blandarebiter/bigwo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update code

Browse Source
This commit is contained in:
User
2026-03-12 12:47:56 +08:00
parent 92e7fc5bda
commit 9dab61345c
9383 changed files with 1463454 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
mcp-server-ssh/node_modules/jose/dist/webapi/jws/flattened/sign.js generated vendored Normal file
View File

@@ -0,0 +1,92 @@
import { encode as b64u } from '../../util/base64url.js';
import { sign } from '../../lib/sign.js';
import { isDisjoint } from '../../lib/is_disjoint.js';
import { JWSInvalid } from '../../util/errors.js';
import { concat, encode } from '../../lib/buffer_utils.js';
import { checkKeyType } from '../../lib/check_key_type.js';
import { validateCrit } from '../../lib/validate_crit.js';
import { normalizeKey } from '../../lib/normalize_key.js';
export class FlattenedSign {
#payload;
#protectedHeader;
#unprotectedHeader;
constructor(payload) {
if (!(payload instanceof Uint8Array)) {
throw new TypeError('payload must be an instance of Uint8Array');
}
this.#payload = payload;
}
setProtectedHeader(protectedHeader) {
if (this.#protectedHeader) {
throw new TypeError('setProtectedHeader can only be called once');
}
this.#protectedHeader = protectedHeader;
return this;
}
setUnprotectedHeader(unprotectedHeader) {
if (this.#unprotectedHeader) {
throw new TypeError('setUnprotectedHeader can only be called once');
}
this.#unprotectedHeader = unprotectedHeader;
return this;
}
async sign(key, options) {
if (!this.#protectedHeader && !this.#unprotectedHeader) {
throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');
}
if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader)) {
throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');
}
const joseHeader = {
...this.#protectedHeader,
...this.#unprotectedHeader,
};
const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this.#protectedHeader, joseHeader);
let b64 = true;
if (extensions.has('b64')) {
b64 = this.#protectedHeader.b64;
if (typeof b64 !== 'boolean') {
throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
}
}
const { alg } = joseHeader;
if (typeof alg !== 'string' || !alg) {
throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
}
checkKeyType(alg, key, 'sign');
let payloadS;
let payloadB;
if (b64) {
payloadS = b64u(this.#payload);
payloadB = encode(payloadS);
}
else {
payloadB = this.#payload;
payloadS = '';
}
let protectedHeaderString;
let protectedHeaderBytes;
if (this.#protectedHeader) {
protectedHeaderString = b64u(JSON.stringify(this.#protectedHeader));
protectedHeaderBytes = encode(protectedHeaderString);
}
else {
protectedHeaderString = '';
protectedHeaderBytes = new Uint8Array();
}
const data = concat(protectedHeaderBytes, encode('.'), payloadB);
const k = await normalizeKey(key, alg);
const signature = await sign(alg, k, data);
const jws = {
signature: b64u(signature),
payload: payloadS,
};
if (this.#unprotectedHeader) {
jws.header = this.#unprotectedHeader;
}
if (this.#protectedHeader) {
jws.protected = protectedHeaderString;
}
return jws;
}
}

120
mcp-server-ssh/node_modules/jose/dist/webapi/jws/flattened/verify.js generated vendored Normal file
View File

@@ -0,0 +1,120 @@
import { decode as b64u } from '../../util/base64url.js';
import { verify } from '../../lib/verify.js';
import { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';
import { concat, encoder, decoder, encode } from '../../lib/buffer_utils.js';
import { isDisjoint } from '../../lib/is_disjoint.js';
import { isObject } from '../../lib/is_object.js';
import { checkKeyType } from '../../lib/check_key_type.js';
import { validateCrit } from '../../lib/validate_crit.js';
import { validateAlgorithms } from '../../lib/validate_algorithms.js';
import { normalizeKey } from '../../lib/normalize_key.js';
export async function flattenedVerify(jws, key, options) {
if (!isObject(jws)) {
throw new JWSInvalid('Flattened JWS must be an object');
}
if (jws.protected === undefined && jws.header === undefined) {
throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members');
}
if (jws.protected !== undefined && typeof jws.protected !== 'string') {
throw new JWSInvalid('JWS Protected Header incorrect type');
}
if (jws.payload === undefined) {
throw new JWSInvalid('JWS Payload missing');
}
if (typeof jws.signature !== 'string') {
throw new JWSInvalid('JWS Signature missing or incorrect type');
}
if (jws.header !== undefined && !isObject(jws.header)) {
throw new JWSInvalid('JWS Unprotected Header incorrect type');
}
let parsedProt = {};
if (jws.protected) {
try {
const protectedHeader = b64u(jws.protected);
parsedProt = JSON.parse(decoder.decode(protectedHeader));
}
catch {
throw new JWSInvalid('JWS Protected Header is invalid');
}
}
if (!isDisjoint(parsedProt, jws.header)) {
throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');
}
const joseHeader = {
...parsedProt,
...jws.header,
};
const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);
let b64 = true;
if (extensions.has('b64')) {
b64 = parsedProt.b64;
if (typeof b64 !== 'boolean') {
throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
}
}
const { alg } = joseHeader;
if (typeof alg !== 'string' || !alg) {
throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
}
const algorithms = options && validateAlgorithms('algorithms', options.algorithms);
if (algorithms && !algorithms.has(alg)) {
throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
}
if (b64) {
if (typeof jws.payload !== 'string') {
throw new JWSInvalid('JWS Payload must be a string');
}
}
else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {
throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');
}
let resolvedKey = false;
if (typeof key === 'function') {
key = await key(parsedProt, jws);
resolvedKey = true;
}
checkKeyType(alg, key, 'verify');
const data = concat(jws.protected !== undefined ? encode(jws.protected) : new Uint8Array(), encode('.'), typeof jws.payload === 'string'
? b64
? encode(jws.payload)
: encoder.encode(jws.payload)
: jws.payload);
let signature;
try {
signature = b64u(jws.signature);
}
catch {
throw new JWSInvalid('Failed to base64url decode the signature');
}
const k = await normalizeKey(key, alg);
const verified = await verify(alg, k, signature, data);
if (!verified) {
throw new JWSSignatureVerificationFailed();
}
let payload;
if (b64) {
try {
payload = b64u(jws.payload);
}
catch {
throw new JWSInvalid('Failed to base64url decode the payload');
}
}
else if (typeof jws.payload === 'string') {
payload = encoder.encode(jws.payload);
}
else {
payload = jws.payload;
}
const result = { payload };
if (jws.protected !== undefined) {
result.protectedHeader = parsedProt;
}
if (jws.header !== undefined) {
result.unprotectedHeader = jws.header;
}
if (resolvedKey) {
return { ...result, key: k };
}
return result;
}