UNPKG

@guarani/jose

Version:

Implementation of the RFCs of the JOSE Working Group.

github.com/guaranijs/guarani/tree/master/packages/jose

guaranijs/guarani

84 lines (83 loc) 3.77 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.PS512 = exports.PS384 = exports.PS256 = exports.RS512 = exports.RS384 = exports.RS256 = exports.RsaSsaAlgorithm = void 0; const crypto_1 = require("crypto"); const util_1 = require("util"); const invalid_json_web_key_exception_1 = require("../../exceptions/invalid-json-web-key.exception"); const invalid_json_web_signature_exception_1 = require("../../exceptions/invalid-json-web-signature.exception"); const rsa_padding_1 = require("../../jwk/algorithms/rsa/types/rsa-padding"); const jsonwebsignature_algorithm_1 = require("./jsonwebsignature.algorithm"); const signAsync = (0, util_1.promisify)(crypto_1.sign); const verifyAsync = (0, util_1.promisify)(crypto_1.verify); /** * Implementation of the JSON Web Signature RSASSA Algorithm. */ class RsaSsaAlgorithm extends jsonwebsignature_algorithm_1.JsonWebSignatureAlgorithm { /** * Instantiates a new JSON Web Signature RSASSA Algorithm to Sign and Verify the Messages. * * @param hash Hash Algorithm used to Sign and Verify the Messages. * @param algorithm Name of the JSON Web Signature Algorithm. * @param padding RSA Padding used by the JSON Web Signature RSASSA Algorithm to Sign and Verify the Messages. */ constructor(hash, algorithm, padding) { super(hash, algorithm, 'RSA'); this.padding = padding; } /** * Signs a Message with the provided JSON Web Key. * * @param message Message to be Signed. * @param key JSON Web Key used to Sign the provided Message. * @returns Resulting Signature of the provided Message. */ async sign(message, key) { this.validateJsonWebKey(key); const cryptoKey = Reflect.get(key, 'cryptoKey'); if (cryptoKey.type !== 'private') { throw new invalid_json_web_key_exception_1.InvalidJsonWebKeyException('A Private Key is needed to Sign a JSON Web Signature Message.'); } const signature = await signAsync(this.hash, message, { key: cryptoKey, padding: this.padding }); return signature; } /** * Checks if the provided Signature matches the provided Message based on the provide JSON Web Key. * * @param signature Signature to be matched against the provided Message. * @param message Message to be matched against the provided Signature. * @param key JSON Web Key used to verify the Signature and Message. */ async verify(signature, message, key) { this.validateJsonWebKey(key); const cryptoKey = Reflect.get(key, 'cryptoKey'); const verificationResult = await verifyAsync(this.hash, message, { key: cryptoKey, padding: this.padding }, signature); if (!verificationResult) { throw new invalid_json_web_signature_exception_1.InvalidJsonWebSignatureException(); } } } exports.RsaSsaAlgorithm = RsaSsaAlgorithm; /** * RSASSA-PKCS1-v1_5 using SHA-256. */ exports.RS256 = new RsaSsaAlgorithm('SHA256', 'RS256', rsa_padding_1.RsaPadding.PKCS1); /** * RSASSA-PKCS1-v1_5 using SHA-384. */ exports.RS384 = new RsaSsaAlgorithm('SHA384', 'RS384', rsa_padding_1.RsaPadding.PKCS1); /** * RSASSA-PKCS1-v1_5 using SHA-512. */ exports.RS512 = new RsaSsaAlgorithm('SHA512', 'RS512', rsa_padding_1.RsaPadding.PKCS1); /** * RSASSA-PSS using SHA-256 and MGF1 with SHA-256. */ exports.PS256 = new RsaSsaAlgorithm('SHA256', 'PS256', rsa_padding_1.RsaPadding.PSS); /** * RSASSA-PSS using SHA-384 and MGF1 with SHA-384. */ exports.PS384 = new RsaSsaAlgorithm('SHA384', 'PS384', rsa_padding_1.RsaPadding.PSS); /** * RSASSA-PSS using SHA-512 and MGF1 with SHA-512. */ exports.PS512 = new RsaSsaAlgorithm('SHA512', 'PS512', rsa_padding_1.RsaPadding.PSS);