jose-node-esm-runtime
Advanced tools
jose-node-esm-runtime - npm Package Compare versions
Comparing version 4.14.4 to 4.14.5
@@ -89,3 +89,8 @@ import { decode as base64url } from '../../runtime/base64url.js'; | ||
| if (jwe.encrypted_key !== undefined) { | ||
| encryptedKey = base64url(jwe.encrypted_key); | ||
| try { | ||
| encryptedKey = base64url(jwe.encrypted_key); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the encrypted_key'); | ||
| } | ||
| } | ||
@@ -107,4 +112,16 @@ let resolvedKey = false; | ||
| } | ||
| const iv = base64url(jwe.iv); | ||
| const tag = base64url(jwe.tag); | ||
| let iv; | ||
| let tag; | ||
| try { | ||
| iv = base64url(jwe.iv); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the iv'); | ||
| } | ||
| try { | ||
| tag = base64url(jwe.tag); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the tag'); | ||
| } | ||
| const protectedHeader = encoder.encode((_a = jwe.protected) !== null && _a !== void 0 ? _a : ''); | ||
@@ -118,3 +135,10 @@ let additionalData; | ||
| } | ||
| let plaintext = await decrypt(enc, cek, base64url(jwe.ciphertext), iv, tag, additionalData); | ||
| let ciphertext; | ||
| try { | ||
| ciphertext = base64url(jwe.ciphertext); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the ciphertext'); | ||
| } | ||
| let plaintext = await decrypt(enc, cek, ciphertext, iv, tag, additionalData); | ||
| if (joseHeader.zip === 'DEF') { | ||
@@ -128,3 +152,8 @@ plaintext = await ((options === null || options === void 0 ? void 0 : options.inflateRaw) || inflate)(plaintext); | ||
| if (jwe.aad !== undefined) { | ||
| result.additionalAuthenticatedData = base64url(jwe.aad); | ||
| try { | ||
| result.additionalAuthenticatedData = base64url(jwe.aad); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the aad'); | ||
| } | ||
| } | ||
@@ -131,0 +160,0 @@ if (jwe.unprotected !== undefined) { |
@@ -78,3 +78,9 @@ import { decode as base64url } from '../../runtime/base64url.js'; | ||
| const data = concat(encoder.encode((_a = jws.protected) !== null && _a !== void 0 ? _a : ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload); | ||
| const signature = base64url(jws.signature); | ||
| let signature; | ||
| try { | ||
| signature = base64url(jws.signature); | ||
| } | ||
| catch { | ||
| throw new JWSInvalid('Failed to base64url decode the signature'); | ||
| } | ||
| const verified = await verify(alg, key, signature, data); | ||
@@ -86,3 +92,8 @@ if (!verified) { | ||
| if (b64) { | ||
| payload = base64url(jws.payload); | ||
| try { | ||
| payload = base64url(jws.payload); | ||
| } | ||
| catch { | ||
| throw new JWSInvalid('Failed to base64url decode the payload'); | ||
| } | ||
| } | ||
@@ -89,0 +100,0 @@ else if (typeof jws.payload === 'string') { |
@@ -36,3 +36,8 @@ import { unwrap as aesKw } from '../runtime/aeskw.js'; | ||
| throw new JWEInvalid(`JOSE Header "apu" (Agreement PartyUInfo) invalid`); | ||
| partyUInfo = base64url(joseHeader.apu); | ||
| try { | ||
| partyUInfo = base64url(joseHeader.apu); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the apu'); | ||
| } | ||
| } | ||
@@ -42,3 +47,8 @@ if (joseHeader.apv !== undefined) { | ||
| throw new JWEInvalid(`JOSE Header "apv" (Agreement PartyVInfo) invalid`); | ||
| partyVInfo = base64url(joseHeader.apv); | ||
| try { | ||
| partyVInfo = base64url(joseHeader.apv); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the apv'); | ||
| } | ||
| } | ||
@@ -73,3 +83,10 @@ const sharedSecret = await ECDH.deriveKey(epk, key, alg === 'ECDH-ES' ? joseHeader.enc : alg, alg === 'ECDH-ES' ? cekLength(joseHeader.enc) : parseInt(alg.slice(-5, -2), 10), partyUInfo, partyVInfo); | ||
| throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`); | ||
| return pbes2Kw(alg, key, encryptedKey, joseHeader.p2c, base64url(joseHeader.p2s)); | ||
| let p2s; | ||
| try { | ||
| p2s = base64url(joseHeader.p2s); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the p2s'); | ||
| } | ||
| return pbes2Kw(alg, key, encryptedKey, joseHeader.p2c, p2s); | ||
| } | ||
@@ -92,4 +109,16 @@ case 'A128KW': | ||
| throw new JWEInvalid(`JOSE Header "tag" (Authentication Tag) missing or invalid`); | ||
| const iv = base64url(joseHeader.iv); | ||
| const tag = base64url(joseHeader.tag); | ||
| let iv; | ||
| try { | ||
| iv = base64url(joseHeader.iv); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the iv'); | ||
| } | ||
| let tag; | ||
| try { | ||
| tag = base64url(joseHeader.tag); | ||
| } | ||
| catch { | ||
| throw new JWEInvalid('Failed to base64url decode the tag'); | ||
| } | ||
| return aesGcmKw(alg, key, encryptedKey, iv, tag); | ||
@@ -96,0 +125,0 @@ } |
@@ -20,3 +20,3 @@ import { decode as base64url } from './base64url.js'; | ||
| catch { | ||
| throw new JWTInvalid('Failed to parse the base64url encoded payload'); | ||
| throw new JWTInvalid('Failed to base64url decode the payload'); | ||
| } | ||
@@ -23,0 +23,0 @@ let result; |
@@ -16,2 +16,3 @@ import type { KeyLike, JWEKeyManagementHeaderParameters, CompactJWEHeaderParameters, EncryptOptions } from '../../types'; | ||
| * validation purposes. | ||
| * | ||
| * @param cek JWE Content Encryption Key. | ||
@@ -26,2 +27,3 @@ */ | ||
| * validation purposes. | ||
| * | ||
| * @param iv JWE Initialization Vector. | ||
@@ -28,0 +30,0 @@ */ |
@@ -58,2 +58,3 @@ import type { KeyLike, FlattenedJWE, JWEHeaderParameters, JWEKeyManagementHeaderParameters, EncryptOptions } from '../../types'; | ||
| * validation purposes. | ||
| * | ||
| * @param cek JWE Content Encryption Key. | ||
@@ -68,2 +69,3 @@ */ | ||
| * validation purposes. | ||
| * | ||
| * @param iv JWE Initialization Vector. | ||
@@ -70,0 +72,0 @@ */ |
@@ -8,2 +8,3 @@ import type { JWK } from '../types'; | ||
| * "sha256". | ||
| * | ||
| * @see {@link https://www.rfc-editor.org/rfc/rfc7638 RFC7638} | ||
@@ -18,4 +19,5 @@ */ | ||
| * "sha256". | ||
| * | ||
| * @see {@link https://www.rfc-editor.org/rfc/rfc9278 RFC9278} | ||
| */ | ||
| export declare function calculateJwkThumbprintUri(jwk: JWK, digestAlgorithm?: 'sha256' | 'sha384' | 'sha512'): Promise<string>; |
@@ -37,2 +37,3 @@ import type { EncryptOptions, CompactJWEHeaderParameters, JWEKeyManagementHeaderParameters, KeyLike } from '../types'; | ||
| * validation purposes. | ||
| * | ||
| * @param cek JWE Content Encryption Key. | ||
@@ -47,2 +48,3 @@ */ | ||
| * validation purposes. | ||
| * | ||
| * @param iv JWE Initialization Vector. | ||
@@ -49,0 +51,0 @@ */ |
@@ -302,2 +302,3 @@ /** | ||
| * data often reveals information about the plaintext. | ||
| * | ||
| * @see {@link https://www.rfc-editor.org/rfc/rfc8725#name-avoid-compression-of-encryp Avoid Compression of Encryption Inputs} | ||
@@ -491,2 +492,3 @@ */ | ||
| * data often reveals information about the plaintext. | ||
| * | ||
| * @see {@link https://www.rfc-editor.org/rfc/rfc8725#name-avoid-compression-of-encryp Avoid Compression of Encryption Inputs} | ||
@@ -504,2 +506,3 @@ */ | ||
| * data often reveals information about the plaintext. | ||
| * | ||
| * @see {@link https://www.rfc-editor.org/rfc/rfc8725#name-avoid-compression-of-encryp Avoid Compression of Encryption Inputs} | ||
@@ -506,0 +509,0 @@ */ |
| { | ||
| "name": "jose-node-esm-runtime", | ||
| "version": "4.14.4", | ||
| "version": "4.14.5", | ||
| "homepage": "https://github.com/panva/jose", | ||
@@ -5,0 +5,0 @@ "repository": "panva/jose", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.81%
222712
- Lines of code
- increased by1.46%
5568