http_ece
Advanced tools
Comparing version 0.7.2 to 1.0.0
69
ece.js
@@ -23,6 +23,2 @@ 'use strict'; | ||
| var saved = { | ||
| keymap: {}, | ||
| keylabels: {} | ||
| }; | ||
| var AES_GCM = 'aes-128-gcm'; | ||
@@ -106,11 +102,2 @@ var PAD_SIZE = { 'aes128gcm': 1, 'aesgcm': 2, 'aesgcm128': 1 }; | ||
| var key = header.privateKey; | ||
| if (!key) { | ||
| if (!header.keymap || !header.keyid || !header.keymap[header.keyid]) { | ||
| throw new Error('No known DH key for ' + header.keyid); | ||
| } | ||
| key = header.keymap[header.keyid]; | ||
| } | ||
| if (!header.keylabels[header.keyid]) { | ||
| throw new Error('No known DH key label for ' + header.keyid); | ||
| } | ||
| var senderPubKey, receiverPubKey; | ||
@@ -130,3 +117,3 @@ if (mode === MODE_ENCRYPT) { | ||
| context: Buffer.concat([ | ||
| Buffer.from(header.keylabels[header.keyid], 'ascii'), | ||
| Buffer.from(header.keylabel, 'ascii'), | ||
| Buffer.from([0]), | ||
@@ -254,8 +241,4 @@ lengthPrefix(receiverPubKey), // user agent | ||
| var header = {}; | ||
| if (params.version) { | ||
| header.version = params.version; | ||
| } else { | ||
| header.version = (params.padSize === 1) ? 'aesgcm128' : 'aesgcm'; | ||
| } | ||
| header.version = params.version || 'aes128gcm'; | ||
| header.rs = parseInt(params.rs, 10); | ||
@@ -288,3 +271,3 @@ if (isNaN(header.rs)) { | ||
| if (header.version !== 'aes128gcm') { | ||
| header.keylabels = params.keylabels || saved.keylabels; | ||
| header.keylabel = params.keylabel || 'P-256'; | ||
| } | ||
@@ -370,4 +353,2 @@ if (params.dh) { | ||
| // TODO: this really should use the node streams stuff | ||
| /** | ||
@@ -379,16 +360,11 @@ * Decrypt some bytes. This uses the parameters to determine the key and block | ||
| * but aesgcm and aesgcm128 are also accepted (though the latter two might | ||
| * disappear in a future release). If omitted, assume aesgcm, unless | ||
| * |params.padSize| is set to 1, which means aesgcm128. | ||
| * disappear in a future release). If omitted, assume aes128gcm. | ||
| * | ||
| * If |params.key| is specified, that value is used as the key. | ||
| * | ||
| * If |params.keyid| is specified without |params.dh|, the keyid value is used | ||
| * to lookup the |params.keymap| for a buffer containing the key. | ||
| * If the version is aes128gcm, the keyid is extracted from the header and used | ||
| * as the ECDH public key of the sender. For version aesgcm and aesgcm128, | ||
| * |params.dh| needs to be provided with the public key of the sender. | ||
| * | ||
| * For version aesgcm and aesgcm128, |params.dh| includes the public key of the sender. The ECDH key | ||
| * pair used to decrypt is looked up using |params.keymap[params.keyid]|. | ||
| * | ||
| * Version aes128gcm is stricter. The |params.privateKey| includes the private | ||
| * key of the receiver. The keyid is extracted from the header and used as the | ||
| * ECDH public key of the sender. | ||
| * The |params.privateKey| includes the private key of the receiver. | ||
| */ | ||
@@ -480,17 +456,9 @@ function decrypt(buffer, params) { | ||
| * but aesgcm and aesgcm128 are also accepted (though the latter two might | ||
| * disappear in a future release). If omitted, assume aesgcm, unless | ||
| * |params.padSize| is set to 1, which means aesgcm128. | ||
| * disappear in a future release). If omitted, assume aes128gcm. | ||
| * | ||
| * If |params.key| is specified, that value is used as the key. | ||
| * | ||
| * If |params.keyid| is specified without |params.dh|, the keyid value is used | ||
| * to lookup the |params.keymap| for a buffer containing the key. This feature | ||
| * is deprecated in favour of just including |params.key| or |params.privateKey|. | ||
| * | ||
| * For Diffie-Hellman (WebPush), |params.dh| includes the public key of the | ||
| * receiver. |params.privateKey| is used to establish a shared secret. For | ||
| * versions aesgcm and aesgcm128, if a private key is not provided, the ECDH key | ||
| * pair used to encrypt is looked up using |params.keymap[params.keyid]|, and | ||
| * |params.keymap| defaults to the values saved with saveKey(). Key pairs can | ||
| * be created using |crypto.createECDH()|. | ||
| * receiver. |params.privateKey| is used to establish a shared secret. Key | ||
| * pairs can be created using |crypto.createECDH()|. | ||
| */ | ||
@@ -508,3 +476,3 @@ function encrypt(buffer, params) { | ||
| if (header.version === 'aes128gcm') { | ||
| // Save the DH public key in the header. | ||
| // Save the DH public key in the header unless keyid is set. | ||
| if (header.privateKey && !header.keyid) { | ||
@@ -560,16 +528,5 @@ header.keyid = header.privateKey.getPublicKey(); | ||
| /** | ||
| * Deprecated. Use the keymap and keylabels arguments to encrypt()/decrypt(). | ||
| */ | ||
| function saveKey(id, key, dhLabel) { | ||
| saved.keymap[id] = key; | ||
| if (dhLabel) { | ||
| saved.keylabels[id] = dhLabel; | ||
| } | ||
| } | ||
| module.exports = { | ||
| decrypt: decrypt, | ||
| encrypt: encrypt, | ||
| saveKey: saveKey | ||
| encrypt: encrypt | ||
| }; |
| { | ||
| "name": "http_ece", | ||
| "version": "0.7.2", | ||
| "version": "1.0.0", | ||
| "description": "Encrypted Content-Encoding for HTTP", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/martinthomson/encrypted-content-encoding", |
Fixed alerts
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-7.33%
19708
- Lines of code
- decreased by-7.88%
479
No dependency changes