJwk.use;
|
|
96
|
+
delete verifyJwk.key_ops;
|
|
97
|
+
key = yield (0, rsa_key_1.cryptoSubtleImportRSAKey)(verifyJwk, this.scheme, this.hashAlgorithm);
|
|
98
|
+
}
|
|
99
|
+
const verificationResult = yield crypto.subtle.verify(this.getImportParams(), key, u8a.fromString(jws, 'base64url'), input);
|
|
96
100
|
return verificationResult;
|
|
97
101
|
});
|
|
98
102
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rsa-signer.js","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rsa-signer.js","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAGlC,uCAA+F;AAC/F,6CAAuC;AAEvC,MAAa,SAAS;IAOpB;;;;OAIG;IACH,YACE,GAAiB,EACjB,IAAyH;;QAEzH,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,GAAG,GAAG,IAAA,qBAAQ,EAAC,GAAG,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,CAAC,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,GAAG,GAAG,CAAA;QAChB,CAAC;QAED,IAAI,CAAC,aAAa,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,aAAa,mCAAI,SAAS,CAAA;QACrD,IAAI,CAAC,MAAM,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,mCAAI,SAAS,CAAA;IACzC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC9B,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,CAAA;QAC9C,CAAC;QACD,oEAAoE;QACpE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,CAAA;IAC7D,CAAC;IAEa,MAAM;;YAClB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;gBACd,IAAI,CAAC,GAAG,GAAG,MAAM,IAAA,kCAAwB,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAA;YACtF,CAAC;YACD,OAAO,IAAI,CAAC,GAAG,CAAA;QACjB,CAAC;KAAA;IAEO,cAAc,CAAC,GAAgB;QACrC,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAA;QACtC,OAAO,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW,CAAC,CAAA,CAAC,gEAAgE;IAC/G,CAAC;IAEY,IAAI,CAAC,IAAgB;;YAChC,MAAM,KAAK,GAAG,IAAI,CAAA;YAClB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;YAC/B,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAA;YACnG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,KAAK,CAAC,2BAA2B,CAAC,CAAA;YAC1C,CAAC;YAED,uBAAuB;YACvB,OAAO,SAAS,CAAA;QAClB,CAAC;KAAA;IAEY,MAAM,CAAC,IAAyB,EAAE,SAAiB;;YAC9D,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAEzE,MAAM,KAAK,GAAG,OAAO,IAAI,IAAI,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YAE5E,IAAI,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;YAC7B,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACnC,MAAM,SAAS,qBAAQ,IAAI,CAAC,GAAG,CAAE,CAAA;gBACjC,OAAO,SAAS,CAAC,CAAC,CAAA;gBAClB,OAAO,SAAS,CAAC,GAAG,CAAA;gBACpB,OAAO,SAAS,CAAC,OAAO,CAAA;gBACxB,GAAG,GAAG,MAAM,IAAA,kCAAwB,EAAC,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAA;YAClF,CAAC;YACD,MAAM,kBAAkB,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,KAAK,CAAC,CAAA;YAC3H,OAAO,kBAAkB,CAAA;QAC3B,CAAC;KAAA;CACF;AA1ED,8BA0EC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk-ext.key-utils",
|
|
3
3
|
"description": "Sphereon SSI-SDK plugin for key creation.",
|
|
4
|
-
"version": "0.23.1-unstable.
|
|
4
|
+
"version": "0.23.1-unstable.57+dc6fdd9",
|
|
5
5
|
"source": "src/index.ts",
|
|
6
6
|
"main": "dist/index.js",
|
|
7
7
|
"types": "dist/index.d.ts",
|
|
@@ -11,7 +11,6 @@
|
|
|
11
11
|
},
|
|
12
12
|
"dependencies": {
|
|
13
13
|
"@ethersproject/random": "^5.7.0",
|
|
14
|
-
"@sphereon/isomorphic-webcrypto": "2.4.1-unstable.0",
|
|
15
14
|
"@stablelib/ed25519": "^1.0.3",
|
|
16
15
|
"@stablelib/sha256": "^1.0.1",
|
|
17
16
|
"@stablelib/sha512": "^1.0.1",
|
|
@@ -47,5 +46,5 @@
|
|
|
47
46
|
"DID",
|
|
48
47
|
"Veramo"
|
|
49
48
|
],
|
|
50
|
-
"gitHead": "
|
|
49
|
+
"gitHead": "dc6fdd94271ca935bbd91dd1edb6bda529a66f91"
|
|
51
50
|
}
|
package/src/x509/rsa-key.ts
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import crypto from '@sphereon/isomorphic-webcrypto'
|
|
2
1
|
import * as u8a from 'uint8arrays'
|
|
3
2
|
import { HashAlgorithm } from '../digest-methods'
|
|
4
3
|
import { JWK } from '../types'
|
|
@@ -9,8 +8,28 @@ export type RSASignatureSchemes = 'RSASSA-PKCS1-V1_5' | 'RSA-PSS'
|
|
|
9
8
|
export type RSAEncryptionSchemes = 'RSAES-PKCS-v1_5 ' | 'RSAES-OAEP'
|
|
10
9
|
|
|
11
10
|
const usage = (jwk: JWK): KeyUsage[] => {
|
|
11
|
+
if (jwk.key_ops && jwk.key_ops.length > 0) {
|
|
12
|
+
return jwk.key_ops as KeyUsage[]
|
|
13
|
+
}
|
|
14
|
+
if (jwk.use) {
|
|
15
|
+
const usages: KeyUsage[] = []
|
|
16
|
+
if (jwk.use.includes('sig')) {
|
|
17
|
+
usages.push('sign', 'verify')
|
|
18
|
+
} else if (jwk.use.includes('enc')) {
|
|
19
|
+
usages.push('encrypt', 'decrypt')
|
|
20
|
+
}
|
|
21
|
+
if (usages.length > 0) {
|
|
22
|
+
return usages
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
if (jwk.kty === 'RSA') {
|
|
26
|
+
if (jwk.d) {
|
|
27
|
+
return jwk.alg?.toUpperCase()?.includes('QAEP') ? ['encrypt'] : ['sign']
|
|
28
|
+
}
|
|
29
|
+
return jwk.alg?.toUpperCase()?.includes('QAEP') ? ['decrypt'] : ['verify']
|
|
30
|
+
}
|
|
12
31
|
// "decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey";
|
|
13
|
-
return jwk.d ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify'
|
|
32
|
+
return jwk.d && jwk.kty !== 'RSA' ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify']
|
|
14
33
|
}
|
|
15
34
|
|
|
16
35
|
export const signAlgorithmToSchemeAndHashAlg = (signingAlg: string) => {
|
package/src/x509/rsa-signer.ts
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import * as u8a from 'uint8arrays'
|
|
2
|
-
import crypto from '@sphereon/isomorphic-webcrypto'
|
|
3
2
|
import { HashAlgorithm } from '../digest-methods'
|
|
4
3
|
import { JWK, KeyVisibility } from '../types'
|
|
5
4
|
import { cryptoSubtleImportRSAKey, RSAEncryptionSchemes, RSASignatureSchemes } from './rsa-key'
|
|
@@ -67,7 +66,16 @@ export class RSASigner {
|
|
|
67
66
|
const jws = signature.includes('.') ? signature.split('.')[2] : signature
|
|
68
67
|
|
|
69
68
|
const input = typeof data == 'string' ? u8a.fromString(data, 'utf-8') : data
|
|
70
|
-
|
|
69
|
+
|
|
70
|
+
let key = await this.getKey()
|
|
71
|
+
if (!key.usages.includes('verify')) {
|
|
72
|
+
const verifyJwk = { ...this.jwk }
|
|
73
|
+
delete verifyJwk.d
|
|
74
|
+
delete verifyJwk.use
|
|
75
|
+
delete verifyJwk.key_ops
|
|
76
|
+
key = await cryptoSubtleImportRSAKey(verifyJwk, this.scheme, this.hashAlgorithm)
|
|
77
|
+
}
|
|
78
|
+
const verificationResult = await crypto.subtle.verify(this.getImportParams(), key, u8a.fromString(jws, 'base64url'), input)
|
|
71
79
|
return verificationResult
|
|
72
80
|
}
|
|
73
81
|
}
|