Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 3.14.3 to 3.14.4

dist/node/esm/runtime/ciphers.js

7

dist/node/esm/jwe/flattened/decrypt.js

@@ -52,3 +52,8 @@ import { JOSEAlgNotAllowed, JOSENotSupported, JWEInvalid } from '../../util/errors.js';

const protectedHeader = base64url(jwe.protected);
parsedProt = JSON.parse(decoder.decode(protectedHeader));
try {
parsedProt = JSON.parse(decoder.decode(protectedHeader));
}
catch {
throw new JWEInvalid('JWE Protected Header is invalid');
}
}

@@ -55,0 +60,0 @@ if (!isDisjoint(parsedProt, jwe.header, jwe.unprotected)) {

@@ -35,3 +35,8 @@ import { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';

const protectedHeader = base64url(jws.protected);
parsedProt = JSON.parse(decoder.decode(protectedHeader));
try {
parsedProt = JSON.parse(decoder.decode(protectedHeader));
}
catch {
throw new JWSInvalid('JWS Protected Header is invalid');
}
}

@@ -38,0 +43,0 @@ if (!isDisjoint(parsedProt, jws.header)) {

7

dist/node/esm/runtime/aeskw.js

@@ -1,2 +0,2 @@

import { createDecipheriv, createCipheriv, getCiphers } from 'crypto';
import { createDecipheriv, createCipheriv } from 'crypto';
import { JOSENotSupported } from '../util/errors.js';

@@ -8,2 +8,3 @@ import { concat } from '../lib/buffer_utils.js';

import invalidKeyInput from './invalid_key_input.js';
import supported from './ciphers.js';
function checkKeySize(key, alg) {

@@ -29,3 +30,3 @@ if (key.symmetricKeySize << 3 !== parseInt(alg.substr(1, 3), 10)) {

const algorithm = `aes${size}-wrap`;
if (!getCiphers().includes(algorithm)) {
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);

@@ -41,3 +42,3 @@ }

const algorithm = `aes${size}-wrap`;
if (!getCiphers().includes(algorithm)) {
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);

@@ -44,0 +45,0 @@ }

@@ -1,2 +0,2 @@

import { getCiphers, createDecipheriv } from 'crypto';
import { createDecipheriv } from 'crypto';
import checkIvLength from '../lib/check_iv_length.js';

@@ -11,2 +11,3 @@ import checkCekLength from './check_cek_length.js';

import invalidKeyInput from './invalid_key_input.js';
import supported from './ciphers.js';
async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {

@@ -21,3 +22,3 @@ const keySize = parseInt(enc.substr(1, 3), 10);

const algorithm = `aes-${keySize}-cbc`;
if (!getCiphers().includes(algorithm)) {
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${enc} is not supported by your javascript runtime`);

@@ -50,3 +51,3 @@ }

const algorithm = `aes-${keySize}-gcm`;
if (!getCiphers().includes(algorithm)) {
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${enc} is not supported by your javascript runtime`);

@@ -58,7 +59,7 @@ }

if (aad.byteLength) {
cipher.setAAD(aad);
cipher.setAAD(aad, { plaintextLength: ciphertext.length });
}
return concat(cipher.update(ciphertext), cipher.final());
}
catch (err) {
catch {
throw new JWEDecryptionFailed();

@@ -80,7 +81,15 @@ }

checkIvLength(enc, iv);
if (enc.substr(4, 3) === 'CBC') {
return cbcDecrypt(enc, key, ciphertext, iv, tag, aad);
switch (enc) {
case 'A128CBC-HS256':
case 'A192CBC-HS384':
case 'A256CBC-HS512':
return cbcDecrypt(enc, key, ciphertext, iv, tag, aad);
case 'A128GCM':
case 'A192GCM':
case 'A256GCM':
return gcmDecrypt(enc, key, ciphertext, iv, tag, aad);
default:
throw new JOSENotSupported('unsupported JWE Content Encryption Algorithm');
}
return gcmDecrypt(enc, key, ciphertext, iv, tag, aad);
};
export default decrypt;

@@ -9,2 +9,4 @@ import { createCipheriv } from 'crypto';

import invalidKeyInput from './invalid_key_input.js';
import { JOSENotSupported } from '../util/errors.js';
import supported from './ciphers.js';
async function cbcEncrypt(enc, plaintext, cek, iv, aad) {

@@ -18,2 +20,5 @@ const keySize = parseInt(enc.substr(1, 3), 10);

const algorithm = `aes-${keySize}-cbc`;
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${enc} is not supported by your javascript runtime`);
}
const cipher = createCipheriv(algorithm, encKey, iv);

@@ -28,5 +33,8 @@ const ciphertext = concat(cipher.update(plaintext), cipher.final());

const algorithm = `aes-${keySize}-gcm`;
if (!supported(algorithm)) {
throw new JOSENotSupported(`alg ${enc} is not supported by your javascript runtime`);
}
const cipher = createCipheriv(algorithm, cek, iv, { authTagLength: 16 });
if (aad.byteLength) {
cipher.setAAD(aad);
cipher.setAAD(aad, { plaintextLength: plaintext.length });
}

@@ -50,7 +58,15 @@ const ciphertext = concat(cipher.update(plaintext), cipher.final());

checkIvLength(enc, iv);
if (enc.substr(4, 3) === 'CBC') {
return cbcEncrypt(enc, plaintext, key, iv, aad);
switch (enc) {
case 'A128CBC-HS256':
case 'A192CBC-HS384':
case 'A256CBC-HS512':
return cbcEncrypt(enc, plaintext, key, iv, aad);
case 'A128GCM':
case 'A192GCM':
case 'A256GCM':
return gcmEncrypt(enc, plaintext, key, iv, aad);
default:
throw new JOSENotSupported('unsupported JWE Content Encryption Algorithm');
}
return gcmEncrypt(enc, plaintext, key, iv, aad);
};
export default encrypt;

@@ -30,3 +30,3 @@ import { get as http } from 'http';

}
catch (err) {
catch {
throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');

@@ -33,0 +33,0 @@ }

@@ -20,4 +20,5 @@ import * as crypto from 'crypto';

const verify = async (alg, key, signature, data) => {
const keyObject = getVerifyKey(alg, key, 'verify');
if (alg.startsWith('HS')) {
const expected = await sign(alg, getVerifyKey(alg, key, 'verify'), data);
const expected = await sign(alg, keyObject, data);
const actual = signature;

@@ -32,3 +33,2 @@ try {

const algorithm = nodeDigest(alg);
const keyObject = getVerifyKey(alg, key, 'verify');
const keyInput = nodeKey(alg, keyObject);

@@ -35,0 +35,0 @@ try {

@@ -31,3 +31,3 @@ import { decode as base64url } from './base64url.js';

}
catch (err) {
catch {
throw new TypeError('Invalid Token or Protected Header formatting');

@@ -34,0 +34,0 @@ }

{
"name": "jose-node-esm-runtime",
"version": "3.14.3",
"version": "3.14.4",
"description": "(Node.JS ESM Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies",

@@ -5,0 +5,0 @@ "keywords": [

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc