Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 3.15.5 to 3.16.0

34

dist/node/esm/runtime/node_key.js

@@ -5,2 +5,7 @@ import { constants } from 'crypto';

import checkModulusLength from './check_modulus_length.js';
const [major, minor] = process.version
.substr(1)
.split('.')
.map((str) => parseInt(str, 10));
const rsaPssParams = major >= 17 || (major === 16 && minor >= 9);
const ecCurveAlgMap = new Map([

@@ -27,5 +32,28 @@ ['ES256', 'P-256'],

return key;
case 'PS256':
case 'PS384':
case 'PS512':
case rsaPssParams && 'PS256':
case rsaPssParams && 'PS384':
case rsaPssParams && 'PS512':
if (key.asymmetricKeyType === 'rsa-pss') {
const { hashAlgorithm, mgf1HashAlgorithm, saltLength } = key.asymmetricKeyDetails;
const length = parseInt(alg.substr(-3), 10);
if (hashAlgorithm !== undefined &&
(hashAlgorithm !== `sha${length}` || mgf1HashAlgorithm !== hashAlgorithm)) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${alg}`);
}
if (saltLength !== undefined && saltLength > length >> 3) {
throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${alg}`);
}
}
else if (key.asymmetricKeyType !== 'rsa') {
throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss');
}
checkModulusLength(key, alg);
return {
key,
padding: constants.RSA_PKCS1_PSS_PADDING,
saltLength: constants.RSA_PSS_SALTLEN_DIGEST,
};
case !rsaPssParams && 'PS256':
case !rsaPssParams && 'PS384':
case !rsaPssParams && 'PS512':
if (key.asymmetricKeyType !== 'rsa') {

@@ -32,0 +60,0 @@ throw new TypeError('Invalid key for this operation, its asymmetricKeyType must be rsa');

2

package.json
{
"name": "jose-node-esm-runtime",
"version": "3.15.5",
"version": "3.16.0",
"description": "(Node.JS ESM Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies",

@@ -5,0 +5,0 @@ "keywords": [

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc