Comparing version 1.27.2 to 1.27.3
@@ -5,2 +5,12 @@ # Change Log | ||
## [1.27.3](https://github.com/panva/jose/compare/v1.27.2...v1.27.3) (2020-08-04) | ||
### Bug Fixes | ||
* do not mutate unencoded payload when signing for multiple parties ([1695423](https://github.com/panva/jose/commit/169542363f884e4028db9f80086d631e626eb469)), closes [#89](https://github.com/panva/jose/issues/89) | ||
* ensure "b64" is the same for all recipients edge cases ([d56ec9f](https://github.com/panva/jose/commit/d56ec9f5ddc2612e5ff21fe35d45a56e7153e0e4)) | ||
## [1.27.2](https://github.com/panva/jose/compare/v1.27.1...v1.27.2) (2020-07-01) | ||
@@ -7,0 +17,0 @@ |
@@ -47,5 +47,16 @@ const isObject = require('../help/is_object') | ||
generalSerializer.validate = (jws, recipients) => { | ||
let validateB64 = false | ||
recipients.forEach(({ protectedHeader, unprotectedHeader }) => { | ||
if (protectedHeader && !validateB64 && 'b64' in protectedHeader) { | ||
validateB64 = true | ||
} | ||
validateCrit(protectedHeader, unprotectedHeader, protectedHeader ? protectedHeader.crit : undefined) | ||
}) | ||
if (validateB64) { | ||
const values = recipients.map(({ protectedHeader }) => protectedHeader && protectedHeader.b64) | ||
if (!values.every((actual, i, [expected]) => actual === expected)) { | ||
throw new JWSInvalid('the "b64" Header Parameter value MUST be the same for all recipients') | ||
} | ||
} | ||
} | ||
@@ -52,0 +63,0 @@ |
@@ -60,3 +60,3 @@ const base64url = require('../help/base64url') | ||
*/ | ||
[PROCESS_RECIPIENT] (recipient) { | ||
[PROCESS_RECIPIENT] (recipient, first) { | ||
const { key, protectedHeader, unprotectedHeader } = recipient | ||
@@ -93,9 +93,3 @@ | ||
if (joseHeader.protected.crit && joseHeader.protected.crit.includes('b64')) { | ||
if (this._b64 !== undefined && this._b64 !== joseHeader.protected.b64) { | ||
throw new JWSInvalid('the "b64" Header Parameter value MUST be the same for all recipients') | ||
} else { | ||
this._b64 = joseHeader.protected.b64 | ||
} | ||
if (!joseHeader.protected.b64) { | ||
if (first && !joseHeader.protected.b64) { | ||
if (this._binary) { | ||
@@ -135,5 +129,5 @@ this._payload = base64url.decodeToBuffer(this._payload) | ||
for (const recipient of this._recipients) { | ||
this[PROCESS_RECIPIENT](recipient) | ||
} | ||
this._recipients.forEach((recipient, i) => { | ||
this[PROCESS_RECIPIENT](recipient, i === 0) | ||
}) | ||
@@ -140,0 +134,0 @@ return serializer(this._payload, this._recipients) |
{ | ||
"name": "jose", | ||
"version": "1.27.2", | ||
"version": "1.27.3", | ||
"description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies", | ||
@@ -84,7 +84,7 @@ "keywords": [ | ||
"devDependencies": { | ||
"@commitlint/cli": "^8.3.4", | ||
"@commitlint/config-conventional": "^8.3.4", | ||
"@commitlint/cli": "^9.1.1", | ||
"@commitlint/config-conventional": "^9.1.1", | ||
"ava": "^2.4.0", | ||
"babel-eslint": "^10.0.3", | ||
"c8": "^7.0.0", | ||
"c8": "^7.2.1", | ||
"husky": "^4.0.0", | ||
@@ -91,0 +91,0 @@ "standard": "^14.3.1" |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
232240
4854