jose-node-esm-runtime
Advanced tools
Comparing version 3.15.5 to 3.16.0
@@ -5,2 +5,7 @@ import { constants } from 'crypto'; | ||
import checkModulusLength from './check_modulus_length.js'; | ||
const [major, minor] = process.version | ||
.substr(1) | ||
.split('.') | ||
.map((str) => parseInt(str, 10)); | ||
const rsaPssParams = major >= 17 || (major === 16 && minor >= 9); | ||
const ecCurveAlgMap = new Map([ | ||
@@ -27,5 +32,28 @@ ['ES256', 'P-256'], | ||
return key; | ||
case 'PS256': | ||
case 'PS384': | ||
case 'PS512': | ||
case rsaPssParams && 'PS256': | ||
case rsaPssParams && 'PS384': | ||
case rsaPssParams && 'PS512': | ||
if (key.asymmetricKeyType === 'rsa-pss') { | ||
const { hashAlgorithm, mgf1HashAlgorithm, saltLength } = key.asymmetricKeyDetails; | ||
const length = parseInt(alg.substr(-3), 10); | ||
if (hashAlgorithm !== undefined && | ||
(hashAlgorithm !== `sha${length}` || mgf1HashAlgorithm !== hashAlgorithm)) { | ||
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${alg}`); | ||
} | ||
if (saltLength !== undefined && saltLength > length >> 3) { | ||
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${alg}`); | ||
} | ||
} | ||
else if (key.asymmetricKeyType !== 'rsa') { | ||
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss'); | ||
} | ||
checkModulusLength(key, alg); | ||
return { | ||
key, | ||
padding: constants.RSA_PKCS1_PSS_PADDING, | ||
saltLength: constants.RSA_PSS_SALTLEN_DIGEST, | ||
}; | ||
case !rsaPssParams && 'PS256': | ||
case !rsaPssParams && 'PS384': | ||
case !rsaPssParams && 'PS512': | ||
if (key.asymmetricKeyType !== 'rsa') { | ||
@@ -32,0 +60,0 @@ throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa'); |
{ | ||
"name": "jose-node-esm-runtime", | ||
"version": "3.15.5", | ||
"version": "3.16.0", | ||
"description": "(Node.JS ESM Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
153876
3911