appc-security - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

index.js

@@ -94,3 +94,3 @@ /**
  * @param {Number} size of the algorithm to used (128, 192, 256)
- * @returns {String} encrypted blob in hex format
+ * @returns {Object} object hash of encryption results. value property is the encryptedText
  */
@@ -150,5 +150,11 @@ function encrypt (plainText, key, pepper, hmac_key, encoding, size) {
 			// if we need to return a different encoding than hex, encode it
-			return new Buffer(encryptedText,'hex').toString(encoding);
+			encryptedText = new Buffer(encryptedText,'hex').toString(encoding);
 		}
-		return encryptedText;
+		return {
+			value: encryptedText,
+			derivedKey: derivedKey,
+			saltAndPepper: saltAndPepper,
+			salt: salt,
+			iv: iv
+		};
 	}
@@ -155,0 +161,0 @@ catch (E) {

package.json

 {
   "name": "appc-security",
-  "version": "0.0.1",
+  "version": "0.0.2",
   "description": "Appcelerator Security Best Practices Library for Node",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -1,6 +0,7 @@
-# Appcelerator Security Library for NodeJS
+# Appcelerator Security Library for NodeJS 
+[![Build Status](https://travis-ci.org/appcelerator/appc-security.svg?branch=master)](https://travis-ci.org/appcelerator/appc-security) [![npm version](https://badge.fury.io/js/appc-security.svg)](http://badge.fury.io/js/appc-security)
 
 This is a basic security library for encryption and decryption and other security related tasks that are common in NodeJS.
 
-This library was created as a secure coding best practice for use with Appcelerator NodeJS related software.
+This library was created as a secure coding best practice for use with Appcelerator NodeJS related software. 
 
@@ -7,0 +8,0 @@ It is made available on GitHub for peer review and for transparency in our security practices.  If you find a security related issue with this software, please use [Responsible Disclosure of Security Vulnerabilities](http://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/) by reporting it.

test/unit_test.js

@@ -37,6 +37,10 @@ var should = require('should'),
 			result = lib.encrypt('ABC',key,pepper,hmacKey,'base64');
-		should(result).be.string;
-		should(result).match(/=$/);
+		should(result).be.object;
+		should(result.value).match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey,'base64');
+		should(result).have.property('saltAndPepper');
+		should(result).have.property('iv');
+		should(result).have.property('derivedKey');
+
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey,'base64');
 		should(result2).be.string;
@@ -52,6 +56,6 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey,'base64');
-		should(result).be.string;
-		should(result).match(/=$/);
+		should(result).be.object;
+		should(result.value).match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey,'base64');
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey,'base64');
 		should(result2).be.string;
@@ -66,6 +70,6 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey,'base64',128);
-		should(result).be.string;
-		should(result).match(/=$/);
+		should(result).be.object;
+		should(result.value).match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey,'base64',128);
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey,'base64',128);
 		should(result2).be.string;
@@ -80,6 +84,6 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey,'base64',192);
-		should(result).be.string;
-		should(result).match(/=$/);
+		should(result).be.object;
+		should(result.value).match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey,'base64',192);
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey,'base64',192);
 		should(result2).be.string;
@@ -94,6 +98,6 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey,'base64',256);
-		should(result).be.string;
-		should(result).match(/=$/);
+		should(result).be.object;
+		should(result.value).match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey,'base64',256);
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey,'base64',256);
 		should(result2).be.string;
@@ -147,6 +151,6 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
-		should(result).not.match(/=$/);
+		should(result).be.object;
+		should(result.value).not.match(/=$/);
 
-		var result2 = lib.decrypt(result,key,pepper,hmacKey);
+		var result2 = lib.decrypt(result.value,key,pepper,hmacKey);
 		should(result2).be.string;
@@ -170,3 +174,3 @@ should(result2).equal('ABC');
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
+		should(result).be.object;
 		(function(){
@@ -182,5 +186,5 @@ lib.decrypt('123',key,pepper,hmacKey);
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
+		should(result).be.object;
 		(function(){
-			lib.decrypt(result,'123',pepper,hmacKey);
+			lib.decrypt(result.value,'123',pepper,hmacKey);
 		}).should.throw('decryption failed');
@@ -194,5 +198,5 @@ });
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
+		should(result).be.object;
 		(function(){
-			lib.decrypt(result,key,'123',hmacKey);
+			lib.decrypt(result.value,key,'123',hmacKey);
 		}).should.throw('encrypted data has been tampered with');
@@ -206,5 +210,5 @@ });
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
+		should(result).be.object;
 		(function(){
-			lib.decrypt(result,key,pepper,'123');
+			lib.decrypt(result.value,key,pepper,'123');
 		}).should.throw('encrypted data has been tampered with');
@@ -218,5 +222,5 @@ });
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
+		should(result).be.object;
 		(function(){
-			lib.decrypt(result+'1',key,pepper,hmacKey);
+			lib.decrypt(result.value+'1',key,pepper,hmacKey);
 		}).should.throw('encrypted data has been tampered with');
@@ -230,5 +234,5 @@ });
 			result = lib.encrypt('ABC',key,pepper,hmacKey);
-		should(result).be.string;
-		var hmac = result.substring(0, lib.HMAC_LENGTH),
-			remainder = result.substring(lib.HMAC_LENGTH);
+		should(result).be.object;
+		var hmac = result.value.substring(0, lib.HMAC_LENGTH),
+			remainder = result.value.substring(lib.HMAC_LENGTH);
 		(function(){
@@ -235,0 +239,0 @@ result = hmac.substring(0,hmac.length-2) + remainder;

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

24872

increased by2.25%

Lines of code

496

increased by1.85%

Number of lines in readme file

71

increased by1.43%

Worsened metrics

Number of package files

8

decreased by-11.11%

No dependency changes