jwa - npm Package Compare versions

You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP →

jwa

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.1.1 to 1.1.2

index.js

		@@ -1,15 +0,15 @@
		const bufferEqual = require('buffer-equal-constant-time');
		const base64url = require('base64url');
		const crypto = require('crypto');
		const formatEcdsa = require('ecdsa-sig-formatter');
		const util = require('util');
		var bufferEqual = require('buffer-equal-constant-time');
		var base64url = require('base64url');
		var crypto = require('crypto');
		var formatEcdsa = require('ecdsa-sig-formatter');
		var util = require('util');

		const MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512" and "none".'
		const MSG_INVALID_SECRET = 'secret must be a string or buffer';
		const MSG_INVALID_VERIFIER_KEY = 'key must be a string or a buffer';
		const MSG_INVALID_SIGNER_KEY = 'key must be a string, a buffer or an object';
		var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512" and "none".'
		var MSG_INVALID_SECRET = 'secret must be a string or buffer';
		var MSG_INVALID_VERIFIER_KEY = 'key must be a string or a buffer';
		var MSG_INVALID_SIGNER_KEY = 'key must be a string, a buffer or an object';

		function typeError(template) {
		const args = [].slice.call(arguments, 1);
		const errMsg = util.format.bind(util, template).apply(null, args);
		var args = [].slice.call(arguments, 1);
		var errMsg = util.format.bind(util, template).apply(null, args);
		return new TypeError(errMsg);
		@@ -33,4 +33,4 @@ }
		thing = normalizeInput(thing);
		const hmac = crypto.createHmac('sha' + bits, secret);
		const sig = (hmac.update(thing), hmac.digest('base64'))
		var hmac = crypto.createHmac('sha' + bits, secret);
		var sig = (hmac.update(thing), hmac.digest('base64'))
		return base64url.fromBase64(sig);
		@@ -42,3 +42,3 @@ }
		return function verify(thing, signature, secret) {
		const computedSig = createHmacSigner(bits)(thing, secret);
		var computedSig = createHmacSigner(bits)(thing, secret);
		return bufferEqual(Buffer(signature), Buffer(computedSig));
		@@ -55,4 +55,4 @@ }
		// keys as well.
		const signer = crypto.createSign('RSA-SHA' + bits);
		const sig = (signer.update(thing), signer.sign(privateKey, 'base64'));
		var signer = crypto.createSign('RSA-SHA' + bits);
		var sig = (signer.update(thing), signer.sign(privateKey, 'base64'));
		return base64url.fromBase64(sig);
		@@ -68,3 +68,3 @@ }
		signature = base64url.toBase64(signature);
		const verifier = crypto.createVerify('RSA-SHA' + bits);
		var verifier = crypto.createVerify('RSA-SHA' + bits);
		verifier.update(thing);
		@@ -76,3 +76,3 @@ return verifier.verify(publicKey, signature, 'base64');
		function createECDSASigner(bits) {
		const inner = createKeySigner(bits);
		var inner = createKeySigner(bits);
		return function sign() {
		@@ -86,6 +86,6 @@ var signature = inner.apply(null, arguments);
		function createECDSAVerifer(bits) {
		const inner = createKeyVerifier(bits);
		var inner = createKeyVerifier(bits);
		return function verify(thing, signature, publicKey) {
		signature = formatEcdsa.joseToDer(signature, 'ES' + bits).toString('base64');
		const result = inner(thing, signature, publicKey);
		var result = inner(thing, signature, publicKey);
		return result;
		@@ -108,3 +108,3 @@ };
		module.exports = function jwa(algorithm) {
		const signerFactories = {
		var signerFactories = {
		hs: createHmacSigner,
		@@ -115,3 +115,3 @@ rs: createKeySigner,
		}
		const verifierFactories = {
		var verifierFactories = {
		hs: createHmacVerifier,
		@@ -122,7 +122,7 @@ rs: createKeyVerifier,
		}
		const match = algorithm.match(/^(RS\|ES\|HS)(256\|384\|512)$\|^(none)$/i);
		var match = algorithm.match(/^(RS\|ES\|HS)(256\|384\|512)$\|^(none)$/i);
		if (!match)
		throw typeError(MSG_INVALID_ALGORITHM, algorithm);
		const algo = (match[1] \|\| match[3]).toLowerCase();
		const bits = match[2];
		var algo = (match[1] \|\| match[3]).toLowerCase();
		var bits = match[2];

		@@ -129,0 +129,0 @@ return {

package.json

		{
		"name": "jwa",
		"version": "1.1.1",
		"version": "1.1.2",
		"description": "JWA implementation (supports all JWS algorithms)",
		@@ -5,0 +5,0 @@ "main": "index.js",

.travis.yml

Sorry, the diff of this file is not supported yet

Worsened metrics