Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 4.0.4 to 4.1.0

dist/node/esm/lib/aesgcmkw.js

2

dist/node/esm/lib/check_key_type.js

@@ -1,2 +0,2 @@

import invalidKeyInput from '../runtime/invalid_key_input.js';
import invalidKeyInput from './invalid_key_input.js';
import isKeyLike, { types } from '../runtime/is_key_like.js';

@@ -3,0 +3,0 @@ const symmetricTypeCheck = (key) => {

import { isCloudflareWorkers, isNodeJs } from '../runtime/global.js';
function unusable(name, prop = 'algorithm.name') {
return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
}
function isAlgorithm(algorithm, name) {
return algorithm.name === name;
}
function getHashLength(hash) {
return parseInt(hash === null || hash === void 0 ? void 0 : hash.name.substr(4), 10);
return parseInt(hash.name.substr(4), 10);
}

@@ -13,2 +19,4 @@ function getNamedCurve(alg) {

return 'P-521';
default:
throw new Error('unreachable');
}

@@ -37,10 +45,8 @@ }

case 'HS512': {
if (key.algorithm.name !== 'HMAC') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be HMAC.`);
}
if (!isAlgorithm(key.algorithm, 'HMAC'))
throw unusable('HMAC');
const expected = parseInt(alg.substr(2), 10);
const actual = getHashLength(key.algorithm.hash);
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.hash must be SHA-${expected}.`);
}
if (actual !== expected)
throw unusable(`SHA-${expected}`, 'algorithm.hash');
break;

@@ -51,10 +57,8 @@ }

case 'RS512': {
if (key.algorithm.name !== 'RSASSA-PKCS1-v1_5') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be RSASSA-PKCS1-v1_5.`);
}
if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))
throw unusable('RSASSA-PKCS1-v1_5');
const expected = parseInt(alg.substr(2), 10);
const actual = getHashLength(key.algorithm.hash);
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.hash must be SHA-${expected}.`);
}
if (actual !== expected)
throw unusable(`SHA-${expected}`, 'algorithm.hash');
break;

@@ -65,22 +69,18 @@ }

case 'PS512': {
if (key.algorithm.name !== 'RSA-PSS') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be RSA-PSS.`);
}
if (!isAlgorithm(key.algorithm, 'RSA-PSS'))
throw unusable('RSA-PSS');
const expected = parseInt(alg.substr(2), 10);
const actual = getHashLength(key.algorithm.hash);
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.hash must be SHA-${expected}.`);
}
if (actual !== expected)
throw unusable(`SHA-${expected}`, 'algorithm.hash');
break;
}
case isNodeJs() && 'EdDSA': {
if (key.algorithm.name !== 'NODE-ED25519' && key.algorithm.name !== 'NODE-ED448') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be NODE-ED25519 or NODE-ED448.`);
}
if (key.algorithm.name !== 'NODE-ED25519' && key.algorithm.name !== 'NODE-ED448')
throw unusable('NODE-ED25519 or NODE-ED448');
break;
}
case isCloudflareWorkers() && 'EdDSA': {
if (key.algorithm.name !== 'NODE-ED25519') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be NODE-ED25519.`);
}
if (!isAlgorithm(key.algorithm, 'NODE-ED25519'))
throw unusable('NODE-ED25519');
break;

@@ -91,10 +91,8 @@ }

case 'ES512': {
if (key.algorithm.name !== 'ECDSA') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be ECDSA.`);
}
if (!isAlgorithm(key.algorithm, 'ECDSA'))
throw unusable('ECDSA');
const expected = getNamedCurve(alg);
const actual = key.algorithm.namedCurve;
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.namedCurve must be ${expected}.`);
}
if (actual !== expected)
throw unusable(expected, 'algorithm.namedCurve');
break;

@@ -112,10 +110,8 @@ }

case 'A256GCM': {
if (key.algorithm.name !== 'AES-GCM') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be AES-GCM.`);
}
if (!isAlgorithm(key.algorithm, 'AES-GCM'))
throw unusable('AES-GCM');
const expected = parseInt(alg.substr(1, 3), 10);
const actual = key.algorithm.length;
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.length must be ${expected}.`);
}
if (actual !== expected)
throw unusable(expected, 'algorithm.length');
break;

@@ -126,16 +122,13 @@ }

case 'A256KW': {
if (key.algorithm.name !== 'AES-KW') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be AES-KW.`);
}
if (!isAlgorithm(key.algorithm, 'AES-KW'))
throw unusable('AES-KW');
const expected = parseInt(alg.substr(1, 3), 10);
const actual = key.algorithm.length;
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.length must be ${expected}.`);
}
if (actual !== expected)
throw unusable(expected, 'algorithm.length');
break;
}
case 'ECDH-ES':
if (key.algorithm.name !== 'ECDH') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be ECDH.`);
}
if (!isAlgorithm(key.algorithm, 'ECDH'))
throw unusable('ECDH');
break;

@@ -145,5 +138,4 @@ case 'PBES2-HS256+A128KW':

case 'PBES2-HS512+A256KW':
if (key.algorithm.name !== 'PBKDF2') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be PBKDF2.`);
}
if (!isAlgorithm(key.algorithm, 'PBKDF2'))
throw unusable('PBKDF2');
break;

@@ -154,10 +146,8 @@ case 'RSA-OAEP':

case 'RSA-OAEP-512': {
if (key.algorithm.name !== 'RSA-OAEP') {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.name must be RSA-OAEP.`);
}
if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))
throw unusable('RSA-OAEP');
const expected = parseInt(alg.substr(9), 10) || 1;
const actual = getHashLength(key.algorithm.hash);
if (actual !== expected) {
throw new TypeError(`CryptoKey does not support this operation, its algorithm.hash must be SHA-${expected}.`);
}
if (actual !== expected)
throw unusable(`SHA-${expected}`, 'algorithm.hash');
break;

@@ -164,0 +154,0 @@ }

@@ -5,3 +5,2 @@ import { unwrap as aesKw } from '../runtime/aeskw.js';

import { decrypt as rsaEs } from '../runtime/rsaes.js';
import { unwrap as aesGcmKw } from '../runtime/aesgcmkw.js';
import { decode as base64url } from '../runtime/base64url.js';

@@ -13,2 +12,3 @@ import { JOSENotSupported, JWEInvalid } from '../util/errors.js';

import isObject from './is_object.js';
import { unwrap as aesGcmKw } from './aesgcmkw.js';
async function decryptKeyManagement(alg, key, encryptedKey, joseHeader) {

@@ -15,0 +15,0 @@ checkKeyType(alg, key, 'decrypt');

@@ -5,3 +5,2 @@ import { wrap as aesKw } from '../runtime/aeskw.js';

import { encrypt as rsaEs } from '../runtime/rsaes.js';
import { wrap as aesGcmKw } from '../runtime/aesgcmkw.js';
import { encode as base64url } from '../runtime/base64url.js';

@@ -12,2 +11,3 @@ import generateCek, { bitLength as cekLength } from '../lib/cek.js';

import checkKeyType from './check_key_type.js';
import { wrap as aesGcmKw } from './aesgcmkw.js';
async function encryptKeyManagement(alg, enc, key, providedCek, providedParameters = {}) {

@@ -14,0 +14,0 @@ let encryptedKey;

@@ -9,3 +9,3 @@ import { Buffer } from 'buffer';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
import supported from './ciphers.js';

@@ -12,0 +12,0 @@ function checkKeySize(key, alg) {

@@ -5,3 +5,3 @@ import { createPrivateKey, createPublicKey, KeyObject } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const genericExport = (keyType, keyFormat, key) => {

@@ -8,0 +8,0 @@ let keyObject;

@@ -11,3 +11,3 @@ import { createDecipheriv, KeyObject } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
import supported from './ciphers.js';

@@ -14,0 +14,0 @@ async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {

@@ -10,3 +10,3 @@ import { diffieHellman, generateKeyPair as generateKeyPairCb, KeyObject } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const generateKeyPair = promisify(generateKeyPairCb);

@@ -13,0 +13,0 @@ export const deriveKey = async (publicKee, privateKee, algorithm, keyLength, apu = new Uint8Array(0), apv = new Uint8Array(0)) => {

@@ -9,3 +9,3 @@ import { createCipheriv, KeyObject } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
import { JOSENotSupported } from '../util/errors.js';

@@ -12,0 +12,0 @@ import supported from './ciphers.js';

@@ -6,3 +6,3 @@ import { Buffer } from 'buffer';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const p256 = Buffer.from([42, 134, 72, 206, 61, 3, 1, 7]);

@@ -9,0 +9,0 @@ const p384 = Buffer.from([43, 129, 4, 0, 34]);

@@ -5,3 +5,3 @@ import { KeyObject } from 'crypto';

import getSecretKey from './secret_key.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
export default function getSignVerifyKey(alg, key, usage) {

@@ -8,0 +8,0 @@ if (key instanceof Uint8Array) {

@@ -8,3 +8,3 @@ import { KeyObject, createPublicKey } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const [major, minor] = process.version

@@ -11,0 +11,0 @@ .substr(1)

@@ -10,2 +10,6 @@ import { constants } from 'crypto';

const rsaPssParams = major >= 17 || (major === 16 && minor >= 9);
const PSS = {
padding: constants.RSA_PKCS1_PSS_PADDING,
saltLength: constants.RSA_PSS_SALTLEN_DIGEST,
};
const ecCurveAlgMap = new Map([

@@ -50,7 +54,3 @@ ['ES256', 'P-256'],

checkModulusLength(key, alg);
return {
key,
padding: constants.RSA_PKCS1_PSS_PADDING,
saltLength: constants.RSA_PSS_SALTLEN_DIGEST,
};
return { key, ...PSS };
case !rsaPssParams && 'PS256':

@@ -63,7 +63,3 @@ case !rsaPssParams && 'PS384':

checkModulusLength(key, alg);
return {
key,
padding: constants.RSA_PKCS1_PSS_PADDING,
saltLength: constants.RSA_PSS_SALTLEN_DIGEST,
};
return { key, ...PSS };
case 'ES256':

@@ -70,0 +66,0 @@ case 'ES256K':

@@ -11,3 +11,3 @@ import { promisify } from 'util';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const pbkdf2 = promisify(pbkdf2cb);

@@ -14,0 +14,0 @@ function getPassword(key, alg) {

@@ -6,3 +6,3 @@ import { KeyObject, publicEncrypt, constants, privateDecrypt } from 'crypto';

import isKeyObject from './is_key_object.js';
import invalidKeyInput from './invalid_key_input.js';
import invalidKeyInput from '../lib/invalid_key_input.js';
const checkKey = (key, alg) => {

@@ -9,0 +9,0 @@ if (key.asymmetricKeyType !== 'rsa') {

{
"name": "jose-node-esm-runtime",
"version": "4.0.4",
"version": "4.1.0",
"description": "(Node.JS ESM Runtime) 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto",

@@ -61,2 +61,5 @@ "keywords": [

"dist/types/**/*.d.ts",
"!dist/**/*.bundle.js",
"!dist/**/*.umd.js",
"!dist/**/*.min.js",
"!dist/node/webcrypto/**/*",

@@ -63,0 +66,0 @@ "!dist/types/runtime/*",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc