dag-jose - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

lib/signing.js

@@ -38,4 +38,11 @@ "use strict";
 function encode(jws) {
+    const payload = base64url_1.default.toBuffer(jws.payload);
+    try {
+        new cids_1.default(payload);
+    }
+    catch (e) {
+        throw new Error('Not a valid DagJWS');
+    }
     const encodedJws = {
-        payload: base64url_1.default.toBuffer(jws.payload),
+        payload,
         signatures: jws.signatures.map(encodeSignature),
@@ -42,0 +49,0 @@ };

package.json

 {
   "name": "dag-jose",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Typescript implementation of the IPLD dag-jose format",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

src/signing.ts

@@ -55,4 +55,10 @@ import CID from 'cids'
 function encode(jws: DagJWS): EncodedJWS {
+  const payload = base64url.toBuffer(jws.payload)
+  try {
+    new CID(payload)
+  } catch (e) {
+    throw new Error('Not a valid DagJWS')
+  }
   const encodedJws: EncodedJWS = {
-    payload: base64url.toBuffer(jws.payload),
+    payload,
     signatures: jws.signatures.map(encodeSignature),
@@ -59,0 +65,0 @@ }

test/signing.test.ts

 import signing, { createDagJWS, verifyDagJWS } from '../src/signing'
 import fixtures from './__fixtures__/signing.fixtures'
+import base64url from 'base64url'
 import CID from 'cids'
@@ -51,2 +52,8 @@ import { EllipticSigner } from 'did-jwt'
     })
+
+    it('Throws if payload is not a CID', async () => {
+      const payload = base64url.encode(JSON.stringify({ json: 'payload' }))
+      const notDagJws = Object.assign({}, fixtures.dagJws.oneSig[0], { payload })
+      expect(() => signing.encode(notDagJws)).toThrow('Not a valid DagJWS')
+    })
   })
@@ -53,0 +60,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

41297

increased by1.77%

Lines of code

867

increased by2.24%

No dependency changes