UNPKG

jose/lib/jwa/index.js

Version:

2.39 kBJavaScriptView Raw

1const { JWKKeySupport, JOSENotSupported } = require('../errors')
2const { KEY_MANAGEMENT_ENCRYPT, KEY_MANAGEMENT_DECRYPT } = require('../help/consts')
3
4const { JWA, JWK } = require('../registry')
5
6// sign, verify
7require('./hmac')(JWA, JWK)
8require('./ecdsa')(JWA, JWK)
9require('./eddsa')(JWA, JWK)
10require('./rsassa_pss')(JWA, JWK)
11require('./rsassa')(JWA, JWK)
12require('./none')(JWA)
13
14// encrypt, decrypt
15require('./aes_cbc_hmac_sha2')(JWA, JWK)
16require('./aes_gcm')(JWA, JWK)
17
18// wrapKey, unwrapKey
19require('./rsaes')(JWA, JWK)
20require('./aes_kw')(JWA, JWK)
21require('./aes_gcm_kw')(JWA, JWK)
22
23// deriveKey
24require('./pbes2')(JWA, JWK)
25require('./ecdh/dir')(JWA, JWK)
26require('./ecdh/kw')(JWA, JWK)
27
28const check = (key, op, alg) => {
29  const cache = `_${op}_${alg}`
30
31  let label
32  let keyOp
33  if (op === 'keyManagementEncrypt') {
34    label = 'key management (encryption)'
35    keyOp = KEY_MANAGEMENT_ENCRYPT
36  } else if (op === 'keyManagementDecrypt') {
37    label = 'key management (decryption)'
38    keyOp = KEY_MANAGEMENT_DECRYPT
39  }
40
41  if (cache in key) {
42    if (key[cache]) {
43      return
44    }
45    throw new JWKKeySupport(`the key does not support ${alg} ${label || op} algorithm`)
46  }
47
48  let value = true
49  if (!JWA[op].has(alg)) {
50    throw new JOSENotSupported(`unsupported ${label || op} alg: ${alg}`)
51  } else if (!key.algorithms(keyOp).has(alg)) {
52    value = false
53  }
54
55  Object.defineProperty(key, cache, { value, enumerable: false })
56
57  if (!value) {
58    return check(key, op, alg)
59  }
60}
61
62module.exports = {
63  check,
64  sign: (alg, key, payload) => {
65    check(key, 'sign', alg)
66    return JWA.sign.get(alg)(key, payload)
67  },
68  verify: (alg, key, payload, signature) => {
69    check(key, 'verify', alg)
70    return JWA.verify.get(alg)(key, payload, signature)
71  },
72  keyManagementEncrypt: (alg, key, payload, opts) => {
73    check(key, 'keyManagementEncrypt', alg)
74    return JWA.keyManagementEncrypt.get(alg)(key, payload, opts)
75  },
76  keyManagementDecrypt: (alg, key, payload, opts) => {
77    check(key, 'keyManagementDecrypt', alg)
78    return JWA.keyManagementDecrypt.get(alg)(key, payload, opts)
79  },
80  encrypt: (alg, key, cleartext, opts) => {
81    check(key, 'encrypt', alg)
82    return JWA.encrypt.get(alg)(key, cleartext, opts)
83  },
84  decrypt: (alg, key, ciphertext, opts) => {
85    check(key, 'decrypt', alg)
86    return JWA.decrypt.get(alg)(key, ciphertext, opts)
87  }
88}

1	`const { JWKKeySupport, JOSENotSupported } = require('../errors')`
2	`const { KEY_MANAGEMENT_ENCRYPT, KEY_MANAGEMENT_DECRYPT } = require('../help/consts')`
3
4	`const { JWA, JWK } = require('../registry')`
5
6	`// sign, verify`
7	`require('./hmac')(JWA, JWK)`
8	`require('./ecdsa')(JWA, JWK)`
9	`require('./eddsa')(JWA, JWK)`
10	`require('./rsassa_pss')(JWA, JWK)`
11	`require('./rsassa')(JWA, JWK)`
12	`require('./none')(JWA)`
13
14	`// encrypt, decrypt`
15	`require('./aes_cbc_hmac_sha2')(JWA, JWK)`
16	`require('./aes_gcm')(JWA, JWK)`
17
18	`// wrapKey, unwrapKey`
19	`require('./rsaes')(JWA, JWK)`
20	`require('./aes_kw')(JWA, JWK)`
21	`require('./aes_gcm_kw')(JWA, JWK)`
22
23	`// deriveKey`
24	`require('./pbes2')(JWA, JWK)`
25	`require('./ecdh/dir')(JWA, JWK)`
26	`require('./ecdh/kw')(JWA, JWK)`
27
28	`const check = (key, op, alg) => {`
29	const cache = `_${op}_${alg}`
30
31	`let label`
32	`let keyOp`
33	`if (op === 'keyManagementEncrypt') {`
34	`label = 'key management (encryption)'`
35	`keyOp = KEY_MANAGEMENT_ENCRYPT`
36	`} else if (op === 'keyManagementDecrypt') {`
37	`label = 'key management (decryption)'`
38	`keyOp = KEY_MANAGEMENT_DECRYPT`
39	`}`
40
41	`if (cache in key) {`
42	`if (key[cache]) {`
43	`return`
44	`}`
45	throw new JWKKeySupport(`the key does not support ${alg} ${label \|\| op} algorithm`)
46	`}`
47
48	`let value = true`
49	`if (!JWA[op].has(alg)) {`
50	throw new JOSENotSupported(`unsupported ${label \|\| op} alg: ${alg}`)
51	`} else if (!key.algorithms(keyOp).has(alg)) {`
52	`value = false`
53	`}`
54
55	`Object.defineProperty(key, cache, { value, enumerable: false })`
56
57	`if (!value) {`
58	`return check(key, op, alg)`
59	`}`
60	`}`
61
62	`module.exports = {`
63	`check,`
64	`sign: (alg, key, payload) => {`
65	`check(key, 'sign', alg)`
66	`return JWA.sign.get(alg)(key, payload)`
67	`},`
68	`verify: (alg, key, payload, signature) => {`
69	`check(key, 'verify', alg)`
70	`return JWA.verify.get(alg)(key, payload, signature)`
71	`},`
72	`keyManagementEncrypt: (alg, key, payload, opts) => {`
73	`check(key, 'keyManagementEncrypt', alg)`
74	`return JWA.keyManagementEncrypt.get(alg)(key, payload, opts)`
75	`},`
76	`keyManagementDecrypt: (alg, key, payload, opts) => {`
77	`check(key, 'keyManagementDecrypt', alg)`
78	`return JWA.keyManagementDecrypt.get(alg)(key, payload, opts)`
79	`},`
80	`encrypt: (alg, key, cleartext, opts) => {`
81	`check(key, 'encrypt', alg)`
82	`return JWA.encrypt.get(alg)(key, cleartext, opts)`
83	`},`
84	`decrypt: (alg, key, ciphertext, opts) => {`
85	`check(key, 'decrypt', alg)`
86	`return JWA.decrypt.get(alg)(key, ciphertext, opts)`
87	`}`
88	`}`