Socket
Socket
Sign inDemoInstall

jwa

Package Overview
Dependencies
Maintainers
2
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jwa - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

23

index.js
const bufferEqual = require('buffer-equal-constant-time');
const base64url = require('base64url');
const crypto = require('crypto');
const formatEcdsa = require('ecdsa-sig-formatter');
const util = require('util');

@@ -69,2 +70,20 @@

function createECDSASigner(bits) {
const inner = createKeySigner(bits);
return function sign() {
var signature = inner.apply(null, arguments);
signature = formatEcdsa.derToJose(signature, 'ES' + bits);
return signature;
};
}
function createECDSAVerifer(bits) {
const inner = createKeyVerifier(bits);
return function verify(thing, signature, publicKey) {
signature = formatEcdsa.joseToDer(signature, 'ES' + bits).toString('base64');
const result = inner(thing, signature, publicKey);
return result;
};
}
function createNoneSigner() {

@@ -86,3 +105,3 @@ return function sign() {

rs: createKeySigner,
es: createKeySigner,
es: createECDSASigner,
none: createNoneSigner,

@@ -93,3 +112,3 @@ }

rs: createKeyVerifier,
es: createKeyVerifier,
es: createECDSAVerifer,
none: createNoneVerifier,

@@ -96,0 +115,0 @@ }

5

package.json
{
"name": "jwa",
"version": "1.0.0",
"version": "1.0.1",
"description": "JWA implementation (supports all JWS algorithms)",

@@ -11,3 +11,4 @@ "main": "index.js",

"base64url": "~0.0.4",
"buffer-equal-constant-time": "^1.0.1"
"buffer-equal-constant-time": "^1.0.1",
"ecdsa-sig-formatter": "^1.0.0"
},

@@ -14,0 +15,0 @@ "devDependencies": {

17

test/jwa.test.js
const path = require('path');
const base64url = require('base64url');
const formatEcdsa = require('ecdsa-sig-formatter');
const spawn = require('child_process').spawn;

@@ -76,5 +77,5 @@ const fs = require('fs');

test('ECDSA signing, verifying', function (t) {
const input = 'kristen schaal';
BIT_DEPTHS.forEach(function (bits) {
BIT_DEPTHS.forEach(function (bits) {
test('ES'+bits+': signing, verifying', function (t) {
const input = 'kristen schaal';
const algo = jwa('es'+bits);

@@ -84,4 +85,4 @@ const sig = algo.sign(input, ecdsaPrivateKey[bits]);

t.notOk(algo.verify(input, sig, ecdsaWrongPublicKey[bits]), 'should not verify');
t.end();
});
t.end();
});

@@ -102,4 +103,3 @@

return t.fail('could not test interop: openssl failure');
const base64sig = buffer.toString('base64');
const sig = base64url.fromBase64(base64sig);
const sig = formatEcdsa.derToJose(buffer, 'ES' + bits);
t.ok(algo.verify(input, sig, ecdsaPublicKey[bits]), 'should verify');

@@ -132,4 +132,5 @@ t.notOk(algo.verify(input, sig, ecdsaWrongPublicKey[bits]), 'should not verify');

const signature =
base64url.toBuffer(
jwa('es'+bits).sign(input, privateKey)
formatEcdsa.joseToDer(
jwa('es'+bits).sign(input, privateKey),
'ES' + bits
);

@@ -136,0 +137,0 @@ fs.writeFileSync(inputFile, input);

.travis.yml

Sorry, the diff of this file is not supported yet

Makefile

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc