npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@xevolab/jades

v1.0.0

Published

JAdES Digital Signatures compatible with the ETSI TS 119 182-1 Standard

Downloads

19

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

cfranc0cfranc0

Keywords

JAdESDigitalSignaturesETSIETSI 119 182-1

Readme

JAdES Signatures

Introduction

This repository contains a basic implementation of the JAdES standard for digital signatures. The implementation is based on the ETSI TS 119 182 standard.

Installation

In order to install the library, run the following command:

npm install @xevolab/jades

You will be able to import the library using the following syntax:

const {Token, ProtectedHeaders, UnprotectedHeaders, parseCerts, generateX5c} = require("@xevolab/jades");
// or
import {Token, ProtectedHeaders, UnprotectedHeaders, parseCerts, generateX5c} from "@xevolab/jades";

For more information on the JAdES standard and the ETSI TS 119 182 document, please refer to the ETSI website.

🚨 I also created a Notion page with some summarized information from the ETSI document and it's available here. Please, consider taking a look, any feedback is welcome.

Usage

sign(payload, options)

The library exports 3 classes: Token, ProtectedHeaders, UnprotectedHeaders and some helper functions.

To create a signed token, we can instantiate a new Token object, add the necessary headers and sign the payload.

const payload = { /* Something */ };
const jades = new Token(payload);


const headers = new ProtectedHeaders({
	/*      Protected headers      */
	/* of type ExtProtectedHeaders */
});
jades.setProtectedHeaders(headers);

const unprotectedHeaders = new UnprotectedHeaders({
	/*      Unprotected headers      */
	/* of type ExtUnprotectedHeaders */
});
jades.setUnprotectedHeaders(unprotectedHeaders); // Optional

After the signed and unsigned headers have been gathered by the library, these are checked against the publically available JSON schema for JAdES signatures. If the headers are not valid, the library will throw an error.

The token can be signed using:

  • the sign method, passing it a KeyObject and a SignAlg algorithm;
  • utilizing the getHash method to get the hash of the payload, sign it using a custom method separately and set it using the setSignature method.

The token can also be signed using a detached signature, by calling the setDetachedSignature method and providing it the sigD value. The value is currently not validated by the library, just using the schema.

Once the token is signed, it can be retrieved:

  • using the toString for a compact representation;
  • using the toJSON method for a JSON representation.

parseCerts(certs)

The parseCerts function takes a string containing one or more PEM encoded certificates and returns an array of X509Certificate[] objects.

generateX5c(cert), generateX5tS256(cert), generateX5tO(cert, alg), generateX5ts(cert, alg)

These functions take a X509Certificate[] object array and return the corresponding header value.

generateKid(cert)

Warning: This function is not fully implemented yet.

This function takes a X509Certificate[] object array and returns the corresponding kid header value.

Example

const {Token, ProtectedHeaders, parseCerts, generateX5c} = require("@xevolab/jades");
const createPrivateKey = require("crypto").createPrivateKey;

const payload = {
	"hello": "world"
};

const key = createPrivateKey({
	key: fs.readFileSync("private-key.pem", "ascii"),
	format: "pem",
	type: "pkcs1"
});
const certs = parseCerts(fs.readFileSync("certificate.pem", "ascii"));

const jades = new Token(payload);

jades.setProtectedHeaders(new ProtectedHeaders({
	x5c: generateX5c(certs)
}));
jades.sign("RS256", key);

const token = jades.toString();
console.log(token);