Socket
Socket
Sign inDemoInstall

jwa

Package Overview
Dependencies
3
Maintainers
3
Versions
19
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.1.5 to 1.1.6

29

index.js
var bufferEqual = require('buffer-equal-constant-time');
var base64url = require('base64url');
var Buffer = require('safe-buffer').Buffer;

@@ -13,2 +12,24 @@ var crypto = require('crypto');

function fromBase64(base64) {
return base64
.replace(/=/g, '')
.replace(/\+/g, '-')
.replace(/\//g, '_');
}
function toBase64(base64url) {
base64url = base64url.toString();
var padding = 4 - base64url.length % 4;
if (padding !== 4) {
for (var i = 0; i < padding; ++i) {
base64url += '=';
}
}
return base64url
.replace(/\-/g, '+')
.replace(/_/g, '/');
}
function typeError(template) {

@@ -37,3 +58,3 @@ var args = [].slice.call(arguments, 1);

var sig = (hmac.update(thing), hmac.digest('base64'))
return base64url.fromBase64(sig);
return fromBase64(sig);
}

@@ -58,3 +79,3 @@ }

var sig = (signer.update(thing), signer.sign(privateKey, 'base64'));
return base64url.fromBase64(sig);
return fromBase64(sig);
}

@@ -68,3 +89,3 @@ }

thing = normalizeInput(thing);
signature = base64url.toBase64(signature);
signature = toBase64(signature);
var verifier = crypto.createVerify('RSA-SHA' + bits);

@@ -71,0 +92,0 @@ verifier.update(thing);

6

package.json
{
"name": "jwa",
"version": "1.1.5",
"version": "1.1.6",
"description": "JWA implementation (supports all JWS algorithms)",

@@ -10,8 +10,8 @@ "main": "index.js",

"dependencies": {
"base64url": "2.0.0",
"buffer-equal-constant-time": "1.0.1",
"ecdsa-sig-formatter": "1.0.9",
"ecdsa-sig-formatter": "1.0.10",
"safe-buffer": "^5.0.1"
},
"devDependencies": {
"base64url": "^2.0.0",
"semver": "4.3.6",

@@ -18,0 +18,0 @@ "tap": "6.2.0"

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc