Socket
Socket
Sign inDemoInstall

jwa

Package Overview
Dependencies
4
Maintainers
3
Versions
19
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.1.1 to 1.1.2

50

index.js

@@ -1,15 +0,15 @@

const bufferEqual = require('buffer-equal-constant-time');
const base64url = require('base64url');
const crypto = require('crypto');
const formatEcdsa = require('ecdsa-sig-formatter');
const util = require('util');
var bufferEqual = require('buffer-equal-constant-time');
var base64url = require('base64url');
var crypto = require('crypto');
var formatEcdsa = require('ecdsa-sig-formatter');
var util = require('util');
const MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512" and "none".'
const MSG_INVALID_SECRET = 'secret must be a string or buffer';
const MSG_INVALID_VERIFIER_KEY = 'key must be a string or a buffer';
const MSG_INVALID_SIGNER_KEY = 'key must be a string, a buffer or an object';
var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512" and "none".'
var MSG_INVALID_SECRET = 'secret must be a string or buffer';
var MSG_INVALID_VERIFIER_KEY = 'key must be a string or a buffer';
var MSG_INVALID_SIGNER_KEY = 'key must be a string, a buffer or an object';
function typeError(template) {
const args = [].slice.call(arguments, 1);
const errMsg = util.format.bind(util, template).apply(null, args);
var args = [].slice.call(arguments, 1);
var errMsg = util.format.bind(util, template).apply(null, args);
return new TypeError(errMsg);

@@ -33,4 +33,4 @@ }

thing = normalizeInput(thing);
const hmac = crypto.createHmac('sha' + bits, secret);
const sig = (hmac.update(thing), hmac.digest('base64'))
var hmac = crypto.createHmac('sha' + bits, secret);
var sig = (hmac.update(thing), hmac.digest('base64'))
return base64url.fromBase64(sig);

@@ -42,3 +42,3 @@ }

return function verify(thing, signature, secret) {
const computedSig = createHmacSigner(bits)(thing, secret);
var computedSig = createHmacSigner(bits)(thing, secret);
return bufferEqual(Buffer(signature), Buffer(computedSig));

@@ -55,4 +55,4 @@ }

// keys as well.
const signer = crypto.createSign('RSA-SHA' + bits);
const sig = (signer.update(thing), signer.sign(privateKey, 'base64'));
var signer = crypto.createSign('RSA-SHA' + bits);
var sig = (signer.update(thing), signer.sign(privateKey, 'base64'));
return base64url.fromBase64(sig);

@@ -68,3 +68,3 @@ }

signature = base64url.toBase64(signature);
const verifier = crypto.createVerify('RSA-SHA' + bits);
var verifier = crypto.createVerify('RSA-SHA' + bits);
verifier.update(thing);

@@ -76,3 +76,3 @@ return verifier.verify(publicKey, signature, 'base64');

function createECDSASigner(bits) {
const inner = createKeySigner(bits);
var inner = createKeySigner(bits);
return function sign() {

@@ -86,6 +86,6 @@ var signature = inner.apply(null, arguments);

function createECDSAVerifer(bits) {
const inner = createKeyVerifier(bits);
var inner = createKeyVerifier(bits);
return function verify(thing, signature, publicKey) {
signature = formatEcdsa.joseToDer(signature, 'ES' + bits).toString('base64');
const result = inner(thing, signature, publicKey);
var result = inner(thing, signature, publicKey);
return result;

@@ -108,3 +108,3 @@ };

module.exports = function jwa(algorithm) {
const signerFactories = {
var signerFactories = {
hs: createHmacSigner,

@@ -115,3 +115,3 @@ rs: createKeySigner,

}
const verifierFactories = {
var verifierFactories = {
hs: createHmacVerifier,

@@ -122,7 +122,7 @@ rs: createKeyVerifier,

}
const match = algorithm.match(/^(RS|ES|HS)(256|384|512)$|^(none)$/i);
var match = algorithm.match(/^(RS|ES|HS)(256|384|512)$|^(none)$/i);
if (!match)
throw typeError(MSG_INVALID_ALGORITHM, algorithm);
const algo = (match[1] || match[3]).toLowerCase();
const bits = match[2];
var algo = (match[1] || match[3]).toLowerCase();
var bits = match[2];

@@ -129,0 +129,0 @@ return {

{
"name": "jwa",
"version": "1.1.1",
"version": "1.1.2",
"description": "JWA implementation (supports all JWS algorithms)",

@@ -5,0 +5,0 @@ "main": "index.js",

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc