arcticfox-encryption - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

index.js

 // https://github.com/dotnet/coreclr/blob/master/src/inc/random.h
+// http://referencesource.microsoft.com/#mscorlib/system/random.cs
+
+const INT32MIN = -0x80000000;
+const INT32MAX = 0x7FFFFFFF;
+
+const MSEED = 161803398;
+const MBIG = INT32MAX;
+
 class DotNetRandom {
     constructor(seed) {
-        this.MSEED = 161803398;
-        this.MBIG = 2147483647;
         this.SeedArray = new Array(55).fill(0);
@@ -12,6 +18,5 @@
 
-        const subtraction = (seed === -2147483648) ? this.MBIG : Math.abs(seed);
+        const substraction = (seed === INT32MIN) ? INT32MAX : Math.abs(seed);
+        mj = MSEED - substraction;
 
-        mj = this.MSEED - subtraction;
-
         this.SeedArray[55] = mj;
@@ -25,3 +30,3 @@
             if (mk < 0) {
-                mk += this.MBIG;
+                mk += MBIG;
             }
@@ -34,5 +39,5 @@ mj = this.SeedArray[ii];
                 /* eslint-disable no-mixed-operators */
-                this.SeedArray[i] -= this.SeedArray[1 + (i + 30) % 55];
+                this.SeedArray[i] = (this.SeedArray[i] - this.SeedArray[1 + (i + 30) % 55]) & 0xFFFFFFFF;
                 if (this.SeedArray[i] < 0) {
-                    this.SeedArray[i] += this.MBIG;
+                    this.SeedArray[i] += MBIG;
                 }
@@ -59,7 +64,7 @@ }
 
-        if (retVal === this.MBIG) {
+        if (retVal === MBIG) {
             retVal--;
         }
         if (retVal < 0) {
-            retVal += this.MBIG;
+            retVal += MBIG;
         }
@@ -77,5 +82,3 @@
         for (let i = 0; i < buf.length; i++) {
-            const c = this.internalSample() % 256;
-			// Console.log(c);
-            buf[i] = c;
+            buf[i] = this.internalSample() % 256;
         }
@@ -103,2 +106,3 @@ }
         const table = this.createTable(initialKey);
+
         const result = Buffer.alloc(buf.length - keyBytes.length);
@@ -105,0 +109,0 @@

package.json

 {
   "name": "arcticfox-encryption",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Encode and Decode ArcticFox Config Files (.afc)",
   "main": "index.js",
   "scripts": {
-    "test": "camo-purge ; xo --space 4 --ignore test.js && mocha test.js"
+    "test": "camo-purge ; xo --space 4 --ignore test.js && mocha test.js",
+    "testonly": "mocha test.js"
   },
@@ -13,2 +14,6 @@ "repository": {
   },
+  "engines": {
+    "node": ">=6.0.0"
+  },
+  "engineStrict": true,
   "keywords": [
@@ -30,7 +35,7 @@ "vape",
   "devDependencies": {
-    "camo-purge": "^1.0.2",
-    "mocha": "^3.4.2",
-    "should": "^11.2.1",
-    "xo": "^0.18.2"
+    "camo-purge": "latest",
+    "mocha": "latest",
+    "should": "latest",
+    "xo": "latest"
   }
 }

README.md

@@ -27,3 +27,3 @@ # arcticfox-encryption
 * https://github.com/hobbyquaker/arcticfox - a Node module that abstracts the HID communication with the Arcticfox 
-firmware and is also used by this project.
+firmware.
 
@@ -30,0 +30,0 @@

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

195580

increased by366.62%

Number of package files

9

increased by80%

Lines of code

129

increased by4.88%

Worsened metrics

Number of low supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes