Refactoring & updated dependencies

README.md

@@ -5,7 +5,7 @@
  [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=Exact-Realty_ts-privacypass&metric=bugs)](https://sonarcloud.io/summary/new_code?id=Exact-Realty_ts-privacypass)
  [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=Exact-Realty_ts-privacypass&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=Exact-Realty_ts-privacypass)
  [![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=Exact-Realty_ts-privacypass&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=Exact-Realty_ts-privacypass)
- ![NPM Downloads](https://img.shields.io/npm/dw/@exact-realty/privacy-pass?style=flat-square)
+ ![NPM Downloads](https://img.shields.io/npm/dw/@exact-realty/privacypass?style=flat-square)
 
 This project aims to provide a comprehensive implementation of the various
 Private Access Token (PAT) Internet Engineering Task Force (IETF) drafts in

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@exact-realty/privacypass",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Library for working with Private Access Tokens",
   "main": "dist/index.js",
   "module": "./dist/index.mjs",
@@ -13,13 +13,12 @@
   ],
   "scripts": {
     "lint": "eslint . --ext .js,.jsx,.ts,.tsx",
-    "lintFix": "eslint . --ext .js,.jsx,.ts,.tsx --fix",
+    "lint:fix": "eslint . --ext .js,.jsx,.ts,.tsx --fix",
     "build": "tsc --emitDeclarationOnly --declarationMap --declaration && node esbuild.mjs",
     "test": "nyc mocha",
     "prepare": "npm run build",
     "prepublishOnly": "npm test && npm run lint",
     "preversion": "npm run lint",
-    "postinstall": "exit 0",
     "version": "npm run lint && git add -A src",
     "postversion": "git push && git push --tags"
   },
@@ -31,17 +30,17 @@
   "license": "ISC",
   "devDependencies": {
     "@types/mocha": "^10.0.1",
-    "@typescript-eslint/eslint-plugin": "^5.59.8",
-    "@typescript-eslint/parser": "^5.59.8",
-    "esbuild": "^0.17.19",
-    "eslint": "^8.42.0",
+    "@typescript-eslint/eslint-plugin": "^6.1.0",
+    "@typescript-eslint/parser": "^6.1.0",
+    "esbuild": "^0.18.14",
+    "eslint": "^8.45.0",
     "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-prettier": "^4.2.1",
+    "eslint-plugin-prettier": "^5.0.0",
     "mocha": "^10.2.0",
     "nyc": "^15.1.0",
-    "prettier": "^2.8.8",
+    "prettier": "^3.0.0",
     "ts-node": "^10.9.1",
-    "typescript": "^5.1.3"
+    "typescript": "^5.1.6"
   },
   "keywords": [
     "private access tokens",

src/draft-ietf-privacypass-protocol-10/blindRsa/redemption.spec.ts

@@ -1,20 +1,6 @@
-/* Copyright © 2023 Exact Realty Limited. All rights reserved.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
- * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- * AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
- * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
 import assert from 'node:assert/strict';
 import { autobb, btoau } from '../../lib/base64url.js';
+import { rsa2048SpkiLegacyToNew } from '../../lib/rsa2048SpkiRepresentations.js';
 import produceBlindRsaWwwAuthenticateHeader from './challenge.js';
 import redeemPatAuthorizationHeader from './redemption.js';
 
@@ -33,22 +19,9 @@ const keygen = async (): Promise<[CryptoKey, Uint8Array]> => {
 	const publicKey = await crypto.subtle.exportKey('spki', keyPair.publicKey);
 
 	if (publicKey.byteLength === 294) {
-		const prefix = new Uint8Array(294 - 19 + 67);
-		prefix.set(
-			[
-				0x30, 0x82, 0x01, 0x52, 0x30, 0x3d, 0x06, 0x09, 0x2a, 0x86,
-				0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a, 0x30, 0x30, 0xa0,
-				0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
-				0x03, 0x04, 0x02, 0x02, 0xa1, 0x1a, 0x30, 0x18, 0x06, 0x09,
-				0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08, 0x30,
-				0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04,
-				0x02, 0x02, 0xa2, 0x03, 0x02, 0x01, 0x30,
-			],
-			0,
-		);
-		prefix.set(new Uint8Array(publicKey.slice(19)), 67);
+		const newPublicKey = rsa2048SpkiLegacyToNew(new Uint8Array(publicKey));
 
-		return [keyPair.privateKey, prefix];
+		return [keyPair.privateKey, newPublicKey];
 	}
 
 	return [keyPair.privateKey, new Uint8Array(publicKey)];

src/draft-ietf-privacypass-protocol-10/blindRsa/redemption.ts

@@ -15,6 +15,7 @@
 
 import { autobb } from '../../lib/base64url.js';
 import g from '../../lib/global.js';
+import { rsa2048SpkiNewToLegacy } from '../../lib/rsa2048SpkiRepresentations.js';
 import timingSafeEqual from '../../lib/timingSafeEqual.js';
 
 const redeemBlindRsaToken = async (
@@ -80,17 +81,7 @@ const redeemBlindRsaToken = async (
 
 	try {
 		// Convert to legacy format for compatibility with Crypto
-		const rawVerificationKey = new Uint8Array(
-			rawTokenKey.byteLength - 67 + 19,
-		);
-		rawVerificationKey.set(
-			[
-				0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
-				0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
-			],
-			0,
-		);
-		rawVerificationKey.set(rawTokenKey.subarray(67), 19);
+		const rawVerificationKey = rsa2048SpkiNewToLegacy(rawTokenKey);
 
 		const key = await g.crypto.subtle.importKey(
 			'spki',

src/lib/rsa2048SpkiRepresentations.ts

@@ -0,0 +1,49 @@
+/* Copyright © 2023 Exact Realty Limited. All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+ * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+const rsa2048SpkiNewToLegacy = (publicKey: Uint8Array) => {
+	const legacyPublicKey = new Uint8Array(342 - 67 + 19);
+	legacyPublicKey.set(
+		[
+			0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
+			0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
+		],
+		0,
+	);
+	legacyPublicKey.set(publicKey.subarray(67), 19);
+
+	return legacyPublicKey;
+};
+
+const rsa2048SpkiLegacyToNew = (publicKey: Uint8Array) => {
+	const newPublicKey = new Uint8Array(294 - 19 + 67);
+	newPublicKey.set(
+		[
+			0x30, 0x82, 0x01, 0x52, 0x30, 0x3d, 0x06, 0x09, 0x2a, 0x86, 0x48,
+			0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a, 0x30, 0x30, 0xa0, 0x0d, 0x30,
+			0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
+			0x02, 0xa1, 0x1a, 0x30, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+			0xf7, 0x0d, 0x01, 0x01, 0x08, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86,
+			0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0xa2, 0x03, 0x02, 0x01,
+			0x30,
+		],
+		0,
+	);
+	newPublicKey.set(new Uint8Array(publicKey.slice(19)), 67);
+
+	return newPublicKey;
+};
+
+export { rsa2048SpkiNewToLegacy, rsa2048SpkiLegacyToNew };

tsconfig.json

@@ -2,7 +2,7 @@
 	"compilerOptions": {
 		"composite": true,
 		"declaration": true,
-		"target": "es2015",
+		"target": "es2016",
 		"module": "commonjs",
 		"outDir": "dist",
 		"strict": true,