edgedb - npm Package Compare versions

Comparing version 1.6.0-canary.20240722T182347 to 1.6.0-canary.20240724T153729

dist/adapter.crypto.node.js

@@ -5,31 +5,7 @@ "use strict";
 if (typeof crypto === "undefined") {
-    const nodeCrypto = require("crypto");
-    cryptoUtils = {
-        randomBytes(size) {
-            return new Promise((resolve, reject) => {
-                nodeCrypto.randomBytes(size, (err, buf) => {
-                    if (err) {
-                        reject(err);
-                    }
-                    else {
-                        resolve(buf);
-                    }
-                });
-            });
-        },
-        async H(msg) {
-            const sign = nodeCrypto.createHash("sha256");
-            sign.update(msg);
-            return sign.digest();
-        },
-        async HMAC(key, msg) {
-            const hm = nodeCrypto.createHmac("sha256", key);
-            hm.update(msg);
-            return hm.digest();
-        },
-    };
+    cryptoUtils = require("./nodeCrypto").cryptoUtils;
 }
 else {
-    cryptoUtils = require("./browserCrypto").default;
+    cryptoUtils = require("./browserCrypto").cryptoUtils;
 }
 exports.default = cryptoUtils;

dist/browserClient.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
@@ -10,3 +7,3 @@ exports.createClient = createClient;
 const conUtils_1 = require("./conUtils");
-const browserCrypto_1 = __importDefault(require("./browserCrypto"));
+const browserCrypto_1 = require("./browserCrypto");
 const errors_1 = require("./errors");
@@ -17,3 +14,3 @@ const fetchConn_1 = require("./fetchConn");
 const parseConnectArguments = (0, conUtils_1.getConnectArgumentsParser)(null);
-const httpSCRAMAuth = (0, httpScram_1.getHTTPSCRAMAuth)(browserCrypto_1.default);
+const httpSCRAMAuth = (0, httpScram_1.getHTTPSCRAMAuth)(browserCrypto_1.cryptoUtils);
 class FetchClientPool extends baseClient_1.BaseClientPool {
@@ -20,0 +17,0 @@ isStateless = true;

dist/browserCrypto.d.ts

 import type { CryptoUtils } from "./utils";
-declare const cryptoUtils: CryptoUtils;
-export default cryptoUtils;
+export declare const cryptoUtils: CryptoUtils;

dist/browserCrypto.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-const cryptoUtils = {
-    async randomBytes(size) {
-        return crypto.getRandomValues(new Uint8Array(size));
-    },
-    async H(msg) {
-        return new Uint8Array(await crypto.subtle.digest("SHA-256", msg));
-    },
-    async HMAC(key, msg) {
-        return new Uint8Array(await crypto.subtle.sign("HMAC", await crypto.subtle.importKey("raw", key, {
-            name: "HMAC",
-            hash: { name: "SHA-256" },
-        }, false, ["sign"]), msg));
-    },
+exports.cryptoUtils = void 0;
+async function makeKey(key) {
+    return await crypto.subtle.importKey("raw", key, {
+        name: "HMAC",
+        hash: { name: "SHA-256" },
+    }, false, ["sign"]);
+}
+function randomBytes(size) {
+    return crypto.getRandomValues(new Uint8Array(size));
+}
+async function H(msg) {
+    return new Uint8Array(await crypto.subtle.digest("SHA-256", msg));
+}
+async function HMAC(key, msg) {
+    const cryptoKey = key instanceof Uint8Array ? (await makeKey(key)) : key;
+    return new Uint8Array(await crypto.subtle.sign("HMAC", cryptoKey, msg));
+}
+exports.cryptoUtils = {
+    makeKey,
+    randomBytes,
+    H,
+    HMAC,
 };
-exports.default = cryptoUtils;

dist/httpScram.js

@@ -12,3 +12,3 @@ "use strict";
         const authUrl = baseUrl + AUTH_ENDPOINT;
-        const clientNonce = await generateNonce();
+        const clientNonce = generateNonce();
         const [clientFirst, clientFirstBare] = buildClientFirstMessage(clientNonce, username);
@@ -15,0 +15,0 @@ const serverFirstRes = await fetch(authUrl, {

dist/rawConn.js

@@ -380,3 +380,3 @@ "use strict";
         }
-        const clientNonce = await scram.generateNonce();
+        const clientNonce = scram.generateNonce();
         const [clientFirst, clientFirstBare] = scram.buildClientFirstMessage(clientNonce, this.config.connectionParams.user);
@@ -383,0 +383,0 @@ const wb = new buffer_1.WriteMessageBuffer();

dist/scram.d.ts

@@ -20,5 +20,5 @@ /*!
 export declare function saslprep(str: string): string;
-export declare function getSCRAM({ randomBytes, H, HMAC }: CryptoUtils): {
+export declare function getSCRAM({ randomBytes, H, HMAC, makeKey }: CryptoUtils): {
     bufferEquals: (a: Uint8Array, b: Uint8Array) => boolean;
-    generateNonce: (length?: number) => Promise<Uint8Array>;
+    generateNonce: (length?: number) => Uint8Array;
     buildClientFirstMessage: (clientNonce: Uint8Array, username: string) => [string, string];
@@ -25,0 +25,0 @@ parseServerFirstMessage: (msg: string) => [Uint8Array, Uint8Array, number];

dist/scram.js

@@ -28,3 +28,3 @@ "use strict";
 }
-function getSCRAM({ randomBytes, H, HMAC }) {
+function getSCRAM({ randomBytes, H, HMAC, makeKey }) {
     function bufferEquals(a, b) {
@@ -116,6 +116,7 @@ if (a.length !== b.length) {
         msg.set([0, 0, 0, 1], salt.length);
-        let Hi = await HMAC(password, msg);
+        const keyFromPassword = await makeKey(password);
+        let Hi = await HMAC(keyFromPassword, msg);
         let Ui = Hi;
         for (let _ = 0; _ < iterations - 1; _++) {
-            Ui = await HMAC(password, Ui);
+            Ui = await HMAC(keyFromPassword, Ui);
             Hi = _XOR(Hi, Ui);
@@ -122,0 +123,0 @@ }

dist/utils.d.ts

@@ -26,7 +26,8 @@ /*!
 export interface CryptoUtils {
-    randomBytes: (size: number) => Promise<Uint8Array>;
+    makeKey: (key: Uint8Array) => Promise<Uint8Array | CryptoKey>;
+    randomBytes: (size: number) => Uint8Array;
     H: (msg: Uint8Array) => Promise<Uint8Array>;
-    HMAC: (key: Uint8Array, msg: Uint8Array) => Promise<Uint8Array>;
+    HMAC: (key: Uint8Array | CryptoKey, msg: Uint8Array) => Promise<Uint8Array>;
 }
 export type AuthenticatedFetch = (path: string, init: RequestInit) => Promise<Response>;
 export declare function getAuthenticatedFetch(config: ResolvedConnectConfigReadonly, httpSCRAMAuth: HttpSCRAMAuth, basePath?: string): Promise<AuthenticatedFetch>;

package.json

 {
   "name": "edgedb",
-  "version": "1.6.0-canary.20240722T182347",
+  "version": "1.6.0-canary.20240724T153729",
   "description": "The official Node.js client library for EdgeDB",
@@ -48,3 +48,3 @@ "homepage": "https://edgedb.com/docs",
     "build:deno": "deno run --unstable --allow-all ./buildDeno.ts",
-    "test": "npx jest --detectOpenHandles",
+    "test": "NODE_OPTIONS='--experimental-global-webcrypto' npx jest --detectOpenHandles",
     "lint": "tslint 'packages/*/src/**/*.ts'",
@@ -51,0 +51,0 @@ "format": "prettier --write 'src/**/*.ts' 'test/**/*.ts'",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

546440

increased by0.09%

Number of package files

159

increased by1.27%

Lines of code

14228

increased by0.1%

No dependency changes