diff --git a/dist/jose-commonjs.js b/dist/jose-commonjs.js
index a7722a7..fd866f8 100644
--- a/dist/jose-commonjs.js
+++ b/dist/jose-commonjs.js
@@ -837,7 +837,7 @@ Jose.Utils.importRsaPrivateKey = function(rsa_key, alg) {
       rsa_key.alg = alg;
     }
     jwk = Utils.convertRsaKey(rsa_key, ["n", "e", "d", "p", "q", "dp", "dq", "qi"]);
-    config = getCryptoConfig("RSA-OAEP");
+    config = getCryptoConfig(alg);
   } else {
     var rk = {};
     for (var name in rsa_key) {
diff --git a/dist/jose-testing.js b/dist/jose-testing.js
index b20a3b2..60e5a4f 100644
--- a/dist/jose-testing.js
+++ b/dist/jose-testing.js
@@ -840,7 +840,7 @@ Jose.Utils.importRsaPrivateKey = function(rsa_key, alg) {
       rsa_key.alg = alg;
     }
     jwk = Utils.convertRsaKey(rsa_key, ["n", "e", "d", "p", "q", "dp", "dq", "qi"]);
-    config = getCryptoConfig("RSA-OAEP");
+    config = getCryptoConfig(alg);
   } else {
     var rk = {};
     for (var name in rsa_key) {
diff --git a/dist/jose.js b/dist/jose.js
index 72c9471..474e177 100644
--- a/dist/jose.js
+++ b/dist/jose.js
@@ -842,7 +842,7 @@ Jose.Utils.importRsaPrivateKey = function(rsa_key, alg) {
       rsa_key.alg = alg;
     }
     jwk = Utils.convertRsaKey(rsa_key, ["n", "e", "d", "p", "q", "dp", "dq", "qi"]);
-    config = getCryptoConfig("RSA-OAEP");
+    config = getCryptoConfig(alg);
   } else {
     var rk = {};
     for (var name in rsa_key) {
diff --git a/dist/jose.min.js b/dist/jose.min.js
index ebf167a..b1643b2 100644
--- a/dist/jose.min.js
+++ b/dist/jose.min.js
@@ -1 +1 @@
-!function(e,t,r,n,a){"use strict";t.subtle||(t.subtle=t.webkitSubtle);var i={},o={},s={};e.setCrypto=function(e){i.crypto=e},void 0!==t&&e.setCrypto(t),"function"!=typeof atob&&(atob=function(e){return new Buffer(e,"base64").toString("binary")}),"function"!=typeof btoa&&(btoa=function(e){return(e instanceof Buffer?e:new Buffer(e.toString(),"binary")).toString("base64")}),i.caniuse=function(){var e=!0;return e=e&&"function"==typeof r,e=e&&"function"==typeof r.reject,e=e&&"function"==typeof r.prototype.then,e=e&&"function"==typeof r.all,e=e&&"object"==typeof i.crypto,e=e&&"object"==typeof i.crypto.subtle,e=e&&"function"==typeof i.crypto.getRandomValues,e=e&&"function"==typeof i.crypto.subtle.importKey,e=e&&"function"==typeof i.crypto.subtle.generateKey,e=e&&"function"==typeof i.crypto.subtle.exportKey,e=e&&"function"==typeof i.crypto.subtle.wrapKey,e=e&&"function"==typeof i.crypto.subtle.unwrapKey,e=e&&"function"==typeof i.crypto.subtle.encrypt,e=e&&"function"==typeof i.crypto.subtle.decrypt,e=e&&"function"==typeof i.crypto.subtle.sign,e=e&&"function"==typeof ArrayBuffer,e=e&&("function"==typeof a||"object"==typeof a),e=e&&("function"==typeof Uint32Array||"object"==typeof Uint32Array),e=e&&"object"==typeof JSON,e=e&&"function"==typeof JSON.parse,e=e&&"function"==typeof JSON.stringify,e=e&&"function"==typeof atob,e=e&&"function"==typeof btoa},i.assert=function(e,t){if(!e)throw new n(t)},e.Jose=i,e.JoseJWE=o,e.JoseJWS=s;var c=function(){this.setKeyEncryptionAlgorithm("RSA-OAEP"),this.setContentEncryptionAlgorithm("A256GCM"),this.setContentSignAlgorithm("RS256")};i.WebCryptographer=c,c.prototype.setKeyEncryptionAlgorithm=function(e){this.key_encryption=u(e)},c.prototype.getKeyEncryptionAlgorithm=function(){return this.key_encryption.jwe_name},c.prototype.setContentEncryptionAlgorithm=function(e){this.content_encryption=u(e)},c.prototype.getContentEncryptionAlgorithm=function(){return this.content_encryption.jwe_name},c.prototype.setContentSignAlgorithm=function(e){this.content_sign=f(e)},c.prototype.getContentSignAlgorithm=function(){return this.content_sign.jwa_name},c.prototype.createIV=function(){var e=new a(new Array(this.content_encryption.iv_bytes));return i.crypto.getRandomValues(e)},c.prototype.createCek=function(){var e=y(this.content_encryption);return i.crypto.subtle.generateKey(e.id,!0,e.enc_op)},c.prototype.wrapCek=function(e,t){return i.crypto.subtle.wrapKey("raw",e,t,this.key_encryption.id)},c.prototype.unwrapCek=function(e,t){var r=y(this.content_encryption),n=this.content_encryption.specific_cek_bytes>0,a=this.key_encryption.id;return i.crypto.subtle.unwrapKey("raw",e,t,a,r.id,n,r.dec_op)};var y=function(e){var t=e.specific_cek_bytes;if(t){if(16==t)return{id:{name:"AES-CBC",length:128},enc_op:["encrypt"],dec_op:["decrypt"]};if(32==t)return{id:{name:"AES-CBC",length:256},enc_op:["encrypt"],dec_op:["decrypt"]};if(64==t)return{id:{name:"HMAC",hash:{name:"SHA-256"}},enc_op:["sign"],dec_op:["verify"]};if(128==t)return{id:{name:"HMAC",hash:{name:"SHA-384"}},enc_op:["sign"],dec_op:["verify"]};i.assert(!1,"getCekWorkaround: invalid len")}return{id:e.id,enc_op:["encrypt"],dec_op:["decrypt"]}};c.prototype.encrypt=function(e,t,a,o){var s=this.content_encryption;if(e.length!=s.iv_bytes)return r.reject(n("invalid IV length"));if(s.auth.aead){var c=s.auth.tag_bytes,y={name:s.id.name,iv:e,additionalData:t,tagLength:8*c};return a.then(function(e){return i.crypto.subtle.encrypt(y,e,o).then(function(e){var t=e.byteLength-c;return{cipher:e.slice(0,t),tag:e.slice(t)}})})}var u=p(s,a,["encrypt"]),f=u[0],d=u[1].then(function(t){var r={name:s.id.name,iv:e};return i.crypto.subtle.encrypt(r,t,o)}),g=d.then(function(r){return h(s,f,t,e,r)});return r.all([d,g]).then(function(e){return{cipher:e[0],tag:e[1]}})},c.prototype.decrypt=function(e,t,o,s,c){var y=function(e,t,o,s){return i.assert(o instanceof a,"compare: invalid input"),i.assert(s instanceof a,"compare: invalid input"),t.then(function(t){var c=i.crypto.subtle.sign(e.auth.id,t,o),y=i.crypto.subtle.sign(e.auth.id,t,s);return r.all([c,y]).then(function(e){var t=new a(e[0]),i=new a(e[1]);if(t.length!=i.length)throw new n("compare failed");for(var o=0;o<t.length;o++)if(t[o]!=i[o])throw new n("compare failed");return r.resolve(null)})})};if(o.length!=this.content_encryption.iv_bytes)return r.reject(n("decryptCiphertext: invalid IV"));var u=this.content_encryption;if(u.auth.aead){var f={name:u.id.name,iv:o,additionalData:t,tagLength:8*u.auth.tag_bytes};return e.then(function(e){var t=l.arrayBufferConcat(s,c);return i.crypto.subtle.decrypt(f,e,t)})}var d=p(u,e,["decrypt"]),g=d[0],m=d[1],S=h(u,g,t,o,s);return r.all([m,S]).then(function(e){var t=e[0],p=e[1];return y(u,g,new a(p),c).then(function(){var e={name:u.id.name,iv:o};return i.crypto.subtle.decrypt(e,t,s)}).catch(function(e){return r.reject(n("decryptCiphertext: MAC failed."))})})},c.prototype.sign=function(e,t,r){var n=this.content_sign;return e.alg&&(n=f(e.alg)),r.then(function(r){return i.crypto.subtle.sign(n.id,r,l.arrayFromString(l.Base64Url.encode(JSON.stringify(e))+"."+l.Base64Url.encodeArray(t)))})},c.prototype.verify=function(e,t,r,n,a){var o=this.content_sign;return n.then(function(n){return o=f(d(n)),i.crypto.subtle.verify(o.id,n,r,l.arrayFromString(e+"."+t)).then(function(e){return{kid:a,verified:e}})})},i.WebCryptographer.keyId=function(e){return l.sha256(e.n+"+"+e.d)};var p=function(e,t,a){var o=t.then(function(e){return i.crypto.subtle.exportKey("raw",e)});return[o.then(function(t){if(8*t.byteLength!=e.id.length+8*e.auth.key_bytes)return r.reject(n("encryptPlainText: incorrect cek length"));var a=t.slice(0,e.auth.key_bytes);return i.crypto.subtle.importKey("raw",a,e.auth.id,!1,["sign"])}),o.then(function(t){if(8*t.byteLength!=e.id.length+8*e.auth.key_bytes)return r.reject(n("encryptPlainText: incorrect cek length"));var o=t.slice(e.auth.key_bytes);return i.crypto.subtle.importKey("raw",o,e.id,!1,a)})]},u=function(e){switch(e){case"RSA-OAEP":return{jwe_name:"RSA-OAEP",id:{name:"RSA-OAEP",hash:{name:"SHA-1"}}};case"RSA-OAEP-256":return{jwe_name:"RSA-OAEP-256",id:{name:"RSA-OAEP",hash:{name:"SHA-256"}}};case"A128KW":return{jwe_name:"A128KW",id:{name:"AES-KW",length:128}};case"A256KW":return{jwe_name:"A256KW",id:{name:"AES-KW",length:256}};case"dir":return{jwe_name:"dir"};case"A128CBC-HS256":return{jwe_name:"A128CBC-HS256",id:{name:"AES-CBC",length:128},iv_bytes:16,specific_cek_bytes:32,auth:{key_bytes:16,id:{name:"HMAC",hash:{name:"SHA-256"}},truncated_bytes:16}};case"A256CBC-HS512":return{jwe_name:"A256CBC-HS512",id:{name:"AES-CBC",length:256},iv_bytes:16,specific_cek_bytes:64,auth:{key_bytes:32,id:{name:"HMAC",hash:{name:"SHA-512"}},truncated_bytes:32}};case"A128GCM":return{jwe_name:"A128GCM",id:{name:"AES-GCM",length:128},iv_bytes:12,auth:{aead:!0,tag_bytes:16}};case"A256GCM":return{jwe_name:"A256GCM",id:{name:"AES-GCM",length:256},iv_bytes:12,auth:{aead:!0,tag_bytes:16}};default:throw n("unsupported algorithm: "+e)}},h=function(e,t,r,n,o){return t.then(function(t){var s=new a(l.arrayFromInt32(8*r.length)),c=new a(8);c.set(s,4);var y=l.arrayBufferConcat(r,n,o,c);return i.crypto.subtle.sign(e.auth.id,t,y).then(function(t){return t.slice(0,e.auth.truncated_bytes)})})},f=function(e){switch(e){case"RS256":return{jwa_name:"RS256",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-256"}}};case"RS384":return{jwa_name:"RS384",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-384"}}};case"RS512":return{jwa_name:"RS512",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-512"}}};case"PS256":return{jwa_name:"PS256",id:{name:"RSA-PSS",hash:{name:"SHA-256"},saltLength:20}};case"PS384":return{jwa_name:"PS384",id:{name:"RSA-PSS",hash:{name:"SHA-384"},saltLength:20}};case"PS512":return{jwa_name:"PS512",id:{name:"RSA-PSS",hash:{name:"SHA-512"},saltLength:20}};case"HS256":return{jwa_name:"HS256",id:{name:"HMAC",hash:{name:"SHA-256"}}};case"HS384":return{jwa_name:"HS384",id:{name:"HMAC",hash:{name:"SHA-384"}}};case"HS512":return{jwa_name:"HS512",id:{name:"HMAC",hash:{name:"SHA-512"}}};case"ES256":return{jwa_name:"ES256",id:{name:"ECDSA",hash:{name:"SHA-256"}}};case"ES384":return{jwa_name:"ES384",id:{name:"ECDSA",hash:{name:"SHA-384"}}};case"ES512":return{jwa_name:"ES512",id:{name:"ECDSA",hash:{name:"SHA-512"}}};default:throw n("unsupported algorithm: "+e)}},d=function(e){var t="",r=e.algorithm.name,a=e.algorithm.hash.name;if("RSASSA-PKCS1-v1_5"==r)t="R";else{if("RSA-PSS"!=r)throw new n("unsupported sign/verify algorithm "+r);t="P"}if(0!==a.indexOf("SHA-"))throw new n("unsupported hash algorithm "+r);return t+="S",t+=a.substring(4)},g=function(e){switch(e){case"RS256":case"RS384":case"RS512":case"PS256":case"PS384":case"PS512":case"HS256":case"HS384":case"HS512":case"ES256":case"ES384":case"ES512":return{publicKey:"verify",privateKey:"sign"};case"RSA-OAEP":case"RSA-OAEP-256":case"A128KW":case"A256KW":return{publicKey:"wrapKey",privateKey:"unwrapKey"};default:throw n("unsupported algorithm: "+e)}};i.Utils={};var l={};i.Utils.importRsaPublicKey=function(e,t){var r,n,a=g(t);if("wrapKey"==a.publicKey)e.alg||(e.alg=t),r=l.convertRsaKey(e,["n","e"]),n=u(t);else{var o={};for(var s in e)e.hasOwnProperty(s)&&(o[s]=e[s]);!o.alg&&t&&(o.alg=t),n=f(o.alg),(r=l.convertRsaKey(o,["n","e"])).ext=!0}return i.crypto.subtle.importKey("jwk",r,n.id,!1,[a.publicKey])},i.Utils.importRsaPrivateKey=function(e,t){var r,n,a=g(t);if("unwrapKey"==a.privateKey)e.alg||(e.alg=t),r=l.convertRsaKey(e,["n","e","d","p","q","dp","dq","qi"]),n=u("RSA-OAEP");else{var o={};for(var s in e)e.hasOwnProperty(s)&&(o[s]=e[s]);n=f(t),!o.alg&&t&&(o.alg=t),(r=l.convertRsaKey(o,["n","e","d","p","q","dp","dq","qi"])).ext=!0}return i.crypto.subtle.importKey("jwk",r,n.id,!1,[a.privateKey])},l.isString=function(e){return"string"==typeof e||e instanceof String},l.arrayish=function(e){return e instanceof Array?e:e instanceof a?e:e instanceof ArrayBuffer?new a(e):void i.assert(!1,"arrayish: invalid input")},l.convertRsaKey=function(e,t){var r,n={},a=[];t.map(function(t){void 0===e[t]&&a.push(t)}),a.length>0&&i.assert(!1,"convertRsaKey: Was expecting "+a.join()),void 0!==e.kty&&i.assert("RSA"==e.kty,"convertRsaKey: expecting rsa_key['kty'] to be 'RSA'"),n.kty="RSA";try{f(e.alg),r=e.alg}catch(t){try{u(e.alg),r=e.alg}catch(e){i.assert(r,"convertRsaKey: expecting rsa_key['alg'] to have a valid value")}}n.alg=r;for(var o=0;o<t.length;o++){var s=t[o],c=e[s];if("e"==s)"number"==typeof c&&(c=l.Base64Url.encodeArray(l.stripLeadingZeros(l.arrayFromInt32(c))));else if(/^([0-9a-fA-F]{2}:)+[0-9a-fA-F]{2}$/.test(c)){var y=c.split(":").map(function(e){return parseInt(e,16)});c=l.Base64Url.encodeArray(l.stripLeadingZeros(y))}else"string"!=typeof c&&i.assert(!1,"convertRsaKey: expecting rsa_key['"+s+"'] to be a string");n[s]=c}return n},l.arrayFromString=function(e){i.assert(l.isString(e),"arrayFromString: invalid input");var t=e.split("").map(function(e){return e.charCodeAt(0)});return new a(t)},l.arrayFromUtf8String=function(e){return i.assert(l.isString(e),"arrayFromUtf8String: invalid input"),e=unescape(encodeURIComponent(e)),l.arrayFromString(e)},l.stringFromArray=function(e){e=l.arrayish(e);for(var t="",r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t},l.utf8StringFromArray=function(e){i.assert(e instanceof ArrayBuffer,"utf8StringFromArray: invalid input");var t=l.stringFromArray(e);return decodeURIComponent(escape(t))},l.stripLeadingZeros=function(e){e instanceof ArrayBuffer&&(e=new a(e));for(var t=!0,r=[],n=0;n<e.length;n++)t&&0===e[n]||(t=!1,r.push(e[n]));return r},l.arrayFromInt32=function(e){i.assert("number"==typeof e,"arrayFromInt32: invalid input"),i.assert(e==e|0,"arrayFromInt32: out of range");for(var t=new a(new Uint32Array([e]).buffer),r=new a(4),n=0;n<4;n++)r[n]=t[3-n];return r.buffer},l.arrayBufferConcat=function(){for(var e=[],t=0,r=0;r<arguments.length;r++)e.push(l.arrayish(arguments[r])),t+=e[r].length;var n=new a(t),o=0;for(r=0;r<arguments.length;r++)for(var s=0;s<e[r].length;s++)n[o++]=e[r][s];return i.assert(o==t,"arrayBufferConcat: unexpected offset"),n},l.Base64Url={},l.Base64Url.encode=function(e){return i.assert(l.isString(e),"Base64Url.encode: invalid input"),btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},l.Base64Url.encodeArray=function(e){return l.Base64Url.encode(l.stringFromArray(e))},l.Base64Url.decode=function(e){return i.assert(l.isString(e),"Base64Url.decode: invalid input"),atob(e.replace(/-/g,"+").replace(/_/g,"/"))},l.Base64Url.decodeArray=function(e){return i.assert(l.isString(e),"Base64Url.decodeArray: invalid input"),l.arrayFromString(l.Base64Url.decode(e))},l.sha256=function(e){return i.crypto.subtle.digest({name:"SHA-256"},l.arrayFromString(e)).then(function(e){return l.Base64Url.encodeArray(e)})},l.isCryptoKey=function(e){return"CryptoKey"==e.constructor.name||!!e.hasOwnProperty("algorithm")},o.Encrypter=function(e,t){this.cryptographer=e,this.key_promise=t,this.userHeaders={}},o.Encrypter.prototype.addHeader=function(e,t){this.userHeaders[e]=t},o.Encrypter.prototype.encrypt=function(e){var t,n;"dir"==this.cryptographer.getKeyEncryptionAlgorithm()?(t=r.resolve(this.key_promise),n=[]):(t=this.cryptographer.createCek(),n=r.all([this.key_promise,t]).then(function(e){var t=e[0],r=e[1];return this.cryptographer.wrapCek(r,t)}.bind(this)));var a=function(e,t){var r={};for(var n in this.userHeaders)r[n]=this.userHeaders[n];r.alg=this.cryptographer.getKeyEncryptionAlgorithm(),r.enc=this.cryptographer.getContentEncryptionAlgorithm();var a=l.Base64Url.encode(JSON.stringify(r)),i=this.cryptographer.createIV(),o=l.arrayFromString(a);return t=l.arrayFromUtf8String(t),this.cryptographer.encrypt(i,o,e,t).then(function(e){return e.header=a,e.iv=i,e})}.bind(this,t,e)();return r.all([n,a]).then(function(e){var t=e[0],r=e[1];return r.header+"."+l.Base64Url.encodeArray(t)+"."+l.Base64Url.encodeArray(r.iv)+"."+l.Base64Url.encodeArray(r.cipher)+"."+l.Base64Url.encodeArray(r.tag)})},o.Decrypter=function(e,t){this.cryptographer=e,this.key_promise=t,this.headers={}},o.Decrypter.prototype.getHeaders=function(){return this.headers},o.Decrypter.prototype.decrypt=function(e){var t=e.split(".");if(5!=t.length)return r.reject(n("decrypt: invalid input"));if(this.headers=JSON.parse(l.Base64Url.decode(t[0])),!this.headers.alg)return r.reject(n("decrypt: missing alg"));if(!this.headers.enc)return r.reject(n("decrypt: missing enc"));if(this.cryptographer.setKeyEncryptionAlgorithm(this.headers.alg),this.cryptographer.setContentEncryptionAlgorithm(this.headers.enc),this.headers.crit)return r.reject(n("decrypt: crit is not supported"));var a;if("dir"==this.headers.alg)a=r.resolve(this.key_promise);else{var i=l.Base64Url.decodeArray(t[1]);a=this.key_promise.then(function(e){return this.cryptographer.unwrapCek(i,e)}.bind(this))}return this.cryptographer.decrypt(a,l.arrayFromString(t[0]),l.Base64Url.decodeArray(t[2]),l.Base64Url.decodeArray(t[3]),l.Base64Url.decodeArray(t[4])).then(l.utf8StringFromArray)},s.Signer=function(e){this.cryptographer=e,this.key_promises={},this.waiting_kid=0,this.headers={},this.signer_aads={},this.signer_headers={}},s.Signer.prototype.addSigner=function(e,t,a,o){var s,c=this;if(l.isCryptoKey(e))s=new r(function(t){t(e)});else{var y;y=a&&a.alg?a.alg:c.cryptographer.getContentSignAlgorithm(),s=i.Utils.importRsaPrivateKey(e,y,"sign")}var p;if(t)p=new r(function(e){e(t)});else{if(l.isCryptoKey(e))throw new n("key_id is a mandatory argument when the key is a CryptoKey");p=i.WebCryptographer.keyId(e)}return c.waiting_kid++,p.then(function(e){return c.key_promises[e]=s,c.waiting_kid--,a&&(c.signer_aads[e]=a),o&&(c.signer_headers[e]=o),e})},s.Signer.prototype.addSignature=function(e,t,r){if(l.isString(e)&&(e=JSON.parse(e)),e.payload&&l.isString(e.payload)&&e.protected&&l.isString(e.protected)&&e.header&&e.header instanceof Object&&e.signature&&l.isString(e.signature))return this.sign(m.fromObject(e),t,r);throw new n("JWS is not a valid JWS object")},s.Signer.prototype.sign=function(e,t,r){function a(e,t,r,a,i){var s;if(t||(t={}),t.alg||(t.alg=o.cryptographer.getContentSignAlgorithm(),t.typ="JWT"),t.kid||(t.kid=i),l.isString(e))s=l.arrayFromUtf8String(e);else try{s=l.arrayish(e)}catch(t){if(e instanceof m)s=l.arrayFromString(l.Base64Url.decode(e.payload));else{if(!(e instanceof Object))throw new n("cannot sign this message");s=l.arrayFromUtf8String(JSON.stringify(e))}}return o.cryptographer.sign(t,s,a).then(function(n){var a=new m(t,r,s,n);return e instanceof m?(delete a.payload,e.signatures?e.signatures.push(a):e.signatures=[a],e):a})}function i(e,t,r,n,s){if(s.length){var c=s.shift(),y=a(e,o.signer_aads[c]||t,o.signer_headers[c]||r,n[c],c);return s.length&&(y=y.then(function(e){return i(e,null,null,n,s)})),y}}var o=this,s=[];if(0===Object.keys(o.key_promises).length)throw new n("No signers defined. At least one is required to sign the JWS.");if(o.waiting_kid)throw new n("still generating key IDs");for(var c in o.key_promises)o.key_promises.hasOwnProperty(c)&&s.push(c);return i(e,t,r,o.key_promises,s)};var m=function(e,t,r,n){this.header=t,this.payload=l.Base64Url.encodeArray(r),n&&(this.signature=l.Base64Url.encodeArray(n)),this.protected=l.Base64Url.encode(JSON.stringify(e))};m.fromObject=function(e){var t=new m(e.protected,e.header,e.payload,null);return t.signature=e.signature,t.signatures=e.signatures,t},m.prototype.JsonSerialize=function(){return JSON.stringify(this)},m.prototype.CompactSerialize=function(){return this.protected+"."+this.payload+"."+this.signature},s.Verifier=function(e,t,r){var a,o,s,c,y,p,u,h=this,f=/^([0-9a-z_\-]+)\.([0-9a-z_\-]+)\.([0-9a-z_\-]+)$/i;if(h.cryptographer=e,a=e.getContentSignAlgorithm(),h.cryptographer=new i.WebCryptographer,l.isString(t))if(o=f.exec(t)){if(4!=o.length)throw new n("wrong JWS compact serialization format");t={protected:o[1],payload:o[2],signature:o[3]}}else t=JSON.parse(t);else if("object"!=typeof t)throw new n("data format not supported");s=t.protected,c=t.header,y=t.payload,(p=t.signatures instanceof Array?t.signatures.slice(0):[]).forEach(function(e){e.aad=e.protected,e.protected=JSON.parse(l.Base64Url.decode(e.protected))}),h.aad=s,u=l.Base64Url.decode(s);try{u=JSON.parse(u)}catch(e){}if(!u&&!c)throw new n("at least one header is required");if(!u.alg)throw new n("'alg' is a mandatory header");if(u.alg!=a)throw new n("the alg header '"+u.alg+"' doesn't match the requested algorithm '"+a+"'");if(u&&u.typ&&"JWT"!=u.typ)throw new n("typ '"+u.typ+"' not supported");t.signature&&p.unshift({aad:s,protected:u,header:c,signature:t.signature}),h.signatures=[];for(var d=0;d<p.length;d++)h.signatures[d]=JSON.parse(JSON.stringify(p[d])),h.signatures[d].signature=l.arrayFromString(l.Base64Url.decode(p[d].signature));h.payload=y,h.key_promises={},h.waiting_kid=0,r&&(h.keyfinder=r)},s.Verifier.prototype.addRecipient=function(e,t,a){var o,s=this,c=l.isCryptoKey(e)?new r(function(t){t(e)}):i.Utils.importRsaPublicKey(e,a||s.cryptographer.getContentSignAlgorithm(),"verify");if(t)o=new r(function(e){e(t)});else{if(l.isCryptoKey(e))throw new n("key_id is a mandatory argument when the key is a CryptoKey");console.log("it's not safe to not pass a key_id"),o=i.WebCryptographer.keyId(e)}return s.waiting_kid++,o.then(function(e){return s.key_promises[e]=c,s.waiting_kid--,e})},s.Verifier.prototype.verify=function(){var e=this,t=e.signatures,a=e.key_promises,i=e.keyfinder,o=[];if(!(!!i||Object.keys(e.key_promises).length>0))throw new n("No recipients defined. At least one is required to verify the JWS.");if(e.waiting_kid)throw new n("still generating key IDs");return t.forEach(function(t){var r=t.protected.kid;i&&(a[r]=i(r)),o.push(e.cryptographer.verify(t.aad,e.payload,t.signature,a[r],r).then(function(t){return t.verified&&(t.payload=l.Base64Url.decode(e.payload)),t}))}),r.all(o)}}(window,window.crypto,window.Promise,window.Error,window.Uint8Array);
\ No newline at end of file
+!function(e,t,h,f,d){"use strict";t.subtle||(t.subtle=t.webkitSubtle);var g={},r={},n={};e.setCrypto=function(e){g.crypto=e},void 0!==t&&e.setCrypto(t),"function"!=typeof atob&&(atob=function(e){return new Buffer(e,"base64").toString("binary")}),"function"!=typeof btoa&&(btoa=function(e){return(e instanceof Buffer?e:new Buffer(e.toString(),"binary")).toString("base64")}),g.caniuse=function(){var e=!0;return e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=(e=e&&"function"==typeof h)&&"function"==typeof h.reject)&&"function"==typeof h.prototype.then)&&"function"==typeof h.all)&&"object"==typeof g.crypto)&&"object"==typeof g.crypto.subtle)&&"function"==typeof g.crypto.getRandomValues)&&"function"==typeof g.crypto.subtle.importKey)&&"function"==typeof g.crypto.subtle.generateKey)&&"function"==typeof g.crypto.subtle.exportKey)&&"function"==typeof g.crypto.subtle.wrapKey)&&"function"==typeof g.crypto.subtle.unwrapKey)&&"function"==typeof g.crypto.subtle.encrypt)&&"function"==typeof g.crypto.subtle.decrypt)&&"function"==typeof g.crypto.subtle.sign)&&"function"==typeof ArrayBuffer)&&("function"==typeof d||"object"==typeof d))&&("function"==typeof Uint32Array||"object"==typeof Uint32Array))&&"object"==typeof JSON)&&"function"==typeof JSON.parse)&&"function"==typeof JSON.stringify)&&"function"==typeof atob)&&"function"==typeof btoa},g.assert=function(e,t){if(!e)throw new f(t)},e.Jose=g,e.JoseJWE=r,e.JoseJWS=n;var a=function(){this.setKeyEncryptionAlgorithm("RSA-OAEP"),this.setContentEncryptionAlgorithm("A256GCM"),this.setContentSignAlgorithm("RS256")};(g.WebCryptographer=a).prototype.setKeyEncryptionAlgorithm=function(e){this.key_encryption=p(e)},a.prototype.getKeyEncryptionAlgorithm=function(){return this.key_encryption.jwe_name},a.prototype.setContentEncryptionAlgorithm=function(e){this.content_encryption=p(e)},a.prototype.getContentEncryptionAlgorithm=function(){return this.content_encryption.jwe_name},a.prototype.setContentSignAlgorithm=function(e){this.content_sign=u(e)},a.prototype.getContentSignAlgorithm=function(){return this.content_sign.jwa_name},a.prototype.createIV=function(){var e=new d(new Array(this.content_encryption.iv_bytes));return g.crypto.getRandomValues(e)},a.prototype.createCek=function(){var e=i(this.content_encryption);return g.crypto.subtle.generateKey(e.id,!0,e.enc_op)},a.prototype.wrapCek=function(e,t){return g.crypto.subtle.wrapKey("raw",e,t,this.key_encryption.id)},a.prototype.unwrapCek=function(e,t){var r=i(this.content_encryption),n=0<this.content_encryption.specific_cek_bytes,a=this.key_encryption.id;return g.crypto.subtle.unwrapKey("raw",e,t,a,r.id,n,r.dec_op)};var i=function(e){var t=e.specific_cek_bytes;if(t){if(16==t)return{id:{name:"AES-CBC",length:128},enc_op:["encrypt"],dec_op:["decrypt"]};if(32==t)return{id:{name:"AES-CBC",length:256},enc_op:["encrypt"],dec_op:["decrypt"]};if(64==t)return{id:{name:"HMAC",hash:{name:"SHA-256"}},enc_op:["sign"],dec_op:["verify"]};if(128==t)return{id:{name:"HMAC",hash:{name:"SHA-384"}},enc_op:["sign"],dec_op:["verify"]};g.assert(!1,"getCekWorkaround: invalid len")}return{id:e.id,enc_op:["encrypt"],dec_op:["decrypt"]}};a.prototype.encrypt=function(r,t,e,n){var a=this.content_encryption;if(r.length!=a.iv_bytes)return h.reject(f("invalid IV length"));if(a.auth.aead){var i=a.auth.tag_bytes,o={name:a.id.name,iv:r,additionalData:t,tagLength:8*i};return e.then(function(e){return g.crypto.subtle.encrypt(o,e,n).then(function(e){var t=e.byteLength-i;return{cipher:e.slice(0,t),tag:e.slice(t)}})})}var s=l(a,e,["encrypt"]),c=s[0],y=s[1].then(function(e){var t={name:a.id.name,iv:r};return g.crypto.subtle.encrypt(t,e,n)}),p=y.then(function(e){return m(a,c,t,r,e)});return h.all([y,p]).then(function(e){return{cipher:e[0],tag:e[1]}})},a.prototype.decrypt=function(e,t,s,c,y){if(s.length!=this.content_encryption.iv_bytes)return h.reject(f("decryptCiphertext: invalid IV"));var p=this.content_encryption;if(p.auth.aead){var r={name:p.id.name,iv:s,additionalData:t,tagLength:8*p.auth.tag_bytes};return e.then(function(e){var t=S.arrayBufferConcat(c,y);return g.crypto.subtle.decrypt(r,e,t)})}var n=l(p,e,["decrypt"]),u=n[0],a=n[1],i=m(p,u,t,s,c);return h.all([a,i]).then(function(e){var n,t,a,i,r=e[0],o=e[1];return(n=p,t=u,a=new d(o),i=y,g.assert(a instanceof d,"compare: invalid input"),g.assert(i instanceof d,"compare: invalid input"),t.then(function(e){var t=g.crypto.subtle.sign(n.auth.id,e,a),r=g.crypto.subtle.sign(n.auth.id,e,i);return h.all([t,r]).then(function(e){var t=new d(e[0]),r=new d(e[1]);if(t.length!=r.length)throw new f("compare failed");for(var n=0;n<t.length;n++)if(t[n]!=r[n])throw new f("compare failed");return h.resolve(null)})})).then(function(){var e={name:p.id.name,iv:s};return g.crypto.subtle.decrypt(e,r,c)}).catch(function(e){return h.reject(f("decryptCiphertext: MAC failed."))})})},a.prototype.sign=function(t,r,e){var n=this.content_sign;return t.alg&&(n=u(t.alg)),e.then(function(e){return g.crypto.subtle.sign(n.id,e,S.arrayFromString(S.Base64Url.encode(JSON.stringify(t))+"."+S.Base64Url.encodeArray(r)))})},a.prototype.verify=function(t,r,n,e,a){var i=this.content_sign;return e.then(function(e){return i=u(o(e)),g.crypto.subtle.verify(i.id,e,n,S.arrayFromString(t+"."+r)).then(function(e){return{kid:a,verified:e}})})},g.WebCryptographer.keyId=function(e){return S.sha256(e.n+"+"+e.d)};var l=function(r,e,n){var t=e.then(function(e){return g.crypto.subtle.exportKey("raw",e)});return[t.then(function(e){if(8*e.byteLength!=r.id.length+8*r.auth.key_bytes)return h.reject(f("encryptPlainText: incorrect cek length"));var t=e.slice(0,r.auth.key_bytes);return g.crypto.subtle.importKey("raw",t,r.auth.id,!1,["sign"])}),t.then(function(e){if(8*e.byteLength!=r.id.length+8*r.auth.key_bytes)return h.reject(f("encryptPlainText: incorrect cek length"));var t=e.slice(r.auth.key_bytes);return g.crypto.subtle.importKey("raw",t,r.id,!1,n)})]},p=function(e){switch(e){case"RSA-OAEP":return{jwe_name:"RSA-OAEP",id:{name:"RSA-OAEP",hash:{name:"SHA-1"}}};case"RSA-OAEP-256":return{jwe_name:"RSA-OAEP-256",id:{name:"RSA-OAEP",hash:{name:"SHA-256"}}};case"A128KW":return{jwe_name:"A128KW",id:{name:"AES-KW",length:128}};case"A256KW":return{jwe_name:"A256KW",id:{name:"AES-KW",length:256}};case"dir":return{jwe_name:"dir"};case"A128CBC-HS256":return{jwe_name:"A128CBC-HS256",id:{name:"AES-CBC",length:128},iv_bytes:16,specific_cek_bytes:32,auth:{key_bytes:16,id:{name:"HMAC",hash:{name:"SHA-256"}},truncated_bytes:16}};case"A256CBC-HS512":return{jwe_name:"A256CBC-HS512",id:{name:"AES-CBC",length:256},iv_bytes:16,specific_cek_bytes:64,auth:{key_bytes:32,id:{name:"HMAC",hash:{name:"SHA-512"}},truncated_bytes:32}};case"A128GCM":return{jwe_name:"A128GCM",id:{name:"AES-GCM",length:128},iv_bytes:12,auth:{aead:!0,tag_bytes:16}};case"A256GCM":return{jwe_name:"A256GCM",id:{name:"AES-GCM",length:256},iv_bytes:12,auth:{aead:!0,tag_bytes:16}};default:throw f("unsupported algorithm: "+e)}},m=function(a,e,i,o,s){return e.then(function(e){var t=new d(S.arrayFromInt32(8*i.length)),r=new d(8);r.set(t,4);var n=S.arrayBufferConcat(i,o,s,r);return g.crypto.subtle.sign(a.auth.id,e,n).then(function(e){return e.slice(0,a.auth.truncated_bytes)})})},u=function(e){switch(e){case"RS256":return{jwa_name:"RS256",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-256"}}};case"RS384":return{jwa_name:"RS384",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-384"}}};case"RS512":return{jwa_name:"RS512",id:{name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-512"}}};case"PS256":return{jwa_name:"PS256",id:{name:"RSA-PSS",hash:{name:"SHA-256"},saltLength:20}};case"PS384":return{jwa_name:"PS384",id:{name:"RSA-PSS",hash:{name:"SHA-384"},saltLength:20}};case"PS512":return{jwa_name:"PS512",id:{name:"RSA-PSS",hash:{name:"SHA-512"},saltLength:20}};case"HS256":return{jwa_name:"HS256",id:{name:"HMAC",hash:{name:"SHA-256"}}};case"HS384":return{jwa_name:"HS384",id:{name:"HMAC",hash:{name:"SHA-384"}}};case"HS512":return{jwa_name:"HS512",id:{name:"HMAC",hash:{name:"SHA-512"}}};case"ES256":return{jwa_name:"ES256",id:{name:"ECDSA",hash:{name:"SHA-256"}}};case"ES384":return{jwa_name:"ES384",id:{name:"ECDSA",hash:{name:"SHA-384"}}};case"ES512":return{jwa_name:"ES512",id:{name:"ECDSA",hash:{name:"SHA-512"}}};default:throw f("unsupported algorithm: "+e)}},o=function(e){var t="",r=e.algorithm.name,n=e.algorithm.hash.name;if("RSASSA-PKCS1-v1_5"==r)t="R";else{if("RSA-PSS"!=r)throw new f("unsupported sign/verify algorithm "+r);t="P"}if(0!==n.indexOf("SHA-"))throw new f("unsupported hash algorithm "+r);return t+="S",t+=n.substring(4)},s=function(e){switch(e){case"RS256":case"RS384":case"RS512":case"PS256":case"PS384":case"PS512":case"HS256":case"HS384":case"HS512":case"ES256":case"ES384":case"ES512":return{publicKey:"verify",privateKey:"sign"};case"RSA-OAEP":case"RSA-OAEP-256":case"A128KW":case"A256KW":return{publicKey:"wrapKey",privateKey:"unwrapKey"};default:throw f("unsupported algorithm: "+e)}};g.Utils={};var S={};g.Utils.importRsaPublicKey=function(e,t){var r,n,a=s(t);if("wrapKey"==a.publicKey)e.alg||(e.alg=t),r=S.convertRsaKey(e,["n","e"]),n=p(t);else{var i={};for(var o in e)e.hasOwnProperty(o)&&(i[o]=e[o]);!i.alg&&t&&(i.alg=t),n=u(i.alg),(r=S.convertRsaKey(i,["n","e"])).ext=!0}return g.crypto.subtle.importKey("jwk",r,n.id,!1,[a.publicKey])},g.Utils.importRsaPrivateKey=function(e,t){var r,n,a=s(t);if("unwrapKey"==a.privateKey)e.alg||(e.alg=t),r=S.convertRsaKey(e,["n","e","d","p","q","dp","dq","qi"]),n=p(t);else{var i={};for(var o in e)e.hasOwnProperty(o)&&(i[o]=e[o]);n=u(t),!i.alg&&t&&(i.alg=t),(r=S.convertRsaKey(i,["n","e","d","p","q","dp","dq","qi"])).ext=!0}return g.crypto.subtle.importKey("jwk",r,n.id,!1,[a.privateKey])},S.isString=function(e){return"string"==typeof e||e instanceof String},S.arrayish=function(e){return e instanceof Array?e:e instanceof d?e:e instanceof ArrayBuffer?new d(e):void g.assert(!1,"arrayish: invalid input")},S.convertRsaKey=function(t,e){var r,n={},a=[];e.map(function(e){void 0===t[e]&&a.push(e)}),0<a.length&&g.assert(!1,"convertRsaKey: Was expecting "+a.join()),void 0!==t.kty&&g.assert("RSA"==t.kty,"convertRsaKey: expecting rsa_key['kty'] to be 'RSA'"),n.kty="RSA";try{u(t.alg),r=t.alg}catch(e){try{p(t.alg),r=t.alg}catch(e){g.assert(r,"convertRsaKey: expecting rsa_key['alg'] to have a valid value")}}n.alg=r;for(var i=function(e){return parseInt(e,16)},o=0;o<e.length;o++){var s=e[o],c=t[s];if("e"==s)"number"==typeof c&&(c=S.Base64Url.encodeArray(S.stripLeadingZeros(S.arrayFromInt32(c))));else if(/^([0-9a-fA-F]{2}:)+[0-9a-fA-F]{2}$/.test(c)){var y=c.split(":").map(i);c=S.Base64Url.encodeArray(S.stripLeadingZeros(y))}else"string"!=typeof c&&g.assert(!1,"convertRsaKey: expecting rsa_key['"+s+"'] to be a string");n[s]=c}return n},S.arrayFromString=function(e){g.assert(S.isString(e),"arrayFromString: invalid input");var t=e.split("").map(function(e){return e.charCodeAt(0)});return new d(t)},S.arrayFromUtf8String=function(e){return g.assert(S.isString(e),"arrayFromUtf8String: invalid input"),e=unescape(encodeURIComponent(e)),S.arrayFromString(e)},S.stringFromArray=function(e){e=S.arrayish(e);for(var t="",r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t},S.utf8StringFromArray=function(e){g.assert(e instanceof ArrayBuffer,"utf8StringFromArray: invalid input");var t=S.stringFromArray(e);return decodeURIComponent(escape(t))},S.stripLeadingZeros=function(e){e instanceof ArrayBuffer&&(e=new d(e));for(var t=!0,r=[],n=0;n<e.length;n++)t&&0===e[n]||(t=!1,r.push(e[n]));return r},S.arrayFromInt32=function(e){g.assert("number"==typeof e,"arrayFromInt32: invalid input"),g.assert(e==e|0,"arrayFromInt32: out of range");for(var t=new d(new Uint32Array([e]).buffer),r=new d(4),n=0;n<4;n++)r[n]=t[3-n];return r.buffer},S.arrayBufferConcat=function(){for(var e=[],t=0,r=0;r<arguments.length;r++)e.push(S.arrayish(arguments[r])),t+=e[r].length;var n=new d(t),a=0;for(r=0;r<arguments.length;r++)for(var i=0;i<e[r].length;i++)n[a++]=e[r][i];return g.assert(a==t,"arrayBufferConcat: unexpected offset"),n},S.Base64Url={},S.Base64Url.encode=function(e){return g.assert(S.isString(e),"Base64Url.encode: invalid input"),btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},S.Base64Url.encodeArray=function(e){return S.Base64Url.encode(S.stringFromArray(e))},S.Base64Url.decode=function(e){return g.assert(S.isString(e),"Base64Url.decode: invalid input"),atob(e.replace(/-/g,"+").replace(/_/g,"/"))},S.Base64Url.decodeArray=function(e){return g.assert(S.isString(e),"Base64Url.decodeArray: invalid input"),S.arrayFromString(S.Base64Url.decode(e))},S.sha256=function(e){return g.crypto.subtle.digest({name:"SHA-256"},S.arrayFromString(e)).then(function(e){return S.Base64Url.encodeArray(e)})},S.isCryptoKey=function(e){return"CryptoKey"==e.constructor.name||!!e.hasOwnProperty("algorithm")},r.Encrypter=function(e,t){this.cryptographer=e,this.key_promise=t,this.userHeaders={}},r.Encrypter.prototype.addHeader=function(e,t){this.userHeaders[e]=t},r.Encrypter.prototype.encrypt=function(e){var t,r;"dir"==this.cryptographer.getKeyEncryptionAlgorithm()?(t=h.resolve(this.key_promise),r=[]):(t=this.cryptographer.createCek(),r=h.all([this.key_promise,t]).then(function(e){var t=e[0],r=e[1];return this.cryptographer.wrapCek(r,t)}.bind(this)));var n=function(e,t){var r={};for(var n in this.userHeaders)r[n]=this.userHeaders[n];r.alg=this.cryptographer.getKeyEncryptionAlgorithm(),r.enc=this.cryptographer.getContentEncryptionAlgorithm();var a=S.Base64Url.encode(JSON.stringify(r)),i=this.cryptographer.createIV(),o=S.arrayFromString(a);return t=S.arrayFromUtf8String(t),this.cryptographer.encrypt(i,o,e,t).then(function(e){return e.header=a,e.iv=i,e})}.bind(this,t,e)();return h.all([r,n]).then(function(e){var t=e[0],r=e[1];return r.header+"."+S.Base64Url.encodeArray(t)+"."+S.Base64Url.encodeArray(r.iv)+"."+S.Base64Url.encodeArray(r.cipher)+"."+S.Base64Url.encodeArray(r.tag)})},r.Decrypter=function(e,t){this.cryptographer=e,this.key_promise=t,this.headers={}},r.Decrypter.prototype.getHeaders=function(){return this.headers},r.Decrypter.prototype.decrypt=function(e){var t,r=e.split(".");if(5!=r.length)return h.reject(f("decrypt: invalid input"));if(this.headers=JSON.parse(S.Base64Url.decode(r[0])),!this.headers.alg)return h.reject(f("decrypt: missing alg"));if(!this.headers.enc)return h.reject(f("decrypt: missing enc"));if(this.cryptographer.setKeyEncryptionAlgorithm(this.headers.alg),this.cryptographer.setContentEncryptionAlgorithm(this.headers.enc),this.headers.crit)return h.reject(f("decrypt: crit is not supported"));if("dir"==this.headers.alg)t=h.resolve(this.key_promise);else{var n=S.Base64Url.decodeArray(r[1]);t=this.key_promise.then(function(e){return this.cryptographer.unwrapCek(n,e)}.bind(this))}return this.cryptographer.decrypt(t,S.arrayFromString(r[0]),S.Base64Url.decodeArray(r[2]),S.Base64Url.decodeArray(r[3]),S.Base64Url.decodeArray(r[4])).then(S.utf8StringFromArray)},n.Signer=function(e){this.cryptographer=e,this.key_promises={},this.waiting_kid=0,this.headers={},this.signer_aads={},this.signer_headers={}},n.Signer.prototype.addSigner=function(t,r,n,a){var i,e,o,s=this;S.isCryptoKey(t)?i=new h(function(e){e(t)}):(e=n&&n.alg?n.alg:s.cryptographer.getContentSignAlgorithm(),i=g.Utils.importRsaPrivateKey(t,e,"sign"));if(r)o=new h(function(e){e(r)});else{if(S.isCryptoKey(t))throw new f("key_id is a mandatory argument when the key is a CryptoKey");o=g.WebCryptographer.keyId(t)}return s.waiting_kid++,o.then(function(e){return s.key_promises[e]=i,s.waiting_kid--,n&&(s.signer_aads[e]=n),a&&(s.signer_headers[e]=a),e})},n.Signer.prototype.addSignature=function(e,t,r){if(S.isString(e)&&(e=JSON.parse(e)),e.payload&&S.isString(e.payload)&&e.protected&&S.isString(e.protected)&&e.header&&e.header instanceof Object&&e.signature&&S.isString(e.signature))return this.sign(y.fromObject(e),t,r);throw new f("JWS is not a valid JWS object")},n.Signer.prototype.sign=function(e,t,r){var c=this,n=[];if(0===Object.keys(c.key_promises).length)throw new f("No signers defined. At least one is required to sign the JWS.");if(c.waiting_kid)throw new f("still generating key IDs");for(var a in c.key_promises)c.key_promises.hasOwnProperty(a)&&n.push(a);return function t(e,r,n,a,i){if(i.length){var o=i.shift(),s=function(r,n,a,e,t){var i;if(n||(n={}),n.alg||(n.alg=c.cryptographer.getContentSignAlgorithm(),n.typ="JWT"),n.kid||(n.kid=t),S.isString(r))i=S.arrayFromUtf8String(r);else try{i=S.arrayish(r)}catch(e){if(r instanceof y)i=S.arrayFromString(S.Base64Url.decode(r.payload));else{if(!(r instanceof Object))throw new f("cannot sign this message");i=S.arrayFromUtf8String(JSON.stringify(r))}}return c.cryptographer.sign(n,i,e).then(function(e){var t=new y(n,a,i,e);return r instanceof y?(delete t.payload,r.signatures?r.signatures.push(t):r.signatures=[t],r):t})}(e,c.signer_aads[o]||r,c.signer_headers[o]||n,a[o],o);return i.length&&(s=s.then(function(e){return t(e,null,null,a,i)})),s}}(e,t,r,c.key_promises,n)};var y=function(e,t,r,n){this.header=t,this.payload=S.Base64Url.encodeArray(r),n&&(this.signature=S.Base64Url.encodeArray(n)),this.protected=S.Base64Url.encode(JSON.stringify(e))};y.fromObject=function(e){var t=new y(e.protected,e.header,e.payload,null);return t.signature=e.signature,t.signatures=e.signatures,t},y.prototype.JsonSerialize=function(){return JSON.stringify(this)},y.prototype.CompactSerialize=function(){return this.protected+"."+this.payload+"."+this.signature},n.Verifier=function(e,t,r){var n,a,i,o,s,c,y,p=this;if(n=(p.cryptographer=e).getContentSignAlgorithm(),p.cryptographer=new g.WebCryptographer,S.isString(t))if(a=/^([0-9a-z_\-]+)\.([0-9a-z_\-]+)\.([0-9a-z_\-]+)$/i.exec(t)){if(4!=a.length)throw new f("wrong JWS compact serialization format");t={protected:a[1],payload:a[2],signature:a[3]}}else t=JSON.parse(t);else if("object"!=typeof t)throw new f("data format not supported");i=t.protected,o=t.header,s=t.payload,(c=t.signatures instanceof Array?t.signatures.slice(0):[]).forEach(function(e){e.aad=e.protected,e.protected=JSON.parse(S.Base64Url.decode(e.protected))}),p.aad=i,y=S.Base64Url.decode(i);try{y=JSON.parse(y)}catch(e){}if(!y&&!o)throw new f("at least one header is required");if(!y.alg)throw new f("'alg' is a mandatory header");if(y.alg!=n)throw new f("the alg header '"+y.alg+"' doesn't match the requested algorithm '"+n+"'");if(y&&y.typ&&"JWT"!=y.typ)throw new f("typ '"+y.typ+"' not supported");t.signature&&c.unshift({aad:i,protected:y,header:o,signature:t.signature}),p.signatures=[];for(var u=0;u<c.length;u++)p.signatures[u]=JSON.parse(JSON.stringify(c[u])),p.signatures[u].signature=S.arrayFromString(S.Base64Url.decode(c[u].signature));p.payload=s,p.key_promises={},p.waiting_kid=0,r&&(p.keyfinder=r)},n.Verifier.prototype.addRecipient=function(t,r,e){var n,a=this,i=S.isCryptoKey(t)?new h(function(e){e(t)}):g.Utils.importRsaPublicKey(t,e||a.cryptographer.getContentSignAlgorithm(),"verify");if(r)n=new h(function(e){e(r)});else{if(S.isCryptoKey(t))throw new f("key_id is a mandatory argument when the key is a CryptoKey");console.log("it's not safe to not pass a key_id"),n=g.WebCryptographer.keyId(t)}return a.waiting_kid++,n.then(function(e){return a.key_promises[e]=i,a.waiting_kid--,e})},n.Verifier.prototype.verify=function(){var r=this,e=r.signatures,n=r.key_promises,a=r.keyfinder,i=[];if(!(!!a||0<Object.keys(r.key_promises).length))throw new f("No recipients defined. At least one is required to verify the JWS.");if(r.waiting_kid)throw new f("still generating key IDs");return e.forEach(function(e){var t=e.protected.kid;a&&(n[t]=a(t)),i.push(r.cryptographer.verify(e.aad,r.payload,e.signature,n[t],t).then(function(e){return e.verified&&(e.payload=S.Base64Url.decode(r.payload)),e}))}),h.all(i)}}(window,window.crypto,window.Promise,window.Error,window.Uint8Array);
\ No newline at end of file