better-auth 1.7.0-beta.2 → 1.7.0-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -15
- package/dist/_virtual/_rolldown/runtime.mjs +10 -1
- package/dist/api/index.d.mts +18 -48
- package/dist/api/routes/account.d.mts +4 -23
- package/dist/api/routes/account.mjs +102 -75
- package/dist/api/routes/callback.mjs +42 -20
- package/dist/api/routes/email-verification.d.mts +1 -0
- package/dist/api/routes/email-verification.mjs +6 -5
- package/dist/api/routes/error.mjs +1 -1
- package/dist/api/routes/password.mjs +1 -1
- package/dist/api/routes/session.mjs +15 -10
- package/dist/api/routes/sign-in.d.mts +3 -1
- package/dist/api/routes/sign-in.mjs +13 -15
- package/dist/api/routes/sign-up.d.mts +1 -0
- package/dist/api/routes/sign-up.mjs +10 -8
- package/dist/api/routes/update-user.mjs +8 -8
- package/dist/api/to-auth-endpoints.mjs +7 -1
- package/dist/auth/base.mjs +30 -27
- package/dist/client/config.mjs +8 -1
- package/dist/client/fetch-plugins.mjs +2 -1
- package/dist/client/index.d.mts +2 -2
- package/dist/client/lynx/index.d.mts +13 -0
- package/dist/client/lynx/index.mjs +2 -1
- package/dist/client/parser.mjs +0 -1
- package/dist/client/plugins/index.d.mts +4 -17
- package/dist/client/plugins/index.mjs +1 -4
- package/dist/client/proxy.mjs +2 -1
- package/dist/client/react/index.d.mts +13 -0
- package/dist/client/react/index.mjs +2 -1
- package/dist/client/session-atom.mjs +12 -1
- package/dist/client/solid/index.d.mts +13 -0
- package/dist/client/solid/index.mjs +3 -2
- package/dist/client/svelte/index.d.mts +13 -0
- package/dist/client/svelte/index.mjs +2 -1
- package/dist/client/vanilla.d.mts +13 -0
- package/dist/client/vanilla.mjs +2 -1
- package/dist/client/vue/index.d.mts +13 -0
- package/dist/client/vue/index.mjs +2 -1
- package/dist/context/create-context.mjs +10 -14
- package/dist/context/helpers.mjs +3 -2
- package/dist/cookies/cookie-utils.d.mts +33 -1
- package/dist/cookies/cookie-utils.mjs +95 -14
- package/dist/cookies/index.d.mts +2 -3
- package/dist/cookies/index.mjs +39 -11
- package/dist/cookies/session-store.mjs +4 -23
- package/dist/db/get-migration.mjs +4 -4
- package/dist/db/index.d.mts +2 -2
- package/dist/db/index.mjs +3 -2
- package/dist/db/internal-adapter.mjs +129 -27
- package/dist/db/schema.d.mts +14 -1
- package/dist/db/schema.mjs +26 -1
- package/dist/db/with-hooks.d.mts +1 -0
- package/dist/db/with-hooks.mjs +58 -1
- package/dist/index.d.mts +2 -2
- package/dist/index.mjs +2 -2
- package/dist/integrations/cookie-plugin-guard.mjs +18 -0
- package/dist/integrations/next-js.mjs +6 -0
- package/dist/integrations/svelte-kit.mjs +6 -0
- package/dist/integrations/tanstack-start-solid.mjs +6 -0
- package/dist/integrations/tanstack-start.mjs +6 -0
- package/dist/node_modules/.pnpm/clipboardy@4.0.0/node_modules/clipboardy/index.mjs +32 -0
- package/dist/node_modules/.pnpm/clipboardy@4.0.0/node_modules/clipboardy/lib/linux.mjs +55 -0
- package/dist/node_modules/.pnpm/clipboardy@4.0.0/node_modules/clipboardy/lib/macos.mjs +26 -0
- package/dist/node_modules/.pnpm/clipboardy@4.0.0/node_modules/clipboardy/lib/termux.mjs +39 -0
- package/dist/node_modules/.pnpm/clipboardy@4.0.0/node_modules/clipboardy/lib/windows.mjs +19 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/chunks/prompt.mjs +845 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/core.mjs +386 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/index.mjs +320 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/shared/consola.DRwqZj3T.mjs +62 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/shared/consola.DXBYu-KD.mjs +190 -0
- package/dist/node_modules/.pnpm/consola@3.4.2/node_modules/consola/dist/utils.mjs +2 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/index.mjs +29 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/lib/enoent.mjs +42 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/lib/parse.mjs +67 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/lib/util/escape.mjs +23 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/lib/util/readShebang.mjs +22 -0
- package/dist/node_modules/.pnpm/cross-spawn@7.0.6/node_modules/cross-spawn/lib/util/resolveCommand.mjs +36 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/adapters/node.d.mts +292 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/adapters/node.mjs +127 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/index.d.mts +145 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/shared/crossws.BQXMA5bH.d.mts +298 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/shared/crossws.By9qWDAI.mjs +9 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/shared/crossws.CipVM6lf.mjs +3549 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/shared/crossws.D9ehKjSh.mjs +66 -0
- package/dist/node_modules/.pnpm/crossws@0.3.5/node_modules/crossws/dist/shared/crossws.DfCzGthR.mjs +227 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/index.mjs +224 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/command.mjs +52 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/error.mjs +54 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/kill.mjs +62 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/pipe.mjs +26 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/promise.mjs +32 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/stdio.mjs +19 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/stream.mjs +98 -0
- package/dist/node_modules/.pnpm/execa@8.0.1/node_modules/execa/lib/verbose.mjs +15 -0
- package/dist/node_modules/.pnpm/get-port-please@3.2.0/node_modules/get-port-please/dist/index.d.mts +15 -0
- package/dist/node_modules/.pnpm/get-port-please@3.2.0/node_modules/get-port-please/dist/index.mjs +220 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/array-buffer.mjs +54 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/array.mjs +2 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/buffer.mjs +14 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/contents.mjs +76 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/index.mjs +6 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/string.mjs +35 -0
- package/dist/node_modules/.pnpm/get-stream@8.0.1/node_modules/get-stream/source/utils.mjs +10 -0
- package/dist/node_modules/.pnpm/http-shutdown@1.2.2/node_modules/http-shutdown/index.mjs +76 -0
- package/dist/node_modules/.pnpm/human-signals@5.0.0/node_modules/human-signals/build/src/core.mjs +274 -0
- package/dist/node_modules/.pnpm/human-signals@5.0.0/node_modules/human-signals/build/src/main.mjs +44 -0
- package/dist/node_modules/.pnpm/human-signals@5.0.0/node_modules/human-signals/build/src/realtime.mjs +15 -0
- package/dist/node_modules/.pnpm/human-signals@5.0.0/node_modules/human-signals/build/src/signals.mjs +23 -0
- package/dist/node_modules/.pnpm/is-docker@3.0.0/node_modules/is-docker/index.mjs +24 -0
- package/dist/node_modules/.pnpm/is-inside-container@1.0.0/node_modules/is-inside-container/index.mjs +18 -0
- package/dist/node_modules/.pnpm/is-stream@3.0.0/node_modules/is-stream/index.mjs +9 -0
- package/dist/node_modules/.pnpm/is-wsl@3.1.1/node_modules/is-wsl/index.mjs +20 -0
- package/dist/node_modules/.pnpm/is64bit@2.0.0/node_modules/is64bit/index.mjs +13 -0
- package/dist/node_modules/.pnpm/isexe@2.0.0/node_modules/isexe/index.mjs +47 -0
- package/dist/node_modules/.pnpm/isexe@2.0.0/node_modules/isexe/mode.mjs +33 -0
- package/dist/node_modules/.pnpm/isexe@2.0.0/node_modules/isexe/windows.mjs +33 -0
- package/dist/node_modules/.pnpm/listhen@1.9.0/node_modules/listhen/dist/chunks/xdg-open.mjs +1070 -0
- package/dist/node_modules/.pnpm/listhen@1.9.0/node_modules/listhen/dist/index.mjs +619 -0
- package/dist/node_modules/.pnpm/listhen@1.9.0/node_modules/listhen/dist/shared/listhen.1c46e31d.d.mts +83 -0
- package/dist/node_modules/.pnpm/merge-stream@2.0.0/node_modules/merge-stream/index.mjs +38 -0
- package/dist/node_modules/.pnpm/mimic-fn@4.0.0/node_modules/mimic-fn/index.mjs +38 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/aes.mjs +597 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/aesCipherSuites.mjs +195 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/asn1-validator.mjs +76 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/asn1.mjs +967 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/baseN.mjs +137 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/cipher.mjs +186 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/cipherModes.mjs +597 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/des.mjs +1187 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/ed25519.mjs +1029 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/forge.mjs +15 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/hmac.mjs +107 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/index.mjs +66 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/jsbn.mjs +1334 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/kem.mjs +146 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/log.mjs +241 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/md.all.mjs +24 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/md.mjs +18 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/md5.mjs +324 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/mgf.mjs +20 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/mgf1.mjs +44 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/oids.mjs +154 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pbe.mjs +815 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pbkdf2.mjs +125 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pem.mjs +175 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pkcs1.mjs +200 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pkcs12.mjs +724 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pkcs7.mjs +642 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pkcs7asn1.mjs +405 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pki.mjs +101 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/prime.mjs +193 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/prng.mjs +290 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pss.mjs +141 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/random.mjs +141 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/rc2.mjs +538 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/rsa.mjs +1309 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/sha1.mjs +230 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/sha256.mjs +267 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/sha512.mjs +413 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/ssh.mjs +194 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/tls.mjs +3655 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/util.mjs +2117 -0
- package/dist/node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/x509.mjs +2168 -0
- package/dist/node_modules/.pnpm/npm-run-path@5.3.0/node_modules/npm-run-path/index.mjs +34 -0
- package/dist/node_modules/.pnpm/onetime@6.0.0/node_modules/onetime/index.mjs +26 -0
- package/dist/node_modules/.pnpm/path-key@3.1.1/node_modules/path-key/index.mjs +14 -0
- package/dist/node_modules/.pnpm/path-key@4.0.0/node_modules/path-key/index.mjs +8 -0
- package/dist/node_modules/.pnpm/pathe@1.1.2/node_modules/pathe/dist/shared/pathe.ff20891b.mjs +176 -0
- package/dist/node_modules/.pnpm/shebang-command@2.0.0/node_modules/shebang-command/index.mjs +17 -0
- package/dist/node_modules/.pnpm/shebang-regex@3.0.0/node_modules/shebang-regex/index.mjs +8 -0
- package/dist/node_modules/.pnpm/signal-exit@4.1.0/node_modules/signal-exit/dist/mjs/index.mjs +169 -0
- package/dist/node_modules/.pnpm/signal-exit@4.1.0/node_modules/signal-exit/dist/mjs/signals.mjs +33 -0
- package/dist/node_modules/.pnpm/std-env@3.10.0/node_modules/std-env/dist/index.mjs +171 -0
- package/dist/node_modules/.pnpm/strip-final-newline@3.0.0/node_modules/strip-final-newline/index.mjs +10 -0
- package/dist/node_modules/.pnpm/system-architecture@0.1.0/node_modules/system-architecture/index.mjs +16 -0
- package/dist/node_modules/.pnpm/uncrypto@0.1.3/node_modules/uncrypto/dist/crypto.node.mjs +7 -0
- package/dist/node_modules/.pnpm/untun@0.1.3/node_modules/untun/dist/chunks/index.mjs +154 -0
- package/dist/node_modules/.pnpm/untun@0.1.3/node_modules/untun/dist/index.mjs +34 -0
- package/dist/node_modules/.pnpm/uqr@0.1.2/node_modules/uqr/dist/index.mjs +896 -0
- package/dist/node_modules/.pnpm/which@2.0.2/node_modules/which/which.mjs +76 -0
- package/dist/oauth2/errors.mjs +27 -0
- package/dist/oauth2/index.d.mts +2 -2
- package/dist/oauth2/index.mjs +3 -3
- package/dist/oauth2/link-account.d.mts +27 -1
- package/dist/oauth2/link-account.mjs +30 -5
- package/dist/oauth2/state.mjs +8 -2
- package/dist/{package.mjs → packages/better-auth/package.mjs} +1 -1
- package/dist/plugins/access/access.d.mts +3 -15
- package/dist/plugins/access/access.mjs +11 -6
- package/dist/plugins/access/index.d.mts +2 -2
- package/dist/plugins/access/types.d.mts +11 -4
- package/dist/plugins/admin/access/statement.d.mts +29 -93
- package/dist/plugins/admin/admin.mjs +0 -4
- package/dist/plugins/admin/client.d.mts +6 -1
- package/dist/plugins/admin/client.mjs +5 -0
- package/dist/plugins/admin/routes.mjs +3 -2
- package/dist/plugins/anonymous/client.d.mts +1 -0
- package/dist/plugins/anonymous/error-codes.d.mts +1 -0
- package/dist/plugins/anonymous/error-codes.mjs +1 -0
- package/dist/plugins/anonymous/index.d.mts +1 -0
- package/dist/plugins/anonymous/index.mjs +16 -2
- package/dist/plugins/bearer/index.mjs +5 -12
- package/dist/plugins/captcha/index.mjs +14 -1
- package/dist/plugins/device-authorization/error-codes.mjs +1 -0
- package/dist/plugins/device-authorization/index.d.mts +1 -0
- package/dist/plugins/device-authorization/routes.mjs +34 -3
- package/dist/plugins/email-otp/routes.mjs +4 -4
- package/dist/plugins/generic-oauth/error-codes.mjs +0 -1
- package/dist/plugins/generic-oauth/index.d.mts +2 -4
- package/dist/plugins/generic-oauth/index.mjs +23 -17
- package/dist/plugins/generic-oauth/providers/auth0.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/gumroad.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/hubspot.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/keycloak.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/line.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/microsoft-entra-id.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/okta.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/patreon.mjs +1 -0
- package/dist/plugins/generic-oauth/providers/slack.mjs +1 -0
- package/dist/plugins/generic-oauth/types.d.mts +30 -8
- package/dist/plugins/index.d.mts +2 -2
- package/dist/plugins/jwt/utils.d.mts +1 -1
- package/dist/plugins/last-login-method/client.mjs +2 -2
- package/dist/plugins/magic-link/index.d.mts +8 -1
- package/dist/plugins/magic-link/index.mjs +4 -17
- package/dist/plugins/mcp/authorize.mjs +8 -2
- package/dist/plugins/mcp/index.mjs +75 -35
- package/dist/plugins/multi-session/index.mjs +2 -2
- package/dist/plugins/oauth-proxy/index.mjs +45 -32
- package/dist/plugins/oauth-proxy/utils.mjs +3 -10
- package/dist/plugins/oidc-provider/authorize.mjs +8 -2
- package/dist/plugins/oidc-provider/index.mjs +65 -38
- package/dist/plugins/one-tap/client.mjs +9 -2
- package/dist/plugins/one-tap/index.mjs +19 -36
- package/dist/plugins/open-api/generator.mjs +25 -5
- package/dist/plugins/organization/access/statement.d.mts +68 -201
- package/dist/plugins/organization/adapter.d.mts +1 -1
- package/dist/plugins/organization/adapter.mjs +65 -58
- package/dist/plugins/organization/client.d.mts +3 -1
- package/dist/plugins/organization/client.mjs +1 -1
- package/dist/plugins/organization/error-codes.d.mts +2 -0
- package/dist/plugins/organization/error-codes.mjs +3 -1
- package/dist/plugins/organization/routes/crud-access-control.d.mts +2 -2
- package/dist/plugins/organization/routes/crud-invites.d.mts +8 -1
- package/dist/plugins/organization/routes/crud-invites.mjs +8 -3
- package/dist/plugins/organization/routes/crud-org.d.mts +4 -4
- package/dist/plugins/organization/routes/crud-org.mjs +2 -2
- package/dist/plugins/organization/routes/crud-team.mjs +7 -2
- package/dist/plugins/organization/schema.d.mts +1 -1
- package/dist/plugins/organization/types.d.mts +15 -5
- package/dist/plugins/phone-number/routes.mjs +1 -1
- package/dist/plugins/siwe/client.d.mts +4 -0
- package/dist/plugins/siwe/client.mjs +5 -1
- package/dist/plugins/siwe/index.d.mts +13 -2
- package/dist/plugins/siwe/index.mjs +179 -165
- package/dist/plugins/two-factor/backup-codes/index.d.mts +4 -3
- package/dist/plugins/two-factor/client.mjs +2 -1
- package/dist/plugins/two-factor/index.mjs +3 -2
- package/dist/plugins/username/client.d.mts +1 -0
- package/dist/plugins/username/error-codes.d.mts +1 -0
- package/dist/plugins/username/error-codes.mjs +2 -1
- package/dist/plugins/username/index.d.mts +43 -2
- package/dist/plugins/username/index.mjs +73 -6
- package/dist/state.d.mts +2 -2
- package/dist/state.mjs +18 -4
- package/dist/test-utils/headers.mjs +2 -7
- package/dist/test-utils/http-test-instance.d.mts +397 -0
- package/dist/test-utils/http-test-instance.mjs +54 -0
- package/dist/test-utils/index.d.mts +2 -1
- package/dist/test-utils/index.mjs +2 -1
- package/dist/test-utils/test-instance.d.mts +4110 -224
- package/dist/test-utils/test-instance.mjs +11 -2
- package/dist/types/auth.d.mts +4 -0
- package/dist/utils/index.d.mts +1 -1
- package/dist/utils/url.d.mts +2 -1
- package/dist/utils/url.mjs +9 -3
- package/dist/version.mjs +1 -1
- package/package.json +14 -14
- package/dist/oauth2/error-codes.d.mts +0 -20
- package/dist/plugins/generic-oauth/client.d.mts +0 -32
- package/dist/plugins/generic-oauth/client.mjs +0 -19
- package/dist/plugins/generic-oauth/error-codes.d.mts +0 -10
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
import { __commonJSMin, __require } from "../../../../../../_virtual/_rolldown/runtime.mjs";
|
|
2
|
+
import { require_forge } from "./forge.mjs";
|
|
3
|
+
import { require_util } from "./util.mjs";
|
|
4
|
+
import { require_md } from "./md.mjs";
|
|
5
|
+
import { require_hmac } from "./hmac.mjs";
|
|
6
|
+
//#region ../../node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pbkdf2.js
|
|
7
|
+
var require_pbkdf2 = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
8
|
+
/**
|
|
9
|
+
* Password-Based Key-Derivation Function #2 implementation.
|
|
10
|
+
*
|
|
11
|
+
* See RFC 2898 for details.
|
|
12
|
+
*
|
|
13
|
+
* @author Dave Longley
|
|
14
|
+
*
|
|
15
|
+
* Copyright (c) 2010-2013 Digital Bazaar, Inc.
|
|
16
|
+
*/
|
|
17
|
+
var forge = require_forge();
|
|
18
|
+
require_hmac();
|
|
19
|
+
require_md();
|
|
20
|
+
require_util();
|
|
21
|
+
var pkcs5 = forge.pkcs5 = forge.pkcs5 || {};
|
|
22
|
+
var crypto;
|
|
23
|
+
if (forge.util.isNodejs && !forge.options.usePureJavaScript) crypto = __require("crypto");
|
|
24
|
+
/**
|
|
25
|
+
* Derives a key from a password.
|
|
26
|
+
*
|
|
27
|
+
* @param p the password as a binary-encoded string of bytes.
|
|
28
|
+
* @param s the salt as a binary-encoded string of bytes.
|
|
29
|
+
* @param c the iteration count, a positive integer.
|
|
30
|
+
* @param dkLen the intended length, in bytes, of the derived key,
|
|
31
|
+
* (max: 2^32 - 1) * hash length of the PRF.
|
|
32
|
+
* @param [md] the message digest (or algorithm identifier as a string) to use
|
|
33
|
+
* in the PRF, defaults to SHA-1.
|
|
34
|
+
* @param [callback(err, key)] presence triggers asynchronous version, called
|
|
35
|
+
* once the operation completes.
|
|
36
|
+
*
|
|
37
|
+
* @return the derived key, as a binary-encoded string of bytes, for the
|
|
38
|
+
* synchronous version (if no callback is specified).
|
|
39
|
+
*/
|
|
40
|
+
module.exports = forge.pbkdf2 = pkcs5.pbkdf2 = function(p, s, c, dkLen, md, callback) {
|
|
41
|
+
if (typeof md === "function") {
|
|
42
|
+
callback = md;
|
|
43
|
+
md = null;
|
|
44
|
+
}
|
|
45
|
+
if (forge.util.isNodejs && !forge.options.usePureJavaScript && crypto.pbkdf2 && (md === null || typeof md !== "object") && (crypto.pbkdf2Sync.length > 4 || !md || md === "sha1")) {
|
|
46
|
+
if (typeof md !== "string") md = "sha1";
|
|
47
|
+
p = Buffer.from(p, "binary");
|
|
48
|
+
s = Buffer.from(s, "binary");
|
|
49
|
+
if (!callback) {
|
|
50
|
+
if (crypto.pbkdf2Sync.length === 4) return crypto.pbkdf2Sync(p, s, c, dkLen).toString("binary");
|
|
51
|
+
return crypto.pbkdf2Sync(p, s, c, dkLen, md).toString("binary");
|
|
52
|
+
}
|
|
53
|
+
if (crypto.pbkdf2Sync.length === 4) return crypto.pbkdf2(p, s, c, dkLen, function(err, key) {
|
|
54
|
+
if (err) return callback(err);
|
|
55
|
+
callback(null, key.toString("binary"));
|
|
56
|
+
});
|
|
57
|
+
return crypto.pbkdf2(p, s, c, dkLen, md, function(err, key) {
|
|
58
|
+
if (err) return callback(err);
|
|
59
|
+
callback(null, key.toString("binary"));
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
if (typeof md === "undefined" || md === null) md = "sha1";
|
|
63
|
+
if (typeof md === "string") {
|
|
64
|
+
if (!(md in forge.md.algorithms)) throw new Error("Unknown hash algorithm: " + md);
|
|
65
|
+
md = forge.md[md].create();
|
|
66
|
+
}
|
|
67
|
+
var hLen = md.digestLength;
|
|
68
|
+
if (dkLen > 4294967295 * hLen) {
|
|
69
|
+
var err = /* @__PURE__ */ new Error("Derived key is too long.");
|
|
70
|
+
if (callback) return callback(err);
|
|
71
|
+
throw err;
|
|
72
|
+
}
|
|
73
|
+
var len = Math.ceil(dkLen / hLen);
|
|
74
|
+
var r = dkLen - (len - 1) * hLen;
|
|
75
|
+
var prf = forge.hmac.create();
|
|
76
|
+
prf.start(md, p);
|
|
77
|
+
var dk = "";
|
|
78
|
+
var xor, u_c, u_c1;
|
|
79
|
+
if (!callback) {
|
|
80
|
+
for (var i = 1; i <= len; ++i) {
|
|
81
|
+
prf.start(null, null);
|
|
82
|
+
prf.update(s);
|
|
83
|
+
prf.update(forge.util.int32ToBytes(i));
|
|
84
|
+
xor = u_c1 = prf.digest().getBytes();
|
|
85
|
+
for (var j = 2; j <= c; ++j) {
|
|
86
|
+
prf.start(null, null);
|
|
87
|
+
prf.update(u_c1);
|
|
88
|
+
u_c = prf.digest().getBytes();
|
|
89
|
+
xor = forge.util.xorBytes(xor, u_c, hLen);
|
|
90
|
+
u_c1 = u_c;
|
|
91
|
+
}
|
|
92
|
+
dk += i < len ? xor : xor.substr(0, r);
|
|
93
|
+
}
|
|
94
|
+
return dk;
|
|
95
|
+
}
|
|
96
|
+
var i = 1, j;
|
|
97
|
+
function outer() {
|
|
98
|
+
if (i > len) return callback(null, dk);
|
|
99
|
+
prf.start(null, null);
|
|
100
|
+
prf.update(s);
|
|
101
|
+
prf.update(forge.util.int32ToBytes(i));
|
|
102
|
+
xor = u_c1 = prf.digest().getBytes();
|
|
103
|
+
j = 2;
|
|
104
|
+
inner();
|
|
105
|
+
}
|
|
106
|
+
function inner() {
|
|
107
|
+
if (j <= c) {
|
|
108
|
+
prf.start(null, null);
|
|
109
|
+
prf.update(u_c1);
|
|
110
|
+
u_c = prf.digest().getBytes();
|
|
111
|
+
xor = forge.util.xorBytes(xor, u_c, hLen);
|
|
112
|
+
u_c1 = u_c;
|
|
113
|
+
++j;
|
|
114
|
+
return forge.util.setImmediate(inner);
|
|
115
|
+
}
|
|
116
|
+
dk += i < len ? xor : xor.substr(0, r);
|
|
117
|
+
++i;
|
|
118
|
+
outer();
|
|
119
|
+
}
|
|
120
|
+
outer();
|
|
121
|
+
};
|
|
122
|
+
}));
|
|
123
|
+
//#endregion
|
|
124
|
+
export default require_pbkdf2();
|
|
125
|
+
export { require_pbkdf2 };
|
|
@@ -0,0 +1,175 @@
|
|
|
1
|
+
import { __commonJSMin } from "../../../../../../_virtual/_rolldown/runtime.mjs";
|
|
2
|
+
import { require_forge } from "./forge.mjs";
|
|
3
|
+
import { require_util } from "./util.mjs";
|
|
4
|
+
//#region ../../node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pem.js
|
|
5
|
+
var require_pem = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
6
|
+
/**
|
|
7
|
+
* Javascript implementation of basic PEM (Privacy Enhanced Mail) algorithms.
|
|
8
|
+
*
|
|
9
|
+
* See: RFC 1421.
|
|
10
|
+
*
|
|
11
|
+
* @author Dave Longley
|
|
12
|
+
*
|
|
13
|
+
* Copyright (c) 2013-2014 Digital Bazaar, Inc.
|
|
14
|
+
*
|
|
15
|
+
* A Forge PEM object has the following fields:
|
|
16
|
+
*
|
|
17
|
+
* type: identifies the type of message (eg: "RSA PRIVATE KEY").
|
|
18
|
+
*
|
|
19
|
+
* procType: identifies the type of processing performed on the message,
|
|
20
|
+
* it has two subfields: version and type, eg: 4,ENCRYPTED.
|
|
21
|
+
*
|
|
22
|
+
* contentDomain: identifies the type of content in the message, typically
|
|
23
|
+
* only uses the value: "RFC822".
|
|
24
|
+
*
|
|
25
|
+
* dekInfo: identifies the message encryption algorithm and mode and includes
|
|
26
|
+
* any parameters for the algorithm, it has two subfields: algorithm and
|
|
27
|
+
* parameters, eg: DES-CBC,F8143EDE5960C597.
|
|
28
|
+
*
|
|
29
|
+
* headers: contains all other PEM encapsulated headers -- where order is
|
|
30
|
+
* significant (for pairing data like recipient ID + key info).
|
|
31
|
+
*
|
|
32
|
+
* body: the binary-encoded body.
|
|
33
|
+
*/
|
|
34
|
+
var forge = require_forge();
|
|
35
|
+
require_util();
|
|
36
|
+
var pem = module.exports = forge.pem = forge.pem || {};
|
|
37
|
+
/**
|
|
38
|
+
* Encodes (serializes) the given PEM object.
|
|
39
|
+
*
|
|
40
|
+
* @param msg the PEM message object to encode.
|
|
41
|
+
* @param options the options to use:
|
|
42
|
+
* maxline the maximum characters per line for the body, (default: 64).
|
|
43
|
+
*
|
|
44
|
+
* @return the PEM-formatted string.
|
|
45
|
+
*/
|
|
46
|
+
pem.encode = function(msg, options) {
|
|
47
|
+
options = options || {};
|
|
48
|
+
var rval = "-----BEGIN " + msg.type + "-----\r\n";
|
|
49
|
+
var header;
|
|
50
|
+
if (msg.procType) {
|
|
51
|
+
header = {
|
|
52
|
+
name: "Proc-Type",
|
|
53
|
+
values: [String(msg.procType.version), msg.procType.type]
|
|
54
|
+
};
|
|
55
|
+
rval += foldHeader(header);
|
|
56
|
+
}
|
|
57
|
+
if (msg.contentDomain) {
|
|
58
|
+
header = {
|
|
59
|
+
name: "Content-Domain",
|
|
60
|
+
values: [msg.contentDomain]
|
|
61
|
+
};
|
|
62
|
+
rval += foldHeader(header);
|
|
63
|
+
}
|
|
64
|
+
if (msg.dekInfo) {
|
|
65
|
+
header = {
|
|
66
|
+
name: "DEK-Info",
|
|
67
|
+
values: [msg.dekInfo.algorithm]
|
|
68
|
+
};
|
|
69
|
+
if (msg.dekInfo.parameters) header.values.push(msg.dekInfo.parameters);
|
|
70
|
+
rval += foldHeader(header);
|
|
71
|
+
}
|
|
72
|
+
if (msg.headers) for (var i = 0; i < msg.headers.length; ++i) rval += foldHeader(msg.headers[i]);
|
|
73
|
+
if (msg.procType) rval += "\r\n";
|
|
74
|
+
rval += forge.util.encode64(msg.body, options.maxline || 64) + "\r\n";
|
|
75
|
+
rval += "-----END " + msg.type + "-----\r\n";
|
|
76
|
+
return rval;
|
|
77
|
+
};
|
|
78
|
+
/**
|
|
79
|
+
* Decodes (deserializes) all PEM messages found in the given string.
|
|
80
|
+
*
|
|
81
|
+
* @param str the PEM-formatted string to decode.
|
|
82
|
+
*
|
|
83
|
+
* @return the PEM message objects in an array.
|
|
84
|
+
*/
|
|
85
|
+
pem.decode = function(str) {
|
|
86
|
+
var rval = [];
|
|
87
|
+
var rMessage = /\s*-----BEGIN ([A-Z0-9- ]+)-----\r?\n?([\x21-\x7e\s]+?(?:\r?\n\r?\n))?([:A-Za-z0-9+\/=\s]+?)-----END \1-----/g;
|
|
88
|
+
var rHeader = /([\x21-\x7e]+):\s*([\x21-\x7e\s^:]+)/;
|
|
89
|
+
var rCRLF = /\r?\n/;
|
|
90
|
+
var match;
|
|
91
|
+
while (true) {
|
|
92
|
+
match = rMessage.exec(str);
|
|
93
|
+
if (!match) break;
|
|
94
|
+
var type = match[1];
|
|
95
|
+
if (type === "NEW CERTIFICATE REQUEST") type = "CERTIFICATE REQUEST";
|
|
96
|
+
var msg = {
|
|
97
|
+
type,
|
|
98
|
+
procType: null,
|
|
99
|
+
contentDomain: null,
|
|
100
|
+
dekInfo: null,
|
|
101
|
+
headers: [],
|
|
102
|
+
body: forge.util.decode64(match[3])
|
|
103
|
+
};
|
|
104
|
+
rval.push(msg);
|
|
105
|
+
if (!match[2]) continue;
|
|
106
|
+
var lines = match[2].split(rCRLF);
|
|
107
|
+
var li = 0;
|
|
108
|
+
while (match && li < lines.length) {
|
|
109
|
+
var line = lines[li].replace(/\s+$/, "");
|
|
110
|
+
for (var nl = li + 1; nl < lines.length; ++nl) {
|
|
111
|
+
var next = lines[nl];
|
|
112
|
+
if (!/\s/.test(next[0])) break;
|
|
113
|
+
line += next;
|
|
114
|
+
li = nl;
|
|
115
|
+
}
|
|
116
|
+
match = line.match(rHeader);
|
|
117
|
+
if (match) {
|
|
118
|
+
var header = {
|
|
119
|
+
name: match[1],
|
|
120
|
+
values: []
|
|
121
|
+
};
|
|
122
|
+
var values = match[2].split(",");
|
|
123
|
+
for (var vi = 0; vi < values.length; ++vi) header.values.push(ltrim(values[vi]));
|
|
124
|
+
if (!msg.procType) {
|
|
125
|
+
if (header.name !== "Proc-Type") throw new Error("Invalid PEM formatted message. The first encapsulated header must be \"Proc-Type\".");
|
|
126
|
+
else if (header.values.length !== 2) throw new Error("Invalid PEM formatted message. The \"Proc-Type\" header must have two subfields.");
|
|
127
|
+
msg.procType = {
|
|
128
|
+
version: values[0],
|
|
129
|
+
type: values[1]
|
|
130
|
+
};
|
|
131
|
+
} else if (!msg.contentDomain && header.name === "Content-Domain") msg.contentDomain = values[0] || "";
|
|
132
|
+
else if (!msg.dekInfo && header.name === "DEK-Info") {
|
|
133
|
+
if (header.values.length === 0) throw new Error("Invalid PEM formatted message. The \"DEK-Info\" header must have at least one subfield.");
|
|
134
|
+
msg.dekInfo = {
|
|
135
|
+
algorithm: values[0],
|
|
136
|
+
parameters: values[1] || null
|
|
137
|
+
};
|
|
138
|
+
} else msg.headers.push(header);
|
|
139
|
+
}
|
|
140
|
+
++li;
|
|
141
|
+
}
|
|
142
|
+
if (msg.procType === "ENCRYPTED" && !msg.dekInfo) throw new Error("Invalid PEM formatted message. The \"DEK-Info\" header must be present if \"Proc-Type\" is \"ENCRYPTED\".");
|
|
143
|
+
}
|
|
144
|
+
if (rval.length === 0) throw new Error("Invalid PEM formatted message.");
|
|
145
|
+
return rval;
|
|
146
|
+
};
|
|
147
|
+
function foldHeader(header) {
|
|
148
|
+
var rval = header.name + ": ";
|
|
149
|
+
var values = [];
|
|
150
|
+
var insertSpace = function(match, $1) {
|
|
151
|
+
return " " + $1;
|
|
152
|
+
};
|
|
153
|
+
for (var i = 0; i < header.values.length; ++i) values.push(header.values[i].replace(/^(\S+\r\n)/, insertSpace));
|
|
154
|
+
rval += values.join(",") + "\r\n";
|
|
155
|
+
var length = 0;
|
|
156
|
+
var candidate = -1;
|
|
157
|
+
for (var i = 0; i < rval.length; ++i, ++length) if (length > 65 && candidate !== -1) {
|
|
158
|
+
var insert = rval[candidate];
|
|
159
|
+
if (insert === ",") {
|
|
160
|
+
++candidate;
|
|
161
|
+
rval = rval.substr(0, candidate) + "\r\n " + rval.substr(candidate);
|
|
162
|
+
} else rval = rval.substr(0, candidate) + "\r\n" + insert + rval.substr(candidate + 1);
|
|
163
|
+
length = i - candidate - 1;
|
|
164
|
+
candidate = -1;
|
|
165
|
+
++i;
|
|
166
|
+
} else if (rval[i] === " " || rval[i] === " " || rval[i] === ",") candidate = i;
|
|
167
|
+
return rval;
|
|
168
|
+
}
|
|
169
|
+
function ltrim(str) {
|
|
170
|
+
return str.replace(/^\s+/, "");
|
|
171
|
+
}
|
|
172
|
+
}));
|
|
173
|
+
//#endregion
|
|
174
|
+
export default require_pem();
|
|
175
|
+
export { require_pem };
|
|
@@ -0,0 +1,200 @@
|
|
|
1
|
+
import { __commonJSMin } from "../../../../../../_virtual/_rolldown/runtime.mjs";
|
|
2
|
+
import { require_forge } from "./forge.mjs";
|
|
3
|
+
import { require_util } from "./util.mjs";
|
|
4
|
+
import { require_random } from "./random.mjs";
|
|
5
|
+
import { require_sha1 } from "./sha1.mjs";
|
|
6
|
+
//#region ../../node_modules/.pnpm/node-forge@1.4.0/node_modules/node-forge/lib/pkcs1.js
|
|
7
|
+
var require_pkcs1 = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
8
|
+
/**
|
|
9
|
+
* Partial implementation of PKCS#1 v2.2: RSA-OEAP
|
|
10
|
+
*
|
|
11
|
+
* Modified but based on the following MIT and BSD licensed code:
|
|
12
|
+
*
|
|
13
|
+
* https://github.com/kjur/jsjws/blob/master/rsa.js:
|
|
14
|
+
*
|
|
15
|
+
* The 'jsjws'(JSON Web Signature JavaScript Library) License
|
|
16
|
+
*
|
|
17
|
+
* Copyright (c) 2012 Kenji Urushima
|
|
18
|
+
*
|
|
19
|
+
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
20
|
+
* of this software and associated documentation files (the "Software"), to deal
|
|
21
|
+
* in the Software without restriction, including without limitation the rights
|
|
22
|
+
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
23
|
+
* copies of the Software, and to permit persons to whom the Software is
|
|
24
|
+
* furnished to do so, subject to the following conditions:
|
|
25
|
+
*
|
|
26
|
+
* The above copyright notice and this permission notice shall be included in
|
|
27
|
+
* all copies or substantial portions of the Software.
|
|
28
|
+
*
|
|
29
|
+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
30
|
+
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
31
|
+
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
32
|
+
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
33
|
+
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
34
|
+
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
35
|
+
* THE SOFTWARE.
|
|
36
|
+
*
|
|
37
|
+
* http://webrsa.cvs.sourceforge.net/viewvc/webrsa/Client/RSAES-OAEP.js?content-type=text%2Fplain:
|
|
38
|
+
*
|
|
39
|
+
* RSAES-OAEP.js
|
|
40
|
+
* $Id: RSAES-OAEP.js,v 1.1.1.1 2003/03/19 15:37:20 ellispritchard Exp $
|
|
41
|
+
* JavaScript Implementation of PKCS #1 v2.1 RSA CRYPTOGRAPHY STANDARD (RSA Laboratories, June 14, 2002)
|
|
42
|
+
* Copyright (C) Ellis Pritchard, Guardian Unlimited 2003.
|
|
43
|
+
* Contact: ellis@nukinetics.com
|
|
44
|
+
* Distributed under the BSD License.
|
|
45
|
+
*
|
|
46
|
+
* Official documentation: http://www.rsa.com/rsalabs/node.asp?id=2125
|
|
47
|
+
*
|
|
48
|
+
* @author Evan Jones (http://evanjones.ca/)
|
|
49
|
+
* @author Dave Longley
|
|
50
|
+
*
|
|
51
|
+
* Copyright (c) 2013-2014 Digital Bazaar, Inc.
|
|
52
|
+
*/
|
|
53
|
+
var forge = require_forge();
|
|
54
|
+
require_util();
|
|
55
|
+
require_random();
|
|
56
|
+
require_sha1();
|
|
57
|
+
var pkcs1 = module.exports = forge.pkcs1 = forge.pkcs1 || {};
|
|
58
|
+
/**
|
|
59
|
+
* Encode the given RSAES-OAEP message (M) using key, with optional label (L)
|
|
60
|
+
* and seed.
|
|
61
|
+
*
|
|
62
|
+
* This method does not perform RSA encryption, it only encodes the message
|
|
63
|
+
* using RSAES-OAEP.
|
|
64
|
+
*
|
|
65
|
+
* @param key the RSA key to use.
|
|
66
|
+
* @param message the message to encode.
|
|
67
|
+
* @param options the options to use:
|
|
68
|
+
* label an optional label to use.
|
|
69
|
+
* seed the seed to use.
|
|
70
|
+
* md the message digest object to use, undefined for SHA-1.
|
|
71
|
+
* mgf1 optional mgf1 parameters:
|
|
72
|
+
* md the message digest object to use for MGF1.
|
|
73
|
+
*
|
|
74
|
+
* @return the encoded message bytes.
|
|
75
|
+
*/
|
|
76
|
+
pkcs1.encode_rsa_oaep = function(key, message, options) {
|
|
77
|
+
var label;
|
|
78
|
+
var seed;
|
|
79
|
+
var md;
|
|
80
|
+
var mgf1Md;
|
|
81
|
+
if (typeof options === "string") {
|
|
82
|
+
label = options;
|
|
83
|
+
seed = arguments[3] || void 0;
|
|
84
|
+
md = arguments[4] || void 0;
|
|
85
|
+
} else if (options) {
|
|
86
|
+
label = options.label || void 0;
|
|
87
|
+
seed = options.seed || void 0;
|
|
88
|
+
md = options.md || void 0;
|
|
89
|
+
if (options.mgf1 && options.mgf1.md) mgf1Md = options.mgf1.md;
|
|
90
|
+
}
|
|
91
|
+
if (!md) md = forge.md.sha1.create();
|
|
92
|
+
else md.start();
|
|
93
|
+
if (!mgf1Md) mgf1Md = md;
|
|
94
|
+
var keyLength = Math.ceil(key.n.bitLength() / 8);
|
|
95
|
+
var maxLength = keyLength - 2 * md.digestLength - 2;
|
|
96
|
+
if (message.length > maxLength) {
|
|
97
|
+
var error = /* @__PURE__ */ new Error("RSAES-OAEP input message length is too long.");
|
|
98
|
+
error.length = message.length;
|
|
99
|
+
error.maxLength = maxLength;
|
|
100
|
+
throw error;
|
|
101
|
+
}
|
|
102
|
+
if (!label) label = "";
|
|
103
|
+
md.update(label, "raw");
|
|
104
|
+
var lHash = md.digest();
|
|
105
|
+
var PS = "";
|
|
106
|
+
var PS_length = maxLength - message.length;
|
|
107
|
+
for (var i = 0; i < PS_length; i++) PS += "\0";
|
|
108
|
+
var DB = lHash.getBytes() + PS + "" + message;
|
|
109
|
+
if (!seed) seed = forge.random.getBytes(md.digestLength);
|
|
110
|
+
else if (seed.length !== md.digestLength) {
|
|
111
|
+
var error = /* @__PURE__ */ new Error("Invalid RSAES-OAEP seed. The seed length must match the digest length.");
|
|
112
|
+
error.seedLength = seed.length;
|
|
113
|
+
error.digestLength = md.digestLength;
|
|
114
|
+
throw error;
|
|
115
|
+
}
|
|
116
|
+
var dbMask = rsa_mgf1(seed, keyLength - md.digestLength - 1, mgf1Md);
|
|
117
|
+
var maskedDB = forge.util.xorBytes(DB, dbMask, DB.length);
|
|
118
|
+
var seedMask = rsa_mgf1(maskedDB, md.digestLength, mgf1Md);
|
|
119
|
+
return "\0" + forge.util.xorBytes(seed, seedMask, seed.length) + maskedDB;
|
|
120
|
+
};
|
|
121
|
+
/**
|
|
122
|
+
* Decode the given RSAES-OAEP encoded message (EM) using key, with optional
|
|
123
|
+
* label (L).
|
|
124
|
+
*
|
|
125
|
+
* This method does not perform RSA decryption, it only decodes the message
|
|
126
|
+
* using RSAES-OAEP.
|
|
127
|
+
*
|
|
128
|
+
* @param key the RSA key to use.
|
|
129
|
+
* @param em the encoded message to decode.
|
|
130
|
+
* @param options the options to use:
|
|
131
|
+
* label an optional label to use.
|
|
132
|
+
* md the message digest object to use for OAEP, undefined for SHA-1.
|
|
133
|
+
* mgf1 optional mgf1 parameters:
|
|
134
|
+
* md the message digest object to use for MGF1.
|
|
135
|
+
*
|
|
136
|
+
* @return the decoded message bytes.
|
|
137
|
+
*/
|
|
138
|
+
pkcs1.decode_rsa_oaep = function(key, em, options) {
|
|
139
|
+
var label;
|
|
140
|
+
var md;
|
|
141
|
+
var mgf1Md;
|
|
142
|
+
if (typeof options === "string") {
|
|
143
|
+
label = options;
|
|
144
|
+
md = arguments[3] || void 0;
|
|
145
|
+
} else if (options) {
|
|
146
|
+
label = options.label || void 0;
|
|
147
|
+
md = options.md || void 0;
|
|
148
|
+
if (options.mgf1 && options.mgf1.md) mgf1Md = options.mgf1.md;
|
|
149
|
+
}
|
|
150
|
+
var keyLength = Math.ceil(key.n.bitLength() / 8);
|
|
151
|
+
if (em.length !== keyLength) {
|
|
152
|
+
var error = /* @__PURE__ */ new Error("RSAES-OAEP encoded message length is invalid.");
|
|
153
|
+
error.length = em.length;
|
|
154
|
+
error.expectedLength = keyLength;
|
|
155
|
+
throw error;
|
|
156
|
+
}
|
|
157
|
+
if (md === void 0) md = forge.md.sha1.create();
|
|
158
|
+
else md.start();
|
|
159
|
+
if (!mgf1Md) mgf1Md = md;
|
|
160
|
+
if (keyLength < 2 * md.digestLength + 2) throw new Error("RSAES-OAEP key is too short for the hash function.");
|
|
161
|
+
if (!label) label = "";
|
|
162
|
+
md.update(label, "raw");
|
|
163
|
+
var lHash = md.digest().getBytes();
|
|
164
|
+
var y = em.charAt(0);
|
|
165
|
+
var maskedSeed = em.substring(1, md.digestLength + 1);
|
|
166
|
+
var maskedDB = em.substring(1 + md.digestLength);
|
|
167
|
+
var seedMask = rsa_mgf1(maskedDB, md.digestLength, mgf1Md);
|
|
168
|
+
var dbMask = rsa_mgf1(forge.util.xorBytes(maskedSeed, seedMask, maskedSeed.length), keyLength - md.digestLength - 1, mgf1Md);
|
|
169
|
+
var db = forge.util.xorBytes(maskedDB, dbMask, maskedDB.length);
|
|
170
|
+
var lHashPrime = db.substring(0, md.digestLength);
|
|
171
|
+
var error = y !== "\0";
|
|
172
|
+
for (var i = 0; i < md.digestLength; ++i) error |= lHash.charAt(i) !== lHashPrime.charAt(i);
|
|
173
|
+
var in_ps = 1;
|
|
174
|
+
var index = md.digestLength;
|
|
175
|
+
for (var j = md.digestLength; j < db.length; j++) {
|
|
176
|
+
var code = db.charCodeAt(j);
|
|
177
|
+
var is_0 = code & 1 ^ 1;
|
|
178
|
+
error |= code & (in_ps ? 65534 : 0);
|
|
179
|
+
in_ps = in_ps & is_0;
|
|
180
|
+
index += in_ps;
|
|
181
|
+
}
|
|
182
|
+
if (error || db.charCodeAt(index) !== 1) throw new Error("Invalid RSAES-OAEP padding.");
|
|
183
|
+
return db.substring(index + 1);
|
|
184
|
+
};
|
|
185
|
+
function rsa_mgf1(seed, maskLength, hash) {
|
|
186
|
+
if (!hash) hash = forge.md.sha1.create();
|
|
187
|
+
var t = "";
|
|
188
|
+
var count = Math.ceil(maskLength / hash.digestLength);
|
|
189
|
+
for (var i = 0; i < count; ++i) {
|
|
190
|
+
var c = String.fromCharCode(i >> 24 & 255, i >> 16 & 255, i >> 8 & 255, i & 255);
|
|
191
|
+
hash.start();
|
|
192
|
+
hash.update(seed + c);
|
|
193
|
+
t += hash.digest().getBytes();
|
|
194
|
+
}
|
|
195
|
+
return t.substring(0, maskLength);
|
|
196
|
+
}
|
|
197
|
+
}));
|
|
198
|
+
//#endregion
|
|
199
|
+
export default require_pkcs1();
|
|
200
|
+
export { require_pkcs1 };
|