Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@verdaccio/signature
Advanced tools
@verdaccio/signature - npm Package Compare versions
Comparing version 7.0.0-next-7.4 to 7.0.0-next-7.5
@@ -1,2 +0,2 @@ | ||
| export { aesDecryptDeprecated, aesEncryptDeprecated, generateRandomSecretKeyDeprecated, aesDecryptDeprecatedBackwardCompatible, aesEncryptDeprecatedBackwardCompatible, } from './legacy-signature'; | ||
| export { aesDecryptDeprecated, aesEncryptDeprecated, generateRandomSecretKeyDeprecated, } from './legacy-signature'; | ||
| export { aesDecrypt, aesEncrypt } from './signature'; | ||
@@ -3,0 +3,0 @@ export { signPayload, verifyPayload, SignOptionsSignature } from './jwt-token'; |
@@ -24,8 +24,2 @@ "use strict"; | ||
| }); | ||
| Object.defineProperty(exports, "aesDecryptDeprecatedBackwardCompatible", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacySignature.aesDecryptDeprecatedBackwardCompatible; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "aesEncrypt", { | ||
@@ -43,8 +37,2 @@ enumerable: true, | ||
| }); | ||
| Object.defineProperty(exports, "aesEncryptDeprecatedBackwardCompatible", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacySignature.aesEncryptDeprecatedBackwardCompatible; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "generateRandomSecretKeyDeprecated", { | ||
@@ -51,0 +39,0 @@ enumerable: true, |
@@ -1,2 +0,22 @@ | ||
| export { aesDecryptDeprecated, aesEncryptDeprecated, generateRandomSecretKeyDeprecated, TOKEN_VALID_LENGTH_DEPRECATED, defaultAlgorithm, defaultTarballHashAlgorithm, } from './legacy-crypto'; | ||
| export { aesDecryptDeprecatedBackwardCompatible, aesEncryptDeprecatedBackwardCompatible, } from './legacy-backward-compatible'; | ||
| /// <reference types="node" /> | ||
| export declare const defaultAlgorithm = "aes192"; | ||
| export declare const defaultTarballHashAlgorithm = "sha1"; | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| export declare function aesEncryptDeprecated(buf: Buffer, secret: string): Buffer; | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| export declare function aesDecryptDeprecated(buf: Buffer, secret: string): Buffer; | ||
| export declare const TOKEN_VALID_LENGTH_DEPRECATED = 64; | ||
| /** | ||
| * Generate a secret key of 64 characters. | ||
| */ | ||
| export declare function generateRandomSecretKeyDeprecated(): string; |
@@ -6,52 +6,62 @@ "use strict"; | ||
| }); | ||
| Object.defineProperty(exports, "TOKEN_VALID_LENGTH_DEPRECATED", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.TOKEN_VALID_LENGTH_DEPRECATED; | ||
| exports.TOKEN_VALID_LENGTH_DEPRECATED = void 0; | ||
| exports.aesDecryptDeprecated = aesDecryptDeprecated; | ||
| exports.aesEncryptDeprecated = aesEncryptDeprecated; | ||
| exports.defaultTarballHashAlgorithm = exports.defaultAlgorithm = void 0; | ||
| exports.generateRandomSecretKeyDeprecated = generateRandomSecretKeyDeprecated; | ||
| var _crypto = require("crypto"); | ||
| var _debug = _interopRequireDefault(require("debug")); | ||
| var _utils = require("../utils"); | ||
| function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } | ||
| const defaultAlgorithm = exports.defaultAlgorithm = 'aes192'; | ||
| const defaultTarballHashAlgorithm = exports.defaultTarballHashAlgorithm = 'sha1'; | ||
| const debug = (0, _debug.default)('verdaccio:auth:token:legacy:deprecated'); | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| function aesEncryptDeprecated(buf, secret) { | ||
| debug('aesEncryptDeprecated init'); | ||
| debug('algorithm %o', defaultAlgorithm); | ||
| // deprecated (it will be removed in Verdaccio 6), it is a breaking change | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options | ||
| // https://www.grainger.xyz/changing-from-cipher-to-cipheriv/ | ||
| const c = (0, _crypto.createCipher)(defaultAlgorithm, secret); | ||
| const b1 = c.update(buf); | ||
| const b2 = c.final(); | ||
| debug('deprecated legacy token generated successfully'); | ||
| return Buffer.concat([b1, b2]); | ||
| } | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| function aesDecryptDeprecated(buf, secret) { | ||
| try { | ||
| debug('aesDecryptDeprecated init'); | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createdecipher_algorithm_password_options | ||
| // https://www.grainger.xyz/changing-from-cipher-to-cipheriv/ | ||
| const c = (0, _crypto.createDecipher)(defaultAlgorithm, secret); | ||
| const b1 = c.update(buf); | ||
| const b2 = c.final(); | ||
| debug('deprecated legacy token payload decrypted successfully'); | ||
| return Buffer.concat([b1, b2]); | ||
| } catch (_) { | ||
| return Buffer.alloc(0); | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "aesDecryptDeprecated", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.aesDecryptDeprecated; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "aesDecryptDeprecatedBackwardCompatible", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyBackwardCompatible.aesDecryptDeprecatedBackwardCompatible; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "aesEncryptDeprecated", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.aesEncryptDeprecated; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "aesEncryptDeprecatedBackwardCompatible", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyBackwardCompatible.aesEncryptDeprecatedBackwardCompatible; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "defaultAlgorithm", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.defaultAlgorithm; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "defaultTarballHashAlgorithm", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.defaultTarballHashAlgorithm; | ||
| } | ||
| }); | ||
| Object.defineProperty(exports, "generateRandomSecretKeyDeprecated", { | ||
| enumerable: true, | ||
| get: function () { | ||
| return _legacyCrypto.generateRandomSecretKeyDeprecated; | ||
| } | ||
| }); | ||
| var _legacyCrypto = require("./legacy-crypto"); | ||
| var _legacyBackwardCompatible = require("./legacy-backward-compatible"); | ||
| } | ||
| const TOKEN_VALID_LENGTH_DEPRECATED = exports.TOKEN_VALID_LENGTH_DEPRECATED = 64; | ||
| /** | ||
| * Generate a secret key of 64 characters. | ||
| */ | ||
| function generateRandomSecretKeyDeprecated() { | ||
| return (0, _utils.generateRandomHexString)(6); | ||
| } | ||
| //# sourceMappingURL=index.js.map |
@@ -21,5 +21,5 @@ "use strict"; | ||
| function aesEncrypt(value, key) { | ||
| debug('aesEncrypt init'); | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options | ||
| // https://www.grainger.xyz/posts/changing-from-cipher-to-cipheriv | ||
| debug('encrypt %o', value); | ||
| debug('algorithm %o', defaultAlgorithm); | ||
@@ -43,3 +43,3 @@ // IV must be a buffer of length 16 | ||
| const token = `${iv.toString('hex')}:${encrypted.toString()}`; | ||
| debug('token generated successfully'); | ||
| debug('legacy token generated successfully'); | ||
| return Buffer.from(token).toString('base64'); | ||
@@ -49,2 +49,3 @@ } | ||
| try { | ||
| debug('aesDecrypt init'); | ||
| const buff = Buffer.from(value, 'base64'); | ||
@@ -64,3 +65,3 @@ const textParts = buff.toString().split(':'); | ||
| decrypted += decipher.final(inputEncoding); | ||
| debug('token decrypted successfully'); | ||
| debug('legacy token payload decrypted successfully'); | ||
| return decrypted.toString(); | ||
@@ -67,0 +68,0 @@ } catch (_) { |
| # @verdaccio/signature | ||
| ## 7.0.0-next-7.5 | ||
| ### Minor Changes | ||
| - bd8703e: feat: add migrateToSecureLegacySignature and remove enhancedLegacySignature property | ||
| ## 7.0.0-next-7.4 | ||
@@ -4,0 +10,0 @@ |
| { | ||
| "name": "@verdaccio/signature", | ||
| "version": "7.0.0-next-7.4", | ||
| "version": "7.0.0-next-7.5", | ||
| "description": "verdaccio signature utils", | ||
@@ -33,8 +33,7 @@ "main": "./build/index.js", | ||
| "jsonwebtoken": "9.0.2", | ||
| "evp_bytestokey": "1.0.3", | ||
| "debug": "4.3.4" | ||
| }, | ||
| "devDependencies": { | ||
| "@verdaccio/config": "7.0.0-next-7.14", | ||
| "@verdaccio/types": "12.0.0-next.2" | ||
| "@verdaccio/config": "7.0.0-next-7.15", | ||
| "@verdaccio/types": "12.0.0-next-7.3" | ||
| }, | ||
@@ -41,0 +40,0 @@ "funding": { |
@@ -5,4 +5,2 @@ export { | ||
| generateRandomSecretKeyDeprecated, | ||
| aesDecryptDeprecatedBackwardCompatible, | ||
| aesEncryptDeprecatedBackwardCompatible, | ||
| } from './legacy-signature'; | ||
@@ -9,0 +7,0 @@ |
@@ -1,13 +0,58 @@ | ||
| export { | ||
| aesDecryptDeprecated, | ||
| aesEncryptDeprecated, | ||
| generateRandomSecretKeyDeprecated, | ||
| TOKEN_VALID_LENGTH_DEPRECATED, | ||
| defaultAlgorithm, | ||
| defaultTarballHashAlgorithm, | ||
| } from './legacy-crypto'; | ||
| // Temporary export to keep backward compatibility with Node.js >= 22 | ||
| export { | ||
| aesDecryptDeprecatedBackwardCompatible, | ||
| aesEncryptDeprecatedBackwardCompatible, | ||
| } from './legacy-backward-compatible'; | ||
| import { createCipher, createDecipher } from 'crypto'; | ||
| import buildDebug from 'debug'; | ||
| import { generateRandomHexString } from '../utils'; | ||
| export const defaultAlgorithm = 'aes192'; | ||
| export const defaultTarballHashAlgorithm = 'sha1'; | ||
| const debug = buildDebug('verdaccio:auth:token:legacy:deprecated'); | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| export function aesEncryptDeprecated(buf: Buffer, secret: string): Buffer { | ||
| debug('aesEncryptDeprecated init'); | ||
| debug('algorithm %o', defaultAlgorithm); | ||
| // deprecated (it will be removed in Verdaccio 6), it is a breaking change | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options | ||
| // https://www.grainger.xyz/changing-from-cipher-to-cipheriv/ | ||
| const c = createCipher(defaultAlgorithm, secret); | ||
| const b1 = c.update(buf); | ||
| const b2 = c.final(); | ||
| debug('deprecated legacy token generated successfully'); | ||
| return Buffer.concat([b1, b2]); | ||
| } | ||
| /** | ||
| * | ||
| * @param buf | ||
| * @param secret | ||
| * @returns | ||
| */ | ||
| export function aesDecryptDeprecated(buf: Buffer, secret: string): Buffer { | ||
| try { | ||
| debug('aesDecryptDeprecated init'); | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createdecipher_algorithm_password_options | ||
| // https://www.grainger.xyz/changing-from-cipher-to-cipheriv/ | ||
| const c = createDecipher(defaultAlgorithm, secret); | ||
| const b1 = c.update(buf); | ||
| const b2 = c.final(); | ||
| debug('deprecated legacy token payload decrypted successfully'); | ||
| return Buffer.concat([b1, b2]); | ||
| } catch (_) { | ||
| return Buffer.alloc(0); | ||
| } | ||
| } | ||
| export const TOKEN_VALID_LENGTH_DEPRECATED = 64; | ||
| /** | ||
| * Generate a secret key of 64 characters. | ||
| */ | ||
| export function generateRandomSecretKeyDeprecated(): string { | ||
| return generateRandomHexString(6); | ||
| } |
@@ -22,5 +22,5 @@ import { | ||
| export function aesEncrypt(value: string, key: string): string | void { | ||
| debug('aesEncrypt init'); | ||
| // https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options | ||
| // https://www.grainger.xyz/posts/changing-from-cipher-to-cipheriv | ||
| debug('encrypt %o', value); | ||
| debug('algorithm %o', defaultAlgorithm); | ||
@@ -46,3 +46,3 @@ // IV must be a buffer of length 16 | ||
| const token = `${iv.toString('hex')}:${encrypted.toString()}`; | ||
| debug('token generated successfully'); | ||
| debug('legacy token generated successfully'); | ||
| return Buffer.from(token).toString('base64'); | ||
@@ -53,2 +53,3 @@ } | ||
| try { | ||
| debug('aesDecrypt init'); | ||
| const buff = Buffer.from(value, 'base64'); | ||
@@ -68,3 +69,3 @@ const textParts = buff.toString().split(':'); | ||
| decrypted += decipher.final(inputEncoding); | ||
| debug('token decrypted successfully'); | ||
| debug('legacy token payload decrypted successfully'); | ||
| return decrypted.toString(); | ||
@@ -71,0 +72,0 @@ } catch (_: any) { |
@@ -0,1 +1,3 @@ | ||
| import { isNodeVersionGreaterThan21 } from '@verdaccio/config'; | ||
| import { | ||
@@ -7,7 +9,15 @@ aesDecryptDeprecated, | ||
| describe('test deprecated crypto utils', () => { | ||
| const itdescribe = (condition) => (condition ? describe : describe.skip); | ||
| itdescribe(isNodeVersionGreaterThan21() === false)('test deprecated crypto utils', () => { | ||
| test('generateRandomSecretKeyDeprecated', () => { | ||
| expect(generateRandomSecretKeyDeprecated()).toHaveLength(12); | ||
| }); | ||
| test('decrypt payload flow', () => { | ||
| const secret = generateRandomSecretKeyDeprecated(); | ||
| const secret = '4b4512c6ce20'; | ||
| const payload = 'juan:password'; | ||
| const token = aesEncryptDeprecated(Buffer.from(payload), secret); | ||
| expect(token.toString('base64')).toEqual('auizc1j3lSEd2wEB5CyGbQ=='); | ||
| const data = aesDecryptDeprecated(token, secret); | ||
@@ -14,0 +24,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Dependency count
- decreased by-33.33%
2
Worsened metrics
- Total package byte prevSize
- decreased by-14.96%
46102
- Number of package files
- decreased by-18.75%
39
- Lines of code
- decreased by-16.47%
705
Dependency changes
- Removedevp_bytestokey@1.0.3
- Removedevp_bytestokey@1.0.3(transitive)
- Removedhash-base@3.1.0(transitive)
- Removedinherits@2.0.4(transitive)
- Removedmd5.js@1.3.5(transitive)
- Removedreadable-stream@3.6.2(transitive)
- Removedstring_decoder@1.3.0(transitive)
- Removedutil-deprecate@1.0.2(transitive)