UNPKG

jose

Version:

Universal 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies

github.com/panva/jose

panva/jose

105 lines (104 loc) 4.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.generateKeyPair = exports.generateSecret = void 0; const crypto_1 = require("crypto"); const util_1 = require("util"); const random_js_1 = require("./random.js"); const check_modulus_length_js_1 = require("./check_modulus_length.js"); const errors_js_1 = require("../util/errors.js"); const generate = util_1.promisify(crypto_1.generateKeyPair); async function generateSecret(alg) { let length; switch (alg) { case 'HS256': case 'HS384': case 'HS512': case 'A128CBC-HS256': case 'A192CBC-HS384': case 'A256CBC-HS512': length = parseInt(alg.substr(-3), 10); break; case 'A128KW': case 'A192KW': case 'A256KW': case 'A128GCMKW': case 'A192GCMKW': case 'A256GCMKW': case 'A128GCM': case 'A192GCM': case 'A256GCM': length = parseInt(alg.substring(1, 4), 10); break; default: throw new errors_js_1.JOSENotSupported('unsupported or invalid JWK "alg" (Algorithm) Parameter value'); } return crypto_1.createSecretKey(random_js_1.default(new Uint8Array(length >> 3))); } exports.generateSecret = generateSecret; async function generateKeyPair(alg, options) { var _a; switch (alg) { case 'RS256': case 'RS384': case 'RS512': case 'PS256': case 'PS384': case 'PS512': case 'RSA-OAEP': case 'RSA-OAEP-256': case 'RSA-OAEP-384': case 'RSA-OAEP-512': case 'RSA1_5': { const modulusLength = (_a = options === null || options === void 0 ? void 0 : options.modulusLength) !== null && _a !== void 0 ? _a : 2048; if (typeof modulusLength !== 'number' || modulusLength < 2048) { throw new errors_js_1.JOSENotSupported('invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used'); } const keypair = await generate('rsa', { modulusLength, publicExponent: 0x10001, }); check_modulus_length_js_1.setModulusLength(keypair.privateKey, modulusLength); check_modulus_length_js_1.setModulusLength(keypair.publicKey, modulusLength); return keypair; } case 'ES256': return generate('ec', { namedCurve: 'P-256' }); case 'ES256K': return generate('ec', { namedCurve: 'secp256k1' }); case 'ES384': return generate('ec', { namedCurve: 'P-384' }); case 'ES512': return generate('ec', { namedCurve: 'P-521' }); case 'EdDSA': { switch (options === null || options === void 0 ? void 0 : options.crv) { case undefined: case 'Ed25519': return generate('ed25519'); case 'Ed448': return generate('ed448'); default: throw new errors_js_1.JOSENotSupported('invalid or unsupported crv option provided, supported values are Ed25519 and Ed448'); } } case 'ECDH-ES': case 'ECDH-ES+A128KW': case 'ECDH-ES+A192KW': case 'ECDH-ES+A256KW': switch (options === null || options === void 0 ? void 0 : options.crv) { case undefined: case 'P-256': case 'P-384': case 'P-521': return generate('ec', { namedCurve: (options === null || options === void 0 ? void 0 : options.crv) || 'P-256' }); case 'X25519': return generate('x25519'); case 'X448': return generate('x448'); default: throw new errors_js_1.JOSENotSupported('invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448'); } default: throw new errors_js_1.JOSENotSupported('unsupported or invalid JWK "alg" (Algorithm) Parameter value'); } } exports.generateKeyPair = generateKeyPair;