@transmute/jose-ld
Version:
``` npm i @transmute/jose-ld@latest --save ```
1,607 lines (1,331 loc) • 54.6 kB
JavaScript
import { TransformStream } from 'web-streams-polyfill/ponyfill';
import * as jose from 'jose';
import { importJWK, GeneralEncrypt } from 'jose';
function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
try {
var info = gen[key](arg);
var value = info.value;
} catch (error) {
reject(error);
return;
}
if (info.done) {
resolve(value);
} else {
Promise.resolve(value).then(_next, _throw);
}
}
function _asyncToGenerator(fn) {
return function () {
var self = this,
args = arguments;
return new Promise(function (resolve, reject) {
var gen = fn.apply(self, args);
function _next(value) {
asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
}
function _throw(err) {
asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
}
_next(undefined);
});
};
}
function _extends() {
_extends = Object.assign || function (target) {
for (var i = 1; i < arguments.length; i++) {
var source = arguments[i];
for (var key in source) {
if (Object.prototype.hasOwnProperty.call(source, key)) {
target[key] = source[key];
}
}
}
return target;
};
return _extends.apply(this, arguments);
}
function _objectWithoutPropertiesLoose(source, excluded) {
if (source == null) return {};
var target = {};
var sourceKeys = Object.keys(source);
var key, i;
for (i = 0; i < sourceKeys.length; i++) {
key = sourceKeys[i];
if (excluded.indexOf(key) >= 0) continue;
target[key] = source[key];
}
return target;
}
function createCommonjsModule(fn, module) {
return module = { exports: {} }, fn(module, module.exports), module.exports;
}
var runtime_1 = createCommonjsModule(function (module) {
/**
* Copyright (c) 2014-present, Facebook, Inc.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
var runtime = (function (exports) {
var Op = Object.prototype;
var hasOwn = Op.hasOwnProperty;
var undefined$1; // More compressible than void 0.
var $Symbol = typeof Symbol === "function" ? Symbol : {};
var iteratorSymbol = $Symbol.iterator || "@@iterator";
var asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator";
var toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag";
function define(obj, key, value) {
Object.defineProperty(obj, key, {
value: value,
enumerable: true,
configurable: true,
writable: true
});
return obj[key];
}
try {
// IE 8 has a broken Object.defineProperty that only works on DOM objects.
define({}, "");
} catch (err) {
define = function(obj, key, value) {
return obj[key] = value;
};
}
function wrap(innerFn, outerFn, self, tryLocsList) {
// If outerFn provided and outerFn.prototype is a Generator, then outerFn.prototype instanceof Generator.
var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator;
var generator = Object.create(protoGenerator.prototype);
var context = new Context(tryLocsList || []);
// The ._invoke method unifies the implementations of the .next,
// .throw, and .return methods.
generator._invoke = makeInvokeMethod(innerFn, self, context);
return generator;
}
exports.wrap = wrap;
// Try/catch helper to minimize deoptimizations. Returns a completion
// record like context.tryEntries[i].completion. This interface could
// have been (and was previously) designed to take a closure to be
// invoked without arguments, but in all the cases we care about we
// already have an existing method we want to call, so there's no need
// to create a new function object. We can even get away with assuming
// the method takes exactly one argument, since that happens to be true
// in every case, so we don't have to touch the arguments object. The
// only additional allocation required is the completion record, which
// has a stable shape and so hopefully should be cheap to allocate.
function tryCatch(fn, obj, arg) {
try {
return { type: "normal", arg: fn.call(obj, arg) };
} catch (err) {
return { type: "throw", arg: err };
}
}
var GenStateSuspendedStart = "suspendedStart";
var GenStateSuspendedYield = "suspendedYield";
var GenStateExecuting = "executing";
var GenStateCompleted = "completed";
// Returning this object from the innerFn has the same effect as
// breaking out of the dispatch switch statement.
var ContinueSentinel = {};
// Dummy constructor functions that we use as the .constructor and
// .constructor.prototype properties for functions that return Generator
// objects. For full spec compliance, you may wish to configure your
// minifier not to mangle the names of these two functions.
function Generator() {}
function GeneratorFunction() {}
function GeneratorFunctionPrototype() {}
// This is a polyfill for %IteratorPrototype% for environments that
// don't natively support it.
var IteratorPrototype = {};
IteratorPrototype[iteratorSymbol] = function () {
return this;
};
var getProto = Object.getPrototypeOf;
var NativeIteratorPrototype = getProto && getProto(getProto(values([])));
if (NativeIteratorPrototype &&
NativeIteratorPrototype !== Op &&
hasOwn.call(NativeIteratorPrototype, iteratorSymbol)) {
// This environment has a native %IteratorPrototype%; use it instead
// of the polyfill.
IteratorPrototype = NativeIteratorPrototype;
}
var Gp = GeneratorFunctionPrototype.prototype =
Generator.prototype = Object.create(IteratorPrototype);
GeneratorFunction.prototype = Gp.constructor = GeneratorFunctionPrototype;
GeneratorFunctionPrototype.constructor = GeneratorFunction;
GeneratorFunction.displayName = define(
GeneratorFunctionPrototype,
toStringTagSymbol,
"GeneratorFunction"
);
// Helper for defining the .next, .throw, and .return methods of the
// Iterator interface in terms of a single ._invoke method.
function defineIteratorMethods(prototype) {
["next", "throw", "return"].forEach(function(method) {
define(prototype, method, function(arg) {
return this._invoke(method, arg);
});
});
}
exports.isGeneratorFunction = function(genFun) {
var ctor = typeof genFun === "function" && genFun.constructor;
return ctor
? ctor === GeneratorFunction ||
// For the native GeneratorFunction constructor, the best we can
// do is to check its .name property.
(ctor.displayName || ctor.name) === "GeneratorFunction"
: false;
};
exports.mark = function(genFun) {
if (Object.setPrototypeOf) {
Object.setPrototypeOf(genFun, GeneratorFunctionPrototype);
} else {
genFun.__proto__ = GeneratorFunctionPrototype;
define(genFun, toStringTagSymbol, "GeneratorFunction");
}
genFun.prototype = Object.create(Gp);
return genFun;
};
// Within the body of any async function, `await x` is transformed to
// `yield regeneratorRuntime.awrap(x)`, so that the runtime can test
// `hasOwn.call(value, "__await")` to determine if the yielded value is
// meant to be awaited.
exports.awrap = function(arg) {
return { __await: arg };
};
function AsyncIterator(generator, PromiseImpl) {
function invoke(method, arg, resolve, reject) {
var record = tryCatch(generator[method], generator, arg);
if (record.type === "throw") {
reject(record.arg);
} else {
var result = record.arg;
var value = result.value;
if (value &&
typeof value === "object" &&
hasOwn.call(value, "__await")) {
return PromiseImpl.resolve(value.__await).then(function(value) {
invoke("next", value, resolve, reject);
}, function(err) {
invoke("throw", err, resolve, reject);
});
}
return PromiseImpl.resolve(value).then(function(unwrapped) {
// When a yielded Promise is resolved, its final value becomes
// the .value of the Promise<{value,done}> result for the
// current iteration.
result.value = unwrapped;
resolve(result);
}, function(error) {
// If a rejected Promise was yielded, throw the rejection back
// into the async generator function so it can be handled there.
return invoke("throw", error, resolve, reject);
});
}
}
var previousPromise;
function enqueue(method, arg) {
function callInvokeWithMethodAndArg() {
return new PromiseImpl(function(resolve, reject) {
invoke(method, arg, resolve, reject);
});
}
return previousPromise =
// If enqueue has been called before, then we want to wait until
// all previous Promises have been resolved before calling invoke,
// so that results are always delivered in the correct order. If
// enqueue has not been called before, then it is important to
// call invoke immediately, without waiting on a callback to fire,
// so that the async generator function has the opportunity to do
// any necessary setup in a predictable way. This predictability
// is why the Promise constructor synchronously invokes its
// executor callback, and why async functions synchronously
// execute code before the first await. Since we implement simple
// async functions in terms of async generators, it is especially
// important to get this right, even though it requires care.
previousPromise ? previousPromise.then(
callInvokeWithMethodAndArg,
// Avoid propagating failures to Promises returned by later
// invocations of the iterator.
callInvokeWithMethodAndArg
) : callInvokeWithMethodAndArg();
}
// Define the unified helper method that is used to implement .next,
// .throw, and .return (see defineIteratorMethods).
this._invoke = enqueue;
}
defineIteratorMethods(AsyncIterator.prototype);
AsyncIterator.prototype[asyncIteratorSymbol] = function () {
return this;
};
exports.AsyncIterator = AsyncIterator;
// Note that simple async functions are implemented on top of
// AsyncIterator objects; they just return a Promise for the value of
// the final result produced by the iterator.
exports.async = function(innerFn, outerFn, self, tryLocsList, PromiseImpl) {
if (PromiseImpl === void 0) PromiseImpl = Promise;
var iter = new AsyncIterator(
wrap(innerFn, outerFn, self, tryLocsList),
PromiseImpl
);
return exports.isGeneratorFunction(outerFn)
? iter // If outerFn is a generator, return the full iterator.
: iter.next().then(function(result) {
return result.done ? result.value : iter.next();
});
};
function makeInvokeMethod(innerFn, self, context) {
var state = GenStateSuspendedStart;
return function invoke(method, arg) {
if (state === GenStateExecuting) {
throw new Error("Generator is already running");
}
if (state === GenStateCompleted) {
if (method === "throw") {
throw arg;
}
// Be forgiving, per 25.3.3.3.3 of the spec:
// https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume
return doneResult();
}
context.method = method;
context.arg = arg;
while (true) {
var delegate = context.delegate;
if (delegate) {
var delegateResult = maybeInvokeDelegate(delegate, context);
if (delegateResult) {
if (delegateResult === ContinueSentinel) continue;
return delegateResult;
}
}
if (context.method === "next") {
// Setting context._sent for legacy support of Babel's
// function.sent implementation.
context.sent = context._sent = context.arg;
} else if (context.method === "throw") {
if (state === GenStateSuspendedStart) {
state = GenStateCompleted;
throw context.arg;
}
context.dispatchException(context.arg);
} else if (context.method === "return") {
context.abrupt("return", context.arg);
}
state = GenStateExecuting;
var record = tryCatch(innerFn, self, context);
if (record.type === "normal") {
// If an exception is thrown from innerFn, we leave state ===
// GenStateExecuting and loop back for another invocation.
state = context.done
? GenStateCompleted
: GenStateSuspendedYield;
if (record.arg === ContinueSentinel) {
continue;
}
return {
value: record.arg,
done: context.done
};
} else if (record.type === "throw") {
state = GenStateCompleted;
// Dispatch the exception by looping back around to the
// context.dispatchException(context.arg) call above.
context.method = "throw";
context.arg = record.arg;
}
}
};
}
// Call delegate.iterator[context.method](context.arg) and handle the
// result, either by returning a { value, done } result from the
// delegate iterator, or by modifying context.method and context.arg,
// setting context.delegate to null, and returning the ContinueSentinel.
function maybeInvokeDelegate(delegate, context) {
var method = delegate.iterator[context.method];
if (method === undefined$1) {
// A .throw or .return when the delegate iterator has no .throw
// method always terminates the yield* loop.
context.delegate = null;
if (context.method === "throw") {
// Note: ["return"] must be used for ES3 parsing compatibility.
if (delegate.iterator["return"]) {
// If the delegate iterator has a return method, give it a
// chance to clean up.
context.method = "return";
context.arg = undefined$1;
maybeInvokeDelegate(delegate, context);
if (context.method === "throw") {
// If maybeInvokeDelegate(context) changed context.method from
// "return" to "throw", let that override the TypeError below.
return ContinueSentinel;
}
}
context.method = "throw";
context.arg = new TypeError(
"The iterator does not provide a 'throw' method");
}
return ContinueSentinel;
}
var record = tryCatch(method, delegate.iterator, context.arg);
if (record.type === "throw") {
context.method = "throw";
context.arg = record.arg;
context.delegate = null;
return ContinueSentinel;
}
var info = record.arg;
if (! info) {
context.method = "throw";
context.arg = new TypeError("iterator result is not an object");
context.delegate = null;
return ContinueSentinel;
}
if (info.done) {
// Assign the result of the finished delegate to the temporary
// variable specified by delegate.resultName (see delegateYield).
context[delegate.resultName] = info.value;
// Resume execution at the desired location (see delegateYield).
context.next = delegate.nextLoc;
// If context.method was "throw" but the delegate handled the
// exception, let the outer generator proceed normally. If
// context.method was "next", forget context.arg since it has been
// "consumed" by the delegate iterator. If context.method was
// "return", allow the original .return call to continue in the
// outer generator.
if (context.method !== "return") {
context.method = "next";
context.arg = undefined$1;
}
} else {
// Re-yield the result returned by the delegate method.
return info;
}
// The delegate iterator is finished, so forget it and continue with
// the outer generator.
context.delegate = null;
return ContinueSentinel;
}
// Define Generator.prototype.{next,throw,return} in terms of the
// unified ._invoke helper method.
defineIteratorMethods(Gp);
define(Gp, toStringTagSymbol, "Generator");
// A Generator should always return itself as the iterator object when the
// @@iterator function is called on it. Some browsers' implementations of the
// iterator prototype chain incorrectly implement this, causing the Generator
// object to not be returned from this call. This ensures that doesn't happen.
// See https://github.com/facebook/regenerator/issues/274 for more details.
Gp[iteratorSymbol] = function() {
return this;
};
Gp.toString = function() {
return "[object Generator]";
};
function pushTryEntry(locs) {
var entry = { tryLoc: locs[0] };
if (1 in locs) {
entry.catchLoc = locs[1];
}
if (2 in locs) {
entry.finallyLoc = locs[2];
entry.afterLoc = locs[3];
}
this.tryEntries.push(entry);
}
function resetTryEntry(entry) {
var record = entry.completion || {};
record.type = "normal";
delete record.arg;
entry.completion = record;
}
function Context(tryLocsList) {
// The root entry object (effectively a try statement without a catch
// or a finally block) gives us a place to store values thrown from
// locations where there is no enclosing try statement.
this.tryEntries = [{ tryLoc: "root" }];
tryLocsList.forEach(pushTryEntry, this);
this.reset(true);
}
exports.keys = function(object) {
var keys = [];
for (var key in object) {
keys.push(key);
}
keys.reverse();
// Rather than returning an object with a next method, we keep
// things simple and return the next function itself.
return function next() {
while (keys.length) {
var key = keys.pop();
if (key in object) {
next.value = key;
next.done = false;
return next;
}
}
// To avoid creating an additional object, we just hang the .value
// and .done properties off the next function object itself. This
// also ensures that the minifier will not anonymize the function.
next.done = true;
return next;
};
};
function values(iterable) {
if (iterable) {
var iteratorMethod = iterable[iteratorSymbol];
if (iteratorMethod) {
return iteratorMethod.call(iterable);
}
if (typeof iterable.next === "function") {
return iterable;
}
if (!isNaN(iterable.length)) {
var i = -1, next = function next() {
while (++i < iterable.length) {
if (hasOwn.call(iterable, i)) {
next.value = iterable[i];
next.done = false;
return next;
}
}
next.value = undefined$1;
next.done = true;
return next;
};
return next.next = next;
}
}
// Return an iterator with no values.
return { next: doneResult };
}
exports.values = values;
function doneResult() {
return { value: undefined$1, done: true };
}
Context.prototype = {
constructor: Context,
reset: function(skipTempReset) {
this.prev = 0;
this.next = 0;
// Resetting context._sent for legacy support of Babel's
// function.sent implementation.
this.sent = this._sent = undefined$1;
this.done = false;
this.delegate = null;
this.method = "next";
this.arg = undefined$1;
this.tryEntries.forEach(resetTryEntry);
if (!skipTempReset) {
for (var name in this) {
// Not sure about the optimal order of these conditions:
if (name.charAt(0) === "t" &&
hasOwn.call(this, name) &&
!isNaN(+name.slice(1))) {
this[name] = undefined$1;
}
}
}
},
stop: function() {
this.done = true;
var rootEntry = this.tryEntries[0];
var rootRecord = rootEntry.completion;
if (rootRecord.type === "throw") {
throw rootRecord.arg;
}
return this.rval;
},
dispatchException: function(exception) {
if (this.done) {
throw exception;
}
var context = this;
function handle(loc, caught) {
record.type = "throw";
record.arg = exception;
context.next = loc;
if (caught) {
// If the dispatched exception was caught by a catch block,
// then let that catch block handle the exception normally.
context.method = "next";
context.arg = undefined$1;
}
return !! caught;
}
for (var i = this.tryEntries.length - 1; i >= 0; --i) {
var entry = this.tryEntries[i];
var record = entry.completion;
if (entry.tryLoc === "root") {
// Exception thrown outside of any try block that could handle
// it, so set the completion value of the entire function to
// throw the exception.
return handle("end");
}
if (entry.tryLoc <= this.prev) {
var hasCatch = hasOwn.call(entry, "catchLoc");
var hasFinally = hasOwn.call(entry, "finallyLoc");
if (hasCatch && hasFinally) {
if (this.prev < entry.catchLoc) {
return handle(entry.catchLoc, true);
} else if (this.prev < entry.finallyLoc) {
return handle(entry.finallyLoc);
}
} else if (hasCatch) {
if (this.prev < entry.catchLoc) {
return handle(entry.catchLoc, true);
}
} else if (hasFinally) {
if (this.prev < entry.finallyLoc) {
return handle(entry.finallyLoc);
}
} else {
throw new Error("try statement without catch or finally");
}
}
}
},
abrupt: function(type, arg) {
for (var i = this.tryEntries.length - 1; i >= 0; --i) {
var entry = this.tryEntries[i];
if (entry.tryLoc <= this.prev &&
hasOwn.call(entry, "finallyLoc") &&
this.prev < entry.finallyLoc) {
var finallyEntry = entry;
break;
}
}
if (finallyEntry &&
(type === "break" ||
type === "continue") &&
finallyEntry.tryLoc <= arg &&
arg <= finallyEntry.finallyLoc) {
// Ignore the finally entry if control is not jumping to a
// location outside the try/catch block.
finallyEntry = null;
}
var record = finallyEntry ? finallyEntry.completion : {};
record.type = type;
record.arg = arg;
if (finallyEntry) {
this.method = "next";
this.next = finallyEntry.finallyLoc;
return ContinueSentinel;
}
return this.complete(record);
},
complete: function(record, afterLoc) {
if (record.type === "throw") {
throw record.arg;
}
if (record.type === "break" ||
record.type === "continue") {
this.next = record.arg;
} else if (record.type === "return") {
this.rval = this.arg = record.arg;
this.method = "return";
this.next = "end";
} else if (record.type === "normal" && afterLoc) {
this.next = afterLoc;
}
return ContinueSentinel;
},
finish: function(finallyLoc) {
for (var i = this.tryEntries.length - 1; i >= 0; --i) {
var entry = this.tryEntries[i];
if (entry.finallyLoc === finallyLoc) {
this.complete(entry.completion, entry.afterLoc);
resetTryEntry(entry);
return ContinueSentinel;
}
}
},
"catch": function(tryLoc) {
for (var i = this.tryEntries.length - 1; i >= 0; --i) {
var entry = this.tryEntries[i];
if (entry.tryLoc === tryLoc) {
var record = entry.completion;
if (record.type === "throw") {
var thrown = record.arg;
resetTryEntry(entry);
}
return thrown;
}
}
// The context.catch method must only be called with a location
// argument that corresponds to a known catch block.
throw new Error("illegal catch attempt");
},
delegateYield: function(iterable, resultName, nextLoc) {
this.delegate = {
iterator: values(iterable),
resultName: resultName,
nextLoc: nextLoc
};
if (this.method === "next") {
// Deliberately forget the last sent value so that we don't
// accidentally pass it on to the delegate.
this.arg = undefined$1;
}
return ContinueSentinel;
}
};
// Regardless of whether this script is executing as a CommonJS module
// or not, return the runtime object so that we can declare the variable
// regeneratorRuntime in the outer scope, which allows this module to be
// injected easily by `bin/regenerator --include-runtime script.js`.
return exports;
}(
// If this script is executing as a CommonJS module, use module.exports
// as the regeneratorRuntime namespace. Otherwise create a new empty
// object. Either way, the resulting object will be used to initialize
// the regeneratorRuntime variable at the top of this file.
module.exports
));
try {
regeneratorRuntime = runtime;
} catch (accidentalStrictMode) {
// This module should not be running in strict mode, so the above
// assignment should always work unless something is misconfigured. Just
// in case runtime.js accidentally runs in strict mode, we can escape
// strict mode using a global Function call. This could conceivably fail
// if a Content Security Policy forbids using Function, but in that case
// the proper solution is to fix the accidental strict mode problem. If
// you've misconfigured your bundler to force strict mode and applied a
// CSP to forbid Function, and you're not willing to fix either of those
// problems, please detail your unique predicament in a GitHub issue.
Function("r", "regeneratorRuntime = r")(runtime);
}
});
var base64 = {
encode: function encode(unencoded) {
return Buffer.from(unencoded || '').toString('base64');
},
decode: function decode(encoded) {
return Buffer.from(encoded || '', 'base64').toString('utf8');
}
};
var base64url = {
encode: function encode(unencoded) {
var encoded = base64.encode(unencoded);
return encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
},
decode: function decode(encoded) {
encoded = encoded.replace(/-/g, '+').replace(/_/g, '/');
while (encoded.length % 4) {
encoded += '=';
}
return base64.decode(encoded);
}
};
var detachedHeaderParams = {
b64: false,
crit: ['b64']
};
var createSigner = function createSigner(signer, type, options) {
if (options === void 0) {
options = {
detached: false
};
}
return {
sign: function () {
var _sign = _asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee(_ref) {
var data, header, encodedHeader, encodedPayload, toBeSigned, message, signature;
return runtime_1.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
data = _ref.data;
header = _extends({
alg: type
}, options.header, options.detached ? detachedHeaderParams : undefined);
encodedHeader = base64url.encode(JSON.stringify(header));
encodedPayload = base64url.encode(data instanceof Uint8Array ? Buffer.from(data).toString('utf-8') : JSON.stringify(data));
toBeSigned = options.detached ? new Uint8Array(Buffer.concat([Buffer.from(encodedHeader, 'utf8'), Buffer.from('.', 'utf-8'), data])) : new Uint8Array(Buffer.from(encodedHeader + "." + encodedPayload));
message = toBeSigned;
_context.next = 8;
return signer.sign({
data: message
});
case 8:
signature = _context.sent;
return _context.abrupt("return", options.detached ? encodedHeader + ".." + base64url.encode(Buffer.from(signature)) : encodedHeader + "." + encodedPayload + "." + base64url.encode(Buffer.from(signature)));
case 10:
case "end":
return _context.stop();
}
}
}, _callee);
}));
function sign(_x) {
return _sign.apply(this, arguments);
}
return sign;
}()
};
};
var createVerifier = function createVerifier(verifier, type, options) {
if (options === void 0) {
options = {
detached: false
};
}
return {
verify: function () {
var _verify = _asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee(_ref) {
var data, signature, _signature$split, encodedHeader, encodedPayload, encodedSignature, decoded, toBeSigned, verified;
return runtime_1.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
data = _ref.data, signature = _ref.signature;
if (signature) {
_context.next = 3;
break;
}
throw new Error('Signature cannot be empty.');
case 3:
if (!signature.split) {
signature = signature.toString();
}
_signature$split = signature.split('.'), encodedHeader = _signature$split[0], encodedPayload = _signature$split[1], encodedSignature = _signature$split[2];
decoded = JSON.parse(Buffer.from(encodedHeader, 'base64').toString());
if (!(decoded.alg !== type)) {
_context.next = 8;
break;
}
throw new Error('JWS.header contained unsupported alg: ' + decoded.alg);
case 8:
toBeSigned = encodedHeader + "." + encodedPayload;
if (!(options.detached && decoded.b64)) {
_context.next = 11;
break;
}
throw new Error('header.b64 must be false for detached jws.');
case 11:
if (!(options.detached && !decoded.crit.includes('b64'))) {
_context.next = 13;
break;
}
throw new Error('header.crit must include "b64" for detached jws.');
case 13:
if (!(options.detached && !data)) {
_context.next = 15;
break;
}
throw new Error('cannot verify a detached jws without data.');
case 15:
if (options.detached && data) {
toBeSigned = Buffer.concat([Buffer.from(encodedHeader + '.', 'utf8'), Buffer.from(data.buffer, data.byteOffset, data.length)]);
}
verified = verifier.verify({
data: Buffer.from(toBeSigned),
signature: Buffer.from(encodedSignature, 'base64')
});
return _context.abrupt("return", verified);
case 18:
case "end":
return _context.stop();
}
}
}, _callee);
}));
function verify(_x) {
return _verify.apply(this, arguments);
}
return verify;
}()
};
};
var index = {
__proto__: null,
createSigner: createSigner,
createVerifier: createVerifier
};
function stringToUint8Array(data) {
if (typeof data === 'string') {
// convert data to Uint8Array
return new Uint8Array(Buffer.from(data));
}
if (!(data instanceof Uint8Array)) {
throw new TypeError('"data" be a string or Uint8Array.');
}
return data;
}
var alg = 'ECDH-ES+A256KW';
var enc = 'A256GCM';
var DecryptTransformer = /*#__PURE__*/function () {
function DecryptTransformer(_temp) {
var _ref = _temp === void 0 ? {} : _temp,
keyAgreementKey = _ref.keyAgreementKey;
if (!keyAgreementKey) {
throw new TypeError('"keyAgreementKey" is a required parameter.');
}
this.keyAgreementKey = keyAgreementKey;
}
var _proto = DecryptTransformer.prototype;
_proto.transform = /*#__PURE__*/function () {
var _transform = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee(chunk, controller) {
var jwe, data, error;
return runtime_1.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
if (chunk && typeof chunk === 'object') {
_context.next = 2;
break;
}
throw new TypeError('"chunk" must be an object.');
case 2:
jwe = chunk.jwe;
_context.next = 5;
return this.decrypt(jwe);
case 5:
data = _context.sent;
if (!(data === null)) {
_context.next = 10;
break;
}
error = new Error('Invalid decryption key.');
error.name = 'DataError';
throw error;
case 10:
controller.enqueue(data);
case 11:
case "end":
return _context.stop();
}
}
}, _callee, this);
}));
function transform(_x, _x2) {
return _transform.apply(this, arguments);
}
return transform;
}();
_proto.decrypt = /*#__PURE__*/function () {
var _decrypt = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee2(jwe) {
var header, _yield$this$keyAgreem, privateKeyJwk, decrypted;
return runtime_1.wrap(function _callee2$(_context2) {
while (1) {
switch (_context2.prev = _context2.next) {
case 0:
if (jwe && typeof jwe === 'object') {
_context2.next = 2;
break;
}
throw new TypeError('"jwe" must be an object.');
case 2:
if (!(typeof jwe["protected"] !== 'string')) {
_context2.next = 4;
break;
}
throw new TypeError('"jwe.protected" is missing or not a string.');
case 4:
if (!(typeof jwe.iv !== 'string')) {
_context2.next = 6;
break;
}
throw new Error('Invalid or missing "iv".');
case 6:
if (!(typeof jwe.ciphertext !== 'string')) {
_context2.next = 8;
break;
}
throw new Error('Invalid or missing "ciphertext".');
case 8:
if (!(typeof jwe.tag !== 'string')) {
_context2.next = 10;
break;
}
throw new Error('Invalid or missing "tag".');
case 10:
_context2.prev = 10;
// ASCII(BASE64URL(UTF8(JWE Protected Header)))
header = JSON.parse(Buffer.from(jwe["protected"], 'base64').toString());
_context2.next = 17;
break;
case 14:
_context2.prev = 14;
_context2.t0 = _context2["catch"](10);
throw new Error('Invalid JWE "protected" header.');
case 17:
if (header.enc && typeof header.enc === 'string') {
_context2.next = 19;
break;
}
throw new Error('Invalid JWE "enc" header.');
case 19:
if (!(header.enc !== enc)) {
_context2.next = 21;
break;
}
throw new Error("Unsupported encryption algorithm \"" + header.enc + "\".");
case 21:
if (Array.isArray(jwe.recipients)) {
_context2.next = 23;
break;
}
throw new TypeError('"jwe.recipients" must be an array.');
case 23:
_context2.next = 25;
return this.keyAgreementKey["export"]({
type: 'JsonWebKey2020',
privateKey: true
});
case 25:
_yield$this$keyAgreem = _context2.sent;
privateKeyJwk = _yield$this$keyAgreem.privateKeyJwk;
_context2.t1 = jose;
_context2.t2 = jwe;
_context2.next = 31;
return importJWK(privateKeyJwk, 'ECDH-ES+A256KW');
case 31:
_context2.t3 = _context2.sent;
_context2.next = 34;
return _context2.t1.generalDecrypt.call(_context2.t1, _context2.t2, _context2.t3);
case 34:
decrypted = _context2.sent;
return _context2.abrupt("return", decrypted.plaintext);
case 36:
case "end":
return _context2.stop();
}
}
}, _callee2, this, [[10, 14]]);
}));
function decrypt(_x3) {
return _decrypt.apply(this, arguments);
}
return decrypt;
}();
return DecryptTransformer;
}();
var DEFAULT_CHUNK_SIZE = 1048576;
var EncryptTransformer = /*#__PURE__*/function () {
function EncryptTransformer(_temp) {
var _ref = _temp === void 0 ? {} : _temp,
alg = _ref.alg,
enc = _ref.enc,
recipients = _ref.recipients,
_ref$chunkSize = _ref.chunkSize,
chunkSize = _ref$chunkSize === void 0 ? DEFAULT_CHUNK_SIZE : _ref$chunkSize;
this.recipients = recipients; // type JsonWebKey2020[]
this.chunkSize = chunkSize;
this.offset = 0;
this.totalOffset = 0;
this.index = 0;
this.alg = alg || 'ECDH-ES+A256KW';
this.enc = enc || 'A256GCM';
}
var _proto = EncryptTransformer.prototype;
_proto.start = function start() {
this.buffer = new Uint8Array(this.chunkSize);
};
_proto.transform = /*#__PURE__*/function () {
var _transform = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee(chunk, controller) {
var buffer, space, partial;
return runtime_1.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
buffer = this.buffer; // assumes `chunk` is a Uint8Array...
if (chunk instanceof Uint8Array) {
_context.next = 3;
break;
}
throw new TypeError('"chunk" must be an object.');
case 3:
if (!chunk) {
_context.next = 11;
break;
}
space = buffer.length - this.offset;
if (chunk.length <= space) {
buffer.set(chunk, this.offset);
this.offset += chunk.byteLength;
this.totalOffset += chunk.byteLength;
chunk = null;
} else {
partial = new Uint8Array(chunk.buffer, chunk.byteOffset, space);
chunk = new Uint8Array(chunk.buffer, chunk.byteOffset + space, chunk.length - space);
buffer.set(partial, this.offset);
this.offset += space;
this.totalOffset += space;
} // flush if buffer is full and more data remains
if (!chunk) {
_context.next = 9;
break;
}
_context.next = 9;
return this.flush(controller);
case 9:
_context.next = 3;
break;
case 11:
case "end":
return _context.stop();
}
}
}, _callee, this);
}));
function transform(_x, _x2) {
return _transform.apply(this, arguments);
}
return transform;
}();
_proto.flush = /*#__PURE__*/function () {
var _flush = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee2(controller) {
var buffer, data, jwe;
return runtime_1.wrap(function _callee2$(_context2) {
while (1) {
switch (_context2.prev = _context2.next) {
case 0:
if (!(this.offset === 0)) {
_context2.next = 2;
break;
}
return _context2.abrupt("return");
case 2:
// encrypt data
buffer = this.buffer;
data = new Uint8Array(buffer.buffer, buffer.byteOffset, this.offset);
_context2.next = 6;
return this.encrypt(data);
case 6:
jwe = _context2.sent;
// clear buffer
this.offset = 0;
controller.enqueue({
index: this.index++,
offset: this.totalOffset,
jwe: jwe
});
case 9:
case "end":
return _context2.stop();
}
}
}, _callee2, this);
}));
function flush(_x3) {
return _flush.apply(this, arguments);
}
return flush;
}();
_proto.encrypt = /*#__PURE__*/function () {
var _encrypt = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee4(data) {
var alg, enc, encryptor, ciphertext;
return runtime_1.wrap(function _callee4$(_context4) {
while (1) {
switch (_context4.prev = _context4.next) {
case 0:
alg = this.alg, enc = this.enc;
encryptor = new GeneralEncrypt(data);
_context4.next = 4;
return Promise.all(this.recipients.map( /*#__PURE__*/function () {
var _ref2 = _asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee3(publicKey) {
return runtime_1.wrap(function _callee3$(_context3) {
while (1) {
switch (_context3.prev = _context3.next) {
case 0:
_context3.t0 = encryptor;
_context3.next = 3;
return importJWK(publicKey.publicKeyJwk, alg);
case 3:
_context3.t1 = _context3.sent;
return _context3.abrupt("return", _context3.t0.addRecipient.call(_context3.t0, _context3.t1).setUnprotectedHeader({
alg: alg,
kid: publicKey.id
}));
case 5:
case "end":
return _context3.stop();
}
}
}, _callee3);
}));
return function (_x5) {
return _ref2.apply(this, arguments);
};
}()));
case 4:
encryptor.setProtectedHeader({
enc: enc
});
_context4.next = 7;
return encryptor.encrypt();
case 7:
ciphertext = _context4.sent;
return _context4.abrupt("return", ciphertext);
case 9:
case "end":
return _context4.stop();
}
}
}, _callee4, this);
}));
function encrypt(_x4) {
return _encrypt.apply(this, arguments);
}
return encrypt;
}();
return EncryptTransformer;
}();
var Cipher = /*#__PURE__*/function () {
function Cipher() {}
var _proto = Cipher.prototype;
_proto.createEncryptStream = /*#__PURE__*/function () {
var _createEncryptStream = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee(_ref) {
var recipients, publicKeyResolver, chunkSize, transformer;
return runtime_1.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
recipients = _ref.recipients, publicKeyResolver = _ref.publicKeyResolver, chunkSize = _ref.chunkSize;
_context.next = 3;
return this.createEncryptTransformer({
recipients: recipients,
publicKeyResolver: publicKeyResolver,
chunkSize: chunkSize
});
case 3:
transformer = _context.sent;
return _context.abrupt("return", new TransformStream(transformer));
case 5:
case "end":
return _context.stop();
}
}
}, _callee, this);
}));
function createEncryptStream(_x) {
return _createEncryptStream.apply(this, arguments);
}
return createEncryptStream;
}();
_proto.createDecryptStream = /*#__PURE__*/function () {
var _createDecryptStream = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee2(_ref2) {
var keyAgreementKey, transformer;
return runtime_1.wrap(function _callee2$(_context2) {
while (1) {
switch (_context2.prev = _context2.next) {
case 0:
keyAgreementKey = _ref2.keyAgreementKey;
_context2.next = 3;
return this.createDecryptTransformer({
keyAgreementKey: keyAgreementKey
});
case 3:
transformer = _context2.sent;
return _context2.abrupt("return", new TransformStream(transformer));
case 5:
case "end":
return _context2.stop();
}
}
}, _callee2, this);
}));
function createDecryptStream(_x2) {
return _createDecryptStream.apply(this, arguments);
}
return createDecryptStream;
}();
_proto.encrypt = /*#__PURE__*/function () {
var _encrypt = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee3(_ref3) {
var data, recipients, publicKeyResolver, transformer;
return runtime_1.wrap(function _callee3$(_context3) {
while (1) {
switch (_context3.prev = _context3.next) {
case 0:
data = _ref3.data, recipients = _ref3.recipients, publicKeyResolver = _ref3.publicKeyResolver;
if (!(!(data instanceof Uint8Array) && typeof data !== 'string')) {
_context3.next = 3;
break;
}
throw new TypeError('"data" must be a Uint8Array or a string.');
case 3:
if (data) {
data = stringToUint8Array(data);
}
_context3.next = 6;
return this.createEncryptTransformer({
recipients: recipients,
publicKeyResolver: publicKeyResolver
});
case 6:
transformer = _context3.sent;
return _context3.abrupt("return", transformer.encrypt(data));
case 8:
case "end":
return _context3.stop();
}
}
}, _callee3, this);
}));
function encrypt(_x3) {
return _encrypt.apply(this, arguments);
}
return encrypt;
}();
_proto.encryptObject = /*#__PURE__*/function () {
var _encryptObject = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee4(_ref4) {
var obj, rest;
return runtime_1.wrap(function _callee4$(_context4) {
while (1) {
switch (_context4.prev = _context4.next) {
case 0:
obj = _ref4.obj, rest = /*#__PURE__*/_objectWithoutPropertiesLoose(_ref4, ["obj"]);
if (!(typeof obj !== 'object')) {
_context4.next = 3;
break;
}
throw new TypeError('"obj" must be an object.');
case 3:
return _context4.abrupt("return", this.encrypt(_extends({
data: JSON.stringify(obj)
}, rest)));
case 4:
case "end":
return _context4.stop();
}
}
}, _callee4, this);
}));
function encryptObject(_x4) {
return _encryptObject.apply(this, arguments);
}
return encryptObject;
}();
_proto.decrypt = /*#__PURE__*/function () {
var _decrypt = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee5(_ref5) {
var jwe, keyAgreementKey, transformer;
return runtime_1.wrap(function _callee5$(_context5) {
while (1) {
switch (_context5.prev = _context5.next) {
case 0:
jwe = _ref5.jwe, keyAgreementKey = _ref5.keyAgreementKey;
_context5.next = 3;
return this.createDecryptTransformer({
keyAgreementKey: keyAgreementKey
});
case 3:
transformer = _context5.sent;
return _context5.abrupt("return", transformer.decrypt(jwe));
case 5:
case "end":
return _context5.stop();
}
}
}, _callee5, this);
}));
function decrypt(_x5) {
return _decrypt.apply(this, arguments);
}
return decrypt;
}();
_proto.decryptObject = /*#__PURE__*/function () {
var _decryptObject = /*#__PURE__*/_asyncToGenerator( /*#__PURE__*/runtime_1.mark(function _callee6(_ref6) {
var jwe, keyAgreementKey, data;
return runtime_1.wrap(function _callee6$(_context6) {
while (