jose-browser-runtime
Advanced tools
jose-browser-runtime - npm Package Compare versions
Comparing version 3.20.3 to 3.20.4
@@ -98,6 +98,6 @@ import { decode as base64url } from '../../runtime/base64url.js'; | ||
| try { | ||
| cek = await decryptKeyManagement(alg, key, encryptedKey, joseHeader); | ||
| cek = await decryptKeyManagement(alg, key, encryptedKey, joseHeader, options); | ||
| } | ||
| catch (err) { | ||
| if (err instanceof TypeError) { | ||
| if (err instanceof TypeError || err instanceof JWEInvalid || err instanceof JOSENotSupported) { | ||
| throw err; | ||
@@ -104,0 +104,0 @@ } |
@@ -12,3 +12,3 @@ import { unwrap as aesKw } from '../runtime/aeskw.js'; | ||
| import isObject from './is_object.js'; | ||
| async function decryptKeyManagement(alg, key, encryptedKey, joseHeader) { | ||
| async function decryptKeyManagement(alg, key, encryptedKey, joseHeader, options) { | ||
| checkKeyType(alg, key, 'decrypt'); | ||
@@ -67,2 +67,5 @@ switch (alg) { | ||
| throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) missing or invalid`); | ||
| const p2cLimit = (options === null || options === void 0 ? void 0 : options.maxPBES2Count) || 10000; | ||
| if (joseHeader.p2c > p2cLimit) | ||
| throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds`); | ||
| if (typeof joseHeader.p2s !== 'string') | ||
@@ -69,0 +72,0 @@ throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`); |
@@ -202,2 +202,3 @@ /** | ||
| inflateRaw?: InflateFunction | ||
| maxPBES2Count?: number | ||
| } | ||
@@ -204,0 +205,0 @@ export interface EncryptOptions extends CritOption { |
| { | ||
| "name": "jose-browser-runtime", | ||
| "version": "3.20.3", | ||
| "version": "3.20.4", | ||
| "description": "(Browser Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.24%
150002
- Lines of code
- increased by0.11%
3726