Skip to content

Commit

Permalink
feat: added Node.js lts/dubnium support for runtime supported features
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Aug 22, 2019
1 parent 1d6d55f commit 67a8601
Show file tree
Hide file tree
Showing 45 changed files with 888 additions and 224 deletions.
6 changes: 3 additions & 3 deletions .codecov.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
coverage:
status:
project: no
patch: yes
changes: yes
project: off
patch: off
changes: off

comment:
layout: diff
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,11 @@ jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
node-version:
- 10.13.0
- 10
- 12.0.0
- 12
os:
Expand Down Expand Up @@ -58,6 +61,7 @@ jobs:
test-electron:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
electron-version:
- 6.0.0
Expand Down
4 changes: 2 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ its original on-by-default form - v1.1.0 and v1.2.0
wrapKey/unwrapKey/deriveKey returns
* keystore.all and keystore.get `operation` option was
removed, `key_ops: string[]` supersedes it
* node.js minimal version is now v12.0.0 due to its
* Node.js minimal version is now v12.0.0 due to its
added EdDSA support (crypto.sign, crypto.verify and eddsa key objects)


Expand Down Expand Up @@ -323,7 +323,7 @@ Initial release
| AES || A128KW, A192KW, A256KW |
| AES GCM || A128GCMKW, A192GCMKW, A256GCMKW |
| Direct Key Agreement || dir |
| RSAES OAEP | ✓<sup>*</sup> | RSA-OAEP <sub>(<sup>*</sup>RSA-OAEP-256 is not supported due to its lack of support in Node.JS)</sub> |
| RSAES OAEP | ✓<sup>*</sup> | RSA-OAEP <sub>(<sup>*</sup>RSA-OAEP-256 is not supported due to its lack of support in Node.js)</sub> |
| RSAES-PKCS1-v1_5 || RSA1_5 |
| PBES2 || PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW |
| ECDH-ES || ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW |
Expand Down
14 changes: 9 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,9 @@ Legend:
| JARM - [JWT Secured Authorization Response Mode for OAuth 2.0][draft-jarm] |||

Notes
- RSA-OAEP-256 is only supported when Node.js >= 12.9.0 runtime is detected
- RSA-OAEP-256 JWE algorithm is only supported when Node.js >= 12.9.0 runtime is detected
- Importing X.509 certificates and handling `x5c` is only supported when Node.js >= 12.0.0 runtime is detected
- OKP keys are only supported when Node.js >= 12.0.0 runtime is detected
- See [#electron-support](#electron-support) for electron exceptions

---
Expand Down Expand Up @@ -126,7 +128,8 @@ If you or your business use @panva/jose, please consider becoming a [sponsor][su

## Usage

For its improvements in the crypto module ⚠️ the minimal Node.js version required is **v12.0.0** ⚠️
For the best performance Node.js version **>=12.0.0** is recommended, but **^10.13.0** lts/dubnium
is also supported.

Installing @panva/jose

Expand Down Expand Up @@ -318,7 +321,7 @@ Electron v6.x runtime is supported to the extent of the crypto engine BoringSSL
standard Node.js OpenSSL. The following is disabled in Electron runtime because of its lack of
[support](https://github.com/panva/jose/blob/master/test/electron/electron.test.js).

- JWE `A128KW`, `A192KW` and `A256KW` algs are not available, this also means that other JWAs
- JWE `A128KW`, `A192KW` and `A256KW` algorithms are not available, this also means that other JWAs
depending on those are not working, those are `ECDH-ES+A128KW`, `ECDH-ES+A192KW`,
`ECDH-ES+A256KW`, `PBES2-HS256+A128KW`, `PBES2-HS384+A192KW`, `PBES2-HS512+A256KW`)
- OKP curves `Ed448`, `X25519` and `X448` are not supported
Expand All @@ -335,8 +338,9 @@ private API and is subject to change between any versions.

#### How do I use it outside of Node.js

It is **only built for Node.js** environment - it builds on top of the `crypto` module and requires
the KeyObject API that was added in Node.js v11.6.0 and one-shot sign/verify API added in v12.0.0
It is **only built for ^10.13.0 || >=12.0.0 Node.js** environment - including @panva/jose in
transpiled browser-environment targetted projects is not supported and may result in unexpected
results.

#### How is it different from [`jws`](https://github.com/brianloveswords/node-jws), [`jwa`](https://github.com/brianloveswords/node-jwa) or [`jsonwebtoken`](https://github.com/auth0/node-jsonwebtoken)?

Expand Down
6 changes: 2 additions & 4 deletions lib/errors.js
Original file line number Diff line number Diff line change
Expand Up @@ -37,19 +37,17 @@ class JOSEError extends Error {

const isMulti = e => e instanceof JOSEMultiError
class JOSEMultiError extends JOSEError {
#errors

constructor (errors) {
super()
let i
while ((i = errors.findIndex(isMulti)) && i !== -1) {
errors.splice(i, 1, ...errors[i])
}
this.#errors = errors
Object.defineProperty(this, 'errors', { value: errors })
}

* [Symbol.iterator] () {
for (const error of this.#errors) {
for (const error of this.errors) {
yield error
}
}
Expand Down
5 changes: 5 additions & 0 deletions lib/help/asn1/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -26,5 +26,10 @@ types.set('RSAPrivateKey', RSAPrivateKey)
const RSAPublicKey = asn1.define('RSAPublicKey', require('./rsa_public_key'))
types.set('RSAPublicKey', RSAPublicKey)

const OID = asn1.define('OID', function () {
return this.objid()
})
types.set('OID', OID)

module.exports = types
module.exports.bignum = asn1.bignum
Loading

0 comments on commit 67a8601

Please sign in to comment.