mongodb-client-encryption - npm Package Compare versions

Comparing version 0.2.0 to 0.3.0

lib/clientEncryption.js

@@ -12,2 +12,39 @@ 'use strict';
 
+  function sanitizeDataKeyOptions(bson, options) {
+    options = Object.assign({}, options);
+
+    // To avoid using libbson inside the bindings, we pre-serialize
+    // any keyAltNames here.
+    if (options.keyAltNames) {
+      if (!Array.isArray(options.keyAltNames)) {
+        throw new TypeError(
+          `Option "keyAltNames" must be an array of string, but was of type ${typeof options.keyAltNames}.`
+        );
+      }
+      const serializedKeyAltNames = [];
+      for (let i = 0; i < options.keyAltNames.length; i += 1) {
+        const item = options.keyAltNames[i];
+        const itemType = typeof item;
+        if (itemType !== 'string') {
+          throw new TypeError(
+            `Option "keyAltNames" must be an array of string, but item at index ${i} was of type ${itemType} `
+          );
+        }
+
+        serializedKeyAltNames.push(bson.serialize({ keyAltName: item }));
+      }
+
+      options.keyAltNames = serializedKeyAltNames;
+    } else if (options.keyAltNAmes == null) {
+      // If keyAltNames is null or undefined, we can assume the intent of
+      // the user is to not pass in the value. B/c Nan::Has will still
+      // register a value of null or undefined as present as long
+      // as the key is present, we delete it off of the options
+      // object here.
+      delete options.keyAltNames;
+    }
+
+    return options;
+  }
+
   /**
@@ -46,3 +83,3 @@ * The public interface for explicit client side encryption
       if (typeof options === 'function') (callback = options), (options = {});
-      options = options || {};
+      options = sanitizeDataKeyOptions(this._bson, options);
 
@@ -91,3 +128,17 @@ const context = this._mongoCrypt.makeDataKeyContext(provider, options);
       }
+      if (options.keyAltName) {
+        const keyAltName = options.keyAltName;
+        if (options.keyId) {
+          throw new TypeError(`"options" cannot contain both "keyId" and "keyAltName"`);
+        }
+        const keyAltNameType = typeof keyAltName;
+        if (keyAltNameType !== 'string') {
+          throw new TypeError(
+            `"options.keyAltName" must be of type string, but was of type ${keyAltNameType}`
+          );
+        }
 
+        contextOptions.keyAltName = bson.serialize({ keyAltName });
+      }
+
       const stateMachine = new StateMachine();
@@ -94,0 +145,0 @@ const context = this._mongoCrypt.makeExplicitEncryptionContext(valueBuffer, contextOptions);

lib/cryptoCallbacks.js

@@ -12,3 +12,3 @@ 'use strict';
   } catch (e) {
-    console.dir({ e });
+    return e;
   }
@@ -27,3 +27,3 @@
   } catch (e) {
-    console.dir({ e });
+    return e;
   }
@@ -36,3 +36,3 @@
 function randomHook(buffer, count) {
-  crypto.randomFillSync(buffer, count);
+  crypto.randomFillSync(buffer, 0, count);
 }
@@ -48,6 +48,7 @@
   } catch (e) {
-    console.dir({ e });
+    return e;
   }
 
   result.copy(output);
+  return result.length;
 }
@@ -64,6 +65,7 @@
     } catch (e) {
-      console.dir({ e });
+      return e;
     }
 
     result.copy(output);
+    return result.length;
   };
@@ -70,0 +72,0 @@ }

lib/mongocryptdManager.js

@@ -5,3 +5,2 @@ 'use strict';
 const readFile = require('fs').readFile;
-const platform = require('os').platform;
 
@@ -62,6 +61,6 @@ /**
       this.uri = extraOptions.mongocryptdURI;
-    } else if (platform() === 'win32') {
+    } else {
+      // TODO: eventually support connecting on Linux Socket for non-windows,
+      // blocked by SERVER-41029
       this.uri = 'mongodb://localhost:27020/?serverSelectionTimeoutMS=1000';
-    } else {
-      this.uri = 'mongodb://%2Ftmp%2Fmongocryptd.sock/?serverSelectionTimeoutMS=1000';
     }
@@ -97,2 +96,4 @@
 
+      this._child.on('error', () => {});
+
       // unref child to remove handle from event loop
@@ -99,0 +100,0 @@ this._child.unref();

lib/stateMachine.js

@@ -131,6 +131,15 @@ 'use strict';
         // terminal states
-        case MONGOCRYPT_CTX_READY:
-          callback(null, bson.deserialize(context.finalize()));
+        case MONGOCRYPT_CTX_READY: {
+          const finalizedContext = context.finalize();
+          // TODO: Maybe rework the logic here so that instead of doing
+          // the callback here, finalize stores the result, and then
+          // we wait to MONGOCRYPT_CTX_DONE to do the callback
+          if (context.state === MONGOCRYPT_CTX_ERROR) {
+            const message = context.status.message || 'Finalization error';
+            callback(new MongoCryptError(message));
+            return;
+          }
+          callback(null, bson.deserialize(finalizedContext));
           return;
-
+        }
         case MONGOCRYPT_CTX_ERROR: {
@@ -137,0 +146,0 @@ const message = context.status.message;

package.json

 {
   "name": "mongodb-client-encryption",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "Official client encryption module for the MongoDB Node.js driver",
@@ -10,3 +10,3 @@ "main": "index.js",
   "scripts": {
-    "install": "node-gyp rebuild",
+    "install": "prebuild-install --tag-prefix node-v || node-gyp rebuild",
     "format-cxx": "git-clang-format",
@@ -16,3 +16,5 @@ "format-js": "prettier --print-width 100 --tab-width 2 --single-quote --write index.js 'test/**/*.js' 'lib/**/*.js'",
     "docs": "jsdoc2md --template etc/README.hbs --plugin dmd-clear --files lib/**/*.js > README.md",
-    "test": "mocha test"
+    "test": "mocha test",
+    "rebuild": "prebuild --compile",
+    "prebuild": "prebuild  --strip --verbose --tag-prefix node-v -t 10.16.0 -t 8.16.0 -t 6.17.1 -t 4.9.1"
   },
@@ -25,3 +27,4 @@ "author": "Matt Broadstone <mbroadst@mongodb.com>",
     "bson": "^1.0.5",
-    "nan": "^2.14.0"
+    "nan": "^2.14.0",
+    "prebuild-install": "^5.3.0"
   },
@@ -38,2 +41,4 @@ "devDependencies": {
     "mongodb-extjson": "^3.0.3",
+    "node-gyp": "^5.0.3",
+    "prebuild": "^9.0.1",
     "prettier": "~1.18.2",
@@ -43,3 +48,6 @@ "segfault-handler": "^1.2.0",
     "sinon-chai": "^3.3.0"
+  },
+  "repository": {
+    "url": "https://github.com/mongodb/libmongocrypt"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

93950

increased by17.37%

Number of package files

20

increased by33.33%

Lines of code

717

increased by8.64%

Number of medium supply chain risk alerts

3

decreased by-25%

Worsened metrics

Dependency count

4

increased by33.33%

Dev dependency count

15

increased by15.38%

Dependency changes

• + Addedprebuild-install@^5.3.0

• + Addedansi-regex@2.1.1(transitive)

• + Addedaproba@1.2.0(transitive)

• + Addedare-we-there-yet@1.1.7(transitive)

• + Addedbase64-js@1.5.1(transitive)

• + Addedbl@4.1.0(transitive)

• + Addedbuffer@5.7.1(transitive)

• + Addedchownr@1.1.4(transitive)

• + Addedcode-point-at@1.1.0(transitive)

• + Addedconsole-control-strings@1.1.0(transitive)

• + Addedcore-util-is@1.0.3(transitive)

• + Addeddecompress-response@4.2.1(transitive)

• + Addeddeep-extend@0.6.0(transitive)

• + Addeddelegates@1.0.0(transitive)

• + Addeddetect-libc@1.0.3(transitive)

• + Addedend-of-stream@1.4.4(transitive)

• + Addedexpand-template@2.0.3(transitive)

• + Addedfs-constants@1.0.0(transitive)

• + Addedgauge@2.7.4(transitive)

• + Addedgithub-from-package@0.0.0(transitive)

• + Addedhas-unicode@2.0.1(transitive)

• + Addedieee754@1.2.1(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedini@1.3.8(transitive)

• + Addedis-fullwidth-code-point@1.0.0(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addedmimic-response@2.1.0(transitive)

• + Addedminimist@1.2.8(transitive)

• + Addedmkdirp-classic@0.5.3(transitive)

• + Addednapi-build-utils@1.0.2(transitive)

• + Addednode-abi@2.30.1(transitive)

• + Addednoop-logger@0.1.1(transitive)

• + Addednpmlog@4.1.2(transitive)

• + Addednumber-is-nan@1.0.1(transitive)

• + Addedobject-assign@4.1.1(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedprebuild-install@5.3.6(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedpump@3.0.2(transitive)

• + Addedrc@1.2.8(transitive)

• + Addedreadable-stream@2.3.83.6.2(transitive)

• + Addedsafe-buffer@5.1.2(transitive)

• + Addedsemver@5.7.2(transitive)

• + Addedset-blocking@2.0.0(transitive)

• + Addedsignal-exit@3.0.7(transitive)

• + Addedsimple-concat@1.0.1(transitive)

• + Addedsimple-get@3.1.1(transitive)

• + Addedstring-width@1.0.2(transitive)

• + Addedstring_decoder@1.1.1(transitive)

• + Addedstrip-ansi@3.0.1(transitive)

• + Addedstrip-json-comments@2.0.1(transitive)

• + Addedtar-fs@2.1.1(transitive)

• + Addedtar-stream@2.2.0(transitive)

• + Addedtunnel-agent@0.6.0(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addedwhich-pm-runs@1.1.0(transitive)

• + Addedwide-align@1.1.5(transitive)

• + Addedwrappy@1.0.2(transitive)