Merge pull request #6 from PayString/nh/jose-3-update

Update to use jose 3.5.0 and paystring/utils 2.0.0
PayString · Dec 21, 2020 · e7f6296 · e7f6296
2 parents 01119b1 + 28e4de2
commit e7f6296
Show file tree

Hide file tree

Showing 17 changed files with 195 additions and 116 deletions.
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -26,7 +26,19 @@ module.exports = {
     '@xpring-eng/eslint-config-base',
   ],
 
-  rules: {},
+  rules: {
+    // linter doesn't seem to understand ESM imports used by jose, even though typescript handles them just fine.
+    "node/no-missing-import": ["error", {
+      allowModules: ["jose"],
+    }],
+    "import/no-unresolved": [
+      2,
+      {
+        ignore: [
+          'jose'
+        ]
+      }],
+  },
   overrides: [
     {
       "files": ["*cli.ts"],

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@paystring/paystring-cli",
-  "version": "1.1.0",
+  "version": "2.0.0",
   "description": "CLI for PayString",
   "homepage": "https://github.com/paystring/paystring-cli#readme",
   "bugs": {
@@ -28,11 +28,11 @@
     "test": "nyc mocha 'test/**/*.test.ts'"
   },
   "dependencies": {
-    "@paystring/utils": "^1.3.0",
+    "@paystring/utils": "^2.0.0",
     "axios": "^0.19.2",
     "beautify-json": "^1.0.1",
-    "jose": "^1.27.3",
-    "node-forge": "^0.10.0",
+    "ec-key": "0.0.4",
+    "jose": "^3.5.0",
     "vorpal": "^1.12.0"
   },
   "devDependencies": {

diff --git a/src/commands/key-generate.ts b/src/commands/key-generate.ts
@@ -1,7 +1,8 @@
-import { JWK } from 'jose'
+import { generateNewKey } from '@paystring/utils'
 
 import Command from './Command'
 import { writeFile } from './files'
+import { jwkToPem } from './pem-utils'
 
 /**
  * Generates an identity key, loads the key into local storage and saves the key
@@ -12,16 +13,16 @@ export default class GenerateIdentityKeyCommand extends Command {
    * @override
    */
   protected async action(): Promise<void> {
-    const key = await JWK.generate('EC', 'P-256')
-    const pem = key.toPEM(true)
+    const key = await generateNewKey()
+    const pem = jwkToPem(key)
     try {
       const filename = await writeFile('./identity-key.pem', pem)
       this.vorpal.log(`wrote key to ${filename}`)
     } catch {
       this.vorpal.log('failed to write key, outputting instead')
       this.vorpal.log(pem)
     }
-    this.localStorage.addSigningKey('identity-keys', key.toJWK(true))
+    this.localStorage.addSigningKey('identity-keys', key)
   }
 
   /**

diff --git a/src/commands/key-load.ts b/src/commands/key-load.ts
@@ -1,7 +1,7 @@
-import { getSigningKeyFromFile } from '@paystring/utils'
 import * as Vorpal from 'vorpal'
 
 import Command from './Command'
+import { getSigningKeyFromFile } from './pem-utils'
 
 /**
  * Loads an identity key from a PEM file.
@@ -17,7 +17,7 @@ export default class LoadIdentityKeyCommand extends Command {
     this.vorpal.log(`loading identity-key from ${filePath}`)
     const key = await getSigningKeyFromFile(filePath)
     this.vorpal.log(`loaded identity-key from ${filePath}. Sign away.`)
-    this.localStorage.addSigningKey('identity-keys', key.toJWK(true))
+    this.localStorage.addSigningKey('identity-keys', key)
   }
 
   /**

diff --git a/src/commands/keys-list.ts b/src/commands/keys-list.ts
@@ -35,10 +35,11 @@ export default class ListKeysCommand extends Command {
     const keys = this.localStorage.getSigningKeys(name)
     keys.forEach((key) => {
       const kid = key.kid ?? 'not set'
-      if ('crv' in key) {
-        this.vorpal.log(`${name}: type=${key.kty}, type=${key.crv}, id=${kid}`)
+      const kty = key.kty ?? 'not set'
+      if (typeof key.crv === 'string') {
+        this.vorpal.log(`${name}: type=${kty}, type=${key.crv}, id=${kid}`)
       } else {
-        this.vorpal.log(`${name}: type=${key.kty}, id=${kid}`)
+        this.vorpal.log(`${name}: type=${kty}, id=${kid}`)
       }
     })
   }

diff --git a/src/commands/keys-print.ts b/src/commands/keys-print.ts
@@ -1,6 +1,5 @@
-import { toKey } from '@paystring/utils'
-
 import Command from './Command'
+import { jwkToPem } from './pem-utils'
 
 /**
  * Prints, to console, a summary of the identity and server keys that are currently loaded in
@@ -36,7 +35,7 @@ export default class PrintKeysCommand extends Command {
   private printKeys(name: string): void {
     const keys = this.localStorage.getSigningKeys(name)
     keys.forEach((key) => {
-      const pem = toKey(key).toPEM(true)
+      const pem = jwkToPem(key)
       this.vorpal.log(pem)
     })
   }

diff --git a/src/commands/localstorage.ts b/src/commands/localstorage.ts
@@ -1,5 +1,5 @@
 import { PaymentInformation } from '@paystring/utils'
-import { JWKECKey, JWKOctKey, JWKOKPKey, JWKRSAKey } from 'jose'
+import { JWK } from 'jose/webcrypto/types'
 import * as Vorpal from 'vorpal'
 
 /**
@@ -53,12 +53,10 @@ export default class LocalStorage {
    * @param name - The name of the key.
    * @returns The key or null.
    */
-  public getSigningKeys(
-    name: string,
-  ): Array<JWKRSAKey | JWKECKey | JWKOKPKey | JWKOctKey> {
+  public getSigningKeys(name: string): JWK[] {
     const existing = this.getItem(name)
     if (existing) {
-      return existing as Array<JWKRSAKey | JWKECKey | JWKOKPKey | JWKOctKey>
+      return existing as JWK[]
     }
     return []
   }
@@ -70,10 +68,7 @@ export default class LocalStorage {
    * @param name - The name of the key.
    * @param key - The key to store.
    */
-  public addSigningKey(
-    name: string,
-    key: JWKRSAKey | JWKECKey | JWKOKPKey | JWKOctKey,
-  ): void {
+  public addSigningKey(name: string, key: JWK): void {
     const keys = this.getSigningKeys(name)
     const updated = keys.concat(key)
     this.setItem(name, JSON.stringify(updated))
@@ -94,12 +89,7 @@ export default class LocalStorage {
    * @param name - The name of the item to get.
    * @returns The object or undefined if not in localstore.
    */
-  private getItem(
-    name: string,
-  ):
-    | Array<JWKRSAKey | JWKECKey | JWKOKPKey | JWKOctKey>
-    | PaymentInformation
-    | undefined {
+  private getItem(name: string): JWK[] | PaymentInformation | undefined {
     const rawValue = this.localStorage.getItem(name)
     if (rawValue && typeof rawValue === 'string') {
       try {

diff --git a/src/commands/paystring-inspect.ts b/src/commands/paystring-inspect.ts
@@ -44,7 +44,7 @@ export default class InspectPayStringCommand extends Command {
    */
   protected async action(args: Vorpal.Args): Promise<void> {
     const info = await this.payStringFromArgsOrLocalStorage(args)
-    const result = this.paymentInformationInspector.inspect(info)
+    const result = await this.paymentInformationInspector.inspect(info)
     this.vorpal.log(`${info.payId} ${validString(result.isVerified)}`)
     result.verifiedAddressesResults.forEach((addressResult) => {
       const address = addressResult.address
@@ -83,9 +83,10 @@ export default class InspectPayStringCommand extends Command {
       )}`,
     )
     if (signatureResult.jwk && signatureResult.keyType) {
-      const thumbprint = signatureResult.jwk.thumbprint
+      const thumbprint = signatureResult.jwk.kid ?? 'not set'
+      const kty = signatureResult.jwk.kty ?? 'no key type'
       this.vorpal.log(
-        `  - Signed with ${signatureResult.jwk.kty} ${signatureResult.keyType} with thumbprint ${thumbprint}`,
+        `  - Signed with ${kty} ${signatureResult.keyType} with thumbprint ${thumbprint}`,
       )
     }
   }