UNPKG

cose-kit

Version:

**DEPRECATED:** Use [@auth0/cose](https://www.npmjs.com/package/@auth0/cose).

github.com/jfromaniello/cose-kit

jfromaniello/cose-kit

87 lines (86 loc) 3.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
import verify from "#runtime/verify.js"; import sign from '#runtime/sign.js'; import { addExtension, encoder } from '../cbor.js'; import { COSEBase } from './COSEBase.js'; import { Headers, MacProtectedHeaders, UnprotectedHeaders, MacAlgorithmNames } from '../headers.js'; import { areEqual } from "../lib/buffer_utils.js"; import * as errors from "../util/errors.js"; import validateAlgorithms from "../lib/validate_algorithms.js"; import { decode } from "./decode.js"; export class Mac0 extends COSEBase { constructor(protectedHeaders, unprotectedHeaders, payload, tag) { super(protectedHeaders, unprotectedHeaders); this.payload = payload; this.tag = tag; } static createMAC0(protectedHeaders, applicationHeaders, payload) { return encoder.encode([ 'MAC0', protectedHeaders, applicationHeaders, payload, ]); } getContentForEncoding() { return [ this.encodedProtectedHeaders, this.unprotectedHeaders, this.payload, this.tag, ]; } async verify(key, options) { var _a, _b; const mac0Structure = Mac0.createMAC0(this.encodedProtectedHeaders || new Uint8Array(), (_a = options === null || options === void 0 ? void 0 : options.externalAAD) !== null && _a !== void 0 ? _a : new Uint8Array(), (_b = options === null || options === void 0 ? void 0 : options.detachedPayload) !== null && _b !== void 0 ? _b : this.payload); if (!this.alg || !this.algName || !MacAlgorithmNames.has(this.alg)) { throw new errors.COSEInvalid(`Unsupported MAC algorithm ${this.alg}`); } const algorithms = options && validateAlgorithms('algorithms', options.algorithms); if (algorithms && !algorithms.has(this.alg)) { throw new errors.COSEAlgNotAllowed(`[${Headers.Algorithm}] (algorithm) Header Parameter not allowed`); } const isValid = await verify(this.algName, key, this.tag, mac0Structure); if (!isValid) { throw new errors.COSESignatureVerificationFailed('MAC0 signature verification failed'); } } get alg() { return this.protectedHeaders.get(Headers.Algorithm) || this.unprotectedHeaders.get(Headers.Algorithm); } get algName() { return this.alg ? MacAlgorithmNames.get(this.alg) : undefined; } hasSupportedAlg() { return !!this.algName; } areEqual(mac0) { return areEqual(this.tag, mac0.tag); } static async create(protectedHeaders, unprotectedHeaders, payload, key) { const wProtectedHeaders = MacProtectedHeaders.wrap(protectedHeaders); const alg = MacAlgorithmNames.get(wProtectedHeaders.get(Headers.Algorithm)); const encodedProtectedHeaders = encoder.encode(wProtectedHeaders.esMap); const wUnprotectedHeaders = UnprotectedHeaders.wrap(unprotectedHeaders); const toBeSigned = Mac0.createMAC0(encodedProtectedHeaders, new Uint8Array(), payload); if (!alg) { throw new Error(`The [${Headers.Algorithm}] (Algorithm) header must be set.`); } const tag = await sign(alg, key, toBeSigned); return new Mac0(encodedProtectedHeaders, wUnprotectedHeaders.esMap, payload, tag); } static decode(cose) { return decode(cose, Mac0); } } Mac0.tag = 17; addExtension({ Class: Mac0, tag: Mac0.tag, encode(instance, encodeFn) { return encodeFn(instance.getContentForEncoding()); }, decode: (data) => { return new Mac0(data[0], data[1], data[2], data[3]); } });