Lines 19-59javascript
19 const b64 = b64url.replace(/-/g, '+').replace(/_/g, '/') + '=='.slice(0, (4 - b64url.length % 4) % 4);
20 return decodeBase64(b64);
22function ed25519SeedFrom(raw) {
23 if (raw.length === 32)
25 if (raw.length === 64)
26 return raw.subarray(0, 32);
27 throw new Error(`invalid Ed25519 private key length: expected 32 or 64 bytes, got ${raw.length}`);
29function ed25519Pkcs8PemFromSeed(seed) {
30 const pkcs8Prefix = new Uint8Array([
31 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06,
32 0x03, 0x2b, 0x65, 0x70, 0x04, 0x22, 0x04, 0x20,
34 const der = new Uint8Array(pkcs8Prefix.length + seed.length);
36 der.set(seed, pkcs8Prefix.length);
37 const b64 = encodeBase64(der);
38 const wrapped = b64.match(/.{1,64}/g)?.join('\n') ?? b64;
39 return `-----BEGIN PRIVATE KEY-----\n${wrapped}\n-----END PRIVATE KEY-----`;
CriticalCritical Secret
Package contains a critical-looking secret pattern.
dist/auth.jsView on unpkg · L39 41async function keyFingerprint(key) {
42 const jwk = await exportJWK(key);
43 const pub = decodeBase64Url(jwk.x);
44 const digest = new Uint8Array(await crypto.subtle.digest('SHA-256', pub));
45 return Array.from(digest.subarray(0, 16), b => b.toString(16).padStart(2, '0')).join('');
47export class TokenSigner {
54 constructor(privateKeyBase64) {
55 this.privateKeyBase64 = privateKeyBase64;
58 const now = Math.floor(Date.now() / 1000);
59 if (this.token && now < this.expiry - REFRESH_MARGIN) {