jwa - npm Package Compare versions
Comparing version 1.1.5 to 1.1.6
29
index.js
| var bufferEqual = require('buffer-equal-constant-time'); | ||
| var base64url = require('base64url'); | ||
| var Buffer = require('safe-buffer').Buffer; | ||
@@ -13,2 +12,24 @@ var crypto = require('crypto'); | ||
| function fromBase64(base64) { | ||
| return base64 | ||
| .replace(/=/g, '') | ||
| .replace(/\+/g, '-') | ||
| .replace(/\//g, '_'); | ||
| } | ||
| function toBase64(base64url) { | ||
| base64url = base64url.toString(); | ||
| var padding = 4 - base64url.length % 4; | ||
| if (padding !== 4) { | ||
| for (var i = 0; i < padding; ++i) { | ||
| base64url += '='; | ||
| } | ||
| } | ||
| return base64url | ||
| .replace(/\-/g, '+') | ||
| .replace(/_/g, '/'); | ||
| } | ||
| function typeError(template) { | ||
@@ -37,3 +58,3 @@ var args = [].slice.call(arguments, 1); | ||
| var sig = (hmac.update(thing), hmac.digest('base64')) | ||
| return base64url.fromBase64(sig); | ||
| return fromBase64(sig); | ||
| } | ||
@@ -58,3 +79,3 @@ } | ||
| var sig = (signer.update(thing), signer.sign(privateKey, 'base64')); | ||
| return base64url.fromBase64(sig); | ||
| return fromBase64(sig); | ||
| } | ||
@@ -68,3 +89,3 @@ } | ||
| thing = normalizeInput(thing); | ||
| signature = base64url.toBase64(signature); | ||
| signature = toBase64(signature); | ||
| var verifier = crypto.createVerify('RSA-SHA' + bits); | ||
@@ -71,0 +92,0 @@ verifier.update(thing); |
| { | ||
| "name": "jwa", | ||
| "version": "1.1.5", | ||
| "version": "1.1.6", | ||
| "description": "JWA implementation (supports all JWS algorithms)", | ||
@@ -10,8 +10,8 @@ "main": "index.js", | ||
| "dependencies": { | ||
| "base64url": "2.0.0", | ||
| "buffer-equal-constant-time": "1.0.1", | ||
| "ecdsa-sig-formatter": "1.0.9", | ||
| "ecdsa-sig-formatter": "1.0.10", | ||
| "safe-buffer": "^5.0.1" | ||
| }, | ||
| "devDependencies": { | ||
| "base64url": "^2.0.0", | ||
| "semver": "4.3.6", | ||
@@ -18,0 +18,0 @@ "tap": "6.2.0" |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.86%
11132
- Dependency count
- decreased by-25%
3
- Lines of code
- increased by15.32%
128
Worsened metrics
- Dev dependency count
- increased by50%
3
- Number of package files
- decreased by-20%
4
Dependency changes
+ Addedecdsa-sig-formatter@1.0.10(transitive)
- Removedbase64url@2.0.0
- Removedbase64url@2.0.0(transitive)
- Removedecdsa-sig-formatter@1.0.9(transitive)
Updatedecdsa-sig-formatter@1.0.10