This repository has been archived by the owner on Sep 17, 2021. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Bernardo Gomez Palacio
committed
Jul 2, 2012
0 parents
commit cde12e6
Showing
12 changed files
with
474 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
node_modules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
support | ||
test | ||
examples | ||
*.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
{exec, spawn} = require 'child_process' | ||
|
||
handleError = (err) -> | ||
if err | ||
console.log "\n\x33[1;36m=>\x33[1;37m Remember that you need: coffee-script@0.9.4 and mocha@0.5.2\x33[0;37m\n" | ||
console.log err.stack | ||
|
||
print = (data) -> console.log data.toString().trim() | ||
|
||
task 'install', 'Executes an install of the required packages.', -> | ||
exec 'npm install' | ||
|
||
task 'build', 'Compile Coffeescript source to Javascript', -> | ||
exec 'mkdir -p lib && coffee -c -o lib src', handleError | ||
exec 'find lib -name "*.js" -print0 | xargs -0 jslint --stupid' | ||
|
||
task 'clean', 'Remove generated Javascripts', -> | ||
exec 'rm -fr lib', handleError | ||
|
||
task 'test', 'Test the app', (options) -> | ||
console.log "\n\x1B[00;33m=>\x1B[00;32m Running tests..\x1B[00;33m\n" | ||
mocha = spawn 'mocha', '-c -b --compilers coffee:coffee-script'.split(' ') | ||
mocha.stdout.on 'data', print | ||
mocha.stderr.on 'data', print | ||
|
||
|
||
task 'dev', 'Continuous compilation', -> | ||
coffee = spawn 'coffee', '-wc --bare -o lib src'.split(' ') | ||
coffee.stdout.on 'data', print | ||
coffee.stderr.on 'data', print |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
|
||
0.0.1 / 2010-01-03 | ||
================== | ||
|
||
* Initial release |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
REPORTER = dot | ||
|
||
install: | ||
npm install | ||
|
||
dev: | ||
cake dev | ||
|
||
build: | ||
cake build | ||
|
||
test: | ||
cake test | ||
|
||
tdd: | ||
mocha -c -w -b --compilers coffee:coffee-script | ||
|
||
gen_test_keys: | ||
# openssl genrsa -des3 -passout pass:nosecret -out privkey.pem 2048 | ||
# Generate the RSA keys and certificate | ||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -sha1 -subj \ | ||
'/C=US/ST=CA/L=San Francisco /CN=www.hashgo.com' -keyout \ | ||
test/mytest-rsakey.pem -out test/mytest-rsacert.pem | ||
openssl pkcs12 -passout pass:notasecret -export -in test/mytest-rsacert.pem -inkey test/mytest-rsakey.pem -out test/test-myrsacert.pi12 -name "Testing PKCS12 Certificate" | ||
|
||
all: install build test | ||
|
||
.PHONY: all |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
|
||
# Jot | ||
|
||
Node.js implementation of JSON Web Token (JWT) with support for signatures (JWS), encryption (JWE) and web keys (JWK). | ||
|
||
"*JSON Web Token (JWT) is a means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that may be digitally signed using JSON Web Signature (JWS) and/or encrypted using JSON Web Encryption (JWE).*" | ||
|
||
The suggested pronunciation of JWT is the same as the English word "jot". | ||
|
||
This package implements the following IETF drafts: | ||
|
||
* [JWT](http://tools.ietf.org/html/draft-jones-json-web-token-10) draft-jones-json-web-token-10 | ||
* [JWA](https://www.ietf.org/id/draft-ietf-jose-json-web-algorithms-02.txt) draft-ietf-jose-json-web-algorithms-02 | ||
* [JWS](http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-02) draft-ietf-jose-json-web-signature-02 | ||
* [JWE](http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-02) draft-ietf-jose-json-web-encryption-02 | ||
* [JWK](http://tools.ietf.org/html/draft-ietf-jose-json-web-key-02) draft-ietf-jose-json-web-key-02 | ||
|
||
## Dependencies | ||
Pleae review the `pacagke.json` for the full set of dependencies. | ||
|
||
## License | ||
|
||
(The MIT License) | ||
|
||
Copyright (c) 2012 Bernardo <bernardo.gomezpalacio@gmail.com> | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining | ||
a copy of this software and associated documentation files (the | ||
'Software'), to deal in the Software without restriction, including | ||
without limitation the rights to use, copy, modify, merge, publish, | ||
distribute, sublicense, and/or sell copies of the Software, and to | ||
permit persons to whom the Software is furnished to do so, subject to | ||
the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be | ||
included in all copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, | ||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | ||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. | ||
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY | ||
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, | ||
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE | ||
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
|
||
module.exports = require('./lib/jot'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
{ | ||
"name": "jot", | ||
"version": "0.0.1", | ||
"description": "Node implementation of JSON Web Token (JWT) with support for signatures (JWS), encryption (JWE) and web keys (JWK). ", | ||
"keywords": [ "jwt", "jws", "jwe", "jwk" ], | ||
"author": "Bernardo <bernardo.gomezpalacio@gmail.com>", | ||
"dependencies": { | ||
"node-base64": "0.0.1" | ||
}, | ||
"devDependencies": { | ||
"mocha": "*", | ||
"should": "*" | ||
}, | ||
"engines" : { | ||
"node" : "0.8.*" | ||
}, | ||
"main": "index" | ||
} |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
crypto = require "crypto" | ||
querystring = require "querystring" | ||
|
||
# | ||
# Based on [JSON Web Algorithms (JWA) v02](https://www.ietf.org/id/draft-ietf-jose-json-web-algorithms-02.txt) | ||
# | ||
# The JSON Web Algorithms (JWA) specification enumerates cryptographic | ||
# algorithms and identifiers to be used with the JSON Web Signature | ||
# (JWS) [JWS] and JSON Web Encryption (JWE) [JWE] specifications. | ||
# Enumerating the algorithms and identifiers for them in this | ||
# specification, rather than in the JWS and JWE specifications, is | ||
# intended to allow them to remain unchanged in the face of changes in | ||
# the set of required, recommended, optional, and deprecated algorithms | ||
# over time. This specification also describes the semantics and | ||
# operations that are specific to these algorithms and algorithm | ||
# families. | ||
# | ||
# | ||
# | ||
# +--------------------+----------------------------------------------+ | ||
# | alg Parameter | Digital Signature or MAC Algorithm | | ||
# | Value | | | ||
# +--------------------+----------------------------------------------+ | ||
# | HS256 | HMAC using SHA-256 hash algorithm | | ||
# | HS384 | HMAC using SHA-384 hash algorithm | | ||
# | HS512 | HMAC using SHA-512 hash algorithm | | ||
# | RS256 | RSA using SHA-256 hash algorithm | | ||
# | RS384 | RSA using SHA-384 hash algorithm | | ||
# | RS512 | RSA using SHA-512 hash algorithm | | ||
# | ES256 | ECDSA using P-256 curve and SHA-256 hash | | ||
# | | algorithm | | ||
# | ES384 | ECDSA using P-384 curve and SHA-384 hash | | ||
# | | algorithm | | ||
# | ES512 | ECDSA using P-521 curve and SHA-512 hash | | ||
# | | algorithm | | ||
# | none | No digital signature or MAC value included | | ||
# +--------------------+----------------------------------------------+ | ||
# | ||
# Of these algorithms, only HMAC SHA-256 and "none" MUST be implemented | ||
# by conforming JWS implementations. It is RECOMMENDED that | ||
# implementations also support the RSA SHA-256 and ECDSA P-256 SHA-256 | ||
# algorithms. Support for other algorithms and key sizes is OPTIONAL. | ||
# | ||
|
||
class HMACAlgorithm | ||
|
||
_algOssl = | ||
HS256 : "SHA256" | ||
HS384 : "SHA384" | ||
HS512 : "SHA512" | ||
|
||
# | ||
# Creates and returns a hmac object, a cryptographic hmac with the given algorithm and key. | ||
# algorithm is dependent on the available algorithms supported by OpenSSL - see createHash above. key is the hmac key to be used. | ||
# | ||
constructor: (@alg = "HS256" , @key) -> | ||
osslAlg = _algOssl[@alg] | ||
new Error "Algorithm #{alg} is not supported by the specification." unless osslAlg | ||
try | ||
@hmac = crypto.createHmac osslAlg, @key | ||
catch error | ||
throw new Error "HMAC does not support algorithm #{@alg} => #{osslAlg}!" | ||
|
||
update: (data) -> | ||
throw new Error "There is no reference to the hmac object!" unless @hmac | ||
@hmac.update data | ||
@ | ||
|
||
digest: (encoding = "base64") -> | ||
throw new Error "There is no reference to the hmac object!" unless @hmac | ||
querystring.escape @hmac.digest(encoding) | ||
|
||
sign: (encoding) -> @digest(encoding) | ||
|
||
|
||
module.exports.HMACAlgorithm = HMACAlgorithm | ||
|
||
class SigningAlgorithm | ||
|
||
_createSigner = (alg) -> | ||
try | ||
@signer = crypto.createSign(alg) | ||
catch error | ||
throw new Error "Unable to create a signer with algorithm #{alg}!" | ||
|
||
_createVerifier = (alg) -> | ||
try | ||
verifier = crypto.createVerifier(alg) | ||
return verifier | ||
catch error | ||
throw new Error "Unable to create a verifier with algorithm #{alg}!" | ||
|
||
_assertSigner = () -> | ||
throw new Error "The `signer` reference is undefined!" unless @signer | ||
|
||
constructor: (@alg = "RSA-SHA256", @key_PEM) -> | ||
_createSigner(@alg) | ||
|
||
update: (data) -> | ||
_assertSigner() | ||
@signer.update data | ||
|
||
sign: (format = "base64") -> | ||
_assertSigner() | ||
@signer.sign(@key_PEM, format) | ||
|
||
verify: (publicKey, data, format) -> | ||
verifier = _createVerifier(@alg) | ||
@keyPEM.verifyString(@data, b64urltohex(sig)) | ||
|
||
class VerifierAlgorithm | ||
|
||
_createVerifier = (alg) -> | ||
try | ||
verifier = crypto.createVerifier(alg) | ||
return verifier | ||
catch error | ||
throw new Error "Unable to create a verifier with algorithm #{alg}!" | ||
|
||
_assertState = () -> | ||
throw new Error "The `verifier` reference is undefined!" unless @verifier | ||
|
||
constructor: (@alg = "RSA-SHA256") -> | ||
_createVerifier(@alg) | ||
|
||
update: (data) -> | ||
_assertState() | ||
@verifier.update data | ||
|
||
verify: (objPEM, signature, format = "base64") -> | ||
_assertState() | ||
@verifier.verify(objPEM, signature, format) | ||
|
||
|
||
|
||
|
Oops, something went wrong.