deno.land / x / jose@v5.2.4 / runtime / jwk_to_key.ts
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112import crypto from './webcrypto.ts'import type { JWKImportFunction } from './interfaces.d.ts'import { JOSENotSupported } from '../util/errors.ts'import type { JWK } from '../types.d.ts'
function subtleMapping(jwk: JWK): { algorithm: RsaHashedImportParams | EcKeyAlgorithm | Algorithm keyUsages: KeyUsage[]} { let algorithm: RsaHashedImportParams | EcKeyAlgorithm | Algorithm let keyUsages: KeyUsage[]
switch (jwk.kty) { case 'RSA': { switch (jwk.alg) { case 'PS256': case 'PS384': case 'PS512': algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'RS256': case 'RS384': case 'RS512': algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'RSA-OAEP': case 'RSA-OAEP-256': case 'RSA-OAEP-384': case 'RSA-OAEP-512': algorithm = { name: 'RSA-OAEP', hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`, } keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'] break default: throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value') } break } case 'EC': { switch (jwk.alg) { case 'ES256': algorithm = { name: 'ECDSA', namedCurve: 'P-256' } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'ES384': algorithm = { name: 'ECDSA', namedCurve: 'P-384' } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'ES512': algorithm = { name: 'ECDSA', namedCurve: 'P-521' } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'ECDH-ES': case 'ECDH-ES+A128KW': case 'ECDH-ES+A192KW': case 'ECDH-ES+A256KW': algorithm = { name: 'ECDH', namedCurve: jwk.crv! } keyUsages = jwk.d ? ['deriveBits'] : [] break default: throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value') } break } case 'OKP': { switch (jwk.alg) { case 'EdDSA': algorithm = { name: jwk.crv! } keyUsages = jwk.d ? ['sign'] : ['verify'] break case 'ECDH-ES': case 'ECDH-ES+A128KW': case 'ECDH-ES+A192KW': case 'ECDH-ES+A256KW': algorithm = { name: jwk.crv! } keyUsages = jwk.d ? ['deriveBits'] : [] break default: throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value') } break } default: throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value') }
return { algorithm, keyUsages }}
const parse: JWKImportFunction = async (jwk: JWK): Promise<CryptoKey> => { if (!jwk.alg) { throw new TypeError('"alg" argument is required when "jwk.alg" is not present') }
const { algorithm, keyUsages } = subtleMapping(jwk) const rest: [RsaHashedImportParams | EcKeyAlgorithm | Algorithm, boolean, KeyUsage[]] = [ algorithm, jwk.ext ?? false, <KeyUsage[]>jwk.key_ops ?? keyUsages, ]
const keyData: JWK = { ...jwk } delete keyData.alg delete keyData.use return crypto.subtle.importKey('jwk', keyData, ...rest)}export default parse
Version Info