Socket
Socket
Sign inDemoInstall

jose

Package Overview
Dependencies
Maintainers
1
Versions
209
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jose - npm Package Compare versions

Comparing version 3.3.2 to 3.4.0

dist/browser/jws/general/sign.js
dist/browser/jws/general/verify.js
dist/browser/util/decode_protected_header.js
dist/node/cjs/jws/general/sign.js
dist/node/cjs/jws/general/verify.js
dist/node/cjs/util/decode_protected_header.js
dist/node/esm/jws/general/sign.js
dist/node/esm/jws/general/verify.js
dist/node/esm/util/decode_protected_header.js
dist/node/webcrypto/cjs/jws/general/sign.js
dist/node/webcrypto/cjs/jws/general/verify.js
dist/node/webcrypto/cjs/util/decode_protected_header.js
dist/node/webcrypto/esm/jws/general/sign.js
dist/node/webcrypto/esm/jws/general/verify.js
dist/node/webcrypto/esm/util/decode_protected_header.js
dist/types/jws/general/sign.d.ts
dist/types/jws/general/verify.d.ts
dist/types/util/decode_protected_header.d.ts

9

CHANGELOG.md

@@ -5,2 +5,11 @@ # Changelog

## [3.4.0](https://github.com/panva/jose/compare/v3.3.2...v3.4.0) (2020-12-16)
### Features
* added JWS General JSON Serialization signing ([6fb862c](https://github.com/panva/jose/commit/6fb862cf12d34b7dc5077d1872ad29eeac27d21e)), closes [#129](https://github.com/panva/jose/issues/129)
* added JWS General JSON Serialization verification ([55b7781](https://github.com/panva/jose/commit/55b77810d03a1f7e38e13bec384dece08b74b206)), closes [#129](https://github.com/panva/jose/issues/129)
* added utility function for decoding token's protected header ([fa29d68](https://github.com/panva/jose/commit/fa29d68cfdf0922c7e4dac24eb50161d1eab28d4))
## [3.3.2](https://github.com/panva/jose/compare/v3.3.1...v3.3.2) (2020-12-14)

@@ -7,0 +16,0 @@

4

dist/browser/runtime/decrypt.js

@@ -16,3 +16,3 @@ import { concat, uint64be } from '../lib/buffer_utils.js';

try {
plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext.buffer));
plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext));
}

@@ -44,3 +44,3 @@ catch (_a) {

tagLength: 128,
}, encKey, concat(ciphertext, tag).buffer));
}, encKey, concat(ciphertext, tag)));
}

@@ -47,0 +47,0 @@ catch (err) {

2

dist/browser/runtime/ecdhes.js

@@ -20,3 +20,3 @@ import { encoder, concat, uint32be, lengthAndInput, concatKdf as KDF, } from '../lib/buffer_utils.js';

ensureSecureContext();
const { crv, kty, x, y } = (await crypto.subtle.exportKey('jwk', key));
const { crv, kty, x, y } = await crypto.subtle.exportKey('jwk', key);
return { crv, kty, x, y };

@@ -23,0 +23,0 @@ };

4

dist/node/webcrypto/cjs/runtime/decrypt.js

@@ -18,3 +18,3 @@ "use strict";

try {
plaintext = new Uint8Array(await webcrypto_js_1.default.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext.buffer));
plaintext = new Uint8Array(await webcrypto_js_1.default.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext));
}

@@ -46,3 +46,3 @@ catch {

tagLength: 128,
}, encKey, buffer_utils_js_1.concat(ciphertext, tag).buffer));
}, encKey, buffer_utils_js_1.concat(ciphertext, tag)));
}

@@ -49,0 +49,0 @@ catch (err) {

2

dist/node/webcrypto/cjs/runtime/ecdhes.js

@@ -23,3 +23,3 @@ "use strict";

webcrypto_js_1.ensureSecureContext();
const { crv, kty, x, y } = (await webcrypto_js_1.default.subtle.exportKey('jwk', key));
const { crv, kty, x, y } = await webcrypto_js_1.default.subtle.exportKey('jwk', key);
return { crv, kty, x, y };

@@ -26,0 +26,0 @@ };

4

dist/node/webcrypto/esm/runtime/decrypt.js

@@ -16,3 +16,3 @@ import { concat, uint64be } from '../lib/buffer_utils.js';

try {
plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext.buffer));
plaintext = new Uint8Array(await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext));
}

@@ -44,3 +44,3 @@ catch {

tagLength: 128,
}, encKey, concat(ciphertext, tag).buffer));
}, encKey, concat(ciphertext, tag)));
}

@@ -47,0 +47,0 @@ catch (err) {

2

dist/node/webcrypto/esm/runtime/ecdhes.js

@@ -20,3 +20,3 @@ import { encoder, concat, uint32be, lengthAndInput, concatKdf as KDF, } from '../lib/buffer_utils.js';

ensureSecureContext();
const { crv, kty, x, y } = (await crypto.subtle.exportKey('jwk', key));
const { crv, kty, x, y } = await crypto.subtle.exportKey('jwk', key);
return { crv, kty, x, y };

@@ -23,0 +23,0 @@ };

34

dist/types/types.d.ts

@@ -74,2 +74,4 @@ /// <reference lib="dom"/>

*
* If you cannot match a key suitable for the token, throw an error instead.
*
* @param protectedHeader JWE or JWS Protected Header.

@@ -134,2 +136,22 @@ * @param token The consumed JWE or JWS token.

/**
* General JWS definition for verify function inputs, allows payload as
* Uint8Array for detached signature validation.
*/
export interface GeneralJWSInput {
/**
* The "payload" member MUST be present and contain the value
* BASE64URL(JWS Payload). When RFC7797 "b64": false is used
* the value passed may also be a Uint8Array.
*/
payload: string | Uint8Array
/**
* The "signatures" member value MUST be an array of JSON objects.
* Each object represents a signature or MAC over the JWS Payload and
* the JWS Protected Header.
*/
signatures: Omit<FlattenedJWSInput, 'payload'>[]
}
/**
* Flattened JWS definition. Payload is an optional return property, it

@@ -144,2 +166,12 @@ * is not returned when JWS Unencoded Payload Option

/**
* General JWS definition. Payload is an optional return property, it
* is not returned when JWS Unencoded Payload Option
* [RFC7797](https://tools.ietf.org/html/rfc7797) is used.
*/
export interface GeneralJWS {
payload?: string
signatures: Omit<FlattenedJWSInput, 'payload'>[]
}
export interface JoseHeaderParameters {

@@ -555,2 +587,4 @@ /**

export interface GeneralVerifyResult extends FlattenedVerifyResult {}
export interface CompactVerifyResult {

@@ -557,0 +591,0 @@ /**

32

package.json
{
"name": "jose",
"version": "3.3.2",
"description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS with no dependencies",
"version": "3.4.0",
"description": "Universal 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies",
"keywords": [

@@ -17,2 +17,3 @@ "compact",

"flattened",
"general",
"isomorphic",

@@ -175,2 +176,20 @@ "jose",

},
"./jws/general/sign": {
"browser": "./dist/browser/jws/general/sign.js",
"import": "./dist/node/esm/jws/general/sign.js",
"require": "./dist/node/cjs/jws/general/sign.js"
},
"./webcrypto/jws/general/sign": {
"import": "./dist/node/webcrypto/esm/jws/general/sign.js",
"require": "./dist/node/webcrypto/cjs/jws/general/sign.js"
},
"./jws/general/verify": {
"browser": "./dist/browser/jws/general/verify.js",
"import": "./dist/node/esm/jws/general/verify.js",
"require": "./dist/node/cjs/jws/general/verify.js"
},
"./webcrypto/jws/general/verify": {
"import": "./dist/node/webcrypto/esm/jws/general/verify.js",
"require": "./dist/node/webcrypto/cjs/jws/general/verify.js"
},
"./jwt/decrypt": {

@@ -230,2 +249,11 @@ "browser": "./dist/browser/jwt/decrypt.js",

},
"./util/decode_protected_header": {
"browser": "./dist/browser/util/decode_protected_header.js",
"import": "./dist/node/esm/util/decode_protected_header.js",
"require": "./dist/node/cjs/util/decode_protected_header.js"
},
"./webcrypto/util/decode_protected_header": {
"import": "./dist/node/webcrypto/esm/util/decode_protected_header.js",
"require": "./dist/node/webcrypto/cjs/util/decode_protected_header.js"
},
"./util/errors": {

@@ -232,0 +260,0 @@ "browser": "./dist/browser/util/errors.js",

8

README.md

@@ -44,4 +44,4 @@ # jose

- JSON Web Signature (JWS)
- Signing - [Compact](docs/classes/_jws_compact_sign_.compactsign.md#readme), [Flattened](docs/classes/_jws_flattened_sign_.flattenedsign.md#readme)
- Verification - [Compact](docs/functions/_jws_compact_verify_.compactverify.md#readme), [Flattened](docs/functions/_jws_flattened_verify_.flattenedverify.md#readme)
- Signing - [Compact](docs/classes/_jws_compact_sign_.compactsign.md#readme), [Flattened](docs/classes/_jws_flattened_sign_.flattenedsign.md#readme), [General](docs/classes/_jws_general_sign_.generalsign.md#readme)
- Verification - [Compact](docs/functions/_jws_compact_verify_.compactverify.md#readme), [Flattened](docs/functions/_jws_flattened_verify_.flattenedverify.md#readme), [General](docs/functions/_jws_general_verify_.generalverify.md#readme)
- JSON Web Key (JWK)

@@ -57,2 +57,4 @@ - [Parsing (JWK to KeyLike)](docs/functions/_jwk_parse_.parsejwk.md#readme)

- [Symmetric Secret Generation](docs/functions/_util_generate_secret_.generatesecret.md#readme)
- Utilities
- [Decoding Token's Protected Header](docs/functions/_util_decode_protected_header_.decodeprotectedheader.md#readme)
- [Unsecured JWT](docs/classes/_jwt_unsecured_.unsecuredjwt.md#readme)

@@ -77,3 +79,3 @@ - [JOSE Errors](docs/modules/_util_errors_.md)

| Compact | ✓ | ✓ | ✓ | ✓ |
| General JSON | ✕ | ✕ | ✕ | ✕ |
| General JSON | ✓ | ✓ | ✕ | ✕ |
| Flattened JSON | ✓ | ✓ | ✓ | ✓ |

@@ -80,0 +82,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc