node-forge - npm Package Compare versions

Comparing version 0.7.5 to 0.7.6

CHANGELOG.md

 Forge ChangeLog
 ===============
 
+## 0.7.6 - 2018-08-14
+
+### Added
+- Test on Node.js 10.x.
+- Support for PKCS#7 detached signatures.
+
+### Changed
+- Improve webpack/browser detection.
+
 ## 0.7.5 - 2018-03-30
@@ -5,0 +14,0 @@

lib/pkcs7.js

@@ -331,4 +331,7 @@ /**
      * Signs the content.
+     * @param options Options to apply when signing:
+     *    [detached] boolean. If signing should be done in detached mode. Defaults to false.
      */
-    sign: function() {
+    sign: function(options) {
+      options = options || {};
       // auto-generate content info
@@ -353,8 +356,12 @@ if(typeof msg.content !== 'object' || msg.contentInfo === null) {
 
-          msg.contentInfo.value.push(
-            // [0] EXPLICIT content
-            asn1.create(asn1.Class.CONTEXT_SPECIFIC, 0, true, [
-              asn1.create(asn1.Class.UNIVERSAL, asn1.Type.OCTETSTRING, false,
-                content)
-            ]));
+          if (options.detached) {
+            msg.detachedContent = asn1.create(asn1.Class.UNIVERSAL, asn1.Type.OCTETSTRING, false, content);
+          } else {
+            msg.contentInfo.value.push(
+              // [0] EXPLICIT content
+              asn1.create(asn1.Class.CONTEXT_SPECIFIC, 0, true, [
+                asn1.create(asn1.Class.UNIVERSAL, asn1.Type.OCTETSTRING, false,
+                  content)
+              ]));
+          }
         }
@@ -442,6 +449,18 @@ }
   function addSignerInfos(mds) {
-    // Note: ContentInfo is a SEQUENCE with 2 values, second value is
-    // the content field and is optional for a ContentInfo but required here
-    // since signers are present
-    if(msg.contentInfo.value.length < 2) {
+    var content;
+
+    if (msg.detachedContent) {
+      // Signature has been made in detached mode.
+      content = msg.detachedContent;
+    } else {
+      // Note: ContentInfo is a SEQUENCE with 2 values, second value is
+      // the content field and is optional for a ContentInfo but required here
+      // since signers are present
+      // get ContentInfo content
+      content = msg.contentInfo.value[1];
+      // skip [0] EXPLICIT content wrapper
+      content = content.value[0];
+    }
+
+    if(!content) {
       throw new Error(
@@ -454,7 +473,2 @@ 'Could not sign PKCS#7 message; there is no content to sign.');
 
-    // get ContentInfo content
-    var content = msg.contentInfo.value[1];
-    // skip [0] EXPLICIT content wrapper
-    content = content.value[0];
-
     // serialize content
@@ -461,0 +475,0 @@ var bytes = asn1.toDer(content);

package.json

 {
   "name": "node-forge",
-  "version": "0.7.5",
+  "version": "0.7.6",
   "description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.",
@@ -5,0 +5,0 @@ "homepage": "https://github.com/digitalbazaar/forge",

README.md

@@ -1381,2 +1381,6 @@ # Forge
 
+// PKCS#7 Sign in detached mode.
+// Includes the signature and certificate without the signed data.
+p7.sign({detached: true});
+
 ```
@@ -1383,0 +1387,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1672108

increased by0.07%

Lines of code

31420

increased by0.05%

Number of lines in readme file

2100

increased by0.19%

No dependency changes