web5-js icon indicating copy to clipboard operation
web5-js copied to clipboard

Published 20 hours ago verified publisher icon TBD54566975

Add JWS and JWE to `@web5/crypto`

Open frankhinek opened this issue 6 months ago • 0 comments

Context

The @web5/crypto package currently contains type definitions and utility functions for a subset of JSON Object Signing and Encryption (JOSE) standards. JSON Web Key (JWK) is the base key format for the package, but it doesn't yet contain functionality for working with JSON Web Token (JWT), JSON Web Signature (JWS), or JSON Web Encryption (JWE).

Proposal

General Design Choices

  • Surface JOSE related types and concrete implementations in the @web5/crypto package. Other @web5 JS packages will import from this package.
  • Leverage existing high-quality, third-party OSS libraries when available to accelerate development but surface in an interface that is consistent with existing @web5 design patterns.

API Design

JSON Web Token (JWT)

export class Jwt {
  // Signature Operations
  sign(options: JwtSignOptions): Promise<string>;
  verify(options: JwtVerifyOptions): Promise<JwtVerifyResult>;

  // Cipher Operations
  encrypt(options: JwtEncryptOptions): Promise<string>;
  decrypt(options: JwtDecryptOptions): Promise<JwtDecryptResult>;
}

JSON Web Signature (JWS)

export class CompactJws {
  sign(options: ): Promise<string>
  verify(options: ): Promise<CompactVerifyResult>
}

export class FlattenedJws {
  sign(options: ): Promise<FlattenedJwsSigned>
  verify(options: ): Promise<FlattenedVerifyResult>
}

export class GeneralJws {
  sign(options: ): Promise<GeneralJwsSigned>
  verify(options: ): Promise<GeneralVerifyResult>
}

JSON Web Encryption (JWE)

export class CompactJwe {
  encrypt(options: ): Promise<string>
  decrypt(options: ): Promise<CompactDecryptResult>
}

export class FlattenedJwe {
  encrypt(options: ): Promise<FlattenedJweEncrypted>
  decrypt(options: ): Promise<FlattenedDecryptResult>
}

export class GeneralJwe {
  encrypt(options: ): Promise<GeneralJweEncrypted>
  decrypt(options: ): Promise<GeneralDecryptResult>
}

Associated Type Definitions

JWT

export interface JwtDecryptResult {
  /** JWE Protected Header */
  header: JweHeaderParams

  /** JWT Claims Set */
  payload: JwtPayload
}

export interface JwtVerifyResult {
  /** JWT Protected Header */
  header: JwtHeaderParams;

  /** JWT Claims Set */
  payload: JwtPayload;
}

JWS

export interface CompactVerifyResult {
  /** JWS Protected Header */
  header: JwsHeaderParams;

  /** JWS Payload. */
  payload: Uint8Array;
}

JWE

export interface CompactDecryptResult {
  /** JWE Protected Header */
  header: JweHeaderParams

  /** Plaintext */
  plaintext: Uint8Array
}

frankhinek avatar Dec 11 '23 17:12 frankhinek