jsonauthtoken 3.0.2 → 3.0.4-beta-1

package/dist/runtime/node.runtime.js

@@ -1,150 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NodeCrypto = void 0;
-const crypto_1 = __importDefault(require("crypto"));
-const functions_lib_1 = require("../lib/functions.lib");
-class NodeCrypto {
-    crypto;
-    async __init() {
-        if (!this.crypto) {
-            return await Promise.resolve().then(() => __importStar(require('crypto')));
-        }
-    }
-    _encrypt(algorithm, key, payload) {
-        const iv = crypto_1.default.randomBytes(12);
-        const cipher = crypto_1.default.createCipheriv(algorithm, key, iv);
-        const data = JSON.stringify(payload);
-        let encrypted = cipher.update(data, 'utf8', 'base64');
-        encrypted += cipher.final('base64');
-        const tag = cipher.getAuthTag().toString('base64');
-        return {
-            iv: iv.toString('base64'),
-            encrypted,
-            tag
-        };
-    }
-    _decrypt(algorithm, key, encryptedData) {
-        const { iv, encrypted, tag } = encryptedData;
-        const decipher = crypto_1.default.createDecipheriv(algorithm, key, Buffer.from(iv, 'base64'));
-        decipher.setAuthTag(Buffer.from(tag, 'base64'));
-        let decrypted = decipher.update(encrypted, 'base64', 'utf8');
-        decrypted += decipher.final('utf8');
-        return JSON.parse(decrypted);
-    }
-    _rsaPublicKeyGeneration(privateKeyPem) {
-        const privateKeyObject = crypto_1.default.createPrivateKey({
-            key: privateKeyPem.replace(/\\n/g, '\n'),
-            format: 'pem',
-            type: 'pkcs8'
-        });
-        const publicKeyObject = crypto_1.default.createPublicKey(privateKeyObject);
-        return publicKeyObject.export({ type: 'spki', format: 'pem' });
-    }
-    _rsaPrivatePublicKeyGeneration() {
-        const { publicKey, privateKey } = crypto_1.default.generateKeyPairSync('rsa', {
-            modulusLength: 2048,
-            publicKeyEncoding: {
-                type: 'spki',
-                format: 'pem'
-            },
-            privateKeyEncoding: {
-                type: 'pkcs8',
-                format: 'pem'
-            }
-        });
-        return { privateKey, publicKey };
-    }
-    async encrypt(algo, key, payload, exp) {
-        await this.__init();
-        const keyHash = this.crypto.createHash('sha256').update(key).digest();
-        const newPayload = { payload: payload, exp: exp };
-        const { iv, encrypted, tag } = this._encrypt(algo, keyHash, newPayload);
-        return (0, functions_lib_1.tokenFormatCreate)({
-            runtime: 'node',
-            algo: 'AES-256-GCM',
-            type: 'symmetric',
-            v: '1',
-            iv,
-            tag
-        }, encrypted);
-    }
-    async decrypt(algo, key, encryptedData) {
-        await this.__init();
-        const keyHash = crypto_1.default.createHash('sha256').update(key).digest();
-        return this._decrypt(algo, keyHash, encryptedData);
-    }
-    async encryptRSA(payload, publicKey, exp) {
-        await this.__init();
-        const symmetricKey = crypto_1.default.randomBytes(32);
-        const newPayload = { payload: payload, exp: exp };
-        const { iv, encrypted, tag } = this._encrypt('aes-256-gcm', symmetricKey, newPayload);
-        const encryptedSymmetricKey = crypto_1.default.publicEncrypt({
-            key: publicKey,
-            padding: crypto_1.default.constants.RSA_PKCS1_OAEP_PADDING,
-            oaepHash: 'sha256'
-        }, symmetricKey);
-        return (0, functions_lib_1.tokenFormatCreate)({
-            runtime: 'node',
-            algo: 'RSA+A256GCM',
-            type: 'asymmetric',
-            v: '1',
-            iv,
-            tag,
-            encryptedKey: encryptedSymmetricKey.toString('base64')
-        }, encrypted);
-    }
-    async decryptRSA(privateKey, encryptedKey, encryptedData) {
-        await this.__init();
-        const decryptedSymmetricKey = crypto_1.default.privateDecrypt({
-            key: privateKey,
-            padding: crypto_1.default.constants.RSA_PKCS1_OAEP_PADDING,
-            oaepHash: 'sha256'
-        }, Buffer.from(encryptedKey, 'base64'));
-        return this._decrypt('aes-256-gcm', decryptedSymmetricKey, encryptedData);
-    }
-    async rsaPrivatePublicKeyGeneration() {
-        await this.__init();
-        return this._rsaPrivatePublicKeyGeneration();
-    }
-    async rsaPublicKeyGeneration(privateKeyPem) {
-        await this.__init();
-        return this._rsaPublicKeyGeneration(privateKeyPem);
-    }
-}
-exports.NodeCrypto = NodeCrypto;

package/dist/runtime/runtime.d.ts

@@ -1,12 +0,0 @@
-export declare class RuntimeCrypto {
-    private node;
-    private web;
-    private getModule;
-    createToken(runtime: Runtime, algo: string, key: string, payload: any, exp: number): Promise<string>;
-    verifyToken<T>(currentRuntime: Runtime, token: string, key: string): Promise<{
-        payload: T;
-        exp: number;
-    }>;
-    rsaKeyDrivation(runtime: Runtime, type: 'keyPair'): Promise<GenerateKeyPair>;
-    rsaKeyDrivation(runtime: Runtime, type: 'publickey', privateKeyPem: string): Promise<string>;
-}

package/dist/runtime/runtime.js

@@ -1,152 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RuntimeCrypto = void 0;
-const algo_config_1 = require("../config/algo.config");
-const functions_lib_1 = require("../lib/functions.lib");
-class RuntimeCrypto {
-    node;
-    web;
-    async getModule(runtime) {
-        if (runtime === 'node' && this.node === undefined) {
-            const { NodeCrypto } = await Promise.resolve().then(() => __importStar(require('./node.runtime')));
-            this.node = new NodeCrypto();
-        }
-        else if (runtime === 'web' && this.web === undefined) {
-            const { WebCrypto } = await Promise.resolve().then(() => __importStar(require('./web.runtime')));
-            this.web = new WebCrypto();
-        }
-        else if (runtime === 'edge' && this.web === undefined) {
-            const { WebCrypto } = await Promise.resolve().then(() => __importStar(require('./web.runtime')));
-            this.web = new WebCrypto();
-        }
-    }
-    async createToken(runtime, algo, key, payload, exp) {
-        const algorithms = algo_config_1.SUPPORTED_ALGORITHM[runtime];
-        const algoData = algorithms.find(({ name }) => { return name == algo; });
-        if (!algoData) {
-            throw new Error(`Algorithm ${algo} is not supported for ${runtime}`);
-        }
-        await this.getModule(runtime);
-        if (runtime === 'node') {
-            if (algoData.type === 'asymmetric') {
-                if (algoData.value !== 'ras+a256gcm') {
-                    throw new Error(`Algorithm ${algoData.name} is not supported for asymmetric encryption`);
-                }
-                return await this.node.encryptRSA(payload, key, exp);
-            }
-            else {
-                if (algoData.value !== 'aes-256-gcm') {
-                    throw new Error(`Algorithm ${algoData.name} is not supported for symmetric encryption`);
-                }
-                return await this.node.encrypt(algoData.value, key, payload, exp);
-            }
-        }
-        else {
-            if (algoData.type === 'asymmetric') {
-                if (algoData.value !== 'RSA+AES-GCM') {
-                    throw new Error(`Algorithm ${algoData.name} is not supported for asymmetric encryption`);
-                }
-                return await this.web.encryptRSA(payload, key, exp);
-            }
-            else {
-                if (algoData.value !== 'AES-GCM') {
-                    throw new Error(`Algorithm ${algoData.name} is not supported for symmetric encryption`);
-                }
-                return await this.web.encrypt(algoData.value, key, payload, exp);
-            }
-        }
-    }
-    async verifyToken(currentRuntime, token, key) {
-        const { meta, encrypted } = (0, functions_lib_1.tokenFormatVerify)(token);
-        const { runtime, algo, type, v, iv, tag, encryptedKey } = meta;
-        if (currentRuntime !== runtime) {
-            throw new Error('Runtime not matching');
-        }
-        await this.getModule(runtime);
-        if (runtime === 'node') {
-            if (type === 'asymmetric') {
-                if (algo !== 'RSA+A256GCM') {
-                    throw new Error(`Algorithm ${algo} is not supported for asymmetric encryption`);
-                }
-                return await this.node.decryptRSA(key, encryptedKey, { iv, encrypted, tag });
-            }
-            else {
-                if (algo !== 'AES-256-GCM') {
-                    throw new Error(`Algorithm ${algo} is not supported for symmetric encryption`);
-                }
-                return await this.node.decrypt("aes-256-gcm", key, { iv, encrypted, tag });
-            }
-        }
-        else {
-            if (type === 'asymmetric') {
-                if (algo !== 'RSA+AES-GCM') {
-                    throw new Error(`Algorithm ${algo} is not supported for asymmetric encryption`);
-                }
-                return await this.web.decryptRSA(key, encryptedKey, { iv, encrypted });
-            }
-            else {
-                if (algo !== 'AES-GCM') {
-                    throw new Error(`Algorithm ${algo} is not supported for symmetric encryption`);
-                }
-                return await this.web.decrypt('AES-GCM', key, { iv, encrypted });
-            }
-        }
-    }
-    async rsaKeyDrivation(runtime, type, privateKeyPem) {
-        await this.getModule(runtime);
-        if (runtime === 'node') {
-            if (type === 'keyPair') {
-                return await this.node.rsaPrivatePublicKeyGeneration();
-            }
-            else {
-                if (!privateKeyPem)
-                    throw new Error('privateKeyPem is required');
-                return await this.node.rsaPublicKeyGeneration(privateKeyPem);
-            }
-        }
-        else {
-            if (type === 'keyPair') {
-                return await this.web.rsaPrivatePublicKeyGeneration();
-            }
-            else {
-                if (!privateKeyPem)
-                    throw new Error('privateKeyPem is required');
-                return await this.web.rsaPublicKeyGeneration(privateKeyPem);
-            }
-        }
-    }
-}
-exports.RuntimeCrypto = RuntimeCrypto;

package/dist/runtime/web.runtime.d.ts

@@ -1,38 +0,0 @@
-export declare class WebCrypto {
-    private textEncoder;
-    private textDecoder;
-    private __importAESKey;
-    private __uint8ArrayToBase64;
-    private __base64ToUint8Array;
-    private __arrayBufferToBase64;
-    private __base64ToArrayBuffer;
-    private __pemToArrayBuffer;
-    private __arrayBufferToPem;
-    private __importPublicKey;
-    private __importPrivateKey;
-    private _encrypt;
-    private _decrypt;
-    private _rsaPublicKeyGeneration;
-    private _rsaPrivatePublicKeyGeneration;
-    encrypt(algo: 'AES-GCM', key: string, payload: any, exp: number): Promise<string>;
-    decrypt<T>(algo: 'AES-GCM', key: string, encryptedData: {
-        iv: string;
-        encrypted: string;
-    }): Promise<{
-        payload: T;
-        exp: number;
-    }>;
-    encryptRSA(payload: any, publicKeyPem: string, exp: number): Promise<string>;
-    decryptRSA<T>(privateKeyPem: string, encryptedKey: string, encryptedData: {
-        iv: string;
-        encrypted: string;
-    }): Promise<{
-        payload: T;
-        exp: number;
-    }>;
-    rsaPrivatePublicKeyGeneration(): Promise<{
-        privateKey: string;
-        publicKey: string;
-    }>;
-    rsaPublicKeyGeneration(privateKeyPem: string): Promise<string>;
-}

package/dist/runtime/web.runtime.js

@@ -1,180 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.WebCrypto = void 0;
-const functions_lib_1 = require("../lib/functions.lib");
-class WebCrypto {
-    textEncoder = new TextEncoder();
-    textDecoder = new TextDecoder();
-    async __importAESKey(password) {
-        const passwordBuffer = this.textEncoder.encode(password);
-        const hashBuffer = await crypto.subtle.digest('SHA-256', passwordBuffer);
-        return await crypto.subtle.importKey('raw', hashBuffer, { name: 'AES-GCM' }, false, ['encrypt', 'decrypt']);
-    }
-    __uint8ArrayToBase64(uint8Array) {
-        let binary = '';
-        const len = uint8Array.byteLength;
-        for (let i = 0; i < len; i++) {
-            binary += String.fromCharCode(uint8Array[i]);
-        }
-        return btoa(binary);
-    }
-    __base64ToUint8Array(base64) {
-        const binaryString = atob(base64);
-        const len = binaryString.length;
-        const bytes = new Uint8Array(len);
-        for (let i = 0; i < len; i++) {
-            bytes[i] = binaryString.charCodeAt(i);
-        }
-        return bytes;
-    }
-    __arrayBufferToBase64(buffer) {
-        const bytes = new Uint8Array(buffer);
-        let binary = '';
-        for (let i = 0; i < bytes.length; i++) {
-            binary += String.fromCharCode(bytes[i]);
-        }
-        return btoa(binary);
-    }
-    __base64ToArrayBuffer(base64) {
-        const binary = atob(base64);
-        const bytes = new Uint8Array(binary.length);
-        for (let i = 0; i < binary.length; i++) {
-            bytes[i] = binary.charCodeAt(i);
-        }
-        return bytes.buffer;
-    }
-    __pemToArrayBuffer(pem, type) {
-        const pemHeader = `-----BEGIN ${type} KEY-----`;
-        const pemFooter = `-----END ${type} KEY-----`;
-        const pemContents = pem
-            .replace(pemHeader, '')
-            .replace(pemFooter, '')
-            .replace(/\\n/g, '')
-            .replace(/\s/g, '');
-        return this.__base64ToArrayBuffer(pemContents);
-    }
-    __arrayBufferToPem(buffer, type) {
-        const base64 = this.__arrayBufferToBase64(buffer);
-        const pemContents = base64.match(/.{1,64}/g)?.join('\n') || base64;
-        return `-----BEGIN ${type} KEY-----\n${pemContents}\n-----END ${type} KEY-----`;
-    }
-    async __importPublicKey(publicKeyPem) {
-        const keyData = this.__pemToArrayBuffer(publicKeyPem, 'PUBLIC');
-        return await crypto.subtle.importKey('spki', keyData, {
-            name: 'RSA-OAEP',
-            hash: 'SHA-256'
-        }, true, ['encrypt']);
-    }
-    async __importPrivateKey(privateKeyPem) {
-        const keyData = this.__pemToArrayBuffer(privateKeyPem.replace(/\\n/g, '\n'), 'PRIVATE');
-        return await crypto.subtle.importKey('pkcs8', keyData, {
-            name: 'RSA-OAEP',
-            hash: 'SHA-256'
-        }, true, ['decrypt']);
-    }
-    async _encrypt(algo, key, payload) {
-        const iv = crypto.getRandomValues(new Uint8Array(12));
-        const data = this.textEncoder.encode(JSON.stringify(payload));
-        const encryptedBuffer = await crypto.subtle.encrypt({
-            name: algo,
-            iv: iv,
-            tagLength: 128
-        }, key, data);
-        const encryptedBytes = new Uint8Array(encryptedBuffer);
-        return {
-            iv: this.__uint8ArrayToBase64(iv),
-            encrypted: this.__uint8ArrayToBase64(encryptedBytes),
-        };
-    }
-    async _decrypt(algo, key, encryptedData) {
-        const { iv, encrypted } = encryptedData;
-        const ivBuffer = this.__base64ToUint8Array(iv);
-        const encryptedBuffer = this.__base64ToUint8Array(encrypted);
-        const decryptedBuffer = await crypto.subtle.decrypt({
-            name: algo,
-            iv: ivBuffer,
-            tagLength: 128
-        }, key, encryptedBuffer);
-        return JSON.parse(this.textDecoder.decode(decryptedBuffer));
-    }
-    async _rsaPublicKeyGeneration(privateKeyPem) {
-        const privateKey = await this.__importPrivateKey(privateKeyPem);
-        const jwk = await crypto.subtle.exportKey('jwk', privateKey);
-        delete jwk.d;
-        delete jwk.dp;
-        delete jwk.dq;
-        delete jwk.q;
-        delete jwk.qi;
-        jwk.key_ops = ['encrypt'];
-        const publicKey = await crypto.subtle.importKey('jwk', jwk, {
-            name: 'RSA-OAEP',
-            hash: 'SHA-256'
-        }, true, ['encrypt']);
-        const exportedPublicKey = await crypto.subtle.exportKey('spki', publicKey);
-        return this.__arrayBufferToPem(exportedPublicKey, 'PUBLIC');
-    }
-    async _rsaPrivatePublicKeyGeneration() {
-        const keyPair = await crypto.subtle.generateKey({
-            name: 'RSA-OAEP',
-            modulusLength: 2048,
-            publicExponent: new Uint8Array([1, 0, 1]),
-            hash: 'SHA-256'
-        }, true, ['encrypt', 'decrypt']);
-        const privateKeyBuffer = await crypto.subtle.exportKey('pkcs8', keyPair.privateKey);
-        const publicKeyBuffer = await crypto.subtle.exportKey('spki', keyPair.publicKey);
-        return {
-            privateKey: this.__arrayBufferToPem(privateKeyBuffer, 'PRIVATE'),
-            publicKey: this.__arrayBufferToPem(publicKeyBuffer, 'PUBLIC')
-        };
-    }
-    async encrypt(algo, key, payload, exp) {
-        const cryptoKey = await this.__importAESKey(key);
-        const newPayload = { payload: payload, exp: exp };
-        const { iv, encrypted } = await this._encrypt(algo, cryptoKey, newPayload);
-        return (0, functions_lib_1.tokenFormatCreate)({
-            runtime: 'web',
-            algo: 'AES-GCM',
-            type: 'symmetric',
-            v: '1',
-            iv,
-        }, encrypted);
-    }
-    async decrypt(algo, key, encryptedData) {
-        const cryptoKey = await this.__importAESKey(key);
-        return await this._decrypt(algo, cryptoKey, encryptedData);
-    }
-    async encryptRSA(payload, publicKeyPem, exp) {
-        const symmetricKey = await crypto.subtle.generateKey({ name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt']);
-        const newPayload = { payload: payload, exp: exp };
-        const { iv, encrypted } = await this._encrypt('AES-GCM', symmetricKey, newPayload);
-        const symmetricKeyBuffer = await crypto.subtle.exportKey('raw', symmetricKey);
-        const publicKey = await this.__importPublicKey(publicKeyPem);
-        const encryptedSymmetricKey = await crypto.subtle.encrypt({
-            name: 'RSA-OAEP'
-        }, publicKey, symmetricKeyBuffer);
-        return (0, functions_lib_1.tokenFormatCreate)({
-            runtime: 'web',
-            algo: 'RSA+AES-GCM',
-            type: 'asymmetric',
-            v: '1',
-            iv,
-            encryptedKey: this.__arrayBufferToBase64(encryptedSymmetricKey)
-        }, encrypted);
-    }
-    async decryptRSA(privateKeyPem, encryptedKey, encryptedData) {
-        const privateKey = await this.__importPrivateKey(privateKeyPem);
-        const encryptedKeyBuffer = this.__base64ToArrayBuffer(encryptedKey);
-        const decryptedSymmetricKeyBuffer = await crypto.subtle.decrypt({
-            name: 'RSA-OAEP'
-        }, privateKey, encryptedKeyBuffer);
-        const symmetricKey = await crypto.subtle.importKey('raw', decryptedSymmetricKeyBuffer, { name: 'AES-GCM' }, false, ['decrypt']);
-        return await this._decrypt('AES-GCM', symmetricKey, encryptedData);
-    }
-    async rsaPrivatePublicKeyGeneration() {
-        return await this._rsaPrivatePublicKeyGeneration();
-    }
-    async rsaPublicKeyGeneration(privateKeyPem) {
-        return await this._rsaPublicKeyGeneration(privateKeyPem);
-    }
-}
-exports.WebCrypto = WebCrypto;