Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

jose

Package Overview
Dependencies
Maintainers
1
Versions
213
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose - npm Package Compare versions

Comparing version 1.16.2 to 1.17.0

9

CHANGELOG.md

@@ -5,2 +5,11 @@ # Change Log

# [1.17.0](https://github.com/panva/jose/compare/v1.16.2...v1.17.0) (2019-12-10)
### Features
* importing a certificate populates x5c and x5t thumbprints ([25a7a71](https://github.com/panva/jose/commit/25a7a71915c4f7514536cec9e7e162d0ad3b670c)), closes [#59](https://github.com/panva/jose/issues/59)
## [1.16.2](https://github.com/panva/jose/compare/v1.16.1...v1.16.2) (2019-12-05)

@@ -7,0 +16,0 @@

7

lib/jwe/encrypt.js

@@ -92,2 +92,6 @@ const { deflateRawSync } = require('zlib')

if (key.use === 'sig') {
throw new TypeError('a key with "use":"sig" is not usable for encryption')
}
if (alg === 'dir') {

@@ -130,3 +134,4 @@ check(key, 'encrypt', enc)

} else {
({ wrapped, header: generatedHeader } = keyManagementEncrypt(alg, key, i(this).cek[KEYOBJECT].export(), { enc, alg }))
check(i(this).cek, 'encrypt', enc)
;({ wrapped, header: generatedHeader } = keyManagementEncrypt(alg, key, i(this).cek[KEYOBJECT].export(), { enc, alg }))
if (alg === 'ECDH-ES') {

@@ -133,0 +138,0 @@ i(this).cek = importKey(createSecretKey(wrapped), { use: 'enc', alg: enc })

@@ -5,4 +5,12 @@ const { randomBytes } = require('crypto')

const { KEYLENGTHS } = require('../registry')
const importKey = require('../jwk/import')
const Key = require('../jwk/key/oct')
module.exports = alg => importKey(createSecretKey(randomBytes(KEYLENGTHS.get(alg) / 8)), { use: 'enc', alg })
module.exports = (alg) => {
const keyLength = KEYLENGTHS.get(alg)
if (!keyLength) {
return new Key({ type: 'secret' })
}
return new Key(createSecretKey(randomBytes(keyLength / 8)), { use: 'enc', alg })
}

@@ -91,2 +91,7 @@ const { deprecate } = require('util')

publicKey = createPublicKey(key)
if (key.startsWith('-----BEGIN CERTIFICATE-----') && (!parameters || !('x5c' in parameters))) {
parameters = mergedParameters(parameters, {
x5c: [key.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g, '')]
})
}
} catch (err) {}

@@ -93,0 +98,0 @@

@@ -72,2 +72,6 @@ const base64url = require('../help/base64url')

if (key.use === 'enc') {
throw new TypeError('a key with "use":"enc" is not usable for signing')
}
const joseHeader = {

@@ -74,0 +78,0 @@ protected: protectedHeader || {},

2

package.json
{
"name": "jose",
"version": "1.16.2",
"version": "1.17.0",
"description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies",

@@ -5,0 +5,0 @@ "keywords": [

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc