| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- "use strict";
- Object.defineProperty(exports, "__esModule", { value: true });
- exports.generateKeyPair = exports.generateSecret = void 0;
- const crypto_1 = require("crypto");
- const util_1 = require("util");
- const random_js_1 = require("./random.js");
- const check_modulus_length_js_1 = require("./check_modulus_length.js");
- const errors_js_1 = require("../util/errors.js");
- const generate = (0, util_1.promisify)(crypto_1.generateKeyPair);
- async function generateSecret(alg, options) {
- let length;
- switch (alg) {
- case 'HS256':
- case 'HS384':
- case 'HS512':
- case 'A128CBC-HS256':
- case 'A192CBC-HS384':
- case 'A256CBC-HS512':
- length = parseInt(alg.slice(-3), 10);
- break;
- case 'A128KW':
- case 'A192KW':
- case 'A256KW':
- case 'A128GCMKW':
- case 'A192GCMKW':
- case 'A256GCMKW':
- case 'A128GCM':
- case 'A192GCM':
- case 'A256GCM':
- length = parseInt(alg.slice(1, 4), 10);
- break;
- default:
- throw new errors_js_1.JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
- }
- return (0, crypto_1.createSecretKey)((0, random_js_1.default)(new Uint8Array(length >> 3)));
- }
- exports.generateSecret = generateSecret;
- async function generateKeyPair(alg, options) {
- var _a, _b;
- switch (alg) {
- case 'RS256':
- case 'RS384':
- case 'RS512':
- case 'PS256':
- case 'PS384':
- case 'PS512':
- case 'RSA-OAEP':
- case 'RSA-OAEP-256':
- case 'RSA-OAEP-384':
- case 'RSA-OAEP-512':
- case 'RSA1_5': {
- const modulusLength = (_a = options === null || options === void 0 ? void 0 : options.modulusLength) !== null && _a !== void 0 ? _a : 2048;
- if (typeof modulusLength !== 'number' || modulusLength < 2048) {
- throw new errors_js_1.JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');
- }
- const keypair = await generate('rsa', {
- modulusLength,
- publicExponent: 0x10001,
- });
- (0, check_modulus_length_js_1.setModulusLength)(keypair.privateKey, modulusLength);
- (0, check_modulus_length_js_1.setModulusLength)(keypair.publicKey, modulusLength);
- return keypair;
- }
- case 'ES256':
- return generate('ec', { namedCurve: 'P-256' });
- case 'ES256K':
- return generate('ec', { namedCurve: 'secp256k1' });
- case 'ES384':
- return generate('ec', { namedCurve: 'P-384' });
- case 'ES512':
- return generate('ec', { namedCurve: 'P-521' });
- case 'EdDSA': {
- switch (options === null || options === void 0 ? void 0 : options.crv) {
- case undefined:
- case 'Ed25519':
- return generate('ed25519');
- case 'Ed448':
- return generate('ed448');
- default:
- throw new errors_js_1.JOSENotSupported('Invalid or unsupported crv option provided, supported values are Ed25519 and Ed448');
- }
- }
- case 'ECDH-ES':
- case 'ECDH-ES+A128KW':
- case 'ECDH-ES+A192KW':
- case 'ECDH-ES+A256KW':
- const crv = (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : 'P-256';
- switch (crv) {
- case undefined:
- case 'P-256':
- case 'P-384':
- case 'P-521':
- return generate('ec', { namedCurve: crv });
- case 'X25519':
- return generate('x25519');
- case 'X448':
- return generate('x448');
- default:
- throw new errors_js_1.JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448');
- }
- default:
- throw new errors_js_1.JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
- }
- }
- exports.generateKeyPair = generateKeyPair;
|
