jwa - npm Package Compare versions

Comparing version 1.1.6 to 1.2.0

index.js

@@ -7,3 +7,3 @@ var bufferEqual = require('buffer-equal-constant-time');
 
-var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n  Supported algorithms are:\n  "HS256", "HS384", "HS512", "RS256", "RS384", "RS512" and "none".'
+var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n  Supported algorithms are:\n  "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" and "none".'
 var MSG_INVALID_SECRET = 'secret must be a string or buffer';
@@ -94,2 +94,25 @@ var MSG_INVALID_VERIFIER_KEY = 'key must be a string or a buffer';
 
+function createPSSKeySigner(bits) {
+ return function sign(thing, privateKey) {
+    if (!bufferOrString(privateKey) && !(typeof privateKey === 'object'))
+      throw typeError(MSG_INVALID_SIGNER_KEY);
+    thing = normalizeInput(thing);
+    var signer = crypto.createSign('RSA-SHA' + bits);
+    var sig = (signer.update(thing), signer.sign({key: privateKey, padding: crypto.constants.RSA_PKCS1_PSS_PADDING}, 'base64'));
+    return fromBase64(sig);
+  }
+}
+
+function createPSSKeyVerifier(bits) {
+  return function verify(thing, signature, publicKey) {
+    if (!bufferOrString(publicKey))
+      throw typeError(MSG_INVALID_VERIFIER_KEY);
+    thing = normalizeInput(thing);
+    signature = toBase64(signature);
+    var verifier = crypto.createVerify('RSA-SHA' + bits);
+    verifier.update(thing);
+    return verifier.verify({key: publicKey, padding: crypto.constants.RSA_PKCS1_PSS_PADDING}, signature, 'base64');
+  }
+}
+
 function createECDSASigner(bits) {
@@ -129,2 +152,3 @@ var inner = createKeySigner(bits);
     rs: createKeySigner,
+    ps: createPSSKeySigner,
     es: createECDSASigner,
@@ -136,6 +160,7 @@ none: createNoneSigner,
     rs: createKeyVerifier,
+    ps: createPSSKeyVerifier,
     es: createECDSAVerifer,
     none: createNoneVerifier,
   }
-  var match = algorithm.match(/^(RS|ES|HS)(256|384|512)$|^(none)$/i);
+  var match = algorithm.match(/^(RS|PS|ES|HS)(256|384|512)$|^(none)$/i);
   if (!match)
@@ -142,0 +167,0 @@ throw typeError(MSG_INVALID_ALGORITHM, algorithm);

package.json

 {
   "name": "jwa",
-  "version": "1.1.6",
+  "version": "1.2.0",
   "description": "JWA implementation (supports all JWS algorithms)",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -1,2 +0,2 @@
-# node-jwa [![Build Status](https://travis-ci.org/brianloveswords/node-jwa.png?branch=master)](https://travis-ci.org/brianloveswords/node-jwa)
+# node-jwa [![Build Status](https://travis-ci.org/brianloveswords/node-jwa.svg?branch=master)](https://travis-ci.org/brianloveswords/node-jwa)
 
@@ -18,2 +18,5 @@ A
 RS512 | RSASSA using SHA-512 hash algorithm
+PS256 | RSASSA-PSS using SHA-256 hash algorithm
+PS384 | RSASSA-PSS using SHA-384 hash algorithm
+PS512 | RSASSA-PSS using SHA-512 hash algorithm
 ES256 | ECDSA using P-256 curve and SHA-256 hash algorithm
@@ -24,2 +27,4 @@ ES384 | ECDSA using P-384 curve and SHA-384 hash algorithm
 
+Please note that PS* only works on Node 6.12+ (excluding 7.x).
+
 # Requirements
@@ -69,3 +74,3 @@
 buffer. For ECDSA and RSA, the value should be a string representing a
-PEM encoded **private** key. 
+PEM encoded **private** key.
 
@@ -72,0 +77,0 @@ Output [base64url](http://en.wikipedia.org/wiki/Base64#URL_applications)

No alert changes

Improved metrics

Total package byte prevSize

12367

increased by11.09%

Lines of code

151

increased by17.97%

Number of lines in readme file

151

increased by3.42%

No dependency changes