Upload 77 files

.gitignore

@@ -0,0 +1,4 @@
+.env
+node_modules
+server.log
+keys.json

README.md

@@ -1,3 +1,116 @@
----
-license: mit
----
+# microipfs: The Permanent Record as a Service
+
+> A scalable microservice for creating permanent, verifiable academic records on IPFS.
+
+This project provides a suite of tools for educational institutions to transition to a model of student-owned, verifiable digital records. It acts as a "Permanent Record as a Service," leveraging the power of IPFS for immutable storage and Verifiable Credentials for cryptographic proof.
+
+# Core Features
+
+1.  **Batch Archiving (`/batch-archive`):** A scalable endpoint for institutions to archive large volumes of student work (e.g., end-of-semester projects) to IPFS. It returns a single, easily-managed root CID for the entire batch.
+2.  **Verifiable Credentials with IPFS Proof (`/issue-credential`):** A system for issuing tamper-proof academic credentials (e.g., for a diploma or a specific skill) that are cryptographically linked to the underlying student work stored on IPFS.
+3.  **Student-Owned Identity & Data:** The platform includes reference implementations for a student-run digital wallet (`/portfolio.html`) with client-side encryption, and a public verifier (`/verify.html`) that can perform "deep verification" of a credential and its linked proof of work.
+4.  **Learning Object Repository (`/add-learning-object`):** A tool for creating permanent, resilient archives of open educational resources.
+5.  **AI Model Playground (`/playground.html`):** An interactive tool for running small AI/ML models directly in the browser from IPFS.
+
+---
+
+# Installation and Setup
+
+## 1. Install Dependencies
+```bash
+npm install
+```
+
+## 2. Configure Environment
+Create a `.env` file in the root of the project and add your `NFT_STORAGE_KEY`.
+```
+NFT_STORAGE_KEY=<YOUR_API_KEY>
+```
+
+## 3. Run the Server
+```bash
+node index.js
+```
+The server will start, and if `keys.json` is not found, it will generate a new key pair for signing Verifiable Credentials.
+
+---
+
+# API Reference
+
+## 1. Batch Archive
+
+A scalable endpoint for creating a permanent archive of multiple files in a single transaction.
+
+**Endpoint:** `POST /batch-archive`
+
+**Body (JSON):** An object with an `items` property, which is an array of objects. Each object must have a `url` (the URL of the content to pin) and can have an optional `metadata` object.
+```json
+{
+  "items": [
+    {
+      "url": "https://example.com/student-a/thesis.pdf",
+      "metadata": { "studentId": "123", "title": "My Final Thesis" }
+    },
+    {
+      "url": "https://example.com/student-b/project.zip",
+      "metadata": { "studentId": "456", "title": "Capstone Project" }
+    }
+  ]
+}
+```
+The endpoint returns a single `manifestCid` for the entire batch.
+
+## 2. Issue Verifiable Credential
+
+Issues a W3C-compliant Verifiable Credential (VC) as a JWT.
+
+**Endpoint:** `POST /issue-credential`
+
+**Body (JSON):**
+*   `studentDid` (string): The Decentralized Identifier of the student.
+*   `claims` (object): A JSON object containing the claims to be included in the credential (e.g., `{ "degree": "Bachelor of Science" }`).
+*   `proofOfWorkCID` (string, optional): The IPFS CID of a manifest file (e.g., from a batch archive) that contains the evidence supporting this credential. This enables "deep verification."
+
+The server signs the credential with its private key. The public key is available at `/.well-known/jwks.json` for verifiers.
+
+## 3. Pin Learning Object
+
+Pins a single educational resource with rich metadata.
+
+**Endpoint:** `POST /add-learning-object` (multipart/form-data)
+
+**Fields:** `files`, `title`, `author`, `subject`, `gradeLevel`, `license`, `description`.
+
+## 4. Pin Encrypted Object (Student Portfolio)
+
+Stores a pre-encrypted blob of data. The server has no knowledge of the contents.
+
+**Endpoint:** `POST /add-encrypted-object` (multipart/form-data)
+
+**Fields:** `file`
+
+## 5. Check CID Status
+
+Checks the pinning status of a CID on NFT.storage.
+
+**Endpoint:** `GET /status/:cid`
+
+---
+
+# Future Vision: DIDs in K-12 Education
+
+The question of how a K-12 school in the U.S. could issue DIDs requires a thoughtful approach that balances state-level educational requirements with federal privacy laws. A successful implementation would not be a single, monolithic system, but a federated trust network.
+
+## A Potential Roadmap
+
+1.  **Adopt the `did:web` Method:** This is the most practical starting point. Each school district could host their DID documents on their own web servers, making their DIDs resolvable via standard HTTPS. This avoids the need for a custom blockchain and leverages existing, trusted infrastructure. A school's DID might look like `did:web:bostonschools.org:students:12345`.
+
+2.  **State-Level Trust Registries:** Each state's Department of Public Instruction (DPI) could maintain a cryptographically-verifiable list of all accredited school districts in their state. This registry would essentially be a "DID of DIDs," allowing anyone to confirm that a particular school district is a legitimate issuer of student credentials.
+
+3.  **Cross-State Interoperability:** A national body, perhaps facilitated by the U.S. Department of Education, could maintain a registry of all state DPIs. This would create a chain of trust from the federal level down to the individual school district, allowing a university in California to verify a credential from a high school in Massachusetts.
+
+## Key Considerations
+
+*   **Privacy (FERPA & COPPA):** Verifiable Credentials allow for "selective disclosure." A student could prove they are over 13 without revealing their exact birthdate, or prove they are a student at a particular school without revealing their student ID number. This is a significant privacy enhancement over traditional, all-or-nothing ID cards.
+*   **Key Management for Minors:** For younger students, the school or district could act as a "custodial wallet," managing the student's private keys. As students get older, they could be taught to manage their own keys, perhaps in a dedicated digital literacy course.
+*   **Verifiable Credentials for Everything:** This system could be used for more than just identity. It could be used to issue verifiable credentials for transcripts, attendance records, and even individual skills or competencies, creating a rich, student-owned "learning ledger."

index.js

@@ -0,0 +1,249 @@
+require('dotenv').config()
+var cors = require('cors')
+var { I } = require('ipfsio')
+var express = require('express')
+var multer = require('multer')
+const fs = require('fs')
+const fsp = require('fs').promises
+const { randomUUID } = require('crypto');
+const axios = require('axios')
+const jose = require('jose')
+var app = express()
+var i = new I(process.env.NFT_STORAGE_KEY)
+
+let institutionKeyPair;
+const KEY_FILE = 'keys.json';
+
+async function initializeKeys() {
+  try {
+    if (fs.existsSync(KEY_FILE)) {
+      const keyFileContent = await fsp.readFile(KEY_FILE, 'utf-8');
+      const jwk = JSON.parse(keyFileContent);
+      institutionKeyPair = {
+        publicKey: await jose.importJWK(jwk.publicKey, 'ES256'),
+        privateKey: await jose.importJWK(jwk.privateKey, 'ES256'),
+      };
+      console.log('Loaded institutional key pair from file.');
+    } else {
+      const { publicKey, privateKey } = await jose.generateKeyPair('ES256');
+      institutionKeyPair = { publicKey, privateKey };
+      const jwk = {
+        publicKey: await jose.exportJWK(publicKey),
+        privateKey: await jose.exportJWK(privateKey),
+      };
+      await fsp.writeFile(KEY_FILE, JSON.stringify(jwk, null, 2));
+      console.log('Generated new institutional key pair and saved to file.');
+    }
+  } catch (error) {
+    console.error('Failed to initialize keys:', error);
+  }
+}
+
+initializeKeys();
+
+const recentUploads = []
+const MAX_RECENT_UPLOADS = 10
+
+const UPLOAD_DIR = 'uploads/'
+if (!fs.existsSync(UPLOAD_DIR)) {
+  fs.mkdirSync(UPLOAD_DIR)
+}
+
+const allowed = (process.env.ALLOWED ? process.env.ALLOWED.split(",") : [])
+const port = (process.env.PORT ? process.env.PORT : 3000)
+const issuerDid = process.env.ISSUER_DID || 'did:web:example.com';
+const storage = multer.diskStorage({
+  destination: function (req, file, cb) {
+    cb(null, UPLOAD_DIR)
+  },
+  filename: function (req, file, cb) {
+    const uniqueSuffix = Date.now() + '-' + Math.round(Math.random() * 1E9)
+    cb(null, file.fieldname + '-' + uniqueSuffix)
+  }
+})
+const upload = multer({
+  storage: storage,
+  limits: {
+    fileSize: 1024 * 1024 * 5, // 5MB
+    files: 10
+  }
+})
+app.use(express.json())
+app.use(express.static('public'))
+if (allowed && allowed.length > 0) {
+  app.use(cors({ origin: allowed }))
+} else {
+  app.use(cors())
+}
+app.use(express.urlencoded({ extended: true }));
+app.post('/add', async (req, res) => {
+  let cid;
+  if (req.body.url) {
+    cid = await i.url(req.body.url)
+  } else if (req.body.object) {
+    cid = await i.object(req.body.object)
+  }
+  console.log("cid", cid)
+  res.json({ success: cid })
+})
+app.get('/.well-known/jwks.json', async (req, res) => {
+  if (!institutionKeyPair || !institutionKeyPair.publicKey) {
+    return res.status(500).json({ error: 'Key pair not generated yet.' });
+  }
+  const jwk = await jose.exportJWK(institutionKeyPair.publicKey);
+  res.json({ keys: [jwk] });
+});
+
+app.post('/issue-credential', async (req, res) => {
+  if (!institutionKeyPair || !institutionKeyPair.privateKey) {
+    return res.status(500).json({ error: 'Key pair not generated yet.' });
+  }
+
+  const { studentDid, proofOfWorkCID, claims } = req.body;
+  if (!studentDid || !claims) {
+    return res.status(400).json({ error: 'Missing studentDid or claims.' });
+  }
+
+  try {
+    const vcPayload = {
+      '@context': [
+        'https://www.w3.org/2018/credentials/v1',
+        'https://www.w3.org/2018/credentials/examples/v1'
+      ],
+      id: `urn:uuid:${randomUUID()}`,
+      type: ['VerifiableCredential', 'AcademicCredential'],
+      issuer: issuerDid,
+      issuanceDate: new Date().toISOString(),
+      credentialSubject: {
+        id: studentDid,
+        proofOfWorkCID: proofOfWorkCID,
+        ...claims
+      }
+    };
+
+    const jwt = await new jose.SignJWT(vcPayload)
+      .setProtectedHeader({ alg: 'ES256' })
+      .setIssuedAt()
+       .setIssuer(issuerDid)
+      .setSubject(studentDid)
+      .sign(institutionKeyPair.privateKey);
+
+    res.json({ vcJwt: jwt });
+  } catch (error) {
+    console.error('Failed to issue credential:', error);
+    res.status(500).json({ error: 'Failed to issue credential.' });
+  }
+});
+app.post('/batch-archive', async (req, res) => {
+  const { items } = req.body; // Expects an array of objects with { url, metadata }
+
+  if (!items || !Array.isArray(items) || items.length === 0) {
+    return res.status(400).json({ error: 'Invalid or empty "items" array in request body.' });
+  }
+
+  try {
+    const processingPromises = items.map(async (item) => {
+      const cid = await i.url(item.url);
+      return { cid, metadata: item.metadata };
+    });
+
+    const processedItems = await Promise.all(processingPromises);
+
+    const manifest = {
+      archiveDate: new Date().toISOString(),
+      items: processedItems,
+    };
+
+    const manifestCid = await i.object(manifest);
+    res.json({ success: true, manifestCid });
+
+  } catch (error) {
+    console.error('Batch archive failed:', error);
+    res.status(500).json({ error: 'Failed to process batch archive.' });
+  }
+});
+app.get('/recent', (req, res) => {
+  res.json(recentUploads)
+})
+
+app.get('/status/:cid', async (req, res) => {
+  const { cid } = req.params
+  try {
+    const response = await axios.get(`https://api.nft.storage/check/${cid}`, {
+      headers: {
+        'Authorization': `Bearer ${process.env.NFT_STORAGE_KEY}`
+      }
+    })
+    res.json(response.data)
+  } catch (error) {
+    if (error.response) {
+      res.status(error.response.status).json({ error: error.response.data })
+    } else {
+      res.status(500).json({ error: 'Failed to check CID status' })
+    }
+  }
+})
+
+app.post('/add-encrypted-object', upload.single('file'), async (req, res) => {
+  const file = req.file
+  if (!file) {
+    return res.status(400).json({ error: 'No file uploaded' })
+  }
+
+  try {
+    const cid = await i.path(file.path)
+    res.json({ success: cid })
+  } catch (error) {
+    console.error('Failed to pin encrypted object:', error)
+    res.status(500).json({ error: 'Failed to pin encrypted object' })
+  } finally {
+    // Clean up the temporary file
+    await fsp.unlink(file.path)
+  }
+})
+
+app.post('/add-learning-object', upload.array('files'), async (req, res) => {
+  const files = req.files
+  if (!files || files.length === 0) {
+    return res.status(400).json({ error: 'No files uploaded' })
+  }
+
+  const { title, author, subject, gradeLevel, license, description } = req.body
+
+  try {
+    const cids = []
+    for (const file of files) {
+      const cid = await i.path(file.path)
+      cids.push({
+        filename: file.originalname,
+        cid: cid
+      })
+    }
+
+    const manifest = {
+      title: title || 'Untitled Learning Object',
+      author: author || 'Unknown',
+      subject: subject || 'Uncategorized',
+      gradeLevel: gradeLevel || 'N/A',
+      license: license || 'CC-BY-4.0',
+      description: description || '',
+      files: cids
+    }
+
+    const manifestCid = await i.object(manifest)
+
+    recentUploads.unshift(manifestCid)
+    if (recentUploads.length > MAX_RECENT_UPLOADS) {
+      recentUploads.pop()
+    }
+
+    res.json({ success: manifestCid })
+  } catch (error) {
+    console.error('Failed to process dataset:', error)
+    res.status(500).json({ error: 'Failed to process dataset' })
+  } finally {
+    const unlinkPromises = files.map(file => fsp.unlink(file.path))
+    await Promise.all(unlinkPromises)
+  }
+})
+app.listen(port)

package.json

@@ -0,0 +1,18 @@
+{
+  "name": "microipfs",
+  "version": "0.0.1",
+  "description": "dead simple microservice for pinning NFT related files to IPFS",
+  "main": "index.js",
+  "author": "skogard",
+  "license": "MIT",
+  "dependencies": {
+    "axios": "^1.13.2",
+    "cors": "^2.8.5",
+    "dotenv": "^10.0.0",
+    "express": "^4.17.2",
+    "ipfsio": "^0.0.8",
+    "jose": "^6.1.3",
+    "multer": "^2.0.1"
+  },
+  "devDependencies": {}
+}

phase_4_proposal.md

@@ -0,0 +1,45 @@
+# Proposal: Phase 4 — The Verifiable Student
+
+## 1. Vision: From a Private Portfolio to a Verifiable Record
+
+Phase 2 of this project gave students a tool for **private, self-sovereign storage**. Phase 4 will give them a tool for **public, verifiable achievement**.
+
+The goal is to integrate the concepts of Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) directly into the student portfolio workflow. This will transform the system from a simple storage locker into a true lifelong learning and career passport. When this phase is complete, a student will not only be able to store their work on IPFS but also to hold a cryptographically signed "attestation" from their institution about that work (e.g., a grade, a skill badge, or a formal credit).
+
+---
+
+## 2. Proposed Features
+
+This phase will introduce two core components:
+
+### A. The "Institutional Issuer" Endpoint
+
+*   We will create a new, secure API endpoint, `/issue-credential`.
+*   This endpoint will be used by the **institution** (e.g., a teacher or administrator).
+*   It will accept a student's DID, the IPFS CID of a piece of student work, and a set of claims (e.g., `grade: "A"`, `skill: "Critical Thinking"`).
+*   The endpoint will then generate a W3C-compliant Verifiable Credential, sign it with the institution's private key (held on the server), and return the VC to the issuer, who can then transmit it to the student.
+
+### B. The Student Wallet and Verifier UI
+
+*   We will enhance the `portfolio.html` page to act as a rudimentary **digital wallet**.
+*   Students will be able to upload and store the VCs they receive from their school.
+*   We will add a "Share Proof" feature. This will allow a student to generate a **Verifiable Presentation**, which is a package containing their DID, the original credential, and a link to the work on IPFS.
+*   We will create a simple, public-facing "Verifier" page. Anyone (e.g., an employer) with a link to a Verifiable Presentation can visit this page, and it will automatically verify the cryptographic signatures and confirm that the student's credential is authentic.
+
+---
+
+## 3. Technical Stack
+
+*   **DIDs:** We will use the `did:key` method for simplicity in this proof-of-concept. This method is easy to generate and requires no blockchain interaction.
+*   **VCs:** We will use a standard JavaScript library (e.g., `veramo` or a similar W3C VC-JWT library) on the server to create and sign the JSON Web Token (JWT)-based credentials.
+*   **Cryptography:** The server will hold a private key for signing credentials. The verification process on the public page will use the corresponding public key.
+
+---
+
+## 4. User Flow
+
+1.  **Student:** A student uploads an essay using the existing client-side encryption feature and gets an IPFS CID. They generate a `did:key` in their portfolio and share it and the CID with their teacher.
+2.  **Teacher:** The teacher grades the essay. They access an internal school dashboard and use the `/issue-credential` endpoint, providing the student's DID, the essay's CID, and the grade.
+3.  **Student:** The student receives the signed VC from their teacher and adds it to their portfolio "wallet."
+4.  **Student (later):** The student applies for a job. They use the "Share Proof" feature to generate a single URL.
+5.  **Employer:** The employer clicks the URL, which opens the Verifier page. The page automatically fetches the data, verifies the signatures, and displays a confirmation: "✓ This credential is authentic and was issued by [School Name]."

public/index.html

@@ -0,0 +1,58 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Learning Object Repository</title>
+  <style>
+    body { font-family: sans-serif; margin: 2rem; }
+    #gallery { display: grid; grid-template-columns: repeat(auto-fill, minmax(300px, 1fr)); gap: 1.5rem; }
+    .card { border: 1px solid #ddd; border-radius: 8px; padding: 1.5rem; box-shadow: 0 2px 5px rgba(0,0,0,0.1); }
+    .card h2 { font-size: 1.25rem; margin-top: 0; }
+    .card p { margin: 0.5rem 0; }
+    .card-meta { font-size: 0.9rem; color: #555; }
+    .card-files { margin-top: 1rem; }
+    .card-files a { display: block; }
+  </style>
+</head>
+<body>
+  <h1>Learning Object Repository</h1>
+  <div id="gallery"></div>
+
+  <script>
+    async function fetchRecent() {
+      const response = await fetch('/recent');
+      const cids = await response.json();
+      const gallery = document.getElementById('gallery');
+      gallery.innerHTML = '';
+
+      for (const cid of cids) {
+        const manifestUrl = `https://ipfs.io/ipfs/${cid}`;
+        const manifestResponse = await fetch(manifestUrl);
+        const manifest = await manifestResponse.json();
+
+        const filesHtml = manifest.files.map(file =>
+          `<a href="https://ipfs.io/ipfs/${file.cid}" target="_blank">${file.filename}</a>`
+        ).join('');
+
+        const card = document.createElement('div');
+        card.className = 'card';
+        card.innerHTML = `
+          <h2>${manifest.title}</h2>
+          <p class="card-meta">By: ${manifest.author}</p>
+          <p class="card-meta">Subject: ${manifest.subject} | Grade: ${manifest.gradeLevel}</p>
+          <p>${manifest.description}</p>
+          <div class="card-files">
+            <strong>Files:</strong>
+            ${filesHtml}
+          </div>
+          <p class="card-meta" style="margin-top: 1rem;">License: ${manifest.license}</p>
+        `;
+        gallery.appendChild(card);
+      }
+    }
+
+    fetchRecent();
+  </script>
+</body>
+</html>

public/playground.html

@@ -0,0 +1,108 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>AI Model Playground</title>
+  <script src="https://cdn.jsdelivr.net/npm/@tensorflow/tfjs@latest/dist/tf.min.js"></script>
+  <style>
+    body { font-family: sans-serif; margin: 2rem; }
+    .container { max-width: 800px; margin: 0 auto; }
+    .input-group { margin-bottom: 1rem; }
+    #canvas { border: 2px solid black; cursor: crosshair; }
+    #prediction { font-size: 1.5rem; font-weight: bold; margin-top: 1rem; }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <h1>Interactive AI Model Playground</h1>
+    <p>This playground is designed to run a pre-trained image classification model (like the MNIST handwritten digit recognizer) that has been stored on IPFS.</p>
+
+    <div class="input-group">
+      <label for="cid">Model CID:</label>
+      <input type="text" id="cid" placeholder="Enter the IPFS CID of a model.json file..." style="width: 100%;">
+      <button id="load-btn">Load Model</button>
+    </div>
+
+    <canvas id="canvas" width="280" height="280"></canvas>
+    <br>
+    <button id="clear-btn">Clear Drawing</button>
+
+    <h2>Prediction: <span id="prediction"></span></h2>
+    <div id="status"></div>
+  </div>
+
+  <script>
+    const canvas = document.getElementById('canvas');
+    const ctx = canvas.getContext('2d');
+    const cidInput = document.getElementById('cid');
+    const loadBtn = document.getElementById('load-btn');
+    const clearBtn = document.getElementById('clear-btn');
+    const predictionSpan = document.getElementById('prediction');
+    const statusDiv = document.getElementById('status');
+
+    let model;
+    let isDrawing = false;
+
+    // Canvas setup
+    ctx.lineWidth = 15;
+    ctx.lineCap = 'round';
+    ctx.strokeStyle = 'white';
+    ctx.fillStyle = 'black';
+    ctx.fillRect(0, 0, canvas.width, canvas.height);
+
+    canvas.addEventListener('mousedown', () => isDrawing = true);
+    canvas.addEventListener('mouseup', () => {
+      isDrawing = false;
+      ctx.beginPath();
+      if (model) predict();
+    });
+    canvas.addEventListener('mousemove', draw);
+
+    function draw(event) {
+      if (!isDrawing) return;
+      ctx.lineTo(event.offsetX, event.offsetY);
+      ctx.stroke();
+      ctx.beginPath();
+      ctx.moveTo(event.offsetX, event.offsetY);
+    }
+
+    clearBtn.addEventListener('click', () => {
+      ctx.fillRect(0, 0, canvas.width, canvas.height);
+      predictionSpan.textContent = '';
+    });
+
+    loadBtn.addEventListener('click', async () => {
+      const cid = cidInput.value;
+      if (!cid) {
+        statusDiv.textContent = 'Please enter a model CID.';
+        return;
+      }
+      try {
+        statusDiv.textContent = 'Loading model...';
+        const modelUrl = `https://ipfs.io/ipfs/${cid}`;
+        model = await tf.loadLayersModel(modelUrl);
+        statusDiv.textContent = 'Model loaded successfully! Draw a digit (0-9).';
+      } catch (error) {
+        console.error('Failed to load model:', error);
+        statusDiv.textContent = `Error: ${error.message}`;
+      }
+    });
+
+    async function predict() {
+      const imageData = ctx.getImageData(0, 0, canvas.width, canvas.height);
+
+      // Pre-process the image data to a 28x28 grayscale tensor
+      let tensor = tf.browser.fromPixels(imageData, 1)
+        .resizeNearestNeighbor([28, 28])
+        .toFloat()
+        .div(tf.scalar(255.0))
+        .expandDims();
+
+      const prediction = await model.predict(tensor).data();
+      const predictedDigit = tf.argMax(prediction).dataSync()[0];
+      predictionSpan.textContent = predictedDigit;
+    }
+  </script>
+</body>
+</html>

public/portfolio.html

@@ -0,0 +1,260 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Student Portfolio - Encrypt & Upload</title>
+  <style>
+    body { font-family: sans-serif; margin: 2rem; }
+    .container { max-width: 600px; margin: 0 auto; }
+    .form-group { margin-bottom: 1rem; }
+    label { display: block; margin-bottom: 0.5rem; }
+    input[type="file"], input[type="password"] { width: 100%; padding: 0.5rem; }
+    button { padding: 0.75rem 1.5rem; }
+    #status { margin-top: 1rem; font-weight: bold; }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <h1>Encrypt and Upload Portfolio Item</h1>
+    <div class="form-group">
+      <label for="file">Select File:</label>
+      <input type="file" id="file" required>
+    </div>
+    <div class="form-group">
+      <label for="password">Encryption Password:</label>
+      <input type="password" id="password" required>
+    </div>
+    <button id="upload-btn">Encrypt and Upload</button>
+    <div id="status"></div>
+  </div>
+
+  <hr style="margin: 3rem 0;">
+
+  <div class="container">
+    <h1>Your Digital Wallet</h1>
+    <div class="form-group">
+      <label for="did">Your Decentralized ID (DID):</label>
+      <input type="text" id="did" readonly>
+      <button id="generate-did-btn">Generate New DID</button>
+    </div>
+    <div class="form-group">
+      <label for="vc-jwt">Received VC (Paste JWT here):</label>
+      <textarea id="vc-jwt" rows="4" style="width: 100%;"></textarea>
+      <button id="store-vc-btn">Store Credential</button>
+    </div>
+    <div id="credentials-list"></div>
+  </div>
+
+  <hr style="margin: 3rem 0;">
+
+  <div class="container">
+    <h1>Decrypt and Download Portfolio Item</h1>
+    <div class="form-group">
+      <label for="cid">IPFS CID:</label>
+      <input type="text" id="cid" required>
+    </div>
+    <div class="form-group">
+      <label for="password-decrypt">Decryption Password:</label>
+      <input type="password" id="password-decrypt" required>
+    </div>
+    <button id="decrypt-btn">Decrypt and Download</button>
+    <div id="status-decrypt"></div>
+  </div>
+
+  <script>
+    const fileInput = document.getElementById('file');
+    const passwordInput = document.getElementById('password');
+    const uploadBtn = document.getElementById('upload-btn');
+    const statusDiv = document.getElementById('status');
+
+    const didInput = document.getElementById('did');
+    const generateDidBtn = document.getElementById('generate-did-btn');
+    const vcJwtInput = document.getElementById('vc-jwt');
+    const storeVcBtn = document.getElementById('store-vc-btn');
+    const credentialsListDiv = document.getElementById('credentials-list');
+
+    const cidInput = document.getElementById('cid');
+    const passwordDecryptInput = document.getElementById('password-decrypt');
+    const decryptBtn = document.getElementById('decrypt-btn');
+    const statusDecryptDiv = document.getElementById('status-decrypt');
+
+    uploadBtn.addEventListener('click', async () => {
+      const file = fileInput.files[0];
+      const password = passwordInput.value;
+
+      if (!file || !password) {
+        statusDiv.textContent = 'Please select a file and enter a password.';
+        return;
+      }
+
+      try {
+        statusDiv.textContent = 'Encrypting file... (this may take a moment)';
+
+        // 1. Derive a key from the password using PBKDF2
+        const salt = window.crypto.getRandomValues(new Uint8Array(16));
+        const keyMaterial = await window.crypto.subtle.importKey(
+          'raw',
+          new TextEncoder().encode(password),
+          { name: 'PBKDF2' },
+          false,
+          ['deriveBits', 'deriveKey']
+        );
+        const key = await window.crypto.subtle.deriveKey(
+          { name: 'PBKDF2', salt: salt, iterations: 100000, hash: 'SHA-256' },
+          keyMaterial,
+          { name: 'AES-GCM', length: 256 },
+          true,
+          ['encrypt', 'decrypt']
+        );
+
+        // 2. Encrypt the file content using AES-GCM
+        const iv = window.crypto.getRandomValues(new Uint8Array(12));
+        const fileBuffer = await file.arrayBuffer();
+        const encryptedContent = await window.crypto.subtle.encrypt(
+          { name: 'AES-GCM', iv: iv },
+          key,
+          fileBuffer
+        );
+
+        // 3. Prepare the payload
+        // We need to send the salt, iv, and encrypted content to the server.
+        const encryptedBlob = new Blob([salt, iv, new Uint8Array(encryptedContent)], { type: 'application/octet-stream' });
+
+        statusDiv.textContent = 'Uploading encrypted file...';
+
+        const formData = new FormData();
+        formData.append('file', encryptedBlob, file.name);
+
+        const response = await fetch('/add-encrypted-object', {
+          method: 'POST',
+          body: formData,
+        });
+
+        if (!response.ok) {
+          throw new Error(`Upload failed: ${response.statusText}`);
+        }
+
+        const result = await response.json();
+        statusDiv.innerHTML = `Upload successful! CID: <a href="https://ipfs.io/ipfs/${result.success}" target="_blank">${result.success}</a>`;
+
+      } catch (error) {
+        console.error('Encryption/upload failed:', error);
+        statusDiv.textContent = `Error: ${error.message}`;
+      }
+    });
+
+    decryptBtn.addEventListener('click', async () => {
+      const cid = cidInput.value;
+      const password = passwordDecryptInput.value;
+
+      if (!cid || !password) {
+        statusDecryptDiv.textContent = 'Please enter a CID and a password.';
+        return;
+      }
+
+      try {
+        statusDecryptDiv.textContent = 'Downloading encrypted file...';
+
+        const response = await fetch(`https://ipfs.io/ipfs/${cid}`);
+        if (!response.ok) {
+          throw new Error(`Failed to fetch from IPFS: ${response.statusText}`);
+        }
+        const encryptedBuffer = await response.arrayBuffer();
+
+        statusDecryptDiv.textContent = 'Decrypting file...';
+
+        const salt = new Uint8Array(encryptedBuffer.slice(0, 16));
+        const iv = new Uint8Array(encryptedBuffer.slice(16, 28));
+        const encryptedContent = new Uint8Array(encryptedBuffer.slice(28));
+
+        const keyMaterial = await window.crypto.subtle.importKey(
+          'raw',
+          new TextEncoder().encode(password),
+          { name: 'PBKDF2' },
+          false,
+          ['deriveBits', 'deriveKey']
+        );
+        const key = await window.crypto.subtle.deriveKey(
+          { name: 'PBKDF2', salt: salt, iterations: 100000, hash: 'SHA-256' },
+          keyMaterial,
+          { name: 'AES-GCM', length: 256 },
+          true,
+          ['encrypt', 'decrypt']
+        );
+
+        const decryptedContent = await window.crypto.subtle.decrypt(
+          { name: 'AES-GCM', iv: iv },
+          key,
+          encryptedContent
+        );
+
+        statusDecryptDiv.textContent = 'Decryption successful! Preparing download...';
+
+        const blob = new Blob([decryptedContent]);
+        const a = document.createElement('a');
+        const url = window.URL.createObjectURL(blob);
+        a.href = url;
+        a.download = 'decrypted-file'; // We don't have the original filename here
+        document.body.appendChild(a);
+        a.click();
+        window.URL.revokeObjectURL(url);
+        a.remove();
+
+      } catch (error) {
+        console.error('Decryption/download failed:', error);
+        statusDecryptDiv.textContent = `Error: ${error.message}`;
+      }
+    });
+
+    generateDidBtn.addEventListener('click', async () => {
+      // This is a simplified did:key generation for demo purposes.
+      // A real implementation would use a proper library.
+      const keyPair = await window.crypto.subtle.generateKey(
+        { name: 'ECDSA', namedCurve: 'P-256' },
+        true,
+        ['sign', 'verify']
+      );
+      const publicKeyJwk = await window.crypto.subtle.exportJwk(keyPair.publicKey);
+      const did = `did:key:z${btoa(JSON.stringify(publicKeyJwk)).replace(/=/g, '')}`;
+      didInput.value = did;
+      localStorage.setItem('studentDid', did);
+    });
+
+    storeVcBtn.addEventListener('click', () => {
+      const vcJwt = vcJwtInput.value;
+      if (!vcJwt) return;
+      let credentials = JSON.parse(localStorage.getItem('credentials') || '[]');
+      credentials.push(vcJwt);
+      localStorage.setItem('credentials', JSON.stringify(credentials));
+      vcJwtInput.value = '';
+      renderCredentials();
+    });
+
+    function renderCredentials() {
+      let credentials = JSON.parse(localStorage.getItem('credentials') || '[]');
+      credentialsListDiv.innerHTML = '<h3>Your Credentials:</h3>';
+      if (credentials.length === 0) {
+        credentialsListDiv.innerHTML += '<p>No credentials stored yet.</p>';
+        return;
+      }
+      credentials.forEach((vcJwt, index) => {
+        const decoded = JSON.parse(atob(vcJwt.split('.')[1]));
+        const shareLink = `${window.location.origin}/verify.html?vc=${encodeURIComponent(vcJwt)}`;
+        credentialsListDiv.innerHTML += `
+          <div>
+            <p><b>Credential ${index + 1}:</b> ${decoded.vc.type.join(', ')}</p>
+            <p><b>Issued for:</b> ${decoded.sub}</p>
+            <input type="text" value="${shareLink}" readonly style="width: 80%;">
+            <button onclick="navigator.clipboard.writeText('${shareLink}')">Copy Link</button>
+          </div>
+        `;
+      });
+    }
+
+    // Load DID and credentials on page load
+    didInput.value = localStorage.getItem('studentDid') || '';
+    renderCredentials();
+  </script>
+</body>
+</html>

public/vendor/jose/index.js

@@ -0,0 +1,32 @@
+export { compactDecrypt } from './jwe/compact/decrypt.js';
+export { flattenedDecrypt } from './jwe/flattened/decrypt.js';
+export { generalDecrypt } from './jwe/general/decrypt.js';
+export { GeneralEncrypt } from './jwe/general/encrypt.js';
+export { compactVerify } from './jws/compact/verify.js';
+export { flattenedVerify } from './jws/flattened/verify.js';
+export { generalVerify } from './jws/general/verify.js';
+export { jwtVerify } from './jwt/verify.js';
+export { jwtDecrypt } from './jwt/decrypt.js';
+export { CompactEncrypt } from './jwe/compact/encrypt.js';
+export { FlattenedEncrypt } from './jwe/flattened/encrypt.js';
+export { CompactSign } from './jws/compact/sign.js';
+export { FlattenedSign } from './jws/flattened/sign.js';
+export { GeneralSign } from './jws/general/sign.js';
+export { SignJWT } from './jwt/sign.js';
+export { EncryptJWT } from './jwt/encrypt.js';
+export { calculateJwkThumbprint, calculateJwkThumbprintUri } from './jwk/thumbprint.js';
+export { EmbeddedJWK } from './jwk/embedded.js';
+export { createLocalJWKSet } from './jwks/local.js';
+export { createRemoteJWKSet, jwksCache, customFetch } from './jwks/remote.js';
+export { UnsecuredJWT } from './jwt/unsecured.js';
+export { exportPKCS8, exportSPKI, exportJWK } from './key/export.js';
+export { importSPKI, importPKCS8, importX509, importJWK } from './key/import.js';
+export { decodeProtectedHeader } from './util/decode_protected_header.js';
+export { decodeJwt } from './util/decode_jwt.js';
+import * as errors from './util/errors.js';
+export { errors };
+export { generateKeyPair } from './key/generate_key_pair.js';
+export { generateSecret } from './key/generate_secret.js';
+import * as base64url from './util/base64url.js';
+export { base64url };
+export const cryptoRuntime = 'WebCryptoAPI';

public/vendor/jose/jwe/compact/decrypt.js

@@ -0,0 +1,27 @@
+import { flattenedDecrypt } from '../flattened/decrypt.js';
+import { JWEInvalid } from '../../util/errors.js';
+import { decoder } from '../../lib/buffer_utils.js';
+export async function compactDecrypt(jwe, key, options) {
+    if (jwe instanceof Uint8Array) {
+        jwe = decoder.decode(jwe);
+    }
+    if (typeof jwe !== 'string') {
+        throw new JWEInvalid('Compact JWE must be a string or Uint8Array');
+    }
+    const { 0: protectedHeader, 1: encryptedKey, 2: iv, 3: ciphertext, 4: tag, length, } = jwe.split('.');
+    if (length !== 5) {
+        throw new JWEInvalid('Invalid Compact JWE');
+    }
+    const decrypted = await flattenedDecrypt({
+        ciphertext,
+        iv: iv || undefined,
+        protected: protectedHeader,
+        tag: tag || undefined,
+        encrypted_key: encryptedKey || undefined,
+    }, key, options);
+    const result = { plaintext: decrypted.plaintext, protectedHeader: decrypted.protectedHeader };
+    if (typeof key === 'function') {
+        return { ...result, key: decrypted.key };
+    }
+    return result;
+}

public/vendor/jose/jwe/compact/encrypt.js

@@ -0,0 +1,27 @@
+import { FlattenedEncrypt } from '../flattened/encrypt.js';
+export class CompactEncrypt {
+    #flattened;
+    constructor(plaintext) {
+        this.#flattened = new FlattenedEncrypt(plaintext);
+    }
+    setContentEncryptionKey(cek) {
+        this.#flattened.setContentEncryptionKey(cek);
+        return this;
+    }
+    setInitializationVector(iv) {
+        this.#flattened.setInitializationVector(iv);
+        return this;
+    }
+    setProtectedHeader(protectedHeader) {
+        this.#flattened.setProtectedHeader(protectedHeader);
+        return this;
+    }
+    setKeyManagementParameters(parameters) {
+        this.#flattened.setKeyManagementParameters(parameters);
+        return this;
+    }
+    async encrypt(key, options) {
+        const jwe = await this.#flattened.encrypt(key, options);
+        return [jwe.protected, jwe.encrypted_key, jwe.iv, jwe.ciphertext, jwe.tag].join('.');
+    }
+}

public/vendor/jose/jwe/flattened/decrypt.js

@@ -0,0 +1,165 @@
+import { decode as b64u } from '../../util/base64url.js';
+import { decrypt } from '../../lib/decrypt.js';
+import { JOSEAlgNotAllowed, JOSENotSupported, JWEInvalid } from '../../util/errors.js';
+import { isDisjoint } from '../../lib/is_disjoint.js';
+import { isObject } from '../../lib/is_object.js';
+import { decryptKeyManagement } from '../../lib/decrypt_key_management.js';
+import { decoder, concat, encode } from '../../lib/buffer_utils.js';
+import { generateCek } from '../../lib/cek.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { validateAlgorithms } from '../../lib/validate_algorithms.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+export async function flattenedDecrypt(jwe, key, options) {
+    if (!isObject(jwe)) {
+        throw new JWEInvalid('Flattened JWE must be an object');
+    }
+    if (jwe.protected === undefined && jwe.header === undefined && jwe.unprotected === undefined) {
+        throw new JWEInvalid('JOSE Header missing');
+    }
+    if (jwe.iv !== undefined && typeof jwe.iv !== 'string') {
+        throw new JWEInvalid('JWE Initialization Vector incorrect type');
+    }
+    if (typeof jwe.ciphertext !== 'string') {
+        throw new JWEInvalid('JWE Ciphertext missing or incorrect type');
+    }
+    if (jwe.tag !== undefined && typeof jwe.tag !== 'string') {
+        throw new JWEInvalid('JWE Authentication Tag incorrect type');
+    }
+    if (jwe.protected !== undefined && typeof jwe.protected !== 'string') {
+        throw new JWEInvalid('JWE Protected Header incorrect type');
+    }
+    if (jwe.encrypted_key !== undefined && typeof jwe.encrypted_key !== 'string') {
+        throw new JWEInvalid('JWE Encrypted Key incorrect type');
+    }
+    if (jwe.aad !== undefined && typeof jwe.aad !== 'string') {
+        throw new JWEInvalid('JWE AAD incorrect type');
+    }
+    if (jwe.header !== undefined && !isObject(jwe.header)) {
+        throw new JWEInvalid('JWE Shared Unprotected Header incorrect type');
+    }
+    if (jwe.unprotected !== undefined && !isObject(jwe.unprotected)) {
+        throw new JWEInvalid('JWE Per-Recipient Unprotected Header incorrect type');
+    }
+    let parsedProt;
+    if (jwe.protected) {
+        try {
+            const protectedHeader = b64u(jwe.protected);
+            parsedProt = JSON.parse(decoder.decode(protectedHeader));
+        }
+        catch {
+            throw new JWEInvalid('JWE Protected Header is invalid');
+        }
+    }
+    if (!isDisjoint(parsedProt, jwe.header, jwe.unprotected)) {
+        throw new JWEInvalid('JWE Protected, JWE Unprotected Header, and JWE Per-Recipient Unprotected Header Parameter names must be disjoint');
+    }
+    const joseHeader = {
+        ...parsedProt,
+        ...jwe.header,
+        ...jwe.unprotected,
+    };
+    validateCrit(JWEInvalid, new Map(), options?.crit, parsedProt, joseHeader);
+    if (joseHeader.zip !== undefined) {
+        throw new JOSENotSupported('JWE "zip" (Compression Algorithm) Header Parameter is not supported.');
+    }
+    const { alg, enc } = joseHeader;
+    if (typeof alg !== 'string' || !alg) {
+        throw new JWEInvalid('missing JWE Algorithm (alg) in JWE Header');
+    }
+    if (typeof enc !== 'string' || !enc) {
+        throw new JWEInvalid('missing JWE Encryption Algorithm (enc) in JWE Header');
+    }
+    const keyManagementAlgorithms = options && validateAlgorithms('keyManagementAlgorithms', options.keyManagementAlgorithms);
+    const contentEncryptionAlgorithms = options &&
+        validateAlgorithms('contentEncryptionAlgorithms', options.contentEncryptionAlgorithms);
+    if ((keyManagementAlgorithms && !keyManagementAlgorithms.has(alg)) ||
+        (!keyManagementAlgorithms && alg.startsWith('PBES2'))) {
+        throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
+    }
+    if (contentEncryptionAlgorithms && !contentEncryptionAlgorithms.has(enc)) {
+        throw new JOSEAlgNotAllowed('"enc" (Encryption Algorithm) Header Parameter value not allowed');
+    }
+    let encryptedKey;
+    if (jwe.encrypted_key !== undefined) {
+        try {
+            encryptedKey = b64u(jwe.encrypted_key);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the encrypted_key');
+        }
+    }
+    let resolvedKey = false;
+    if (typeof key === 'function') {
+        key = await key(parsedProt, jwe);
+        resolvedKey = true;
+    }
+    checkKeyType(alg === 'dir' ? enc : alg, key, 'decrypt');
+    const k = await normalizeKey(key, alg);
+    let cek;
+    try {
+        cek = await decryptKeyManagement(alg, k, encryptedKey, joseHeader, options);
+    }
+    catch (err) {
+        if (err instanceof TypeError || err instanceof JWEInvalid || err instanceof JOSENotSupported) {
+            throw err;
+        }
+        cek = generateCek(enc);
+    }
+    let iv;
+    let tag;
+    if (jwe.iv !== undefined) {
+        try {
+            iv = b64u(jwe.iv);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the iv');
+        }
+    }
+    if (jwe.tag !== undefined) {
+        try {
+            tag = b64u(jwe.tag);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the tag');
+        }
+    }
+    const protectedHeader = jwe.protected !== undefined ? encode(jwe.protected) : new Uint8Array();
+    let additionalData;
+    if (jwe.aad !== undefined) {
+        additionalData = concat(protectedHeader, encode('.'), encode(jwe.aad));
+    }
+    else {
+        additionalData = protectedHeader;
+    }
+    let ciphertext;
+    try {
+        ciphertext = b64u(jwe.ciphertext);
+    }
+    catch {
+        throw new JWEInvalid('Failed to base64url decode the ciphertext');
+    }
+    const plaintext = await decrypt(enc, cek, ciphertext, iv, tag, additionalData);
+    const result = { plaintext };
+    if (jwe.protected !== undefined) {
+        result.protectedHeader = parsedProt;
+    }
+    if (jwe.aad !== undefined) {
+        try {
+            result.additionalAuthenticatedData = b64u(jwe.aad);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the aad');
+        }
+    }
+    if (jwe.unprotected !== undefined) {
+        result.sharedUnprotectedHeader = jwe.unprotected;
+    }
+    if (jwe.header !== undefined) {
+        result.unprotectedHeader = jwe.header;
+    }
+    if (resolvedKey) {
+        return { ...result, key: k };
+    }
+    return result;
+}

public/vendor/jose/jwe/flattened/encrypt.js

@@ -0,0 +1,169 @@
+import { encode as b64u } from '../../util/base64url.js';
+import { unprotected } from '../../lib/private_symbols.js';
+import { encrypt } from '../../lib/encrypt.js';
+import { encryptKeyManagement } from '../../lib/encrypt_key_management.js';
+import { JOSENotSupported, JWEInvalid } from '../../util/errors.js';
+import { isDisjoint } from '../../lib/is_disjoint.js';
+import { concat, encode } from '../../lib/buffer_utils.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+export class FlattenedEncrypt {
+    #plaintext;
+    #protectedHeader;
+    #sharedUnprotectedHeader;
+    #unprotectedHeader;
+    #aad;
+    #cek;
+    #iv;
+    #keyManagementParameters;
+    constructor(plaintext) {
+        if (!(plaintext instanceof Uint8Array)) {
+            throw new TypeError('plaintext must be an instance of Uint8Array');
+        }
+        this.#plaintext = plaintext;
+    }
+    setKeyManagementParameters(parameters) {
+        if (this.#keyManagementParameters) {
+            throw new TypeError('setKeyManagementParameters can only be called once');
+        }
+        this.#keyManagementParameters = parameters;
+        return this;
+    }
+    setProtectedHeader(protectedHeader) {
+        if (this.#protectedHeader) {
+            throw new TypeError('setProtectedHeader can only be called once');
+        }
+        this.#protectedHeader = protectedHeader;
+        return this;
+    }
+    setSharedUnprotectedHeader(sharedUnprotectedHeader) {
+        if (this.#sharedUnprotectedHeader) {
+            throw new TypeError('setSharedUnprotectedHeader can only be called once');
+        }
+        this.#sharedUnprotectedHeader = sharedUnprotectedHeader;
+        return this;
+    }
+    setUnprotectedHeader(unprotectedHeader) {
+        if (this.#unprotectedHeader) {
+            throw new TypeError('setUnprotectedHeader can only be called once');
+        }
+        this.#unprotectedHeader = unprotectedHeader;
+        return this;
+    }
+    setAdditionalAuthenticatedData(aad) {
+        this.#aad = aad;
+        return this;
+    }
+    setContentEncryptionKey(cek) {
+        if (this.#cek) {
+            throw new TypeError('setContentEncryptionKey can only be called once');
+        }
+        this.#cek = cek;
+        return this;
+    }
+    setInitializationVector(iv) {
+        if (this.#iv) {
+            throw new TypeError('setInitializationVector can only be called once');
+        }
+        this.#iv = iv;
+        return this;
+    }
+    async encrypt(key, options) {
+        if (!this.#protectedHeader && !this.#unprotectedHeader && !this.#sharedUnprotectedHeader) {
+            throw new JWEInvalid('either setProtectedHeader, setUnprotectedHeader, or sharedUnprotectedHeader must be called before #encrypt()');
+        }
+        if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader, this.#sharedUnprotectedHeader)) {
+            throw new JWEInvalid('JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint');
+        }
+        const joseHeader = {
+            ...this.#protectedHeader,
+            ...this.#unprotectedHeader,
+            ...this.#sharedUnprotectedHeader,
+        };
+        validateCrit(JWEInvalid, new Map(), options?.crit, this.#protectedHeader, joseHeader);
+        if (joseHeader.zip !== undefined) {
+            throw new JOSENotSupported('JWE "zip" (Compression Algorithm) Header Parameter is not supported.');
+        }
+        const { alg, enc } = joseHeader;
+        if (typeof alg !== 'string' || !alg) {
+            throw new JWEInvalid('JWE "alg" (Algorithm) Header Parameter missing or invalid');
+        }
+        if (typeof enc !== 'string' || !enc) {
+            throw new JWEInvalid('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');
+        }
+        let encryptedKey;
+        if (this.#cek && (alg === 'dir' || alg === 'ECDH-ES')) {
+            throw new TypeError(`setContentEncryptionKey cannot be called with JWE "alg" (Algorithm) Header ${alg}`);
+        }
+        checkKeyType(alg === 'dir' ? enc : alg, key, 'encrypt');
+        let cek;
+        {
+            let parameters;
+            const k = await normalizeKey(key, alg);
+            ({ cek, encryptedKey, parameters } = await encryptKeyManagement(alg, enc, k, this.#cek, this.#keyManagementParameters));
+            if (parameters) {
+                if (options && unprotected in options) {
+                    if (!this.#unprotectedHeader) {
+                        this.setUnprotectedHeader(parameters);
+                    }
+                    else {
+                        this.#unprotectedHeader = { ...this.#unprotectedHeader, ...parameters };
+                    }
+                }
+                else if (!this.#protectedHeader) {
+                    this.setProtectedHeader(parameters);
+                }
+                else {
+                    this.#protectedHeader = { ...this.#protectedHeader, ...parameters };
+                }
+            }
+        }
+        let additionalData;
+        let protectedHeaderS;
+        let protectedHeaderB;
+        let aadMember;
+        if (this.#protectedHeader) {
+            protectedHeaderS = b64u(JSON.stringify(this.#protectedHeader));
+            protectedHeaderB = encode(protectedHeaderS);
+        }
+        else {
+            protectedHeaderS = '';
+            protectedHeaderB = new Uint8Array();
+        }
+        if (this.#aad) {
+            aadMember = b64u(this.#aad);
+            const aadMemberBytes = encode(aadMember);
+            additionalData = concat(protectedHeaderB, encode('.'), aadMemberBytes);
+        }
+        else {
+            additionalData = protectedHeaderB;
+        }
+        const { ciphertext, tag, iv } = await encrypt(enc, this.#plaintext, cek, this.#iv, additionalData);
+        const jwe = {
+            ciphertext: b64u(ciphertext),
+        };
+        if (iv) {
+            jwe.iv = b64u(iv);
+        }
+        if (tag) {
+            jwe.tag = b64u(tag);
+        }
+        if (encryptedKey) {
+            jwe.encrypted_key = b64u(encryptedKey);
+        }
+        if (aadMember) {
+            jwe.aad = aadMember;
+        }
+        if (this.#protectedHeader) {
+            jwe.protected = protectedHeaderS;
+        }
+        if (this.#sharedUnprotectedHeader) {
+            jwe.unprotected = this.#sharedUnprotectedHeader;
+        }
+        if (this.#unprotectedHeader) {
+            jwe.header = this.#unprotectedHeader;
+        }
+        return jwe;
+    }
+}

public/vendor/jose/jwe/general/decrypt.js

@@ -0,0 +1,31 @@
+import { flattenedDecrypt } from '../flattened/decrypt.js';
+import { JWEDecryptionFailed, JWEInvalid } from '../../util/errors.js';
+import { isObject } from '../../lib/is_object.js';
+export async function generalDecrypt(jwe, key, options) {
+    if (!isObject(jwe)) {
+        throw new JWEInvalid('General JWE must be an object');
+    }
+    if (!Array.isArray(jwe.recipients) || !jwe.recipients.every(isObject)) {
+        throw new JWEInvalid('JWE Recipients missing or incorrect type');
+    }
+    if (!jwe.recipients.length) {
+        throw new JWEInvalid('JWE Recipients has no members');
+    }
+    for (const recipient of jwe.recipients) {
+        try {
+            return await flattenedDecrypt({
+                aad: jwe.aad,
+                ciphertext: jwe.ciphertext,
+                encrypted_key: recipient.encrypted_key,
+                header: recipient.header,
+                iv: jwe.iv,
+                protected: jwe.protected,
+                tag: jwe.tag,
+                unprotected: jwe.unprotected,
+            }, key, options);
+        }
+        catch {
+        }
+    }
+    throw new JWEDecryptionFailed();
+}

public/vendor/jose/jwe/general/encrypt.js

@@ -0,0 +1,187 @@
+import { FlattenedEncrypt } from '../flattened/encrypt.js';
+import { unprotected } from '../../lib/private_symbols.js';
+import { JOSENotSupported, JWEInvalid } from '../../util/errors.js';
+import { generateCek } from '../../lib/cek.js';
+import { isDisjoint } from '../../lib/is_disjoint.js';
+import { encryptKeyManagement } from '../../lib/encrypt_key_management.js';
+import { encode as b64u } from '../../util/base64url.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+class IndividualRecipient {
+    #parent;
+    unprotectedHeader;
+    keyManagementParameters;
+    key;
+    options;
+    constructor(enc, key, options) {
+        this.#parent = enc;
+        this.key = key;
+        this.options = options;
+    }
+    setUnprotectedHeader(unprotectedHeader) {
+        if (this.unprotectedHeader) {
+            throw new TypeError('setUnprotectedHeader can only be called once');
+        }
+        this.unprotectedHeader = unprotectedHeader;
+        return this;
+    }
+    setKeyManagementParameters(parameters) {
+        if (this.keyManagementParameters) {
+            throw new TypeError('setKeyManagementParameters can only be called once');
+        }
+        this.keyManagementParameters = parameters;
+        return this;
+    }
+    addRecipient(...args) {
+        return this.#parent.addRecipient(...args);
+    }
+    encrypt(...args) {
+        return this.#parent.encrypt(...args);
+    }
+    done() {
+        return this.#parent;
+    }
+}
+export class GeneralEncrypt {
+    #plaintext;
+    #recipients = [];
+    #protectedHeader;
+    #unprotectedHeader;
+    #aad;
+    constructor(plaintext) {
+        this.#plaintext = plaintext;
+    }
+    addRecipient(key, options) {
+        const recipient = new IndividualRecipient(this, key, { crit: options?.crit });
+        this.#recipients.push(recipient);
+        return recipient;
+    }
+    setProtectedHeader(protectedHeader) {
+        if (this.#protectedHeader) {
+            throw new TypeError('setProtectedHeader can only be called once');
+        }
+        this.#protectedHeader = protectedHeader;
+        return this;
+    }
+    setSharedUnprotectedHeader(sharedUnprotectedHeader) {
+        if (this.#unprotectedHeader) {
+            throw new TypeError('setSharedUnprotectedHeader can only be called once');
+        }
+        this.#unprotectedHeader = sharedUnprotectedHeader;
+        return this;
+    }
+    setAdditionalAuthenticatedData(aad) {
+        this.#aad = aad;
+        return this;
+    }
+    async encrypt() {
+        if (!this.#recipients.length) {
+            throw new JWEInvalid('at least one recipient must be added');
+        }
+        if (this.#recipients.length === 1) {
+            const [recipient] = this.#recipients;
+            const flattened = await new FlattenedEncrypt(this.#plaintext)
+                .setAdditionalAuthenticatedData(this.#aad)
+                .setProtectedHeader(this.#protectedHeader)
+                .setSharedUnprotectedHeader(this.#unprotectedHeader)
+                .setUnprotectedHeader(recipient.unprotectedHeader)
+                .encrypt(recipient.key, { ...recipient.options });
+            const jwe = {
+                ciphertext: flattened.ciphertext,
+                iv: flattened.iv,
+                recipients: [{}],
+                tag: flattened.tag,
+            };
+            if (flattened.aad)
+                jwe.aad = flattened.aad;
+            if (flattened.protected)
+                jwe.protected = flattened.protected;
+            if (flattened.unprotected)
+                jwe.unprotected = flattened.unprotected;
+            if (flattened.encrypted_key)
+                jwe.recipients[0].encrypted_key = flattened.encrypted_key;
+            if (flattened.header)
+                jwe.recipients[0].header = flattened.header;
+            return jwe;
+        }
+        let enc;
+        for (let i = 0; i < this.#recipients.length; i++) {
+            const recipient = this.#recipients[i];
+            if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader, recipient.unprotectedHeader)) {
+                throw new JWEInvalid('JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint');
+            }
+            const joseHeader = {
+                ...this.#protectedHeader,
+                ...this.#unprotectedHeader,
+                ...recipient.unprotectedHeader,
+            };
+            const { alg } = joseHeader;
+            if (typeof alg !== 'string' || !alg) {
+                throw new JWEInvalid('JWE "alg" (Algorithm) Header Parameter missing or invalid');
+            }
+            if (alg === 'dir' || alg === 'ECDH-ES') {
+                throw new JWEInvalid('"dir" and "ECDH-ES" alg may only be used with a single recipient');
+            }
+            if (typeof joseHeader.enc !== 'string' || !joseHeader.enc) {
+                throw new JWEInvalid('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');
+            }
+            if (!enc) {
+                enc = joseHeader.enc;
+            }
+            else if (enc !== joseHeader.enc) {
+                throw new JWEInvalid('JWE "enc" (Encryption Algorithm) Header Parameter must be the same for all recipients');
+            }
+            validateCrit(JWEInvalid, new Map(), recipient.options.crit, this.#protectedHeader, joseHeader);
+            if (joseHeader.zip !== undefined) {
+                throw new JOSENotSupported('JWE "zip" (Compression Algorithm) Header Parameter is not supported.');
+            }
+        }
+        const cek = generateCek(enc);
+        const jwe = {
+            ciphertext: '',
+            recipients: [],
+        };
+        for (let i = 0; i < this.#recipients.length; i++) {
+            const recipient = this.#recipients[i];
+            const target = {};
+            jwe.recipients.push(target);
+            if (i === 0) {
+                const flattened = await new FlattenedEncrypt(this.#plaintext)
+                    .setAdditionalAuthenticatedData(this.#aad)
+                    .setContentEncryptionKey(cek)
+                    .setProtectedHeader(this.#protectedHeader)
+                    .setSharedUnprotectedHeader(this.#unprotectedHeader)
+                    .setUnprotectedHeader(recipient.unprotectedHeader)
+                    .setKeyManagementParameters(recipient.keyManagementParameters)
+                    .encrypt(recipient.key, {
+                    ...recipient.options,
+                    [unprotected]: true,
+                });
+                jwe.ciphertext = flattened.ciphertext;
+                jwe.iv = flattened.iv;
+                jwe.tag = flattened.tag;
+                if (flattened.aad)
+                    jwe.aad = flattened.aad;
+                if (flattened.protected)
+                    jwe.protected = flattened.protected;
+                if (flattened.unprotected)
+                    jwe.unprotected = flattened.unprotected;
+                target.encrypted_key = flattened.encrypted_key;
+                if (flattened.header)
+                    target.header = flattened.header;
+                continue;
+            }
+            const alg = recipient.unprotectedHeader?.alg ||
+                this.#protectedHeader?.alg ||
+                this.#unprotectedHeader?.alg;
+            checkKeyType(alg === 'dir' ? enc : alg, recipient.key, 'encrypt');
+            const k = await normalizeKey(recipient.key, alg);
+            const { encryptedKey, parameters } = await encryptKeyManagement(alg, enc, k, cek, recipient.keyManagementParameters);
+            target.encrypted_key = b64u(encryptedKey);
+            if (recipient.unprotectedHeader || parameters)
+                target.header = { ...recipient.unprotectedHeader, ...parameters };
+        }
+        return jwe;
+    }
+}

public/vendor/jose/jwk/embedded.js

@@ -0,0 +1,17 @@
+import { importJWK } from '../key/import.js';
+import { isObject } from '../lib/is_object.js';
+import { JWSInvalid } from '../util/errors.js';
+export async function EmbeddedJWK(protectedHeader, token) {
+    const joseHeader = {
+        ...protectedHeader,
+        ...token?.header,
+    };
+    if (!isObject(joseHeader.jwk)) {
+        throw new JWSInvalid('"jwk" (JSON Web Key) Header Parameter must be a JSON object');
+    }
+    const key = await importJWK({ ...joseHeader.jwk, ext: true }, joseHeader.alg);
+    if (key instanceof Uint8Array || key.type !== 'public') {
+        throw new JWSInvalid('"jwk" (JSON Web Key) Header Parameter must be a public key');
+    }
+    return key;
+}

public/vendor/jose/jwk/thumbprint.js

@@ -0,0 +1,68 @@
+import { digest } from '../lib/digest.js';
+import { encode as b64u } from '../util/base64url.js';
+import { JOSENotSupported, JWKInvalid } from '../util/errors.js';
+import { encode } from '../lib/buffer_utils.js';
+import { isKeyLike } from '../lib/is_key_like.js';
+import { isJWK } from '../lib/is_jwk.js';
+import { exportJWK } from '../key/export.js';
+import { invalidKeyInput } from '../lib/invalid_key_input.js';
+const check = (value, description) => {
+    if (typeof value !== 'string' || !value) {
+        throw new JWKInvalid(`${description} missing or invalid`);
+    }
+};
+export async function calculateJwkThumbprint(key, digestAlgorithm) {
+    let jwk;
+    if (isJWK(key)) {
+        jwk = key;
+    }
+    else if (isKeyLike(key)) {
+        jwk = await exportJWK(key);
+    }
+    else {
+        throw new TypeError(invalidKeyInput(key, 'CryptoKey', 'KeyObject', 'JSON Web Key'));
+    }
+    digestAlgorithm ??= 'sha256';
+    if (digestAlgorithm !== 'sha256' &&
+        digestAlgorithm !== 'sha384' &&
+        digestAlgorithm !== 'sha512') {
+        throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');
+    }
+    let components;
+    switch (jwk.kty) {
+        case 'AKP':
+            check(jwk.alg, '"alg" (Algorithm) Parameter');
+            check(jwk.pub, '"pub" (Public key) Parameter');
+            components = { alg: jwk.alg, kty: jwk.kty, pub: jwk.pub };
+            break;
+        case 'EC':
+            check(jwk.crv, '"crv" (Curve) Parameter');
+            check(jwk.x, '"x" (X Coordinate) Parameter');
+            check(jwk.y, '"y" (Y Coordinate) Parameter');
+            components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };
+            break;
+        case 'OKP':
+            check(jwk.crv, '"crv" (Subtype of Key Pair) Parameter');
+            check(jwk.x, '"x" (Public Key) Parameter');
+            components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x };
+            break;
+        case 'RSA':
+            check(jwk.e, '"e" (Exponent) Parameter');
+            check(jwk.n, '"n" (Modulus) Parameter');
+            components = { e: jwk.e, kty: jwk.kty, n: jwk.n };
+            break;
+        case 'oct':
+            check(jwk.k, '"k" (Key Value) Parameter');
+            components = { k: jwk.k, kty: jwk.kty };
+            break;
+        default:
+            throw new JOSENotSupported('"kty" (Key Type) Parameter missing or unsupported');
+    }
+    const data = encode(JSON.stringify(components));
+    return b64u(await digest(digestAlgorithm, data));
+}
+export async function calculateJwkThumbprintUri(key, digestAlgorithm) {
+    digestAlgorithm ??= 'sha256';
+    const thumbprint = await calculateJwkThumbprint(key, digestAlgorithm);
+    return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;
+}

public/vendor/jose/jwks/local.js

@@ -0,0 +1,119 @@
+import { importJWK } from '../key/import.js';
+import { JWKSInvalid, JOSENotSupported, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, } from '../util/errors.js';
+import { isObject } from '../lib/is_object.js';
+function getKtyFromAlg(alg) {
+    switch (typeof alg === 'string' && alg.slice(0, 2)) {
+        case 'RS':
+        case 'PS':
+            return 'RSA';
+        case 'ES':
+            return 'EC';
+        case 'Ed':
+            return 'OKP';
+        case 'ML':
+            return 'AKP';
+        default:
+            throw new JOSENotSupported('Unsupported "alg" value for a JSON Web Key Set');
+    }
+}
+function isJWKSLike(jwks) {
+    return (jwks &&
+        typeof jwks === 'object' &&
+        Array.isArray(jwks.keys) &&
+        jwks.keys.every(isJWKLike));
+}
+function isJWKLike(key) {
+    return isObject(key);
+}
+class LocalJWKSet {
+    #jwks;
+    #cached = new WeakMap();
+    constructor(jwks) {
+        if (!isJWKSLike(jwks)) {
+            throw new JWKSInvalid('JSON Web Key Set malformed');
+        }
+        this.#jwks = structuredClone(jwks);
+    }
+    jwks() {
+        return this.#jwks;
+    }
+    async getKey(protectedHeader, token) {
+        const { alg, kid } = { ...protectedHeader, ...token?.header };
+        const kty = getKtyFromAlg(alg);
+        const candidates = this.#jwks.keys.filter((jwk) => {
+            let candidate = kty === jwk.kty;
+            if (candidate && typeof kid === 'string') {
+                candidate = kid === jwk.kid;
+            }
+            if (candidate && (typeof jwk.alg === 'string' || kty === 'AKP')) {
+                candidate = alg === jwk.alg;
+            }
+            if (candidate && typeof jwk.use === 'string') {
+                candidate = jwk.use === 'sig';
+            }
+            if (candidate && Array.isArray(jwk.key_ops)) {
+                candidate = jwk.key_ops.includes('verify');
+            }
+            if (candidate) {
+                switch (alg) {
+                    case 'ES256':
+                        candidate = jwk.crv === 'P-256';
+                        break;
+                    case 'ES384':
+                        candidate = jwk.crv === 'P-384';
+                        break;
+                    case 'ES512':
+                        candidate = jwk.crv === 'P-521';
+                        break;
+                    case 'Ed25519':
+                    case 'EdDSA':
+                        candidate = jwk.crv === 'Ed25519';
+                        break;
+                }
+            }
+            return candidate;
+        });
+        const { 0: jwk, length } = candidates;
+        if (length === 0) {
+            throw new JWKSNoMatchingKey();
+        }
+        if (length !== 1) {
+            const error = new JWKSMultipleMatchingKeys();
+            const _cached = this.#cached;
+            error[Symbol.asyncIterator] = async function* () {
+                for (const jwk of candidates) {
+                    try {
+                        yield await importWithAlgCache(_cached, jwk, alg);
+                    }
+                    catch { }
+                }
+            };
+            throw error;
+        }
+        return importWithAlgCache(this.#cached, jwk, alg);
+    }
+}
+async function importWithAlgCache(cache, jwk, alg) {
+    const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);
+    if (cached[alg] === undefined) {
+        const key = await importJWK({ ...jwk, ext: true }, alg);
+        if (key instanceof Uint8Array || key.type !== 'public') {
+            throw new JWKSInvalid('JSON Web Key Set members must be public keys');
+        }
+        cached[alg] = key;
+    }
+    return cached[alg];
+}
+export function createLocalJWKSet(jwks) {
+    const set = new LocalJWKSet(jwks);
+    const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);
+    Object.defineProperties(localJWKSet, {
+        jwks: {
+            value: () => structuredClone(set.jwks()),
+            enumerable: false,
+            configurable: false,
+            writable: false,
+        },
+    });
+    return localJWKSet;
+}

public/vendor/jose/jwks/remote.js

@@ -0,0 +1,179 @@
+import { JOSEError, JWKSNoMatchingKey, JWKSTimeout } from '../util/errors.js';
+import { createLocalJWKSet } from './local.js';
+import { isObject } from '../lib/is_object.js';
+function isCloudflareWorkers() {
+    return (typeof WebSocketPair !== 'undefined' ||
+        (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') ||
+        (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel'));
+}
+let USER_AGENT;
+if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
+    const NAME = 'jose';
+    const VERSION = 'v6.1.3';
+    USER_AGENT = `${NAME}/${VERSION}`;
+}
+export const customFetch = Symbol();
+async function fetchJwks(url, headers, signal, fetchImpl = fetch) {
+    const response = await fetchImpl(url, {
+        method: 'GET',
+        signal,
+        redirect: 'manual',
+        headers,
+    }).catch((err) => {
+        if (err.name === 'TimeoutError') {
+            throw new JWKSTimeout();
+        }
+        throw err;
+    });
+    if (response.status !== 200) {
+        throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response');
+    }
+    try {
+        return await response.json();
+    }
+    catch {
+        throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');
+    }
+}
+export const jwksCache = Symbol();
+function isFreshJwksCache(input, cacheMaxAge) {
+    if (typeof input !== 'object' || input === null) {
+        return false;
+    }
+    if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) {
+        return false;
+    }
+    if (!('jwks' in input) ||
+        !isObject(input.jwks) ||
+        !Array.isArray(input.jwks.keys) ||
+        !Array.prototype.every.call(input.jwks.keys, isObject)) {
+        return false;
+    }
+    return true;
+}
+class RemoteJWKSet {
+    #url;
+    #timeoutDuration;
+    #cooldownDuration;
+    #cacheMaxAge;
+    #jwksTimestamp;
+    #pendingFetch;
+    #headers;
+    #customFetch;
+    #local;
+    #cache;
+    constructor(url, options) {
+        if (!(url instanceof URL)) {
+            throw new TypeError('url must be an instance of URL');
+        }
+        this.#url = new URL(url.href);
+        this.#timeoutDuration =
+            typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000;
+        this.#cooldownDuration =
+            typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000;
+        this.#cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000;
+        this.#headers = new Headers(options?.headers);
+        if (USER_AGENT && !this.#headers.has('User-Agent')) {
+            this.#headers.set('User-Agent', USER_AGENT);
+        }
+        if (!this.#headers.has('accept')) {
+            this.#headers.set('accept', 'application/json');
+            this.#headers.append('accept', 'application/jwk-set+json');
+        }
+        this.#customFetch = options?.[customFetch];
+        if (options?.[jwksCache] !== undefined) {
+            this.#cache = options?.[jwksCache];
+            if (isFreshJwksCache(options?.[jwksCache], this.#cacheMaxAge)) {
+                this.#jwksTimestamp = this.#cache.uat;
+                this.#local = createLocalJWKSet(this.#cache.jwks);
+            }
+        }
+    }
+    pendingFetch() {
+        return !!this.#pendingFetch;
+    }
+    coolingDown() {
+        return typeof this.#jwksTimestamp === 'number'
+            ? Date.now() < this.#jwksTimestamp + this.#cooldownDuration
+            : false;
+    }
+    fresh() {
+        return typeof this.#jwksTimestamp === 'number'
+            ? Date.now() < this.#jwksTimestamp + this.#cacheMaxAge
+            : false;
+    }
+    jwks() {
+        return this.#local?.jwks();
+    }
+    async getKey(protectedHeader, token) {
+        if (!this.#local || !this.fresh()) {
+            await this.reload();
+        }
+        try {
+            return await this.#local(protectedHeader, token);
+        }
+        catch (err) {
+            if (err instanceof JWKSNoMatchingKey) {
+                if (this.coolingDown() === false) {
+                    await this.reload();
+                    return this.#local(protectedHeader, token);
+                }
+            }
+            throw err;
+        }
+    }
+    async reload() {
+        if (this.#pendingFetch && isCloudflareWorkers()) {
+            this.#pendingFetch = undefined;
+        }
+        this.#pendingFetch ||= fetchJwks(this.#url.href, this.#headers, AbortSignal.timeout(this.#timeoutDuration), this.#customFetch)
+            .then((json) => {
+            this.#local = createLocalJWKSet(json);
+            if (this.#cache) {
+                this.#cache.uat = Date.now();
+                this.#cache.jwks = json;
+            }
+            this.#jwksTimestamp = Date.now();
+            this.#pendingFetch = undefined;
+        })
+            .catch((err) => {
+            this.#pendingFetch = undefined;
+            throw err;
+        });
+        await this.#pendingFetch;
+    }
+}
+export function createRemoteJWKSet(url, options) {
+    const set = new RemoteJWKSet(url, options);
+    const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);
+    Object.defineProperties(remoteJWKSet, {
+        coolingDown: {
+            get: () => set.coolingDown(),
+            enumerable: true,
+            configurable: false,
+        },
+        fresh: {
+            get: () => set.fresh(),
+            enumerable: true,
+            configurable: false,
+        },
+        reload: {
+            value: () => set.reload(),
+            enumerable: true,
+            configurable: false,
+            writable: false,
+        },
+        reloading: {
+            get: () => set.pendingFetch(),
+            enumerable: true,
+            configurable: false,
+        },
+        jwks: {
+            value: () => set.jwks(),
+            enumerable: true,
+            configurable: false,
+            writable: false,
+        },
+    });
+    return remoteJWKSet;
+}

public/vendor/jose/jws/compact/sign.js

@@ -0,0 +1,18 @@
+import { FlattenedSign } from '../flattened/sign.js';
+export class CompactSign {
+    #flattened;
+    constructor(payload) {
+        this.#flattened = new FlattenedSign(payload);
+    }
+    setProtectedHeader(protectedHeader) {
+        this.#flattened.setProtectedHeader(protectedHeader);
+        return this;
+    }
+    async sign(key, options) {
+        const jws = await this.#flattened.sign(key, options);
+        if (jws.payload === undefined) {
+            throw new TypeError('use the flattened module for creating JWS with b64: false');
+        }
+        return `${jws.protected}.${jws.payload}.${jws.signature}`;
+    }
+}

public/vendor/jose/jws/compact/verify.js

@@ -0,0 +1,21 @@
+import { flattenedVerify } from '../flattened/verify.js';
+import { JWSInvalid } from '../../util/errors.js';
+import { decoder } from '../../lib/buffer_utils.js';
+export async function compactVerify(jws, key, options) {
+    if (jws instanceof Uint8Array) {
+        jws = decoder.decode(jws);
+    }
+    if (typeof jws !== 'string') {
+        throw new JWSInvalid('Compact JWS must be a string or Uint8Array');
+    }
+    const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.');
+    if (length !== 3) {
+        throw new JWSInvalid('Invalid Compact JWS');
+    }
+    const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);
+    const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };
+    if (typeof key === 'function') {
+        return { ...result, key: verified.key };
+    }
+    return result;
+}

public/vendor/jose/jws/flattened/sign.js

@@ -0,0 +1,92 @@
+import { encode as b64u } from '../../util/base64url.js';
+import { sign } from '../../lib/sign.js';
+import { isDisjoint } from '../../lib/is_disjoint.js';
+import { JWSInvalid } from '../../util/errors.js';
+import { concat, encode } from '../../lib/buffer_utils.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+export class FlattenedSign {
+    #payload;
+    #protectedHeader;
+    #unprotectedHeader;
+    constructor(payload) {
+        if (!(payload instanceof Uint8Array)) {
+            throw new TypeError('payload must be an instance of Uint8Array');
+        }
+        this.#payload = payload;
+    }
+    setProtectedHeader(protectedHeader) {
+        if (this.#protectedHeader) {
+            throw new TypeError('setProtectedHeader can only be called once');
+        }
+        this.#protectedHeader = protectedHeader;
+        return this;
+    }
+    setUnprotectedHeader(unprotectedHeader) {
+        if (this.#unprotectedHeader) {
+            throw new TypeError('setUnprotectedHeader can only be called once');
+        }
+        this.#unprotectedHeader = unprotectedHeader;
+        return this;
+    }
+    async sign(key, options) {
+        if (!this.#protectedHeader && !this.#unprotectedHeader) {
+            throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');
+        }
+        if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader)) {
+            throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');
+        }
+        const joseHeader = {
+            ...this.#protectedHeader,
+            ...this.#unprotectedHeader,
+        };
+        const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this.#protectedHeader, joseHeader);
+        let b64 = true;
+        if (extensions.has('b64')) {
+            b64 = this.#protectedHeader.b64;
+            if (typeof b64 !== 'boolean') {
+                throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+            }
+        }
+        const { alg } = joseHeader;
+        if (typeof alg !== 'string' || !alg) {
+            throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+        }
+        checkKeyType(alg, key, 'sign');
+        let payloadS;
+        let payloadB;
+        if (b64) {
+            payloadS = b64u(this.#payload);
+            payloadB = encode(payloadS);
+        }
+        else {
+            payloadB = this.#payload;
+            payloadS = '';
+        }
+        let protectedHeaderString;
+        let protectedHeaderBytes;
+        if (this.#protectedHeader) {
+            protectedHeaderString = b64u(JSON.stringify(this.#protectedHeader));
+            protectedHeaderBytes = encode(protectedHeaderString);
+        }
+        else {
+            protectedHeaderString = '';
+            protectedHeaderBytes = new Uint8Array();
+        }
+        const data = concat(protectedHeaderBytes, encode('.'), payloadB);
+        const k = await normalizeKey(key, alg);
+        const signature = await sign(alg, k, data);
+        const jws = {
+            signature: b64u(signature),
+            payload: payloadS,
+        };
+        if (this.#unprotectedHeader) {
+            jws.header = this.#unprotectedHeader;
+        }
+        if (this.#protectedHeader) {
+            jws.protected = protectedHeaderString;
+        }
+        return jws;
+    }
+}

public/vendor/jose/jws/flattened/verify.js

@@ -0,0 +1,120 @@
+import { decode as b64u } from '../../util/base64url.js';
+import { verify } from '../../lib/verify.js';
+import { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';
+import { concat, encoder, decoder, encode } from '../../lib/buffer_utils.js';
+import { isDisjoint } from '../../lib/is_disjoint.js';
+import { isObject } from '../../lib/is_object.js';
+import { checkKeyType } from '../../lib/check_key_type.js';
+import { validateCrit } from '../../lib/validate_crit.js';
+import { validateAlgorithms } from '../../lib/validate_algorithms.js';
+import { normalizeKey } from '../../lib/normalize_key.js';
+export async function flattenedVerify(jws, key, options) {
+    if (!isObject(jws)) {
+        throw new JWSInvalid('Flattened JWS must be an object');
+    }
+    if (jws.protected === undefined && jws.header === undefined) {
+        throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members');
+    }
+    if (jws.protected !== undefined && typeof jws.protected !== 'string') {
+        throw new JWSInvalid('JWS Protected Header incorrect type');
+    }
+    if (jws.payload === undefined) {
+        throw new JWSInvalid('JWS Payload missing');
+    }
+    if (typeof jws.signature !== 'string') {
+        throw new JWSInvalid('JWS Signature missing or incorrect type');
+    }
+    if (jws.header !== undefined && !isObject(jws.header)) {
+        throw new JWSInvalid('JWS Unprotected Header incorrect type');
+    }
+    let parsedProt = {};
+    if (jws.protected) {
+        try {
+            const protectedHeader = b64u(jws.protected);
+            parsedProt = JSON.parse(decoder.decode(protectedHeader));
+        }
+        catch {
+            throw new JWSInvalid('JWS Protected Header is invalid');
+        }
+    }
+    if (!isDisjoint(parsedProt, jws.header)) {
+        throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');
+    }
+    const joseHeader = {
+        ...parsedProt,
+        ...jws.header,
+    };
+    const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);
+    let b64 = true;
+    if (extensions.has('b64')) {
+        b64 = parsedProt.b64;
+        if (typeof b64 !== 'boolean') {
+            throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+        }
+    }
+    const { alg } = joseHeader;
+    if (typeof alg !== 'string' || !alg) {
+        throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+    }
+    const algorithms = options && validateAlgorithms('algorithms', options.algorithms);
+    if (algorithms && !algorithms.has(alg)) {
+        throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
+    }
+    if (b64) {
+        if (typeof jws.payload !== 'string') {
+            throw new JWSInvalid('JWS Payload must be a string');
+        }
+    }
+    else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {
+        throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');
+    }
+    let resolvedKey = false;
+    if (typeof key === 'function') {
+        key = await key(parsedProt, jws);
+        resolvedKey = true;
+    }
+    checkKeyType(alg, key, 'verify');
+    const data = concat(jws.protected !== undefined ? encode(jws.protected) : new Uint8Array(), encode('.'), typeof jws.payload === 'string'
+        ? b64
+            ? encode(jws.payload)
+            : encoder.encode(jws.payload)
+        : jws.payload);
+    let signature;
+    try {
+        signature = b64u(jws.signature);
+    }
+    catch {
+        throw new JWSInvalid('Failed to base64url decode the signature');
+    }
+    const k = await normalizeKey(key, alg);
+    const verified = await verify(alg, k, signature, data);
+    if (!verified) {
+        throw new JWSSignatureVerificationFailed();
+    }
+    let payload;
+    if (b64) {
+        try {
+            payload = b64u(jws.payload);
+        }
+        catch {
+            throw new JWSInvalid('Failed to base64url decode the payload');
+        }
+    }
+    else if (typeof jws.payload === 'string') {
+        payload = encoder.encode(jws.payload);
+    }
+    else {
+        payload = jws.payload;
+    }
+    const result = { payload };
+    if (jws.protected !== undefined) {
+        result.protectedHeader = parsedProt;
+    }
+    if (jws.header !== undefined) {
+        result.unprotectedHeader = jws.header;
+    }
+    if (resolvedKey) {
+        return { ...result, key: k };
+    }
+    return result;
+}

public/vendor/jose/jws/general/sign.js

@@ -0,0 +1,73 @@
+import { FlattenedSign } from '../flattened/sign.js';
+import { JWSInvalid } from '../../util/errors.js';
+class IndividualSignature {
+    #parent;
+    protectedHeader;
+    unprotectedHeader;
+    options;
+    key;
+    constructor(sig, key, options) {
+        this.#parent = sig;
+        this.key = key;
+        this.options = options;
+    }
+    setProtectedHeader(protectedHeader) {
+        if (this.protectedHeader) {
+            throw new TypeError('setProtectedHeader can only be called once');
+        }
+        this.protectedHeader = protectedHeader;
+        return this;
+    }
+    setUnprotectedHeader(unprotectedHeader) {
+        if (this.unprotectedHeader) {
+            throw new TypeError('setUnprotectedHeader can only be called once');
+        }
+        this.unprotectedHeader = unprotectedHeader;
+        return this;
+    }
+    addSignature(...args) {
+        return this.#parent.addSignature(...args);
+    }
+    sign(...args) {
+        return this.#parent.sign(...args);
+    }
+    done() {
+        return this.#parent;
+    }
+}
+export class GeneralSign {
+    #payload;
+    #signatures = [];
+    constructor(payload) {
+        this.#payload = payload;
+    }
+    addSignature(key, options) {
+        const signature = new IndividualSignature(this, key, options);
+        this.#signatures.push(signature);
+        return signature;
+    }
+    async sign() {
+        if (!this.#signatures.length) {
+            throw new JWSInvalid('at least one signature must be added');
+        }
+        const jws = {
+            signatures: [],
+            payload: '',
+        };
+        for (let i = 0; i < this.#signatures.length; i++) {
+            const signature = this.#signatures[i];
+            const flattened = new FlattenedSign(this.#payload);
+            flattened.setProtectedHeader(signature.protectedHeader);
+            flattened.setUnprotectedHeader(signature.unprotectedHeader);
+            const { payload, ...rest } = await flattened.sign(signature.key, signature.options);
+            if (i === 0) {
+                jws.payload = payload;
+            }
+            else if (jws.payload !== payload) {
+                throw new JWSInvalid('inconsistent use of JWS Unencoded Payload (RFC7797)');
+            }
+            jws.signatures.push(rest);
+        }
+        return jws;
+    }
+}

public/vendor/jose/jws/general/verify.js

@@ -0,0 +1,24 @@
+import { flattenedVerify } from '../flattened/verify.js';
+import { JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';
+import { isObject } from '../../lib/is_object.js';
+export async function generalVerify(jws, key, options) {
+    if (!isObject(jws)) {
+        throw new JWSInvalid('General JWS must be an object');
+    }
+    if (!Array.isArray(jws.signatures) || !jws.signatures.every(isObject)) {
+        throw new JWSInvalid('JWS Signatures missing or incorrect type');
+    }
+    for (const signature of jws.signatures) {
+        try {
+            return await flattenedVerify({
+                header: signature.header,
+                payload: jws.payload,
+                protected: signature.protected,
+                signature: signature.signature,
+            }, key, options);
+        }
+        catch {
+        }
+    }
+    throw new JWSSignatureVerificationFailed();
+}

public/vendor/jose/jwt/decrypt.js

@@ -0,0 +1,23 @@
+import { compactDecrypt } from '../jwe/compact/decrypt.js';
+import { validateClaimsSet } from '../lib/jwt_claims_set.js';
+import { JWTClaimValidationFailed } from '../util/errors.js';
+export async function jwtDecrypt(jwt, key, options) {
+    const decrypted = await compactDecrypt(jwt, key, options);
+    const payload = validateClaimsSet(decrypted.protectedHeader, decrypted.plaintext, options);
+    const { protectedHeader } = decrypted;
+    if (protectedHeader.iss !== undefined && protectedHeader.iss !== payload.iss) {
+        throw new JWTClaimValidationFailed('replicated "iss" claim header parameter mismatch', payload, 'iss', 'mismatch');
+    }
+    if (protectedHeader.sub !== undefined && protectedHeader.sub !== payload.sub) {
+        throw new JWTClaimValidationFailed('replicated "sub" claim header parameter mismatch', payload, 'sub', 'mismatch');
+    }
+    if (protectedHeader.aud !== undefined &&
+        JSON.stringify(protectedHeader.aud) !== JSON.stringify(payload.aud)) {
+        throw new JWTClaimValidationFailed('replicated "aud" claim header parameter mismatch', payload, 'aud', 'mismatch');
+    }
+    const result = { payload, protectedHeader };
+    if (typeof key === 'function') {
+        return { ...result, key: decrypted.key };
+    }
+    return result;
+}

public/vendor/jose/jwt/encrypt.js

@@ -0,0 +1,108 @@
+import { CompactEncrypt } from '../jwe/compact/encrypt.js';
+import { JWTClaimsBuilder } from '../lib/jwt_claims_set.js';
+export class EncryptJWT {
+    #cek;
+    #iv;
+    #keyManagementParameters;
+    #protectedHeader;
+    #replicateIssuerAsHeader;
+    #replicateSubjectAsHeader;
+    #replicateAudienceAsHeader;
+    #jwt;
+    constructor(payload = {}) {
+        this.#jwt = new JWTClaimsBuilder(payload);
+    }
+    setIssuer(issuer) {
+        this.#jwt.iss = issuer;
+        return this;
+    }
+    setSubject(subject) {
+        this.#jwt.sub = subject;
+        return this;
+    }
+    setAudience(audience) {
+        this.#jwt.aud = audience;
+        return this;
+    }
+    setJti(jwtId) {
+        this.#jwt.jti = jwtId;
+        return this;
+    }
+    setNotBefore(input) {
+        this.#jwt.nbf = input;
+        return this;
+    }
+    setExpirationTime(input) {
+        this.#jwt.exp = input;
+        return this;
+    }
+    setIssuedAt(input) {
+        this.#jwt.iat = input;
+        return this;
+    }
+    setProtectedHeader(protectedHeader) {
+        if (this.#protectedHeader) {
+            throw new TypeError('setProtectedHeader can only be called once');
+        }
+        this.#protectedHeader = protectedHeader;
+        return this;
+    }
+    setKeyManagementParameters(parameters) {
+        if (this.#keyManagementParameters) {
+            throw new TypeError('setKeyManagementParameters can only be called once');
+        }
+        this.#keyManagementParameters = parameters;
+        return this;
+    }
+    setContentEncryptionKey(cek) {
+        if (this.#cek) {
+            throw new TypeError('setContentEncryptionKey can only be called once');
+        }
+        this.#cek = cek;
+        return this;
+    }
+    setInitializationVector(iv) {
+        if (this.#iv) {
+            throw new TypeError('setInitializationVector can only be called once');
+        }
+        this.#iv = iv;
+        return this;
+    }
+    replicateIssuerAsHeader() {
+        this.#replicateIssuerAsHeader = true;
+        return this;
+    }
+    replicateSubjectAsHeader() {
+        this.#replicateSubjectAsHeader = true;
+        return this;
+    }
+    replicateAudienceAsHeader() {
+        this.#replicateAudienceAsHeader = true;
+        return this;
+    }
+    async encrypt(key, options) {
+        const enc = new CompactEncrypt(this.#jwt.data());
+        if (this.#protectedHeader &&
+            (this.#replicateIssuerAsHeader ||
+                this.#replicateSubjectAsHeader ||
+                this.#replicateAudienceAsHeader)) {
+            this.#protectedHeader = {
+                ...this.#protectedHeader,
+                iss: this.#replicateIssuerAsHeader ? this.#jwt.iss : undefined,
+                sub: this.#replicateSubjectAsHeader ? this.#jwt.sub : undefined,
+                aud: this.#replicateAudienceAsHeader ? this.#jwt.aud : undefined,
+            };
+        }
+        enc.setProtectedHeader(this.#protectedHeader);
+        if (this.#iv) {
+            enc.setInitializationVector(this.#iv);
+        }
+        if (this.#cek) {
+            enc.setContentEncryptionKey(this.#cek);
+        }
+        if (this.#keyManagementParameters) {
+            enc.setKeyManagementParameters(this.#keyManagementParameters);
+        }
+        return enc.encrypt(key, options);
+    }
+}

public/vendor/jose/jwt/sign.js

@@ -0,0 +1,52 @@
+import { CompactSign } from '../jws/compact/sign.js';
+import { JWTInvalid } from '../util/errors.js';
+import { JWTClaimsBuilder } from '../lib/jwt_claims_set.js';
+export class SignJWT {
+    #protectedHeader;
+    #jwt;
+    constructor(payload = {}) {
+        this.#jwt = new JWTClaimsBuilder(payload);
+    }
+    setIssuer(issuer) {
+        this.#jwt.iss = issuer;
+        return this;
+    }
+    setSubject(subject) {
+        this.#jwt.sub = subject;
+        return this;
+    }
+    setAudience(audience) {
+        this.#jwt.aud = audience;
+        return this;
+    }
+    setJti(jwtId) {
+        this.#jwt.jti = jwtId;
+        return this;
+    }
+    setNotBefore(input) {
+        this.#jwt.nbf = input;
+        return this;
+    }
+    setExpirationTime(input) {
+        this.#jwt.exp = input;
+        return this;
+    }
+    setIssuedAt(input) {
+        this.#jwt.iat = input;
+        return this;
+    }
+    setProtectedHeader(protectedHeader) {
+        this.#protectedHeader = protectedHeader;
+        return this;
+    }
+    async sign(key, options) {
+        const sig = new CompactSign(this.#jwt.data());
+        sig.setProtectedHeader(this.#protectedHeader);
+        if (Array.isArray(this.#protectedHeader?.crit) &&
+            this.#protectedHeader.crit.includes('b64') &&
+            this.#protectedHeader.b64 === false) {
+            throw new JWTInvalid('JWTs MUST NOT use unencoded payload');
+        }
+        return sig.sign(key, options);
+    }
+}

public/vendor/jose/jwt/unsecured.js

@@ -0,0 +1,63 @@
+import * as b64u from '../util/base64url.js';
+import { decoder } from '../lib/buffer_utils.js';
+import { JWTInvalid } from '../util/errors.js';
+import { validateClaimsSet, JWTClaimsBuilder } from '../lib/jwt_claims_set.js';
+export class UnsecuredJWT {
+    #jwt;
+    constructor(payload = {}) {
+        this.#jwt = new JWTClaimsBuilder(payload);
+    }
+    encode() {
+        const header = b64u.encode(JSON.stringify({ alg: 'none' }));
+        const payload = b64u.encode(this.#jwt.data());
+        return `${header}.${payload}.`;
+    }
+    setIssuer(issuer) {
+        this.#jwt.iss = issuer;
+        return this;
+    }
+    setSubject(subject) {
+        this.#jwt.sub = subject;
+        return this;
+    }
+    setAudience(audience) {
+        this.#jwt.aud = audience;
+        return this;
+    }
+    setJti(jwtId) {
+        this.#jwt.jti = jwtId;
+        return this;
+    }
+    setNotBefore(input) {
+        this.#jwt.nbf = input;
+        return this;
+    }
+    setExpirationTime(input) {
+        this.#jwt.exp = input;
+        return this;
+    }
+    setIssuedAt(input) {
+        this.#jwt.iat = input;
+        return this;
+    }
+    static decode(jwt, options) {
+        if (typeof jwt !== 'string') {
+            throw new JWTInvalid('Unsecured JWT must be a string');
+        }
+        const { 0: encodedHeader, 1: encodedPayload, 2: signature, length } = jwt.split('.');
+        if (length !== 3 || signature !== '') {
+            throw new JWTInvalid('Invalid Unsecured JWT');
+        }
+        let header;
+        try {
+            header = JSON.parse(decoder.decode(b64u.decode(encodedHeader)));
+            if (header.alg !== 'none')
+                throw new Error();
+        }
+        catch {
+            throw new JWTInvalid('Invalid Unsecured JWT');
+        }
+        const payload = validateClaimsSet(header, b64u.decode(encodedPayload), options);
+        return { payload, header };
+    }
+}

public/vendor/jose/jwt/verify.js

@@ -0,0 +1,15 @@
+import { compactVerify } from '../jws/compact/verify.js';
+import { validateClaimsSet } from '../lib/jwt_claims_set.js';
+import { JWTInvalid } from '../util/errors.js';
+export async function jwtVerify(jwt, key, options) {
+    const verified = await compactVerify(jwt, key, options);
+    if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) {
+        throw new JWTInvalid('JWTs MUST NOT use unencoded payload');
+    }
+    const payload = validateClaimsSet(verified.protectedHeader, verified.payload, options);
+    const result = { payload, protectedHeader: verified.protectedHeader };
+    if (typeof key === 'function') {
+        return { ...result, key: verified.key };
+    }
+    return result;
+}

public/vendor/jose/key/export.js

@@ -0,0 +1,11 @@
+import { toSPKI as exportPublic, toPKCS8 as exportPrivate } from '../lib/asn1.js';
+import { keyToJWK } from '../lib/key_to_jwk.js';
+export async function exportSPKI(key) {
+    return exportPublic(key);
+}
+export async function exportPKCS8(key) {
+    return exportPrivate(key);
+}
+export async function exportJWK(key) {
+    return keyToJWK(key);
+}

public/vendor/jose/key/generate_key_pair.js

@@ -0,0 +1,97 @@
+import { JOSENotSupported } from '../util/errors.js';
+function getModulusLengthOption(options) {
+    const modulusLength = options?.modulusLength ?? 2048;
+    if (typeof modulusLength !== 'number' || modulusLength < 2048) {
+        throw new JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');
+    }
+    return modulusLength;
+}
+export async function generateKeyPair(alg, options) {
+    let algorithm;
+    let keyUsages;
+    switch (alg) {
+        case 'PS256':
+        case 'PS384':
+        case 'PS512':
+            algorithm = {
+                name: 'RSA-PSS',
+                hash: `SHA-${alg.slice(-3)}`,
+                publicExponent: Uint8Array.of(0x01, 0x00, 0x01),
+                modulusLength: getModulusLengthOption(options),
+            };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'RS256':
+        case 'RS384':
+        case 'RS512':
+            algorithm = {
+                name: 'RSASSA-PKCS1-v1_5',
+                hash: `SHA-${alg.slice(-3)}`,
+                publicExponent: Uint8Array.of(0x01, 0x00, 0x01),
+                modulusLength: getModulusLengthOption(options),
+            };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'RSA-OAEP':
+        case 'RSA-OAEP-256':
+        case 'RSA-OAEP-384':
+        case 'RSA-OAEP-512':
+            algorithm = {
+                name: 'RSA-OAEP',
+                hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,
+                publicExponent: Uint8Array.of(0x01, 0x00, 0x01),
+                modulusLength: getModulusLengthOption(options),
+            };
+            keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey'];
+            break;
+        case 'ES256':
+            algorithm = { name: 'ECDSA', namedCurve: 'P-256' };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'ES384':
+            algorithm = { name: 'ECDSA', namedCurve: 'P-384' };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'ES512':
+            algorithm = { name: 'ECDSA', namedCurve: 'P-521' };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'Ed25519':
+        case 'EdDSA': {
+            keyUsages = ['sign', 'verify'];
+            algorithm = { name: 'Ed25519' };
+            break;
+        }
+        case 'ML-DSA-44':
+        case 'ML-DSA-65':
+        case 'ML-DSA-87': {
+            keyUsages = ['sign', 'verify'];
+            algorithm = { name: alg };
+            break;
+        }
+        case 'ECDH-ES':
+        case 'ECDH-ES+A128KW':
+        case 'ECDH-ES+A192KW':
+        case 'ECDH-ES+A256KW': {
+            keyUsages = ['deriveBits'];
+            const crv = options?.crv ?? 'P-256';
+            switch (crv) {
+                case 'P-256':
+                case 'P-384':
+                case 'P-521': {
+                    algorithm = { name: 'ECDH', namedCurve: crv };
+                    break;
+                }
+                case 'X25519':
+                    algorithm = { name: 'X25519' };
+                    break;
+                default:
+                    throw new JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, and X25519');
+            }
+            break;
+        }
+        default:
+            throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+    }
+    return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);
+}

public/vendor/jose/key/generate_secret.js

@@ -0,0 +1,40 @@
+import { JOSENotSupported } from '../util/errors.js';
+export async function generateSecret(alg, options) {
+    let length;
+    let algorithm;
+    let keyUsages;
+    switch (alg) {
+        case 'HS256':
+        case 'HS384':
+        case 'HS512':
+            length = parseInt(alg.slice(-3), 10);
+            algorithm = { name: 'HMAC', hash: `SHA-${length}`, length };
+            keyUsages = ['sign', 'verify'];
+            break;
+        case 'A128CBC-HS256':
+        case 'A192CBC-HS384':
+        case 'A256CBC-HS512':
+            length = parseInt(alg.slice(-3), 10);
+            return crypto.getRandomValues(new Uint8Array(length >> 3));
+        case 'A128KW':
+        case 'A192KW':
+        case 'A256KW':
+            length = parseInt(alg.slice(1, 4), 10);
+            algorithm = { name: 'AES-KW', length };
+            keyUsages = ['wrapKey', 'unwrapKey'];
+            break;
+        case 'A128GCMKW':
+        case 'A192GCMKW':
+        case 'A256GCMKW':
+        case 'A128GCM':
+        case 'A192GCM':
+        case 'A256GCM':
+            length = parseInt(alg.slice(1, 4), 10);
+            algorithm = { name: 'AES-GCM', length };
+            keyUsages = ['encrypt', 'decrypt'];
+            break;
+        default:
+            throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+    }
+    return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);
+}

public/vendor/jose/key/import.js

@@ -0,0 +1,57 @@
+import { decode as decodeBase64URL } from '../util/base64url.js';
+import { fromSPKI, fromPKCS8, fromX509 } from '../lib/asn1.js';
+import { jwkToKey } from '../lib/jwk_to_key.js';
+import { JOSENotSupported } from '../util/errors.js';
+import { isObject } from '../lib/is_object.js';
+export async function importSPKI(spki, alg, options) {
+    if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) {
+        throw new TypeError('"spki" must be SPKI formatted string');
+    }
+    return fromSPKI(spki, alg, options);
+}
+export async function importX509(x509, alg, options) {
+    if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) {
+        throw new TypeError('"x509" must be X.509 formatted string');
+    }
+    return fromX509(x509, alg, options);
+}
+export async function importPKCS8(pkcs8, alg, options) {
+    if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) {
+        throw new TypeError('"pkcs8" must be PKCS#8 formatted string');
+    }
+    return fromPKCS8(pkcs8, alg, options);
+}
+export async function importJWK(jwk, alg, options) {
+    if (!isObject(jwk)) {
+        throw new TypeError('JWK must be an object');
+    }
+    let ext;
+    alg ??= jwk.alg;
+    ext ??= options?.extractable ?? jwk.ext;
+    switch (jwk.kty) {
+        case 'oct':
+            if (typeof jwk.k !== 'string' || !jwk.k) {
+                throw new TypeError('missing "k" (Key Value) Parameter value');
+            }
+            return decodeBase64URL(jwk.k);
+        case 'RSA':
+            if ('oth' in jwk && jwk.oth !== undefined) {
+                throw new JOSENotSupported('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');
+            }
+            return jwkToKey({ ...jwk, alg, ext });
+        case 'AKP': {
+            if (typeof jwk.alg !== 'string' || !jwk.alg) {
+                throw new TypeError('missing "alg" (Algorithm) Parameter value');
+            }
+            if (alg !== undefined && alg !== jwk.alg) {
+                throw new TypeError('JWK alg and alg option value mismatch');
+            }
+            return jwkToKey({ ...jwk, ext });
+        }
+        case 'EC':
+        case 'OKP':
+            return jwkToKey({ ...jwk, alg, ext });
+        default:
+            throw new JOSENotSupported('Unsupported "kty" (Key Type) Parameter value');
+    }
+}

public/vendor/jose/lib/aesgcmkw.js

@@ -0,0 +1,16 @@
+import { encrypt } from './encrypt.js';
+import { decrypt } from './decrypt.js';
+import { encode as b64u } from '../util/base64url.js';
+export async function wrap(alg, key, cek, iv) {
+    const jweAlgorithm = alg.slice(0, 7);
+    const wrapped = await encrypt(jweAlgorithm, cek, key, iv, new Uint8Array());
+    return {
+        encryptedKey: wrapped.ciphertext,
+        iv: b64u(wrapped.iv),
+        tag: b64u(wrapped.tag),
+    };
+}
+export async function unwrap(alg, key, encryptedKey, iv, tag) {
+    const jweAlgorithm = alg.slice(0, 7);
+    return decrypt(jweAlgorithm, key, encryptedKey, iv, tag, new Uint8Array());
+}

public/vendor/jose/lib/aeskw.js

@@ -0,0 +1,25 @@
+import { checkEncCryptoKey } from './crypto_key.js';
+function checkKeySize(key, alg) {
+    if (key.algorithm.length !== parseInt(alg.slice(1, 4), 10)) {
+        throw new TypeError(`Invalid key size for alg: ${alg}`);
+    }
+}
+function getCryptoKey(key, alg, usage) {
+    if (key instanceof Uint8Array) {
+        return crypto.subtle.importKey('raw', key, 'AES-KW', true, [usage]);
+    }
+    checkEncCryptoKey(key, alg, usage);
+    return key;
+}
+export async function wrap(alg, key, cek) {
+    const cryptoKey = await getCryptoKey(key, alg, 'wrapKey');
+    checkKeySize(cryptoKey, alg);
+    const cryptoKeyCek = await crypto.subtle.importKey('raw', cek, { hash: 'SHA-256', name: 'HMAC' }, true, ['sign']);
+    return new Uint8Array(await crypto.subtle.wrapKey('raw', cryptoKeyCek, cryptoKey, 'AES-KW'));
+}
+export async function unwrap(alg, key, encryptedKey) {
+    const cryptoKey = await getCryptoKey(key, alg, 'unwrapKey');
+    checkKeySize(cryptoKey, alg);
+    const cryptoKeyCek = await crypto.subtle.unwrapKey('raw', encryptedKey, cryptoKey, 'AES-KW', { hash: 'SHA-256', name: 'HMAC' }, true, ['sign']);
+    return new Uint8Array(await crypto.subtle.exportKey('raw', cryptoKeyCek));
+}

public/vendor/jose/lib/asn1.js

@@ -0,0 +1,243 @@
+import { invalidKeyInput } from './invalid_key_input.js';
+import { encodeBase64, decodeBase64 } from '../lib/base64.js';
+import { JOSENotSupported } from '../util/errors.js';
+import { isCryptoKey, isKeyObject } from './is_key_like.js';
+const formatPEM = (b64, descriptor) => {
+    const newlined = (b64.match(/.{1,64}/g) || []).join('\n');
+    return `-----BEGIN ${descriptor}-----\n${newlined}\n-----END ${descriptor}-----`;
+};
+const genericExport = async (keyType, keyFormat, key) => {
+    if (isKeyObject(key)) {
+        if (key.type !== keyType) {
+            throw new TypeError(`key is not a ${keyType} key`);
+        }
+        return key.export({ format: 'pem', type: keyFormat });
+    }
+    if (!isCryptoKey(key)) {
+        throw new TypeError(invalidKeyInput(key, 'CryptoKey', 'KeyObject'));
+    }
+    if (!key.extractable) {
+        throw new TypeError('CryptoKey is not extractable');
+    }
+    if (key.type !== keyType) {
+        throw new TypeError(`key is not a ${keyType} key`);
+    }
+    return formatPEM(encodeBase64(new Uint8Array(await crypto.subtle.exportKey(keyFormat, key))), `${keyType.toUpperCase()} KEY`);
+};
+export const toSPKI = (key) => genericExport('public', 'spki', key);
+export const toPKCS8 = (key) => genericExport('private', 'pkcs8', key);
+const bytesEqual = (a, b) => {
+    if (a.byteLength !== b.length)
+        return false;
+    for (let i = 0; i < a.byteLength; i++) {
+        if (a[i] !== b[i])
+            return false;
+    }
+    return true;
+};
+const createASN1State = (data) => ({ data, pos: 0 });
+const parseLength = (state) => {
+    const first = state.data[state.pos++];
+    if (first & 0x80) {
+        const lengthOfLen = first & 0x7f;
+        let length = 0;
+        for (let i = 0; i < lengthOfLen; i++) {
+            length = (length << 8) | state.data[state.pos++];
+        }
+        return length;
+    }
+    return first;
+};
+const skipElement = (state, count = 1) => {
+    if (count <= 0)
+        return;
+    state.pos++;
+    const length = parseLength(state);
+    state.pos += length;
+    if (count > 1) {
+        skipElement(state, count - 1);
+    }
+};
+const expectTag = (state, expectedTag, errorMessage) => {
+    if (state.data[state.pos++] !== expectedTag) {
+        throw new Error(errorMessage);
+    }
+};
+const getSubarray = (state, length) => {
+    const result = state.data.subarray(state.pos, state.pos + length);
+    state.pos += length;
+    return result;
+};
+const parseAlgorithmOID = (state) => {
+    expectTag(state, 0x06, 'Expected algorithm OID');
+    const oidLen = parseLength(state);
+    return getSubarray(state, oidLen);
+};
+function parsePKCS8Header(state) {
+    expectTag(state, 0x30, 'Invalid PKCS#8 structure');
+    parseLength(state);
+    expectTag(state, 0x02, 'Expected version field');
+    const verLen = parseLength(state);
+    state.pos += verLen;
+    expectTag(state, 0x30, 'Expected algorithm identifier');
+    const algIdLen = parseLength(state);
+    const algIdStart = state.pos;
+    return { algIdStart, algIdLength: algIdLen };
+}
+function parseSPKIHeader(state) {
+    expectTag(state, 0x30, 'Invalid SPKI structure');
+    parseLength(state);
+    expectTag(state, 0x30, 'Expected algorithm identifier');
+    const algIdLen = parseLength(state);
+    const algIdStart = state.pos;
+    return { algIdStart, algIdLength: algIdLen };
+}
+const parseECAlgorithmIdentifier = (state) => {
+    const algOid = parseAlgorithmOID(state);
+    if (bytesEqual(algOid, [0x2b, 0x65, 0x6e])) {
+        return 'X25519';
+    }
+    if (!bytesEqual(algOid, [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01])) {
+        throw new Error('Unsupported key algorithm');
+    }
+    expectTag(state, 0x06, 'Expected curve OID');
+    const curveOidLen = parseLength(state);
+    const curveOid = getSubarray(state, curveOidLen);
+    for (const { name, oid } of [
+        { name: 'P-256', oid: [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07] },
+        { name: 'P-384', oid: [0x2b, 0x81, 0x04, 0x00, 0x22] },
+        { name: 'P-521', oid: [0x2b, 0x81, 0x04, 0x00, 0x23] },
+    ]) {
+        if (bytesEqual(curveOid, oid)) {
+            return name;
+        }
+    }
+    throw new Error('Unsupported named curve');
+};
+const genericImport = async (keyFormat, keyData, alg, options) => {
+    let algorithm;
+    let keyUsages;
+    const isPublic = keyFormat === 'spki';
+    const getSigUsages = () => (isPublic ? ['verify'] : ['sign']);
+    const getEncUsages = () => isPublic ? ['encrypt', 'wrapKey'] : ['decrypt', 'unwrapKey'];
+    switch (alg) {
+        case 'PS256':
+        case 'PS384':
+        case 'PS512':
+            algorithm = { name: 'RSA-PSS', hash: `SHA-${alg.slice(-3)}` };
+            keyUsages = getSigUsages();
+            break;
+        case 'RS256':
+        case 'RS384':
+        case 'RS512':
+            algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${alg.slice(-3)}` };
+            keyUsages = getSigUsages();
+            break;
+        case 'RSA-OAEP':
+        case 'RSA-OAEP-256':
+        case 'RSA-OAEP-384':
+        case 'RSA-OAEP-512':
+            algorithm = {
+                name: 'RSA-OAEP',
+                hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,
+            };
+            keyUsages = getEncUsages();
+            break;
+        case 'ES256':
+        case 'ES384':
+        case 'ES512': {
+            const curveMap = { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' };
+            algorithm = { name: 'ECDSA', namedCurve: curveMap[alg] };
+            keyUsages = getSigUsages();
+            break;
+        }
+        case 'ECDH-ES':
+        case 'ECDH-ES+A128KW':
+        case 'ECDH-ES+A192KW':
+        case 'ECDH-ES+A256KW': {
+            try {
+                const namedCurve = options.getNamedCurve(keyData);
+                algorithm = namedCurve === 'X25519' ? { name: 'X25519' } : { name: 'ECDH', namedCurve };
+            }
+            catch (cause) {
+                throw new JOSENotSupported('Invalid or unsupported key format');
+            }
+            keyUsages = isPublic ? [] : ['deriveBits'];
+            break;
+        }
+        case 'Ed25519':
+        case 'EdDSA':
+            algorithm = { name: 'Ed25519' };
+            keyUsages = getSigUsages();
+            break;
+        case 'ML-DSA-44':
+        case 'ML-DSA-65':
+        case 'ML-DSA-87':
+            algorithm = { name: alg };
+            keyUsages = getSigUsages();
+            break;
+        default:
+            throw new JOSENotSupported('Invalid or unsupported "alg" (Algorithm) value');
+    }
+    return crypto.subtle.importKey(keyFormat, keyData, algorithm, options?.extractable ?? (isPublic ? true : false), keyUsages);
+};
+const processPEMData = (pem, pattern) => {
+    return decodeBase64(pem.replace(pattern, ''));
+};
+export const fromPKCS8 = (pem, alg, options) => {
+    const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g);
+    let opts = options;
+    if (alg?.startsWith?.('ECDH-ES')) {
+        opts ||= {};
+        opts.getNamedCurve = (keyData) => {
+            const state = createASN1State(keyData);
+            parsePKCS8Header(state);
+            return parseECAlgorithmIdentifier(state);
+        };
+    }
+    return genericImport('pkcs8', keyData, alg, opts);
+};
+export const fromSPKI = (pem, alg, options) => {
+    const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g);
+    let opts = options;
+    if (alg?.startsWith?.('ECDH-ES')) {
+        opts ||= {};
+        opts.getNamedCurve = (keyData) => {
+            const state = createASN1State(keyData);
+            parseSPKIHeader(state);
+            return parseECAlgorithmIdentifier(state);
+        };
+    }
+    return genericImport('spki', keyData, alg, opts);
+};
+function spkiFromX509(buf) {
+    const state = createASN1State(buf);
+    expectTag(state, 0x30, 'Invalid certificate structure');
+    parseLength(state);
+    expectTag(state, 0x30, 'Invalid tbsCertificate structure');
+    parseLength(state);
+    if (buf[state.pos] === 0xa0) {
+        skipElement(state, 6);
+    }
+    else {
+        skipElement(state, 5);
+    }
+    const spkiStart = state.pos;
+    expectTag(state, 0x30, 'Invalid SPKI structure');
+    const spkiContentLen = parseLength(state);
+    return buf.subarray(spkiStart, spkiStart + spkiContentLen + (state.pos - spkiStart));
+}
+function extractX509SPKI(x509) {
+    const derBytes = processPEMData(x509, /(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g);
+    return spkiFromX509(derBytes);
+}
+export const fromX509 = (pem, alg, options) => {
+    let spki;
+    try {
+        spki = extractX509SPKI(pem);
+    }
+    catch (cause) {
+        throw new TypeError('Failed to parse the X.509 certificate', { cause });
+    }
+    return fromSPKI(formatPEM(encodeBase64(spki), 'PUBLIC KEY'), alg, options);
+};

public/vendor/jose/lib/base64.js

@@ -0,0 +1,22 @@
+export function encodeBase64(input) {
+    if (Uint8Array.prototype.toBase64) {
+        return input.toBase64();
+    }
+    const CHUNK_SIZE = 0x8000;
+    const arr = [];
+    for (let i = 0; i < input.length; i += CHUNK_SIZE) {
+        arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
+    }
+    return btoa(arr.join(''));
+}
+export function decodeBase64(encoded) {
+    if (Uint8Array.fromBase64) {
+        return Uint8Array.fromBase64(encoded);
+    }
+    const binary = atob(encoded);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+}

public/vendor/jose/lib/buffer_utils.js

@@ -0,0 +1,43 @@
+export const encoder = new TextEncoder();
+export const decoder = new TextDecoder();
+const MAX_INT32 = 2 ** 32;
+export function concat(...buffers) {
+    const size = buffers.reduce((acc, { length }) => acc + length, 0);
+    const buf = new Uint8Array(size);
+    let i = 0;
+    for (const buffer of buffers) {
+        buf.set(buffer, i);
+        i += buffer.length;
+    }
+    return buf;
+}
+function writeUInt32BE(buf, value, offset) {
+    if (value < 0 || value >= MAX_INT32) {
+        throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);
+    }
+    buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);
+}
+export function uint64be(value) {
+    const high = Math.floor(value / MAX_INT32);
+    const low = value % MAX_INT32;
+    const buf = new Uint8Array(8);
+    writeUInt32BE(buf, high, 0);
+    writeUInt32BE(buf, low, 4);
+    return buf;
+}
+export function uint32be(value) {
+    const buf = new Uint8Array(4);
+    writeUInt32BE(buf, value);
+    return buf;
+}
+export function encode(string) {
+    const bytes = new Uint8Array(string.length);
+    for (let i = 0; i < string.length; i++) {
+        const code = string.charCodeAt(i);
+        if (code > 127) {
+            throw new TypeError('non-ASCII string encountered in encode()');
+        }
+        bytes[i] = code;
+    }
+    return bytes;
+}

public/vendor/jose/lib/cek.js

@@ -0,0 +1,19 @@
+import { JOSENotSupported } from '../util/errors.js';
+export function cekLength(alg) {
+    switch (alg) {
+        case 'A128GCM':
+            return 128;
+        case 'A192GCM':
+            return 192;
+        case 'A256GCM':
+        case 'A128CBC-HS256':
+            return 256;
+        case 'A192CBC-HS384':
+            return 384;
+        case 'A256CBC-HS512':
+            return 512;
+        default:
+            throw new JOSENotSupported(`Unsupported JWE Algorithm: ${alg}`);
+    }
+}
+export const generateCek = (alg) => crypto.getRandomValues(new Uint8Array(cekLength(alg) >> 3));

public/vendor/jose/lib/check_cek_length.js

@@ -0,0 +1,7 @@
+import { JWEInvalid } from '../util/errors.js';
+export function checkCekLength(cek, expected) {
+    const actual = cek.byteLength << 3;
+    if (actual !== expected) {
+        throw new JWEInvalid(`Invalid Content Encryption Key length. Expected ${expected} bits, got ${actual} bits`);
+    }
+}

public/vendor/jose/lib/check_iv_length.js

@@ -0,0 +1,7 @@
+import { JWEInvalid } from '../util/errors.js';
+import { bitLength } from './iv.js';
+export function checkIvLength(enc, iv) {
+    if (iv.length << 3 !== bitLength(enc)) {
+        throw new JWEInvalid('Invalid Initialization Vector length');
+    }
+}

public/vendor/jose/lib/check_key_length.js

@@ -0,0 +1,8 @@
+export function checkKeyLength(alg, key) {
+    if (alg.startsWith('RS') || alg.startsWith('PS')) {
+        const { modulusLength } = key.algorithm;
+        if (typeof modulusLength !== 'number' || modulusLength < 2048) {
+            throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
+        }
+    }
+}

public/vendor/jose/lib/check_key_type.js

@@ -0,0 +1,122 @@
+import { withAlg as invalidKeyInput } from './invalid_key_input.js';
+import { isKeyLike } from './is_key_like.js';
+import * as jwk from './is_jwk.js';
+const tag = (key) => key?.[Symbol.toStringTag];
+const jwkMatchesOp = (alg, key, usage) => {
+    if (key.use !== undefined) {
+        let expected;
+        switch (usage) {
+            case 'sign':
+            case 'verify':
+                expected = 'sig';
+                break;
+            case 'encrypt':
+            case 'decrypt':
+                expected = 'enc';
+                break;
+        }
+        if (key.use !== expected) {
+            throw new TypeError(`Invalid key for this operation, its "use" must be "${expected}" when present`);
+        }
+    }
+    if (key.alg !== undefined && key.alg !== alg) {
+        throw new TypeError(`Invalid key for this operation, its "alg" must be "${alg}" when present`);
+    }
+    if (Array.isArray(key.key_ops)) {
+        let expectedKeyOp;
+        switch (true) {
+            case usage === 'sign' || usage === 'verify':
+            case alg === 'dir':
+            case alg.includes('CBC-HS'):
+                expectedKeyOp = usage;
+                break;
+            case alg.startsWith('PBES2'):
+                expectedKeyOp = 'deriveBits';
+                break;
+            case /^A\d{3}(?:GCM)?(?:KW)?$/.test(alg):
+                if (!alg.includes('GCM') && alg.endsWith('KW')) {
+                    expectedKeyOp = usage === 'encrypt' ? 'wrapKey' : 'unwrapKey';
+                }
+                else {
+                    expectedKeyOp = usage;
+                }
+                break;
+            case usage === 'encrypt' && alg.startsWith('RSA'):
+                expectedKeyOp = 'wrapKey';
+                break;
+            case usage === 'decrypt':
+                expectedKeyOp = alg.startsWith('RSA') ? 'unwrapKey' : 'deriveBits';
+                break;
+        }
+        if (expectedKeyOp && key.key_ops?.includes?.(expectedKeyOp) === false) {
+            throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${expectedKeyOp}" when present`);
+        }
+    }
+    return true;
+};
+const symmetricTypeCheck = (alg, key, usage) => {
+    if (key instanceof Uint8Array)
+        return;
+    if (jwk.isJWK(key)) {
+        if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))
+            return;
+        throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
+    }
+    if (!isKeyLike(key)) {
+        throw new TypeError(invalidKeyInput(alg, key, 'CryptoKey', 'KeyObject', 'JSON Web Key', 'Uint8Array'));
+    }
+    if (key.type !== 'secret') {
+        throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
+    }
+};
+const asymmetricTypeCheck = (alg, key, usage) => {
+    if (jwk.isJWK(key)) {
+        switch (usage) {
+            case 'decrypt':
+            case 'sign':
+                if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))
+                    return;
+                throw new TypeError(`JSON Web Key for this operation must be a private JWK`);
+            case 'encrypt':
+            case 'verify':
+                if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))
+                    return;
+                throw new TypeError(`JSON Web Key for this operation must be a public JWK`);
+        }
+    }
+    if (!isKeyLike(key)) {
+        throw new TypeError(invalidKeyInput(alg, key, 'CryptoKey', 'KeyObject', 'JSON Web Key'));
+    }
+    if (key.type === 'secret') {
+        throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
+    }
+    if (key.type === 'public') {
+        switch (usage) {
+            case 'sign':
+                throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
+            case 'decrypt':
+                throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
+        }
+    }
+    if (key.type === 'private') {
+        switch (usage) {
+            case 'verify':
+                throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
+            case 'encrypt':
+                throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
+        }
+    }
+};
+export function checkKeyType(alg, key, usage) {
+    switch (alg.substring(0, 2)) {
+        case 'A1':
+        case 'A2':
+        case 'di':
+        case 'HS':
+        case 'PB':
+            symmetricTypeCheck(alg, key, usage);
+            break;
+        default:
+            asymmetricTypeCheck(alg, key, usage);
+    }
+}

public/vendor/jose/lib/crypto_key.js

@@ -0,0 +1,143 @@
+const unusable = (name, prop = 'algorithm.name') => new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
+const isAlgorithm = (algorithm, name) => algorithm.name === name;
+function getHashLength(hash) {
+    return parseInt(hash.name.slice(4), 10);
+}
+function getNamedCurve(alg) {
+    switch (alg) {
+        case 'ES256':
+            return 'P-256';
+        case 'ES384':
+            return 'P-384';
+        case 'ES512':
+            return 'P-521';
+        default:
+            throw new Error('unreachable');
+    }
+}
+function checkUsage(key, usage) {
+    if (usage && !key.usages.includes(usage)) {
+        throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
+    }
+}
+export function checkSigCryptoKey(key, alg, usage) {
+    switch (alg) {
+        case 'HS256':
+        case 'HS384':
+        case 'HS512': {
+            if (!isAlgorithm(key.algorithm, 'HMAC'))
+                throw unusable('HMAC');
+            const expected = parseInt(alg.slice(2), 10);
+            const actual = getHashLength(key.algorithm.hash);
+            if (actual !== expected)
+                throw unusable(`SHA-${expected}`, 'algorithm.hash');
+            break;
+        }
+        case 'RS256':
+        case 'RS384':
+        case 'RS512': {
+            if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))
+                throw unusable('RSASSA-PKCS1-v1_5');
+            const expected = parseInt(alg.slice(2), 10);
+            const actual = getHashLength(key.algorithm.hash);
+            if (actual !== expected)
+                throw unusable(`SHA-${expected}`, 'algorithm.hash');
+            break;
+        }
+        case 'PS256':
+        case 'PS384':
+        case 'PS512': {
+            if (!isAlgorithm(key.algorithm, 'RSA-PSS'))
+                throw unusable('RSA-PSS');
+            const expected = parseInt(alg.slice(2), 10);
+            const actual = getHashLength(key.algorithm.hash);
+            if (actual !== expected)
+                throw unusable(`SHA-${expected}`, 'algorithm.hash');
+            break;
+        }
+        case 'Ed25519':
+        case 'EdDSA': {
+            if (!isAlgorithm(key.algorithm, 'Ed25519'))
+                throw unusable('Ed25519');
+            break;
+        }
+        case 'ML-DSA-44':
+        case 'ML-DSA-65':
+        case 'ML-DSA-87': {
+            if (!isAlgorithm(key.algorithm, alg))
+                throw unusable(alg);
+            break;
+        }
+        case 'ES256':
+        case 'ES384':
+        case 'ES512': {
+            if (!isAlgorithm(key.algorithm, 'ECDSA'))
+                throw unusable('ECDSA');
+            const expected = getNamedCurve(alg);
+            const actual = key.algorithm.namedCurve;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.namedCurve');
+            break;
+        }
+        default:
+            throw new TypeError('CryptoKey does not support this operation');
+    }
+    checkUsage(key, usage);
+}
+export function checkEncCryptoKey(key, alg, usage) {
+    switch (alg) {
+        case 'A128GCM':
+        case 'A192GCM':
+        case 'A256GCM': {
+            if (!isAlgorithm(key.algorithm, 'AES-GCM'))
+                throw unusable('AES-GCM');
+            const expected = parseInt(alg.slice(1, 4), 10);
+            const actual = key.algorithm.length;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.length');
+            break;
+        }
+        case 'A128KW':
+        case 'A192KW':
+        case 'A256KW': {
+            if (!isAlgorithm(key.algorithm, 'AES-KW'))
+                throw unusable('AES-KW');
+            const expected = parseInt(alg.slice(1, 4), 10);
+            const actual = key.algorithm.length;
+            if (actual !== expected)
+                throw unusable(expected, 'algorithm.length');
+            break;
+        }
+        case 'ECDH': {
+            switch (key.algorithm.name) {
+                case 'ECDH':
+                case 'X25519':
+                    break;
+                default:
+                    throw unusable('ECDH or X25519');
+            }
+            break;
+        }
+        case 'PBES2-HS256+A128KW':
+        case 'PBES2-HS384+A192KW':
+        case 'PBES2-HS512+A256KW':
+            if (!isAlgorithm(key.algorithm, 'PBKDF2'))
+                throw unusable('PBKDF2');
+            break;
+        case 'RSA-OAEP':
+        case 'RSA-OAEP-256':
+        case 'RSA-OAEP-384':
+        case 'RSA-OAEP-512': {
+            if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))
+                throw unusable('RSA-OAEP');
+            const expected = parseInt(alg.slice(9), 10) || 1;
+            const actual = getHashLength(key.algorithm.hash);
+            if (actual !== expected)
+                throw unusable(`SHA-${expected}`, 'algorithm.hash');
+            break;
+        }
+        default:
+            throw new TypeError('CryptoKey does not support this operation');
+    }
+    checkUsage(key, usage);
+}

public/vendor/jose/lib/decrypt.js

@@ -0,0 +1,106 @@
+import { concat, uint64be } from './buffer_utils.js';
+import { checkIvLength } from './check_iv_length.js';
+import { checkCekLength } from './check_cek_length.js';
+import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.js';
+import { checkEncCryptoKey } from './crypto_key.js';
+import { invalidKeyInput } from './invalid_key_input.js';
+import { isCryptoKey } from './is_key_like.js';
+async function timingSafeEqual(a, b) {
+    if (!(a instanceof Uint8Array)) {
+        throw new TypeError('First argument must be a buffer');
+    }
+    if (!(b instanceof Uint8Array)) {
+        throw new TypeError('Second argument must be a buffer');
+    }
+    const algorithm = { name: 'HMAC', hash: 'SHA-256' };
+    const key = (await crypto.subtle.generateKey(algorithm, false, ['sign']));
+    const aHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, a));
+    const bHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, b));
+    let out = 0;
+    let i = -1;
+    while (++i < 32) {
+        out |= aHmac[i] ^ bHmac[i];
+    }
+    return out === 0;
+}
+async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {
+    if (!(cek instanceof Uint8Array)) {
+        throw new TypeError(invalidKeyInput(cek, 'Uint8Array'));
+    }
+    const keySize = parseInt(enc.slice(1, 4), 10);
+    const encKey = await crypto.subtle.importKey('raw', cek.subarray(keySize >> 3), 'AES-CBC', false, ['decrypt']);
+    const macKey = await crypto.subtle.importKey('raw', cek.subarray(0, keySize >> 3), {
+        hash: `SHA-${keySize << 1}`,
+        name: 'HMAC',
+    }, false, ['sign']);
+    const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
+    const expectedTag = new Uint8Array((await crypto.subtle.sign('HMAC', macKey, macData)).slice(0, keySize >> 3));
+    let macCheckPassed;
+    try {
+        macCheckPassed = await timingSafeEqual(tag, expectedTag);
+    }
+    catch {
+    }
+    if (!macCheckPassed) {
+        throw new JWEDecryptionFailed();
+    }
+    let plaintext;
+    try {
+        plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv: iv, name: 'AES-CBC' }, encKey, ciphertext));
+    }
+    catch {
+    }
+    if (!plaintext) {
+        throw new JWEDecryptionFailed();
+    }
+    return plaintext;
+}
+async function gcmDecrypt(enc, cek, ciphertext, iv, tag, aad) {
+    let encKey;
+    if (cek instanceof Uint8Array) {
+        encKey = await crypto.subtle.importKey('raw', cek, 'AES-GCM', false, ['decrypt']);
+    }
+    else {
+        checkEncCryptoKey(cek, enc, 'decrypt');
+        encKey = cek;
+    }
+    try {
+        return new Uint8Array(await crypto.subtle.decrypt({
+            additionalData: aad,
+            iv: iv,
+            name: 'AES-GCM',
+            tagLength: 128,
+        }, encKey, concat(ciphertext, tag)));
+    }
+    catch {
+        throw new JWEDecryptionFailed();
+    }
+}
+export async function decrypt(enc, cek, ciphertext, iv, tag, aad) {
+    if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
+        throw new TypeError(invalidKeyInput(cek, 'CryptoKey', 'KeyObject', 'Uint8Array', 'JSON Web Key'));
+    }
+    if (!iv) {
+        throw new JWEInvalid('JWE Initialization Vector missing');
+    }
+    if (!tag) {
+        throw new JWEInvalid('JWE Authentication Tag missing');
+    }
+    checkIvLength(enc, iv);
+    switch (enc) {
+        case 'A128CBC-HS256':
+        case 'A192CBC-HS384':
+        case 'A256CBC-HS512':
+            if (cek instanceof Uint8Array)
+                checkCekLength(cek, parseInt(enc.slice(-3), 10));
+            return cbcDecrypt(enc, cek, ciphertext, iv, tag, aad);
+        case 'A128GCM':
+        case 'A192GCM':
+        case 'A256GCM':
+            if (cek instanceof Uint8Array)
+                checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
+            return gcmDecrypt(enc, cek, ciphertext, iv, tag, aad);
+        default:
+            throw new JOSENotSupported('Unsupported JWE Content Encryption Algorithm');
+    }
+}

public/vendor/jose/lib/decrypt_key_management.js

@@ -0,0 +1,127 @@
+import * as aeskw from './aeskw.js';
+import * as ecdhes from './ecdhes.js';
+import * as pbes2kw from './pbes2kw.js';
+import * as rsaes from './rsaes.js';
+import { decode as b64u } from '../util/base64url.js';
+import { JOSENotSupported, JWEInvalid } from '../util/errors.js';
+import { cekLength } from '../lib/cek.js';
+import { importJWK } from '../key/import.js';
+import { isObject } from './is_object.js';
+import { unwrap as aesGcmKw } from './aesgcmkw.js';
+import { assertCryptoKey } from './is_key_like.js';
+export async function decryptKeyManagement(alg, key, encryptedKey, joseHeader, options) {
+    switch (alg) {
+        case 'dir': {
+            if (encryptedKey !== undefined)
+                throw new JWEInvalid('Encountered unexpected JWE Encrypted Key');
+            return key;
+        }
+        case 'ECDH-ES':
+            if (encryptedKey !== undefined)
+                throw new JWEInvalid('Encountered unexpected JWE Encrypted Key');
+        case 'ECDH-ES+A128KW':
+        case 'ECDH-ES+A192KW':
+        case 'ECDH-ES+A256KW': {
+            if (!isObject(joseHeader.epk))
+                throw new JWEInvalid(`JOSE Header "epk" (Ephemeral Public Key) missing or invalid`);
+            assertCryptoKey(key);
+            if (!ecdhes.allowed(key))
+                throw new JOSENotSupported('ECDH with the provided key is not allowed or not supported by your javascript runtime');
+            const epk = await importJWK(joseHeader.epk, alg);
+            assertCryptoKey(epk);
+            let partyUInfo;
+            let partyVInfo;
+            if (joseHeader.apu !== undefined) {
+                if (typeof joseHeader.apu !== 'string')
+                    throw new JWEInvalid(`JOSE Header "apu" (Agreement PartyUInfo) invalid`);
+                try {
+                    partyUInfo = b64u(joseHeader.apu);
+                }
+                catch {
+                    throw new JWEInvalid('Failed to base64url decode the apu');
+                }
+            }
+            if (joseHeader.apv !== undefined) {
+                if (typeof joseHeader.apv !== 'string')
+                    throw new JWEInvalid(`JOSE Header "apv" (Agreement PartyVInfo) invalid`);
+                try {
+                    partyVInfo = b64u(joseHeader.apv);
+                }
+                catch {
+                    throw new JWEInvalid('Failed to base64url decode the apv');
+                }
+            }
+            const sharedSecret = await ecdhes.deriveKey(epk, key, alg === 'ECDH-ES' ? joseHeader.enc : alg, alg === 'ECDH-ES' ? cekLength(joseHeader.enc) : parseInt(alg.slice(-5, -2), 10), partyUInfo, partyVInfo);
+            if (alg === 'ECDH-ES')
+                return sharedSecret;
+            if (encryptedKey === undefined)
+                throw new JWEInvalid('JWE Encrypted Key missing');
+            return aeskw.unwrap(alg.slice(-6), sharedSecret, encryptedKey);
+        }
+        case 'RSA-OAEP':
+        case 'RSA-OAEP-256':
+        case 'RSA-OAEP-384':
+        case 'RSA-OAEP-512': {
+            if (encryptedKey === undefined)
+                throw new JWEInvalid('JWE Encrypted Key missing');
+            assertCryptoKey(key);
+            return rsaes.decrypt(alg, key, encryptedKey);
+        }
+        case 'PBES2-HS256+A128KW':
+        case 'PBES2-HS384+A192KW':
+        case 'PBES2-HS512+A256KW': {
+            if (encryptedKey === undefined)
+                throw new JWEInvalid('JWE Encrypted Key missing');
+            if (typeof joseHeader.p2c !== 'number')
+                throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) missing or invalid`);
+            const p2cLimit = options?.maxPBES2Count || 10_000;
+            if (joseHeader.p2c > p2cLimit)
+                throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds`);
+            if (typeof joseHeader.p2s !== 'string')
+                throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`);
+            let p2s;
+            try {
+                p2s = b64u(joseHeader.p2s);
+            }
+            catch {
+                throw new JWEInvalid('Failed to base64url decode the p2s');
+            }
+            return pbes2kw.unwrap(alg, key, encryptedKey, joseHeader.p2c, p2s);
+        }
+        case 'A128KW':
+        case 'A192KW':
+        case 'A256KW': {
+            if (encryptedKey === undefined)
+                throw new JWEInvalid('JWE Encrypted Key missing');
+            return aeskw.unwrap(alg, key, encryptedKey);
+        }
+        case 'A128GCMKW':
+        case 'A192GCMKW':
+        case 'A256GCMKW': {
+            if (encryptedKey === undefined)
+                throw new JWEInvalid('JWE Encrypted Key missing');
+            if (typeof joseHeader.iv !== 'string')
+                throw new JWEInvalid(`JOSE Header "iv" (Initialization Vector) missing or invalid`);
+            if (typeof joseHeader.tag !== 'string')
+                throw new JWEInvalid(`JOSE Header "tag" (Authentication Tag) missing or invalid`);
+            let iv;
+            try {
+                iv = b64u(joseHeader.iv);
+            }
+            catch {
+                throw new JWEInvalid('Failed to base64url decode the iv');
+            }
+            let tag;
+            try {
+                tag = b64u(joseHeader.tag);
+            }
+            catch {
+                throw new JWEInvalid('Failed to base64url decode the tag');
+            }
+            return aesGcmKw(alg, key, encryptedKey, iv, tag);
+        }
+        default: {
+            throw new JOSENotSupported('Invalid or unsupported "alg" (JWE Algorithm) header value');
+        }
+    }
+}

public/vendor/jose/lib/digest.js

@@ -0,0 +1,4 @@
+export async function digest(algorithm, data) {
+    const subtleDigest = `SHA-${algorithm.slice(-3)}`;
+    return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));
+}

public/vendor/jose/lib/ecdhes.js

@@ -0,0 +1,52 @@
+import { encode, concat, uint32be } from './buffer_utils.js';
+import { checkEncCryptoKey } from './crypto_key.js';
+import { digest } from './digest.js';
+function lengthAndInput(input) {
+    return concat(uint32be(input.length), input);
+}
+async function concatKdf(Z, L, OtherInfo) {
+    const dkLen = L >> 3;
+    const hashLen = 32;
+    const reps = Math.ceil(dkLen / hashLen);
+    const dk = new Uint8Array(reps * hashLen);
+    for (let i = 1; i <= reps; i++) {
+        const hashInput = new Uint8Array(4 + Z.length + OtherInfo.length);
+        hashInput.set(uint32be(i), 0);
+        hashInput.set(Z, 4);
+        hashInput.set(OtherInfo, 4 + Z.length);
+        const hashResult = await digest('sha256', hashInput);
+        dk.set(hashResult, (i - 1) * hashLen);
+    }
+    return dk.slice(0, dkLen);
+}
+export async function deriveKey(publicKey, privateKey, algorithm, keyLength, apu = new Uint8Array(), apv = new Uint8Array()) {
+    checkEncCryptoKey(publicKey, 'ECDH');
+    checkEncCryptoKey(privateKey, 'ECDH', 'deriveBits');
+    const algorithmID = lengthAndInput(encode(algorithm));
+    const partyUInfo = lengthAndInput(apu);
+    const partyVInfo = lengthAndInput(apv);
+    const suppPubInfo = uint32be(keyLength);
+    const suppPrivInfo = new Uint8Array();
+    const otherInfo = concat(algorithmID, partyUInfo, partyVInfo, suppPubInfo, suppPrivInfo);
+    const Z = new Uint8Array(await crypto.subtle.deriveBits({
+        name: publicKey.algorithm.name,
+        public: publicKey,
+    }, privateKey, getEcdhBitLength(publicKey)));
+    return concatKdf(Z, keyLength, otherInfo);
+}
+function getEcdhBitLength(publicKey) {
+    if (publicKey.algorithm.name === 'X25519') {
+        return 256;
+    }
+    return (Math.ceil(parseInt(publicKey.algorithm.namedCurve.slice(-3), 10) / 8) << 3);
+}
+export function allowed(key) {
+    switch (key.algorithm.namedCurve) {
+        case 'P-256':
+        case 'P-384':
+        case 'P-521':
+            return true;
+        default:
+            return key.algorithm.name === 'X25519';
+    }
+}