jose - npm Package Compare versions

Comparing version 3.9.0 to 3.10.0

dist/node/cjs/runtime/jwk_to_key.js

@@ -9,3 +9,15 @@ "use strict";
 const asn1_sequence_encoder_js_1 = require("./asn1_sequence_encoder.js");
+const [major, minor] = process.version
+    .substr(1)
+    .split('.')
+    .map((str) => parseInt(str, 10));
+const jwkImportSupported = major >= 16 || (major === 15 && minor >= 12);
 const parse = (jwk) => {
+    if (jwkImportSupported && jwk.kty !== 'oct') {
+        return jwk.d
+            ?
+                crypto_1.createPrivateKey({ format: 'jwk', key: jwk })
+            :
+                crypto_1.createPublicKey({ format: 'jwk', key: jwk });
+    }
     switch (jwk.kty) {
@@ -12,0 +24,0 @@ case 'oct': {

dist/node/cjs/runtime/key_to_jwk.js

@@ -9,2 +9,7 @@ "use strict";
 const webcrypto_js_1 = require("./webcrypto.js");
+const [major, minor] = process.version
+    .substr(1)
+    .split('.')
+    .map((str) => parseInt(str, 10));
+const jwkExportSupported = major >= 16 || (major === 15 && minor >= 9);
 const keyToJWK = (key) => {
@@ -17,2 +22,5 @@ if (webcrypto_js_1.isCryptoKey(key)) {
     }
+    if (jwkExportSupported) {
+        return key.export({ format: 'jwk' });
+    }
     switch (key.type) {
@@ -19,0 +27,0 @@ case 'secret':

dist/node/cjs/runtime/sign.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-const crypto_1 = require("crypto");
+const crypto = require("crypto");
+const util_1 = require("util");
 const dsa_digest_js_1 = require("./dsa_digest.js");
@@ -9,2 +10,6 @@ const hmac_digest_js_1 = require("./hmac_digest.js");
 const webcrypto_js_1 = require("./webcrypto.js");
+let oneShotSign = crypto.sign;
+if (oneShotSign.length > 3) {
+    oneShotSign = util_1.promisify(oneShotSign);
+}
 const sign = async (alg, key, data) => {
@@ -29,8 +34,8 @@ let keyObject;
         }
-        const hmac = crypto_1.createHmac(hmac_digest_js_1.default(alg), keyObject);
+        const hmac = crypto.createHmac(hmac_digest_js_1.default(alg), keyObject);
         hmac.update(data);
         return hmac.digest();
     }
-    return crypto_1.sign(dsa_digest_js_1.default(alg), data, node_key_js_1.default(alg, keyObject));
+    return oneShotSign(dsa_digest_js_1.default(alg), data, node_key_js_1.default(alg, keyObject));
 };
 exports.default = sign;

dist/node/cjs/runtime/verify.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-const crypto_1 = require("crypto");
+const crypto = require("crypto");
+const util_1 = require("util");
 const dsa_digest_js_1 = require("./dsa_digest.js");
@@ -8,2 +9,6 @@ const node_key_js_1 = require("./node_key.js");
 const webcrypto_js_1 = require("./webcrypto.js");
+let oneShotVerify = crypto.verify;
+if (oneShotVerify.length > 4) {
+    oneShotVerify = util_1.promisify(oneShotVerify);
+}
 const verify = async (alg, key, signature, data) => {
@@ -14,3 +19,3 @@ if (alg.startsWith('HS')) {
         try {
-            return crypto_1.timingSafeEqual(actual, expected);
+            return crypto.timingSafeEqual(actual, expected);
         }
@@ -25,3 +30,3 @@ catch {
     }
-    else if (!(key instanceof crypto_1.KeyObject)) {
+    else if (!(key instanceof crypto.KeyObject)) {
         throw new TypeError('invalid key object type provided');
@@ -31,3 +36,3 @@ }
     try {
-        return crypto_1.verify(algorithm, data, keyInput, signature);
+        return oneShotVerify(algorithm, data, keyInput, signature);
     }
@@ -34,0 +39,0 @@ catch {

dist/node/esm/runtime/jwk_to_key.js

@@ -7,3 +7,15 @@ import { createPrivateKey, createPublicKey, createSecretKey } from 'crypto';
 import Asn1SequenceEncoder from './asn1_sequence_encoder.js';
+const [major, minor] = process.version
+    .substr(1)
+    .split('.')
+    .map((str) => parseInt(str, 10));
+const jwkImportSupported = major >= 16 || (major === 15 && minor >= 12);
 const parse = (jwk) => {
+    if (jwkImportSupported && jwk.kty !== 'oct') {
+        return jwk.d
+            ?
+                createPrivateKey({ format: 'jwk', key: jwk })
+            :
+                createPublicKey({ format: 'jwk', key: jwk });
+    }
     switch (jwk.kty) {
@@ -10,0 +22,0 @@ case 'oct': {

dist/node/esm/runtime/key_to_jwk.js

@@ -7,2 +7,7 @@ import { KeyObject, createPublicKey } from 'crypto';
 import { isCryptoKey, getKeyObject } from './webcrypto.js';
+const [major, minor] = process.version
+    .substr(1)
+    .split('.')
+    .map((str) => parseInt(str, 10));
+const jwkExportSupported = major >= 16 || (major === 15 && minor >= 9);
 const keyToJWK = (key) => {
@@ -15,2 +20,5 @@ if (isCryptoKey(key)) {
     }
+    if (jwkExportSupported) {
+        return key.export({ format: 'jwk' });
+    }
     switch (key.type) {
@@ -17,0 +25,0 @@ case 'secret':

dist/node/esm/runtime/sign.js

@@ -1,2 +0,3 @@
-import { sign as oneShotSign, createHmac } from 'crypto';
+import * as crypto from 'crypto';
+import { promisify } from 'util';
 import nodeDigest from './dsa_digest.js';
@@ -7,2 +8,6 @@ import hmacDigest from './hmac_digest.js';
 import { isCryptoKey, getKeyObject } from './webcrypto.js';
+let oneShotSign = crypto.sign;
+if (oneShotSign.length > 3) {
+    oneShotSign = promisify(oneShotSign);
+}
 const sign = async (alg, key, data) => {
@@ -27,3 +32,3 @@ let keyObject;
         }
-        const hmac = createHmac(hmacDigest(alg), keyObject);
+        const hmac = crypto.createHmac(hmacDigest(alg), keyObject);
         hmac.update(data);
@@ -30,0 +35,0 @@ return hmac.digest();

dist/node/esm/runtime/verify.js

@@ -1,2 +0,3 @@
-import { verify as oneShotVerify, timingSafeEqual, KeyObject } from 'crypto';
+import * as crypto from 'crypto';
+import { promisify } from 'util';
 import nodeDigest from './dsa_digest.js';
@@ -6,2 +7,6 @@ import nodeKey from './node_key.js';
 import { isCryptoKey, getKeyObject } from './webcrypto.js';
+let oneShotVerify = crypto.verify;
+if (oneShotVerify.length > 4) {
+    oneShotVerify = promisify(oneShotVerify);
+}
 const verify = async (alg, key, signature, data) => {
@@ -12,3 +17,3 @@ if (alg.startsWith('HS')) {
         try {
-            return timingSafeEqual(actual, expected);
+            return crypto.timingSafeEqual(actual, expected);
         }
@@ -23,3 +28,3 @@ catch {
     }
-    else if (!(key instanceof KeyObject)) {
+    else if (!(key instanceof crypto.KeyObject)) {
         throw new TypeError('invalid key object type provided');
@@ -26,0 +31,0 @@ }

package.json

 {
   "name": "jose",
-  "version": "3.9.0",
+  "version": "3.10.0",
   "description": "Universal 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies",
@@ -5,0 +5,0 @@ "keywords": [

README.md

@@ -81,3 +81,3 @@ # jose
 - [Unsecured JWT](docs/classes/jwt_unsecured.unsecuredjwt.md#readme)
-- [JOSE Errors](docs/modules/util_errors.md)
+- [JOSE Errors](docs/modules/util_errors.md#readme)
 
@@ -84,0 +84,0 @@ ## Examples

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

402818

increased by0.47%

Lines of code

9888

increased by0.61%

No dependency changes