jose - npm Package Compare versions

Comparing version 5.2.1 to 5.2.2

dist/browser/jwe/compact/decrypt.js

@@ -17,5 +17,5 @@ import { flattenedDecrypt } from '../flattened/decrypt.js';
         ciphertext,
-        iv: (iv || undefined),
-        protected: protectedHeader || undefined,
-        tag: (tag || undefined),
+        iv: iv || undefined,
+        protected: protectedHeader,
+        tag: tag || undefined,
         encrypted_key: encryptedKey || undefined,
@@ -22,0 +22,0 @@ }, key, options);

dist/browser/jwe/flattened/decrypt.js

@@ -18,4 +18,4 @@ import { decode as base64url } from '../../runtime/base64url.js';
     }
-    if (typeof jwe.iv !== 'string') {
-        throw new JWEInvalid('JWE Initialization Vector missing or incorrect type');
+    if (jwe.iv !== undefined && typeof jwe.iv !== 'string') {
+        throw new JWEInvalid('JWE Initialization Vector incorrect type');
     }
@@ -25,4 +25,4 @@ if (typeof jwe.ciphertext !== 'string') {
     }
-    if (typeof jwe.tag !== 'string') {
-        throw new JWEInvalid('JWE Authentication Tag missing or incorrect type');
+    if (jwe.tag !== undefined && typeof jwe.tag !== 'string') {
+        throw new JWEInvalid('JWE Authentication Tag incorrect type');
     }
@@ -109,14 +109,18 @@ if (jwe.protected !== undefined && typeof jwe.protected !== 'string') {
     let tag;
-    try {
-        iv = base64url(jwe.iv);
+    if (jwe.iv !== undefined) {
+        try {
+            iv = base64url(jwe.iv);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the iv');
+        }
     }
-    catch {
-        throw new JWEInvalid('Failed to base64url decode the iv');
+    if (jwe.tag !== undefined) {
+        try {
+            tag = base64url(jwe.tag);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the tag');
+        }
     }
-    try {
-        tag = base64url(jwe.tag);
-    }
-    catch {
-        throw new JWEInvalid('Failed to base64url decode the tag');
-    }
     const protectedHeader = encoder.encode(jwe.protected ?? '');
@@ -123,0 +127,0 @@ let additionalData;

dist/browser/jwks/remote.js

@@ -12,3 +12,3 @@ import fetchJwks from '../runtime/fetch_jwks.js';
     const NAME = 'jose';
-    const VERSION = 'v5.2.1';
+    const VERSION = 'v5.2.2';
     USER_AGENT = `${NAME}/${VERSION}`;
@@ -15,0 +15,0 @@ }

dist/browser/runtime/decrypt.js

@@ -5,3 +5,3 @@ import { concat, uint64be } from '../lib/buffer_utils.js';
 import timingSafeEqual from './timing_safe_equal.js';
-import { JOSENotSupported, JWEDecryptionFailed } from '../util/errors.js';
+import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.js';
 import crypto, { isCryptoKey } from './webcrypto.js';
@@ -68,2 +68,8 @@ import { checkEncCryptoKey } from '../lib/crypto_key.js';
     }
+    if (!iv) {
+        throw new JWEInvalid('JWE Initialization Vector missing');
+    }
+    if (!tag) {
+        throw new JWEInvalid('JWE Authentication Tag missing');
+    }
     checkIvLength(enc, iv);
@@ -70,0 +76,0 @@ switch (enc) {

dist/node/cjs/jwe/compact/decrypt.js

@@ -20,5 +20,5 @@ "use strict";
         ciphertext,
-        iv: (iv || undefined),
-        protected: protectedHeader || undefined,
-        tag: (tag || undefined),
+        iv: iv || undefined,
+        protected: protectedHeader,
+        tag: tag || undefined,
         encrypted_key: encryptedKey || undefined,
@@ -25,0 +25,0 @@ }, key, options);

dist/node/cjs/jwe/flattened/decrypt.js

@@ -21,4 +21,4 @@ "use strict";
     }
-    if (typeof jwe.iv !== 'string') {
-        throw new errors_js_1.JWEInvalid('JWE Initialization Vector missing or incorrect type');
+    if (jwe.iv !== undefined && typeof jwe.iv !== 'string') {
+        throw new errors_js_1.JWEInvalid('JWE Initialization Vector incorrect type');
     }
@@ -28,4 +28,4 @@ if (typeof jwe.ciphertext !== 'string') {
     }
-    if (typeof jwe.tag !== 'string') {
-        throw new errors_js_1.JWEInvalid('JWE Authentication Tag missing or incorrect type');
+    if (jwe.tag !== undefined && typeof jwe.tag !== 'string') {
+        throw new errors_js_1.JWEInvalid('JWE Authentication Tag incorrect type');
     }
@@ -112,14 +112,18 @@ if (jwe.protected !== undefined && typeof jwe.protected !== 'string') {
     let tag;
-    try {
-        iv = (0, base64url_js_1.decode)(jwe.iv);
+    if (jwe.iv !== undefined) {
+        try {
+            iv = (0, base64url_js_1.decode)(jwe.iv);
+        }
+        catch {
+            throw new errors_js_1.JWEInvalid('Failed to base64url decode the iv');
+        }
     }
-    catch {
-        throw new errors_js_1.JWEInvalid('Failed to base64url decode the iv');
+    if (jwe.tag !== undefined) {
+        try {
+            tag = (0, base64url_js_1.decode)(jwe.tag);
+        }
+        catch {
+            throw new errors_js_1.JWEInvalid('Failed to base64url decode the tag');
+        }
     }
-    try {
-        tag = (0, base64url_js_1.decode)(jwe.tag);
-    }
-    catch {
-        throw new errors_js_1.JWEInvalid('Failed to base64url decode the tag');
-    }
     const protectedHeader = buffer_utils_js_1.encoder.encode(jwe.protected ?? '');
@@ -126,0 +130,0 @@ let additionalData;

dist/node/cjs/jwks/remote.js

@@ -15,3 +15,3 @@ "use strict";
     const NAME = 'jose';
-    const VERSION = 'v5.2.1';
+    const VERSION = 'v5.2.2';
     USER_AGENT = `${NAME}/${VERSION}`;
@@ -18,0 +18,0 @@ }

dist/node/cjs/runtime/decrypt.js

@@ -82,2 +82,8 @@ "use strict";
     }
+    if (!iv) {
+        throw new errors_js_1.JWEInvalid('JWE Initialization Vector missing');
+    }
+    if (!tag) {
+        throw new errors_js_1.JWEInvalid('JWE Authentication Tag missing');
+    }
     (0, check_cek_length_js_1.default)(enc, key);
@@ -84,0 +90,0 @@ (0, check_iv_length_js_1.default)(enc, iv);

dist/node/esm/jwe/compact/decrypt.js

@@ -17,5 +17,5 @@ import { flattenedDecrypt } from '../flattened/decrypt.js';
         ciphertext,
-        iv: (iv || undefined),
-        protected: protectedHeader || undefined,
-        tag: (tag || undefined),
+        iv: iv || undefined,
+        protected: protectedHeader,
+        tag: tag || undefined,
         encrypted_key: encryptedKey || undefined,
@@ -22,0 +22,0 @@ }, key, options);

dist/node/esm/jwe/flattened/decrypt.js

@@ -18,4 +18,4 @@ import { decode as base64url } from '../../runtime/base64url.js';
     }
-    if (typeof jwe.iv !== 'string') {
-        throw new JWEInvalid('JWE Initialization Vector missing or incorrect type');
+    if (jwe.iv !== undefined && typeof jwe.iv !== 'string') {
+        throw new JWEInvalid('JWE Initialization Vector incorrect type');
     }
@@ -25,4 +25,4 @@ if (typeof jwe.ciphertext !== 'string') {
     }
-    if (typeof jwe.tag !== 'string') {
-        throw new JWEInvalid('JWE Authentication Tag missing or incorrect type');
+    if (jwe.tag !== undefined && typeof jwe.tag !== 'string') {
+        throw new JWEInvalid('JWE Authentication Tag incorrect type');
     }
@@ -109,14 +109,18 @@ if (jwe.protected !== undefined && typeof jwe.protected !== 'string') {
     let tag;
-    try {
-        iv = base64url(jwe.iv);
+    if (jwe.iv !== undefined) {
+        try {
+            iv = base64url(jwe.iv);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the iv');
+        }
     }
-    catch {
-        throw new JWEInvalid('Failed to base64url decode the iv');
+    if (jwe.tag !== undefined) {
+        try {
+            tag = base64url(jwe.tag);
+        }
+        catch {
+            throw new JWEInvalid('Failed to base64url decode the tag');
+        }
     }
-    try {
-        tag = base64url(jwe.tag);
-    }
-    catch {
-        throw new JWEInvalid('Failed to base64url decode the tag');
-    }
     const protectedHeader = encoder.encode(jwe.protected ?? '');
@@ -123,0 +127,0 @@ let additionalData;

dist/node/esm/jwks/remote.js

@@ -12,3 +12,3 @@ import fetchJwks from '../runtime/fetch_jwks.js';
     const NAME = 'jose';
-    const VERSION = 'v5.2.1';
+    const VERSION = 'v5.2.2';
     USER_AGENT = `${NAME}/${VERSION}`;
@@ -15,0 +15,0 @@ }

dist/node/esm/runtime/decrypt.js

@@ -5,3 +5,3 @@ import { createDecipheriv, KeyObject } from 'node:crypto';
 import { concat } from '../lib/buffer_utils.js';
-import { JOSENotSupported, JWEDecryptionFailed } from '../util/errors.js';
+import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.js';
 import timingSafeEqual from './timing_safe_equal.js';
@@ -81,2 +81,8 @@ import cbcTag from './cbc_tag.js';
     }
+    if (!iv) {
+        throw new JWEInvalid('JWE Initialization Vector missing');
+    }
+    if (!tag) {
+        throw new JWEInvalid('JWE Authentication Tag missing');
+    }
     checkCekLength(enc, key);
@@ -83,0 +89,0 @@ checkIvLength(enc, iv);

dist/types/key/import.d.ts

@@ -14,2 +14,6 @@ import type { JWK, KeyLike } from '../types';
  *
+ * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
  * @param spki PEM-encoded SPKI string
@@ -25,2 +29,6 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used
  *
+ * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
  * @param x509 X.509 certificate string
@@ -36,2 +44,6 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used
  *
+ * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in
+ * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption
+ * (1.2.840.113549.1.1.1) instead for all RSA algorithms.
+ *
  * @param pkcs8 PEM-encoded PKCS#8 string
@@ -44,7 +56,8 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used
 /**
- * Imports a JWK to a runtime-specific key representation (KeyLike). Either JWK "alg" (Algorithm)
- * Parameter must be present or the optional "alg" argument. When running on a runtime using
- * {@link https://www.w3.org/TR/WebCryptoAPI/ Web Cryptography API} the jwk parameters "use",
- * "key_ops", and "ext" are also used in the resulting `CryptoKey`.
+ * Imports a JWK to a runtime-specific key representation (KeyLike). Either the JWK "alg"
+ * (Algorithm) Parameter, or the optional "alg" argument, must be present.
  *
+ * Note: When the runtime is using {@link https://w3c.github.io/webcrypto/ Web Cryptography API} the
+ * jwk parameters "use", "key_ops", and "ext" are also used in the resulting `CryptoKey`.
+ *
  * @param jwk JSON Web Key.
@@ -51,0 +64,0 @@ * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used

dist/types/types.d.ts

@@ -267,3 +267,3 @@ /**
    */
-  iv: string
+  iv?: string
 
@@ -281,3 +281,3 @@ /**
    */
-  tag: string
+  tag?: string
 
@@ -284,0 +284,0 @@ /**

package.json

 {
   "name": "jose",
-  "version": "5.2.1",
+  "version": "5.2.2",
   "description": "JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes",
@@ -5,0 +5,0 @@ "keywords": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

504997

increased by0.33%

Lines of code

12491

increased by0.35%

No dependency changes