Comparing version 4.6.0 to 4.6.1
@@ -42,4 +42,5 @@ import { importJWK } from '../key/import.js'; | ||
const { alg, kid } = { ...protectedHeader, ...token.header }; | ||
const kty = getKtyFromAlg(alg); | ||
const candidates = this._jwks.keys.filter((jwk) => { | ||
let candidate = jwk.kty === getKtyFromAlg(alg); | ||
let candidate = kty === jwk.kty; | ||
if (candidate && typeof kid === 'string') { | ||
@@ -46,0 +47,0 @@ candidate = kid === jwk.kid; |
@@ -42,17 +42,11 @@ import digest from '../runtime/digest.js'; | ||
const iterations = Math.ceil((bits >> 3) / 32); | ||
let res; | ||
for (let iter = 1; iter <= iterations; iter++) { | ||
const res = new Uint8Array(iterations * 32); | ||
for (let iter = 0; iter < iterations; iter++) { | ||
const buf = new Uint8Array(4 + secret.length + value.length); | ||
buf.set(uint32be(iter)); | ||
buf.set(uint32be(iter + 1)); | ||
buf.set(secret, 4); | ||
buf.set(value, 4 + secret.length); | ||
if (!res) { | ||
res = await digest('sha256', buf); | ||
} | ||
else { | ||
res = concat(res, await digest('sha256', buf)); | ||
} | ||
res.set(await digest('sha256', buf), iter * 32); | ||
} | ||
res = res.slice(0, bits >> 3); | ||
return res; | ||
return res.slice(0, bits >> 3); | ||
} |
@@ -18,5 +18,8 @@ import { encoder, decoder } from '../lib/buffer_utils.js'; | ||
export const decodeBase64 = (encoded) => { | ||
return new Uint8Array(atob(encoded) | ||
.split('') | ||
.map((c) => c.charCodeAt(0))); | ||
const binary = atob(encoded); | ||
const bytes = new Uint8Array(binary.length); | ||
for (let i = 0; i < binary.length; i++) { | ||
bytes[i] = binary.charCodeAt(i); | ||
} | ||
return bytes; | ||
}; | ||
@@ -23,0 +26,0 @@ export const decode = (input) => { |
@@ -46,4 +46,5 @@ "use strict"; | ||
const { alg, kid } = { ...protectedHeader, ...token.header }; | ||
const kty = getKtyFromAlg(alg); | ||
const candidates = this._jwks.keys.filter((jwk) => { | ||
let candidate = jwk.kty === getKtyFromAlg(alg); | ||
let candidate = kty === jwk.kty; | ||
if (candidate && typeof kid === 'string') { | ||
@@ -50,0 +51,0 @@ candidate = kid === jwk.kid; |
@@ -50,18 +50,12 @@ "use strict"; | ||
const iterations = Math.ceil((bits >> 3) / 32); | ||
let res; | ||
for (let iter = 1; iter <= iterations; iter++) { | ||
const res = new Uint8Array(iterations * 32); | ||
for (let iter = 0; iter < iterations; iter++) { | ||
const buf = new Uint8Array(4 + secret.length + value.length); | ||
buf.set(uint32be(iter)); | ||
buf.set(uint32be(iter + 1)); | ||
buf.set(secret, 4); | ||
buf.set(value, 4 + secret.length); | ||
if (!res) { | ||
res = await (0, digest_js_1.default)('sha256', buf); | ||
} | ||
else { | ||
res = concat(res, await (0, digest_js_1.default)('sha256', buf)); | ||
} | ||
res.set(await (0, digest_js_1.default)('sha256', buf), iter * 32); | ||
} | ||
res = res.slice(0, bits >> 3); | ||
return res; | ||
return res.slice(0, bits >> 3); | ||
} | ||
exports.concatKdf = concatKdf; |
@@ -87,3 +87,4 @@ "use strict"; | ||
case 'ECDH-ES+A256KW': | ||
switch (options === null || options === void 0 ? void 0 : options.crv) { | ||
const crv = (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : 'P-256'; | ||
switch (crv) { | ||
case undefined: | ||
@@ -93,3 +94,3 @@ case 'P-256': | ||
case 'P-521': | ||
return generate('ec', { namedCurve: (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : 'P-256' }); | ||
return generate('ec', { namedCurve: crv }); | ||
case 'X25519': | ||
@@ -96,0 +97,0 @@ return generate('x25519'); |
@@ -42,4 +42,5 @@ import { importJWK } from '../key/import.js'; | ||
const { alg, kid } = { ...protectedHeader, ...token.header }; | ||
const kty = getKtyFromAlg(alg); | ||
const candidates = this._jwks.keys.filter((jwk) => { | ||
let candidate = jwk.kty === getKtyFromAlg(alg); | ||
let candidate = kty === jwk.kty; | ||
if (candidate && typeof kid === 'string') { | ||
@@ -46,0 +47,0 @@ candidate = kid === jwk.kid; |
@@ -42,17 +42,11 @@ import digest from '../runtime/digest.js'; | ||
const iterations = Math.ceil((bits >> 3) / 32); | ||
let res; | ||
for (let iter = 1; iter <= iterations; iter++) { | ||
const res = new Uint8Array(iterations * 32); | ||
for (let iter = 0; iter < iterations; iter++) { | ||
const buf = new Uint8Array(4 + secret.length + value.length); | ||
buf.set(uint32be(iter)); | ||
buf.set(uint32be(iter + 1)); | ||
buf.set(secret, 4); | ||
buf.set(value, 4 + secret.length); | ||
if (!res) { | ||
res = await digest('sha256', buf); | ||
} | ||
else { | ||
res = concat(res, await digest('sha256', buf)); | ||
} | ||
res.set(await digest('sha256', buf), iter * 32); | ||
} | ||
res = res.slice(0, bits >> 3); | ||
return res; | ||
return res.slice(0, bits >> 3); | ||
} |
@@ -83,3 +83,4 @@ import { createSecretKey, generateKeyPair as generateKeyPairCb } from 'crypto'; | ||
case 'ECDH-ES+A256KW': | ||
switch (options === null || options === void 0 ? void 0 : options.crv) { | ||
const crv = (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : 'P-256'; | ||
switch (crv) { | ||
case undefined: | ||
@@ -89,3 +90,3 @@ case 'P-256': | ||
case 'P-521': | ||
return generate('ec', { namedCurve: (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : 'P-256' }); | ||
return generate('ec', { namedCurve: crv }); | ||
case 'X25519': | ||
@@ -92,0 +93,0 @@ return generate('x25519'); |
{ | ||
"name": "jose", | ||
"version": "4.6.0", | ||
"version": "4.6.1", | ||
"description": "'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
547875
13810