Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

http_ece

Package Overview
Dependencies
Maintainers
1
Versions
22
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

http_ece - npm Package Compare versions

Comparing version 0.4.1 to 0.4.3

encrypt.js~

44

ece.js

@@ -17,2 +17,11 @@ 'use strict';

var keylog;
if (process.env.ECE_KEYLOG === '1') {
keylog = function(m, k) {
console.warn(m + ' [' + k.length + ']: ' + base64.encode(k));
};
} else {
keylog = function() {};
}
function HMAC_hash(key, input) {

@@ -49,6 +58,8 @@ var hmac = crypto.createHmac('sha256', key);

function info(base, context) {
return Buffer.concat([
var result = Buffer.concat([
new Buffer('Content-Encoding: ' + base + '\0', 'ascii'),
context
]);
keylog('info ' + base, result);
return result;
}

@@ -118,5 +129,8 @@

}
keylog('secret', result.secret);
keylog('context', result.context);
if (params.authSecret) {
result.secret = HKDF(base64.decode(params.authSecret), result.secret,
info('auth', new Buffer(0)), SHA_256_LENGTH);
info('auth', new Buffer(0)), SHA_256_LENGTH);
keylog('authsecret', result.secret);
}

@@ -127,9 +141,23 @@ return result;

function deriveKeyAndNonce(params, mode) {
var padSize = params.padSize || PAD_SIZE;
var salt = extractSalt(params.salt);
var s = extractSecretAndContext(params, mode);
var prk = HKDF_extract(salt, s.secret);
var keyInfo;
var nonceInfo;
if (padSize === 1) {
keyInfo = 'Content-Encoding: aesgcm128';
nonceInfo = 'Content-Encoding: nonce';
} else if (padSize === 2) {
keyInfo = info('aesgcm128', s.context);
nonceInfo = info('nonce', s.context);
} else {
throw new Error('Unable to set context for padSize ' + params.padSize);
}
var result = {
key: HKDF_expand(prk, info('aesgcm128', s.context), KEY_LENGTH),
nonce: HKDF_expand(prk, info('nonce', s.context), NONCE_LENGTH)
key: HKDF_expand(prk, keyInfo, KEY_LENGTH),
nonce: HKDF_expand(prk, nonceInfo, NONCE_LENGTH)
};
keylog('key', result.key);
keylog('nonce base', result.nonce);
return result;

@@ -156,2 +184,3 @@ }

nonce.writeUIntBE(x, nonce.length - 6, 6);
keylog('nonce' + counter, nonce);
return nonce;

@@ -161,2 +190,3 @@ }

function decryptRecord(key, counter, buffer, padSize) {
keylog('decrypt', buffer);
var nonce = generateNonce(key.nonce, counter);

@@ -167,2 +197,3 @@ var gcm = crypto.createDecipheriv(AES_GCM, key.key, nonce);

data = Buffer.concat([data, gcm.final()]);
keylog('decrypted', data);
padSize = padSize || PAD_SIZE

@@ -216,2 +247,3 @@ var pad = data.readUIntBE(0, padSize);

function encryptRecord(key, counter, buffer, pad, padSize) {
keylog('encrypt', buffer);
pad = pad || 0;

@@ -231,3 +263,5 @@ var nonce = generateNonce(key.nonce, counter);

}
return Buffer.concat([epadding, ebuffer, tag]);
var encrypted = Buffer.concat([epadding, ebuffer, tag]);
keylog('encrypted', encrypted);
return encrypted;
}

@@ -234,0 +268,0 @@

4

package.json
{
"name": "http_ece",
"version": "0.4.1",
"version": "0.4.3",
"description": "Encrypted Content-Encoding for HTTP",

@@ -18,3 +18,3 @@ "homepage": "https://github.com/martinthomson/encrypted-content-encoding",

"scripts": { "test": "node ./test.js" },
"engines" : { "node" : ">=0.12" },
"engines" : { "node" : ">=4.0.0" },
"dependencies": {

@@ -21,0 +21,0 @@ "urlsafe-base64": "~1.0.0"

decrypt-dh.js
encrypt-dh.js
.npmignore

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc