http_ece - npm Package Compare versions
Comparing version 1.1.0 to 1.2.0
86
ece.js
@@ -15,12 +15,8 @@ 'use strict'; | ||
| * This version is selected by default, unless you specify a |padSize| of 1. | ||
| * | ||
| * aesgcm128: This version is old and will be removed in an upcoming release. | ||
| * This version is selected by providing a |padSize| parameter of 1. | ||
| */ | ||
| var crypto = require('crypto'); | ||
| var base64 = require('urlsafe-base64'); | ||
| var AES_GCM = 'aes-128-gcm'; | ||
| var PAD_SIZE = { 'aes128gcm': 1, 'aesgcm': 2, 'aesgcm128': 1 }; | ||
| var PAD_SIZE = { 'aes128gcm': 1, 'aesgcm': 2 }; | ||
| var TAG_LENGTH = 16; | ||
@@ -36,3 +32,3 @@ var KEY_LENGTH = 16; | ||
| keylog = function(m, k) { | ||
| console.warn(m + ' [' + k.length + ']: ' + base64.encode(k)); | ||
| console.warn(m + ' [' + k.length + ']: ' + k.toString('base64url')); | ||
| return k; | ||
@@ -47,3 +43,3 @@ }; | ||
| if (typeof b === 'string') { | ||
| return base64.decode(b); | ||
| return Buffer.from(b, 'base64url'); | ||
| } | ||
@@ -69,7 +65,7 @@ return b; | ||
| keylog('info', info); | ||
| var output = new Buffer(0); | ||
| var T = new Buffer(0); | ||
| info = new Buffer(info, 'ascii'); | ||
| var output = Buffer.alloc(0); | ||
| var T = Buffer.alloc(0); | ||
| info = Buffer.from(info, 'ascii'); | ||
| var counter = 0; | ||
| var cbuf = new Buffer(1); | ||
| var cbuf = Buffer.alloc(1); | ||
| while (output.length < l) { | ||
@@ -90,3 +86,3 @@ cbuf.writeUIntBE(++counter, 0, 1); | ||
| var result = Buffer.concat([ | ||
| new Buffer('Content-Encoding: ' + base + '\0', 'ascii'), | ||
| Buffer.from('Content-Encoding: ' + base + '\0', 'ascii'), | ||
| context | ||
@@ -99,3 +95,3 @@ ]); | ||
| function lengthPrefix(buffer) { | ||
| var b = Buffer.concat([new Buffer(2), buffer]); | ||
| var b = Buffer.concat([Buffer.alloc(2), buffer]); | ||
| b.writeUIntBE(buffer.length, 0, 2); | ||
@@ -130,3 +126,3 @@ return b; | ||
| function extractSecretAndContext(header, mode) { | ||
| var result = { secret: null, context: new Buffer(0) }; | ||
| var result = { secret: null, context: Buffer.alloc(0) }; | ||
| if (header.key) { | ||
@@ -149,3 +145,3 @@ result.secret = header.key; | ||
| result.secret = HKDF(header.authSecret, result.secret, | ||
| info('auth', new Buffer(0)), SHA_256_LENGTH); | ||
| info('auth', Buffer.alloc(0)), SHA_256_LENGTH); | ||
| keylog('authsecret', result.secret); | ||
@@ -187,3 +183,9 @@ } | ||
| function extractSecret(header, mode) { | ||
| function extractSecret(header, mode, keyLookupCallback) { | ||
| if (keyLookupCallback) { | ||
| if (!isFunction(keyLookupCallback)) { | ||
| throw new Error('Callback is not a function') | ||
| } | ||
| } | ||
| if (header.key) { | ||
@@ -198,3 +200,7 @@ if (header.key.length !== KEY_LENGTH) { | ||
| // Lookup based on keyid | ||
| var key = header.keymap && header.keymap[header.keyid]; | ||
| if (!keyLookupCallback) { | ||
| var key = header.keymap && header.keymap[header.keyid]; | ||
| } else { | ||
| var key = keyLookupCallback(header.keyid) | ||
| } | ||
| if (!key) { | ||
@@ -209,3 +215,3 @@ throw new Error('No saved key (keyid: "' + header.keyid + '")'); | ||
| function deriveKeyAndNonce(header, mode) { | ||
| function deriveKeyAndNonce(header, mode, lookupKeyCallback) { | ||
| if (!header.salt) { | ||
@@ -217,10 +223,5 @@ throw new Error('must include a salt parameter for ' + header.version); | ||
| var secret; | ||
| if (header.version === 'aesgcm128') { | ||
| // really old | ||
| keyInfo = 'Content-Encoding: aesgcm128'; | ||
| nonceInfo = 'Content-Encoding: nonce'; | ||
| secret = extractSecretAndContext(header, mode).secret; | ||
| } else if (header.version === 'aesgcm') { | ||
| if (header.version === 'aesgcm') { | ||
| // old | ||
| var s = extractSecretAndContext(header, mode); | ||
| var s = extractSecretAndContext(header, mode, lookupKeyCallback); | ||
| keyInfo = info('aesgcm', s.context); | ||
@@ -233,5 +234,5 @@ nonceInfo = info('nonce', s.context); | ||
| nonceInfo = Buffer.from('Content-Encoding: nonce\0'); | ||
| secret = extractSecret(header, mode); | ||
| secret = extractSecret(header, mode, lookupKeyCallback); | ||
| } else { | ||
| throw new Error('Unable to set context for mode ' + params.version); | ||
| throw new Error('Unable to set context for mode ' + header.version); | ||
| } | ||
@@ -293,3 +294,3 @@ var prk = HKDF_extract(header.salt, secret); | ||
| function generateNonce(base, counter) { | ||
| var nonce = new Buffer(base); | ||
| var nonce = Buffer.from(base); | ||
| var m = nonce.readUIntBE(nonce.length - 6, 6); | ||
@@ -320,3 +321,3 @@ var x = ((m ^ counter) & 0xffffff) + | ||
| keylog('padding', data.slice(0, padSize + pad)); | ||
| var padCheck = new Buffer(pad); | ||
| var padCheck = Buffer.alloc(pad); | ||
| padCheck.fill(0); | ||
@@ -368,3 +369,3 @@ if (padCheck.compare(data.slice(padSize, padSize + pad)) !== 0) { | ||
| * |params.version| contains the version of encoding to use: aes128gcm is the latest, | ||
| * but aesgcm and aesgcm128 are also accepted (though the latter two might | ||
| * but aesgcm is also accepted (though the latter might | ||
| * disappear in a future release). If omitted, assume aes128gcm. | ||
@@ -375,3 +376,3 @@ * | ||
| * If the version is aes128gcm, the keyid is extracted from the header and used | ||
| * as the ECDH public key of the sender. For version aesgcm and aesgcm128, | ||
| * as the ECDH public key of the sender. For version aesgcm , | ||
| * |params.dh| needs to be provided with the public key of the sender. | ||
@@ -381,3 +382,3 @@ * | ||
| */ | ||
| function decrypt(buffer, params) { | ||
| function decrypt(buffer, params, keyLookupCallback) { | ||
| var header = parseParams(params); | ||
@@ -388,5 +389,5 @@ if (header.version === 'aes128gcm') { | ||
| } | ||
| var key = deriveKeyAndNonce(header, MODE_DECRYPT); | ||
| var key = deriveKeyAndNonce(header, MODE_DECRYPT, keyLookupCallback); | ||
| var start = 0; | ||
| var result = new Buffer(0); | ||
| var result = Buffer.alloc(0); | ||
@@ -423,3 +424,3 @@ var chunkSize = header.rs; | ||
| var padSize = PAD_SIZE[header.version]; | ||
| var padding = new Buffer(pad + padSize); | ||
| var padding = Buffer.alloc(pad + padSize); | ||
| padding.fill(0); | ||
@@ -453,3 +454,3 @@ | ||
| function writeHeader(header) { | ||
| var ints = new Buffer(5); | ||
| var ints = Buffer.alloc(5); | ||
| var keyid = Buffer.from(header.keyid || []); | ||
@@ -469,3 +470,3 @@ if (keyid.length > 255) { | ||
| * |params.version| contains the version of encoding to use: aes128gcm is the latest, | ||
| * but aesgcm and aesgcm128 are also accepted (though the latter two might | ||
| * but aesgcm is also accepted (though the latter two might | ||
| * disappear in a future release). If omitted, assume aes128gcm. | ||
@@ -479,3 +480,3 @@ * | ||
| */ | ||
| function encrypt(buffer, params) { | ||
| function encrypt(buffer, params, keyLookupCallback) { | ||
| if (!Buffer.isBuffer(buffer)) { | ||
@@ -498,6 +499,6 @@ throw new Error('buffer argument must be a Buffer'); | ||
| // No header on other versions | ||
| result = new Buffer(0); | ||
| result = Buffer.alloc(0); | ||
| } | ||
| var key = deriveKeyAndNonce(header, MODE_ENCRYPT); | ||
| var key = deriveKeyAndNonce(header, MODE_ENCRYPT, keyLookupCallback); | ||
| var start = 0; | ||
@@ -543,2 +544,7 @@ var padSize = PAD_SIZE[header.version]; | ||
| function isFunction(object) { | ||
| return typeof(object) === 'function'; | ||
| } | ||
| module.exports = { | ||
@@ -545,0 +551,0 @@ decrypt: decrypt, |
| { | ||
| "name": "http_ece", | ||
| "version": "1.1.0", | ||
| "version": "1.2.0", | ||
| "description": "Encrypted Content-Encoding for HTTP", | ||
@@ -25,7 +25,4 @@ "homepage": "https://github.com/martinthomson/encrypted-content-encoding", | ||
| "engines": { | ||
| "node": ">=4" | ||
| }, | ||
| "dependencies": { | ||
| "urlsafe-base64": "~1.0.0" | ||
| "node": ">=16" | ||
| } | ||
| } |
@@ -11,7 +11,6 @@ # encrypted-content-encoding | ||
| var crypto = require('crypto') | ||
| var base64 = require('base64url'); | ||
| var parameters = { | ||
| key: base64.encode(crypto.randomBytes(16)), | ||
| salt: base64.encode(crypto.randomBytes(16)) | ||
| key: crypto.randomBytes(16).toString('base64url'), | ||
| salt: crypto.randomBytes(16).toString('base64url') | ||
| }; | ||
@@ -18,0 +17,0 @@ var encrypted = ece.encrypt(data, parameters); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Dependency count
- decreased by-100%
0
- Lines of code
- increased by0.63%
482
Worsened metrics
- Total package byte prevSize
- decreased by-12.21%
17206
- Number of package files
- decreased by-40%
3
- Number of lines in readme file
- decreased by-3.45%
28
Dependency changes
- Removedurlsafe-base64@~1.0.0
- Removedurlsafe-base64@1.0.0(transitive)