node-jose - npm Package Compare versions

Comparing version 0.9.1 to 0.9.2

CHANGELOG.md

		# Release Notes

		<a name="0.9.2"></a>
		## [0.9.2](https://github.com/cisco/node-jose/compare/0.9.1...0.9.2) (2016-12-29)


		### Build

		* include browser tests in travis-ci ([4005f315f880add9aba33c1cbc7fb2c0a3a7a3d5](https://github.com/cisco/node-jose/commit/4005f315f880add9aba33c1cbc7fb2c0a3a7a3d5))

		### Fix

		* improper call to base64url.decode ([e15d17c342c5374c8e953a2aa975c1a9daf1766a](https://github.com/cisco/node-jose/commit/e15d17c342c5374c8e953a2aa975c1a9daf1766a)), closes [#80](https://github.com/cisco/node-jose/issues/80)
		* node v6+ emits UnhandledPromiseRejectionWarning ([6b5dbdfa9e9907ae547a6bce2a918fcc6c25368e](https://github.com/cisco/node-jose/commit/6b5dbdfa9e9907ae547a6bce2a918fcc6c25368e)), closes [#79](https://github.com/cisco/node-jose/issues/79)


		<a name="0.9.1"></a>
		@@ -4,0 +18,0 @@ ## [0.9.1](https://github.com/cisco/node-jose/compare/0.9.0...0.9.1) (2016-08-23)

lib/jwe/decrypt.js

		@@ -97,5 +97,5 @@ /*!
		protect;
		promise.then(function(rcptList) {
		promise = promise.then(function(rcptList) {
		if (input.protected) {
		protect = base64url.decode(input.protected, "utf8");
		protect = base64url.decode(input.protected).toString("utf8");
		protect = JSON.parse(protect);
		@@ -102,0 +102,0 @@

lib/jwk/rsakey.js

		@@ -9,3 +9,4 @@ /*!
		var forge = require("../deps/forge.js"),
		rsau = require("../algorithms/rsa-util");
		rsau = require("../algorithms/rsa-util"),
		nodeCrypto = require("../algorithms/helpers").nodeCrypto;

		@@ -261,36 +262,53 @@ var JWK = {
		// TODO: validate key sizes
		var key = forge.pki.rsa.generateKeyPair({
		bits: size,
		e: 0x010001
		});
		key = key.privateKey;
		var promise;

		// convert to JSON-ish
		var result = {};
		[
		"e",
		"n",
		"d",
		"p",
		"q",
		{incoming: "dP", outgoing: "dp"},
		{incoming: "dQ", outgoing: "dq"},
		{incoming: "qInv", outgoing: "qi"}
		].forEach(function(f) {
		var incoming,
		outgoing;
		if (nodeCrypto) {
		promise = new Promise(function (resolve, reject) {
		forge.pki.rsa.generateKeyPair({
		bits: size,
		e: 0x010001
		}, function (err, key) {
		if (err) return reject(err);
		resolve(key.privateKey);
		});
		});
		} else {
		var key = forge.pki.rsa.generateKeyPair({
		bits: size,
		e: 0x010001
		});
		promise = Promise.resolve(key.privateKey);
		};

		if ("string" === typeof f) {
		incoming = outgoing = f;
		} else {
		incoming = f.incoming;
		outgoing = f.outgoing;
		}
		return promise.then(function (key) {

		if (incoming in key) {
		result[outgoing] = convertBNtoBuffer(key[incoming]);
		}
		// convert to JSON-ish
		var result = {};
		[
		"e",
		"n",
		"d",
		"p",
		"q",
		{incoming: "dP", outgoing: "dp"},
		{incoming: "dQ", outgoing: "dq"},
		{incoming: "qInv", outgoing: "qi"}
		].forEach(function(f) {
		var incoming,
		outgoing;

		if ("string" === typeof f) {
		incoming = outgoing = f;
		} else {
		incoming = f.incoming;
		outgoing = f.outgoing;
		}

		if (incoming in key) {
		result[outgoing] = convertBNtoBuffer(key[incoming]);
		}
		});

		return result;
		});

		return Promise.resolve(result);
		},
		@@ -297,0 +315,0 @@ import: function(input) {

228

lib/jws/verify.js

		@@ -105,3 +105,3 @@ /*!

		return {
		return Promise.resolve({
		protected: protect,
		@@ -111,128 +111,130 @@ aad: s.protected \|\| "",
		signature: signature
		};
		});
		});

		var promise = new Promise(function(resolve, reject) {
		var processSig = function() {
		var sig = sigList.shift();
		if (!sig) {
		reject(new Error("no key found"));
		return;
		}
		var promise = Promise.all(sigList);
		promise = promise.then(function(sigList) {
		return new Promise(function(resolve, reject) {
		var processSig = function() {
		var sig = sigList.shift();
		if (!sig) {
		reject(new Error("no key found"));
		return;
		}

		sig = merge({}, sig, {
		payload: input.payload
		});
		var p = Promise.resolve(sig);
		// find the key
		p = p.then(function(sig) {
		var algKey;
		// TODO: resolve jku, x5c, x5u
		if (sig.header.jwk) {
		algKey = JWK.asKey(sig.header.jwk);
		} else if (sig.header.x5c) {
		algKey = sig.header.x5c[0];
		algKey = new Buffer(algKey, "base64");
		// TODO: callback to validate chain
		algKey = JWK.asKey(algKey, "pkix");
		} else {
		algKey = Promise.resolve(assumedKey \|\| keystore.get({
		use: "sig",
		alg: sig.header.alg,
		kid: sig.header.kid
		}));
		}
		return algKey.then(function(k) {
		if (!k) {
		return Promise.reject(new Error("key does not match"));
		sig = merge({}, sig, {
		payload: input.payload
		});
		var p = Promise.resolve(sig);
		// find the key
		p = p.then(function(sig) {
		var algKey;
		// TODO: resolve jku, x5c, x5u
		if (sig.header.jwk) {
		algKey = JWK.asKey(sig.header.jwk);
		} else if (sig.header.x5c) {
		algKey = sig.header.x5c[0];
		algKey = new Buffer(algKey, "base64");
		// TODO: callback to validate chain
		algKey = JWK.asKey(algKey, "pkix");
		} else {
		algKey = Promise.resolve(assumedKey \|\| keystore.get({
		use: "sig",
		alg: sig.header.alg,
		kid: sig.header.kid
		}));
		}
		sig.key = k;
		return sig;
		return algKey.then(function(k) {
		if (!k) {
		return Promise.reject(new Error("key does not match"));
		}
		sig.key = k;
		return sig;
		});
		});
		});

		// process any prepare-verify handlers
		p = p.then(function(sig) {
		var processing = [];
		handlerKeys.forEach(function(h) {
		h = extraHandlers[h];
		var p;
		if ("function" === typeof h) {
		p = h(sig);
		} else if ("object" === typeof h && "function" === typeof h.prepare) {
		p = h.prepare(sig);
		// process any prepare-verify handlers
		p = p.then(function(sig) {
		var processing = [];
		handlerKeys.forEach(function(h) {
		h = extraHandlers[h];
		var p;
		if ("function" === typeof h) {
		p = h(sig);
		} else if ("object" === typeof h && "function" === typeof h.prepare) {
		p = h.prepare(sig);
		}
		if (p) {
		processing.push(Promise.resolve(p));
		}
		});
		return Promise.all(processing).then(function() {
		// don't actually care about individual handler results
		// assume {sig} is updated
		return sig;
		});
		});

		// prepare verify inputs
		p = p.then(function(sig) {
		var aad = sig.aad \|\| "",
		payload = sig.payload \|\| "";
		var content = new Buffer(1 + aad.length + payload.length),
		pos = 0;
		content.write(aad, pos, "ascii");
		pos += aad.length;
		content.write(".", pos, "ascii");
		pos++;

		if (Buffer.isBuffer(payload)) {
		payload.copy(content, pos);
		} else {
		content.write(payload, pos, "binary");
		}
		if (p) {
		processing.push(Promise.resolve(p));
		}
		});
		return Promise.all(processing).then(function() {
		// don't actually care about individual handler results
		// assume {sig} is updated
		sig.content = content;
		return sig;
		});
		});

		// prepare verify inputs
		p = p.then(function(sig) {
		var aad = sig.aad \|\| "",
		payload = sig.payload \|\| "";
		var content = new Buffer(1 + aad.length + payload.length),
		pos = 0;
		content.write(aad, pos, "ascii");
		pos += aad.length;
		content.write(".", pos, "ascii");
		pos++;
		p = p.then(function(sig) {
		return sig.key.verify(sig.header.alg,
		sig.content,
		sig.signature);
		});

		if (Buffer.isBuffer(payload)) {
		payload.copy(content, pos);
		} else {
		content.write(payload, pos, "binary");
		}
		sig.content = content;
		return sig;
		});
		p = p.then(function(result) {
		var payload = sig.payload;
		payload = base64url.decode(payload);
		return {
		protected: sig.protected,
		header: sig.header,
		payload: payload,
		signature: result.mac,
		key: sig.key
		};
		});

		p = p.then(function(sig) {
		return sig.key.verify(sig.header.alg,
		sig.content,
		sig.signature);
		});

		p = p.then(function(result) {
		var payload = sig.payload;
		payload = base64url.decode(payload);
		return {
		protected: sig.protected,
		header: sig.header,
		payload: payload,
		signature: result.mac,
		key: sig.key
		};
		});

		// process any post-verify handlers
		p = p.then(function(jws) {
		var processing = [];
		handlerKeys.forEach(function(h) {
		h = extraHandlers[h];
		var p;
		if ("object" === typeof h && "function" === typeof h.complete) {
		p = h.complete(jws);
		}
		if (p) {
		processing.push(Promise.resolve(p));
		}
		// process any post-verify handlers
		p = p.then(function(jws) {
		var processing = [];
		handlerKeys.forEach(function(h) {
		h = extraHandlers[h];
		var p;
		if ("object" === typeof h && "function" === typeof h.complete) {
		p = h.complete(jws);
		}
		if (p) {
		processing.push(Promise.resolve(p));
		}
		});
		return Promise.all(processing).then(function() {
		// don't actually care about individual handler results
		// assume {jws} is updated
		return jws;
		});
		});
		return Promise.all(processing).then(function() {
		// don't actually care about individual handler results
		// assume {jws} is updated
		return jws;
		});
		});
		p.then(resolve, processSig);
		};
		processSig();
		p.then(resolve, processSig);
		};
		processSig();
		});
		});

		return promise;
		@@ -239,0 +241,0 @@ }

package.json

		{
		"name": "node-jose",
		"version": "0.9.1",
		"version": "0.9.2",
		"description": "A JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers",
		@@ -57,2 +57,3 @@ "main": "lib/index.js",
		"gulp-uglify": "^1.1.0",
		"gulp-util": "^3.0.7",
		"istanbul": "^0.4.0",
		@@ -59,0 +60,0 @@ "jose-cookbook": "git+https://github.com/ietf-jose/cookbook.git",

.travis.yml

Sorry, the diff of this file is not supported yet

node-jose - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics