Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose-node-esm-runtime

Package Overview
Dependencies
Maintainers
1
Versions
132
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose-node-esm-runtime - npm Package Compare versions

Comparing version 5.2.1 to 5.2.2

6

dist/node/esm/jwe/compact/decrypt.js

@@ -17,5 +17,5 @@ import { flattenedDecrypt } from '../flattened/decrypt.js';

ciphertext,
iv: (iv || undefined),
protected: protectedHeader || undefined,
tag: (tag || undefined),
iv: iv || undefined,
protected: protectedHeader,
tag: tag || undefined,
encrypted_key: encryptedKey || undefined,

@@ -22,0 +22,0 @@ }, key, options);

@@ -18,4 +18,4 @@ import { decode as base64url } from '../../runtime/base64url.js';

}
if (typeof jwe.iv !== 'string') {
throw new JWEInvalid('JWE Initialization Vector missing or incorrect type');
if (jwe.iv !== undefined && typeof jwe.iv !== 'string') {
throw new JWEInvalid('JWE Initialization Vector incorrect type');
}

@@ -25,4 +25,4 @@ if (typeof jwe.ciphertext !== 'string') {

}
if (typeof jwe.tag !== 'string') {
throw new JWEInvalid('JWE Authentication Tag missing or incorrect type');
if (jwe.tag !== undefined && typeof jwe.tag !== 'string') {
throw new JWEInvalid('JWE Authentication Tag incorrect type');
}

@@ -109,14 +109,18 @@ if (jwe.protected !== undefined && typeof jwe.protected !== 'string') {

let tag;
try {
iv = base64url(jwe.iv);
if (jwe.iv !== undefined) {
try {
iv = base64url(jwe.iv);
}
catch {
throw new JWEInvalid('Failed to base64url decode the iv');
}
}
catch {
throw new JWEInvalid('Failed to base64url decode the iv');
if (jwe.tag !== undefined) {
try {
tag = base64url(jwe.tag);
}
catch {
throw new JWEInvalid('Failed to base64url decode the tag');
}
}
try {
tag = base64url(jwe.tag);
}
catch {
throw new JWEInvalid('Failed to base64url decode the tag');
}
const protectedHeader = encoder.encode(jwe.protected ?? '');

@@ -123,0 +127,0 @@ let additionalData;

@@ -12,3 +12,3 @@ import fetchJwks from '../runtime/fetch_jwks.js';

const NAME = 'jose';
const VERSION = 'v5.2.1';
const VERSION = 'v5.2.2';
USER_AGENT = `${NAME}/${VERSION}`;

@@ -15,0 +15,0 @@ }

@@ -5,3 +5,3 @@ import { createDecipheriv, KeyObject } from 'node:crypto';

import { concat } from '../lib/buffer_utils.js';
import { JOSENotSupported, JWEDecryptionFailed } from '../util/errors.js';
import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.js';
import timingSafeEqual from './timing_safe_equal.js';

@@ -81,2 +81,8 @@ import cbcTag from './cbc_tag.js';

}
if (!iv) {
throw new JWEInvalid('JWE Initialization Vector missing');
}
if (!tag) {
throw new JWEInvalid('JWE Authentication Tag missing');
}
checkCekLength(enc, key);

@@ -83,0 +89,0 @@ checkIvLength(enc, iv);

@@ -14,2 +14,6 @@ import type { JWK, KeyLike } from '../types';

*
* Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
* {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
* (1.2.840.113549.1.1.1) instead for all RSA algorithms.
*
* @param spki PEM-encoded SPKI string

@@ -25,2 +29,6 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used

*
* Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
* {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
* (1.2.840.113549.1.1.1) instead for all RSA algorithms.
*
* @param x509 X.509 certificate string

@@ -36,2 +44,6 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used

*
* Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
* {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
* (1.2.840.113549.1.1.1) instead for all RSA algorithms.
*
* @param pkcs8 PEM-encoded PKCS#8 string

@@ -44,7 +56,8 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used

/**
* Imports a JWK to a runtime-specific key representation (KeyLike). Either JWK "alg" (Algorithm)
* Parameter must be present or the optional "alg" argument. When running on a runtime using
* {@link https://www.w3.org/TR/WebCryptoAPI/ Web Cryptography API} the jwk parameters "use",
* "key_ops", and "ext" are also used in the resulting `CryptoKey`.
* Imports a JWK to a runtime-specific key representation (KeyLike). Either the JWK "alg"
* (Algorithm) Parameter, or the optional "alg" argument, must be present.
*
* Note: When the runtime is using {@link https://w3c.github.io/webcrypto/ Web Cryptography API} the
* jwk parameters "use", "key_ops", and "ext" are also used in the resulting `CryptoKey`.
*
* @param jwk JSON Web Key.

@@ -51,0 +64,0 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used

@@ -267,3 +267,3 @@ /**

*/
iv: string
iv?: string

@@ -281,3 +281,3 @@ /**

*/
tag: string
tag?: string

@@ -284,0 +284,0 @@ /**

{
"name": "jose-node-esm-runtime",
"version": "5.2.1",
"version": "5.2.2",
"homepage": "https://github.com/panva/jose",

@@ -5,0 +5,0 @@ "repository": "panva/jose",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc