Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

browserify-sign

Package Overview
Dependencies
Maintainers
5
Versions
32
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

browserify-sign - npm Package Compare versions

Comparing version 4.2.1 to 4.2.2

4

algos.js

@@ -1,1 +0,3 @@

module.exports = require('./browser/algorithms.json')
'use strict';
module.exports = require('./browser/algorithms.json');

124

browser/index.js

@@ -1,85 +0,85 @@

var Buffer = require('safe-buffer').Buffer
var createHash = require('create-hash')
var stream = require('readable-stream')
var inherits = require('inherits')
var sign = require('./sign')
var verify = require('./verify')
'use strict';
var algorithms = require('./algorithms.json')
var Buffer = require('safe-buffer').Buffer;
var createHash = require('create-hash');
var stream = require('readable-stream');
var inherits = require('inherits');
var sign = require('./sign');
var verify = require('./verify');
var algorithms = require('./algorithms.json');
Object.keys(algorithms).forEach(function (key) {
algorithms[key].id = Buffer.from(algorithms[key].id, 'hex')
algorithms[key.toLowerCase()] = algorithms[key]
})
algorithms[key].id = Buffer.from(algorithms[key].id, 'hex');
algorithms[key.toLowerCase()] = algorithms[key];
});
function Sign (algorithm) {
stream.Writable.call(this)
function Sign(algorithm) {
stream.Writable.call(this);
var data = algorithms[algorithm]
if (!data) throw new Error('Unknown message digest')
var data = algorithms[algorithm];
if (!data) { throw new Error('Unknown message digest'); }
this._hashType = data.hash
this._hash = createHash(data.hash)
this._tag = data.id
this._signType = data.sign
this._hashType = data.hash;
this._hash = createHash(data.hash);
this._tag = data.id;
this._signType = data.sign;
}
inherits(Sign, stream.Writable)
inherits(Sign, stream.Writable);
Sign.prototype._write = function _write (data, _, done) {
this._hash.update(data)
done()
}
Sign.prototype._write = function _write(data, _, done) {
this._hash.update(data);
done();
};
Sign.prototype.update = function update (data, enc) {
if (typeof data === 'string') data = Buffer.from(data, enc)
Sign.prototype.update = function update(data, enc) {
this._hash.update(typeof data === 'string' ? Buffer.from(data, enc) : data);
this._hash.update(data)
return this
}
return this;
};
Sign.prototype.sign = function signMethod (key, enc) {
this.end()
var hash = this._hash.digest()
var sig = sign(hash, key, this._hashType, this._signType, this._tag)
Sign.prototype.sign = function signMethod(key, enc) {
this.end();
var hash = this._hash.digest();
var sig = sign(hash, key, this._hashType, this._signType, this._tag);
return enc ? sig.toString(enc) : sig
}
return enc ? sig.toString(enc) : sig;
};
function Verify (algorithm) {
stream.Writable.call(this)
function Verify(algorithm) {
stream.Writable.call(this);
var data = algorithms[algorithm]
if (!data) throw new Error('Unknown message digest')
var data = algorithms[algorithm];
if (!data) { throw new Error('Unknown message digest'); }
this._hash = createHash(data.hash)
this._tag = data.id
this._signType = data.sign
this._hash = createHash(data.hash);
this._tag = data.id;
this._signType = data.sign;
}
inherits(Verify, stream.Writable)
inherits(Verify, stream.Writable);
Verify.prototype._write = function _write (data, _, done) {
this._hash.update(data)
done()
}
Verify.prototype._write = function _write(data, _, done) {
this._hash.update(data);
done();
};
Verify.prototype.update = function update (data, enc) {
if (typeof data === 'string') data = Buffer.from(data, enc)
Verify.prototype.update = function update(data, enc) {
this._hash.update(typeof data === 'string' ? Buffer.from(data, enc) : data);
this._hash.update(data)
return this
}
return this;
};
Verify.prototype.verify = function verifyMethod (key, sig, enc) {
if (typeof sig === 'string') sig = Buffer.from(sig, enc)
Verify.prototype.verify = function verifyMethod(key, sig, enc) {
var sigBuffer = typeof sig === 'string' ? Buffer.from(sig, enc) : sig;
this.end()
var hash = this._hash.digest()
return verify(sig, hash, key, this._signType, this._tag)
}
this.end();
var hash = this._hash.digest();
return verify(sigBuffer, hash, key, this._signType, this._tag);
};
function createSign (algorithm) {
return new Sign(algorithm)
function createSign(algorithm) {
return new Sign(algorithm);
}
function createVerify (algorithm) {
return new Verify(algorithm)
function createVerify(algorithm) {
return new Verify(algorithm);
}

@@ -92,2 +92,2 @@

createVerify: createVerify
}
};

203

browser/sign.js

@@ -0,143 +1,150 @@

'use strict';
// much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
var Buffer = require('safe-buffer').Buffer
var createHmac = require('create-hmac')
var crt = require('browserify-rsa')
var EC = require('elliptic').ec
var BN = require('bn.js')
var parseKeys = require('parse-asn1')
var curves = require('./curves.json')
var Buffer = require('safe-buffer').Buffer;
var createHmac = require('create-hmac');
var crt = require('browserify-rsa');
var EC = require('elliptic').ec;
var BN = require('bn.js');
var parseKeys = require('parse-asn1');
var curves = require('./curves.json');
function sign (hash, key, hashType, signType, tag) {
var priv = parseKeys(key)
var RSA_PKCS1_PADDING = 1;
function sign(hash, key, hashType, signType, tag) {
var priv = parseKeys(key);
if (priv.curve) {
// rsa keys can be interpreted as ecdsa ones in openssl
if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') throw new Error('wrong private key type')
return ecSign(hash, priv)
if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') { throw new Error('wrong private key type'); }
return ecSign(hash, priv);
} else if (priv.type === 'dsa') {
if (signType !== 'dsa') throw new Error('wrong private key type')
return dsaSign(hash, priv, hashType)
} else {
if (signType !== 'rsa' && signType !== 'ecdsa/rsa') throw new Error('wrong private key type')
if (signType !== 'dsa') { throw new Error('wrong private key type'); }
return dsaSign(hash, priv, hashType);
}
hash = Buffer.concat([tag, hash])
var len = priv.modulus.byteLength()
var pad = [0, 1]
while (hash.length + pad.length + 1 < len) pad.push(0xff)
pad.push(0x00)
var i = -1
while (++i < hash.length) pad.push(hash[i])
if (signType !== 'rsa' && signType !== 'ecdsa/rsa') { throw new Error('wrong private key type'); }
if (key.padding !== undefined && key.padding !== RSA_PKCS1_PADDING) { throw new Error('illegal or unsupported padding mode'); }
var out = crt(pad, priv)
return out
hash = Buffer.concat([tag, hash]);
var len = priv.modulus.byteLength();
var pad = [0, 1];
while (hash.length + pad.length + 1 < len) { pad.push(0xff); }
pad.push(0x00);
var i = -1;
while (++i < hash.length) { pad.push(hash[i]); }
var out = crt(pad, priv);
return out;
}
function ecSign (hash, priv) {
var curveId = curves[priv.curve.join('.')]
if (!curveId) throw new Error('unknown curve ' + priv.curve.join('.'))
function ecSign(hash, priv) {
var curveId = curves[priv.curve.join('.')];
if (!curveId) { throw new Error('unknown curve ' + priv.curve.join('.')); }
var curve = new EC(curveId)
var key = curve.keyFromPrivate(priv.privateKey)
var out = key.sign(hash)
var curve = new EC(curveId);
var key = curve.keyFromPrivate(priv.privateKey);
var out = key.sign(hash);
return Buffer.from(out.toDER())
return Buffer.from(out.toDER());
}
function dsaSign (hash, priv, algo) {
var x = priv.params.priv_key
var p = priv.params.p
var q = priv.params.q
var g = priv.params.g
var r = new BN(0)
var k
var H = bits2int(hash, q).mod(q)
var s = false
var kv = getKey(x, q, hash, algo)
function dsaSign(hash, priv, algo) {
var x = priv.params.priv_key;
var p = priv.params.p;
var q = priv.params.q;
var g = priv.params.g;
var r = new BN(0);
var k;
var H = bits2int(hash, q).mod(q);
var s = false;
var kv = getKey(x, q, hash, algo);
while (s === false) {
k = makeKey(q, kv, algo)
r = makeR(g, k, p, q)
s = k.invm(q).imul(H.add(x.mul(r))).mod(q)
k = makeKey(q, kv, algo);
r = makeR(g, k, p, q);
s = k.invm(q).imul(H.add(x.mul(r))).mod(q);
if (s.cmpn(0) === 0) {
s = false
r = new BN(0)
s = false;
r = new BN(0);
}
}
return toDER(r, s)
return toDER(r, s);
}
function toDER (r, s) {
r = r.toArray()
s = s.toArray()
function toDER(r, s) {
r = r.toArray();
s = s.toArray();
// Pad values
if (r[0] & 0x80) r = [0].concat(r)
if (s[0] & 0x80) s = [0].concat(s)
if (r[0] & 0x80) { r = [0].concat(r); }
if (s[0] & 0x80) { s = [0].concat(s); }
var total = r.length + s.length + 4
var res = [0x30, total, 0x02, r.length]
res = res.concat(r, [0x02, s.length], s)
return Buffer.from(res)
var total = r.length + s.length + 4;
var res = [
0x30, total, 0x02, r.length
];
res = res.concat(r, [0x02, s.length], s);
return Buffer.from(res);
}
function getKey (x, q, hash, algo) {
x = Buffer.from(x.toArray())
function getKey(x, q, hash, algo) {
x = Buffer.from(x.toArray());
if (x.length < q.byteLength()) {
var zeros = Buffer.alloc(q.byteLength() - x.length)
x = Buffer.concat([zeros, x])
var zeros = Buffer.alloc(q.byteLength() - x.length);
x = Buffer.concat([zeros, x]);
}
var hlen = hash.length
var hbits = bits2octets(hash, q)
var v = Buffer.alloc(hlen)
v.fill(1)
var k = Buffer.alloc(hlen)
k = createHmac(algo, k).update(v).update(Buffer.from([0])).update(x).update(hbits).digest()
v = createHmac(algo, k).update(v).digest()
k = createHmac(algo, k).update(v).update(Buffer.from([1])).update(x).update(hbits).digest()
v = createHmac(algo, k).update(v).digest()
return { k: k, v: v }
var hlen = hash.length;
var hbits = bits2octets(hash, q);
var v = Buffer.alloc(hlen);
v.fill(1);
var k = Buffer.alloc(hlen);
k = createHmac(algo, k).update(v).update(Buffer.from([0])).update(x).update(hbits).digest();
v = createHmac(algo, k).update(v).digest();
k = createHmac(algo, k).update(v).update(Buffer.from([1])).update(x).update(hbits).digest();
v = createHmac(algo, k).update(v).digest();
return { k: k, v: v };
}
function bits2int (obits, q) {
var bits = new BN(obits)
var shift = (obits.length << 3) - q.bitLength()
if (shift > 0) bits.ishrn(shift)
return bits
function bits2int(obits, q) {
var bits = new BN(obits);
var shift = (obits.length << 3) - q.bitLength();
if (shift > 0) { bits.ishrn(shift); }
return bits;
}
function bits2octets (bits, q) {
bits = bits2int(bits, q)
bits = bits.mod(q)
var out = Buffer.from(bits.toArray())
function bits2octets(bits, q) {
bits = bits2int(bits, q);
bits = bits.mod(q);
var out = Buffer.from(bits.toArray());
if (out.length < q.byteLength()) {
var zeros = Buffer.alloc(q.byteLength() - out.length)
out = Buffer.concat([zeros, out])
var zeros = Buffer.alloc(q.byteLength() - out.length);
out = Buffer.concat([zeros, out]);
}
return out
return out;
}
function makeKey (q, kv, algo) {
var t
var k
function makeKey(q, kv, algo) {
var t;
var k;
do {
t = Buffer.alloc(0)
t = Buffer.alloc(0);
while (t.length * 8 < q.bitLength()) {
kv.v = createHmac(algo, kv.k).update(kv.v).digest()
t = Buffer.concat([t, kv.v])
kv.v = createHmac(algo, kv.k).update(kv.v).digest();
t = Buffer.concat([t, kv.v]);
}
k = bits2int(t, q)
kv.k = createHmac(algo, kv.k).update(kv.v).update(Buffer.from([0])).digest()
kv.v = createHmac(algo, kv.k).update(kv.v).digest()
} while (k.cmp(q) !== -1)
k = bits2int(t, q);
kv.k = createHmac(algo, kv.k).update(kv.v).update(Buffer.from([0])).digest();
kv.v = createHmac(algo, kv.k).update(kv.v).digest();
} while (k.cmp(q) !== -1);
return k
return k;
}
function makeR (g, k, p, q) {
return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q)
function makeR(g, k, p, q) {
return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q);
}
module.exports = sign
module.exports.getKey = getKey
module.exports.makeKey = makeKey
module.exports = sign;
module.exports.getKey = getKey;
module.exports.makeKey = makeKey;

116

browser/verify.js

@@ -0,70 +1,72 @@

'use strict';
// much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
var Buffer = require('safe-buffer').Buffer
var BN = require('bn.js')
var EC = require('elliptic').ec
var parseKeys = require('parse-asn1')
var curves = require('./curves.json')
var Buffer = require('safe-buffer').Buffer;
var BN = require('bn.js');
var EC = require('elliptic').ec;
var parseKeys = require('parse-asn1');
var curves = require('./curves.json');
function verify (sig, hash, key, signType, tag) {
var pub = parseKeys(key)
function verify(sig, hash, key, signType, tag) {
var pub = parseKeys(key);
if (pub.type === 'ec') {
// rsa keys can be interpreted as ecdsa ones in openssl
if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
return ecVerify(sig, hash, pub)
if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') { throw new Error('wrong public key type'); }
return ecVerify(sig, hash, pub);
} else if (pub.type === 'dsa') {
if (signType !== 'dsa') throw new Error('wrong public key type')
return dsaVerify(sig, hash, pub)
} else {
if (signType !== 'rsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
if (signType !== 'dsa') { throw new Error('wrong public key type'); }
return dsaVerify(sig, hash, pub);
}
hash = Buffer.concat([tag, hash])
var len = pub.modulus.byteLength()
var pad = [1]
var padNum = 0
if (signType !== 'rsa' && signType !== 'ecdsa/rsa') { throw new Error('wrong public key type'); }
hash = Buffer.concat([tag, hash]);
var len = pub.modulus.byteLength();
var pad = [1];
var padNum = 0;
while (hash.length + pad.length + 2 < len) {
pad.push(0xff)
padNum++
pad.push(0xff);
padNum += 1;
}
pad.push(0x00)
var i = -1
pad.push(0x00);
var i = -1;
while (++i < hash.length) {
pad.push(hash[i])
pad.push(hash[i]);
}
pad = Buffer.from(pad)
var red = BN.mont(pub.modulus)
sig = new BN(sig).toRed(red)
pad = Buffer.from(pad);
var red = BN.mont(pub.modulus);
sig = new BN(sig).toRed(red);
sig = sig.redPow(new BN(pub.publicExponent))
sig = Buffer.from(sig.fromRed().toArray())
var out = padNum < 8 ? 1 : 0
len = Math.min(sig.length, pad.length)
if (sig.length !== pad.length) out = 1
sig = sig.redPow(new BN(pub.publicExponent));
sig = Buffer.from(sig.fromRed().toArray());
var out = padNum < 8 ? 1 : 0;
len = Math.min(sig.length, pad.length);
if (sig.length !== pad.length) { out = 1; }
i = -1
while (++i < len) out |= sig[i] ^ pad[i]
return out === 0
i = -1;
while (++i < len) { out |= sig[i] ^ pad[i]; }
return out === 0;
}
function ecVerify (sig, hash, pub) {
var curveId = curves[pub.data.algorithm.curve.join('.')]
if (!curveId) throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.'))
function ecVerify(sig, hash, pub) {
var curveId = curves[pub.data.algorithm.curve.join('.')];
if (!curveId) { throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.')); }
var curve = new EC(curveId)
var pubkey = pub.data.subjectPrivateKey.data
var curve = new EC(curveId);
var pubkey = pub.data.subjectPrivateKey.data;
return curve.verify(hash, sig, pubkey)
return curve.verify(hash, sig, pubkey);
}
function dsaVerify (sig, hash, pub) {
var p = pub.data.p
var q = pub.data.q
var g = pub.data.g
var y = pub.data.pub_key
var unpacked = parseKeys.signature.decode(sig, 'der')
var s = unpacked.s
var r = unpacked.r
checkValue(s, q)
checkValue(r, q)
var montp = BN.mont(p)
var w = s.invm(q)
function dsaVerify(sig, hash, pub) {
var p = pub.data.p;
var q = pub.data.q;
var g = pub.data.g;
var y = pub.data.pub_key;
var unpacked = parseKeys.signature.decode(sig, 'der');
var s = unpacked.s;
var r = unpacked.r;
checkValue(s, q);
checkValue(r, q);
var montp = BN.mont(p);
var w = s.invm(q);
var v = g.toRed(montp)

@@ -75,11 +77,11 @@ .redPow(new BN(hash).mul(w).mod(q))

.mod(p)
.mod(q)
return v.cmp(r) === 0
.mod(q);
return v.cmp(r) === 0;
}
function checkValue (b, q) {
if (b.cmpn(0) <= 0) throw new Error('invalid sig')
if (b.cmp(q) >= q) throw new Error('invalid sig')
function checkValue(b, q) {
if (b.cmpn(0) <= 0) { throw new Error('invalid sig'); }
if (b.cmp(q) >= 0) { throw new Error('invalid sig'); }
}
module.exports = verify
module.exports = verify;

12

index.js

@@ -1,7 +0,9 @@

var crypto = require('crypto')
'use strict';
exports.createSign = crypto.createSign
exports.Sign = crypto.Sign
var crypto = require('crypto');
exports.createVerify = crypto.createVerify
exports.Verify = crypto.Verify
exports.createSign = crypto.createSign;
exports.Sign = crypto.Sign;
exports.createVerify = crypto.createVerify;
exports.Verify = crypto.Verify;

109

package.json
{
"name": "browserify-sign",
"version": "4.2.1",
"description": "adds node crypto signing for browsers",
"bugs": {
"url": "https://github.com/crypto-browserify/browserify-sign/issues"
},
"license": "ISC",
"files": [
"browser",
"index.js",
"algos.js"
],
"main": "index.js",
"repository": {
"type": "git",
"url": "https://github.com/crypto-browserify/browserify-sign.git"
},
"scripts": {
"coverage": "nyc npm run unit",
"lint": "standard",
"test": "npm run lint && npm run unit",
"unit": "tape test/*.js"
},
"dependencies": {
"bn.js": "^5.1.1",
"browserify-rsa": "^4.0.1",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
"elliptic": "^6.5.3",
"inherits": "^2.0.4",
"parse-asn1": "^5.1.5",
"readable-stream": "^3.6.0",
"safe-buffer": "^5.2.0"
},
"devDependencies": {
"nyc": "^15.0.1",
"standard": "^14.3.3",
"tape": "^5.0.0"
},
"browser": "browser/index.js"
"name": "browserify-sign",
"version": "4.2.2",
"description": "adds node crypto signing for browsers",
"bugs": {
"url": "https://github.com/crypto-browserify/browserify-sign/issues"
},
"license": "ISC",
"files": [
"browser",
"index.js",
"algos.js"
],
"main": "index.js",
"repository": {
"type": "git",
"url": "https://github.com/crypto-browserify/browserify-sign.git"
},
"scripts": {
"prepack": "npmignore --auto --commentLines=autogenerated",
"prepublish": "not-in-publish || npm run prepublishOnly",
"prepublishOnly": "safe-publish-latest",
"lint": "eslint --ext=js,mjs .",
"tests-only": "nyc tape 'test/**/*.js'",
"pretest": "npm run lint",
"test": "npm run tests-only",
"posttest": "aud --production",
"version": "auto-changelog && git add CHANGELOG.md",
"postversion": "auto-changelog && git add CHANGELOG.md && git commit --no-edit --amend && git tag -f \"v$(node -e \"console.log(require('./package.json').version)\")\""
},
"dependencies": {
"bn.js": "^5.2.1",
"browserify-rsa": "^4.1.0",
"create-hash": "^1.2.0",
"create-hmac": "^1.1.7",
"elliptic": "^6.5.4",
"inherits": "^2.0.4",
"parse-asn1": "^5.1.6",
"readable-stream": "^3.6.2",
"safe-buffer": "^5.2.1"
},
"devDependencies": {
"@ljharb/eslint-config": "^21.1.0",
"aud": "^2.0.3",
"auto-changelog": "^2.4.0",
"eslint": "=8.8.0",
"in-publish": "^2.0.1",
"npmignore": "^0.3.0",
"nyc": "^10.3.2",
"safe-publish-latest": "^2.0.0",
"semver": "^6.3.1",
"tape": "^5.7.2"
},
"browser": "browser/index.js",
"engines": {
"node": ">= 4"
},
"auto-changelog": {
"output": "CHANGELOG.md",
"template": "keepachangelog",
"unreleased": false,
"commitLimit": false,
"backfillLimit": false,
"hideCredit": true
},
"publishConfig": {
"ignore": [
".github/workflows"
]
}
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc