Comparing version 0.2.30 to 0.3.0
@@ -0,0 +0,0 @@ module.exports = function (grunt) { |
{ | ||
"name": "node-rsa", | ||
"version": "0.2.30", | ||
"version": "0.3.0", | ||
"description": "Node.js RSA library", | ||
@@ -37,8 +37,8 @@ "main": "src/NodeRSA.js", | ||
"chai": "2.0.0", | ||
"grunt-contrib-jshint": "0.11.0" | ||
"grunt-contrib-jshint": "0.11.0", | ||
"lodash": "^4.0.0" | ||
}, | ||
"dependencies": { | ||
"asn1": "0.2.3", | ||
"lodash": "3.3.0" | ||
"asn1": "0.2.3" | ||
} | ||
} |
@@ -107,3 +107,7 @@ # Node-RSA | ||
* keyData — `{string|buffer}` — key in PEM string **or** Buffer containing PEM string **or** Buffer containing DER encoded data. | ||
* keyData — `{string|buffer}` — may be: | ||
* key in PEM string | ||
* Buffer containing PEM string | ||
* Buffer containing DER encoded data | ||
* Object contains key components | ||
* format — `{string}` — format id for export/import. | ||
@@ -118,2 +122,3 @@ | ||
* `'pkcs8'` — public key starts from `'-----BEGIN PUBLIC KEY-----'` header and private key starts from `'-----BEGIN PRIVATE KEY-----'` header | ||
* `'components'` — use it for import/export key from/to raw components (see example below). For private key, importing data should contain all private key components, for public key: only public exponent (`e`) and modulus (`n`). All components (except `e`) should be Buffer, `e` could be Buffer or just normal Number. | ||
@@ -144,2 +149,25 @@ Key type — can be `'private'` or `'public'`. Default `'private'`<br/> | ||
```javascript | ||
key.importKey({ | ||
n: new Buffer('0086fa9ba066685845fc03833a9699c8baefb53cfbf19052a7f10f1eaa30488cec1ceb752bdff2df9fad6c64b3498956e7dbab4035b4823c99a44cc57088a23783', 'hex'), | ||
e: 65537, | ||
d: new Buffer('5d2f0dd982596ef781affb1cab73a77c46985c6da2aafc252cea3f4546e80f40c0e247d7d9467750ea1321cc5aa638871b3ed96d19dcc124916b0bcb296f35e1', 'hex'), | ||
p: new Buffer('00c59419db615e56b9805cc45673a32d278917534804171edcf925ab1df203927f', 'hex'), | ||
q: new Buffer('00aee3f86b66087abc069b8b1736e38ad6af624f7ea80e70b95f4ff2bf77cd90fd', 'hex'), | ||
dmp1: new Buffer('008112f5a969fcb56f4e3a4c51a60dcdebec157ee4a7376b843487b53844e8ac85', 'hex'), | ||
dmq1: new Buffer('1a7370470e0f8a4095df40922a430fe498720e03e1f70d257c3ce34202249d21', 'hex'), | ||
coeff: new Buffer('00b399675e5e81506b729a777cc03026f0b2119853dfc5eb124610c0ab82999e45', 'hex') | ||
}, 'components'); | ||
var publicComponents = key.exportKey('components-public'); | ||
console.log(publicComponents); | ||
/* | ||
{ n: <Buffer 00 86 fa 9b a0 66 68 58 45 fc 03 83 3a 96 99 c8 ba ef b5 3c fb f1 90 52 a7 f1 0f 1e aa 30 48 8c ec 1c eb 75 2b df f2 df 9f ad 6c 64 b3 49 89 56 e7 db ... >, | ||
e: 65537 | ||
} | ||
*/ | ||
``` | ||
### Properties | ||
@@ -215,2 +243,6 @@ | ||
### 0.3.0 | ||
* Added import/export from/to raw key components. | ||
* Removed lodash from dependencies. | ||
### 0.2.30 | ||
@@ -217,0 +249,0 @@ * Fixed a issue when the key was generated by 1 bit smaller than specified. It may slow down the generation of large keys. |
@@ -0,0 +0,0 @@ var crypt = require('crypto'); |
@@ -0,0 +0,0 @@ var crypto = require('crypto'); |
@@ -0,0 +0,0 @@ var BigInteger = require('../libs/jsbn.js'); |
@@ -0,0 +0,0 @@ var crypto = require('crypto'); |
@@ -1,2 +0,2 @@ | ||
var _ = require('lodash'); | ||
var _ = require('../utils')._; | ||
@@ -33,2 +33,3 @@ function formatParse(format) { | ||
pkcs8: require('./pkcs8'), | ||
components: require('./components'), | ||
@@ -82,3 +83,3 @@ isPrivateExport: function (format) { | ||
if (!key.isPrivate()) { | ||
throw Error("It is not private key"); | ||
throw Error("This is not private key"); | ||
} | ||
@@ -88,3 +89,3 @@ return module.exports[fmt.scheme].privateExport(key, fmt.keyOpt); | ||
if (!key.isPublic()) { | ||
throw Error("It is not public key"); | ||
throw Error("This is not public key"); | ||
} | ||
@@ -91,0 +92,0 @@ return module.exports[fmt.scheme].publicExport(key, fmt.keyOpt); |
var ber = require('asn1').Ber; | ||
var _ = require('lodash'); | ||
var _ = require('../utils')._; | ||
var utils = require('../utils'); | ||
@@ -4,0 +4,0 @@ |
var ber = require('asn1').Ber; | ||
var _ = require('lodash'); | ||
var _ = require('../utils')._; | ||
var PUBLIC_RSA_OID = '1.2.840.113549.1.1.1'; | ||
@@ -4,0 +4,0 @@ var utils = require('../utils'); |
@@ -40,3 +40,3 @@ /* | ||
var crypt = require('crypto'); | ||
var _ = require('lodash'); | ||
var _ = require('../utils')._; | ||
@@ -43,0 +43,0 @@ // Bits per digit |
@@ -42,3 +42,3 @@ /* | ||
var _ = require('lodash'); | ||
var _ = require('../utils')._; | ||
var crypt = require('crypto'); | ||
@@ -145,5 +145,5 @@ var BigInteger = require('./jsbn.js'); | ||
RSAKey.prototype.setPrivate = function (N, E, D, P, Q, DP, DQ, C) { | ||
if (N && E && D && N.length > 0 && E.length > 0 && D.length > 0) { | ||
if (N && E && D && N.length > 0 && (_.isNumber(E) || E.length > 0) && D.length > 0) { | ||
this.n = new BigInteger(N); | ||
this.e = utils.get32IntFromBuffer(E, 0); | ||
this.e = _.isNumber(E) ? E : utils.get32IntFromBuffer(E, 0); | ||
this.d = new BigInteger(D); | ||
@@ -161,4 +161,5 @@ | ||
this.$$recalculateCache(); | ||
} else | ||
} else { | ||
throw Error("Invalid RSA private key"); | ||
} | ||
}; | ||
@@ -172,8 +173,9 @@ | ||
RSAKey.prototype.setPublic = function (N, E) { | ||
if (N && E && N.length > 0 && E.length > 0) { | ||
if (N && E && N.length > 0 && (_.isNumber(E) || E.length > 0)) { | ||
this.n = new BigInteger(N); | ||
this.e = utils.get32IntFromBuffer(E, 0); | ||
this.e = _.isNumber(E) ? E : utils.get32IntFromBuffer(E, 0); | ||
this.$$recalculateCache(); | ||
} else | ||
} else { | ||
throw Error("Invalid RSA public key"); | ||
} | ||
}; | ||
@@ -180,0 +182,0 @@ |
@@ -13,3 +13,3 @@ /*! | ||
var ber = require('asn1').Ber; | ||
var _ = require('lodash'); | ||
var _ = require('./utils')._; | ||
var utils = require('./utils'); | ||
@@ -35,3 +35,3 @@ var schemes = require('./schemes/schemes.js'); | ||
'public': 'pkcs8-public-pem', | ||
'public-der': 'pkcs8-public-der' | ||
'public-der': 'pkcs8-public-der', | ||
}; | ||
@@ -93,3 +93,3 @@ | ||
if (signingScheme.length == 1) { | ||
if (_.indexOf(SUPPORTED_HASH_ALGORITHMS.node, signingScheme[0]) > -1) { | ||
if (SUPPORTED_HASH_ALGORITHMS.node.indexOf(signingScheme[0]) > -1) { | ||
this.$options.signingSchemeOptions = { | ||
@@ -121,3 +121,3 @@ hash: signingScheme[0] | ||
if (this.$options.signingSchemeOptions.hash && | ||
_.indexOf(SUPPORTED_HASH_ALGORITHMS[this.$options.environment], this.$options.signingSchemeOptions.hash) == -1) { | ||
SUPPORTED_HASH_ALGORITHMS[this.$options.environment].indexOf(this.$options.signingSchemeOptions.hash) === -1) { | ||
throw Error('Unsupported hashing algorithm for ' + this.$options.environment + ' environment'); | ||
@@ -141,3 +141,3 @@ } | ||
if (this.$options.encryptionSchemeOptions.hash && | ||
_.indexOf(SUPPORTED_HASH_ALGORITHMS[this.$options.environment], this.$options.encryptionSchemeOptions.hash) == -1) { | ||
SUPPORTED_HASH_ALGORITHMS[this.$options.environment].indexOf(this.$options.encryptionSchemeOptions.hash) === -1) { | ||
throw Error('Unsupported hashing algorithm for ' + this.$options.environment + ' environment'); | ||
@@ -172,3 +172,3 @@ } | ||
* Importing key | ||
* @param keyData {string|buffer} | ||
* @param keyData {string|buffer|Object} | ||
* @param format {string} | ||
@@ -216,3 +216,3 @@ */ | ||
* Check if key pair contains public key | ||
* @param strict {boolean} - public key only, return false if have private exponent | ||
* @param [strict] {boolean} - public key only, return false if have private exponent | ||
*/ | ||
@@ -316,3 +316,3 @@ NodeRSA.prototype.isPublic = function (strict) { | ||
if (!this.isPrivate()) { | ||
throw Error("It is not private key"); | ||
throw Error("This is not private key"); | ||
} | ||
@@ -340,3 +340,3 @@ | ||
if (!this.isPublic()) { | ||
throw Error("It is not public key"); | ||
throw Error("This is not public key"); | ||
} | ||
@@ -343,0 +343,0 @@ signature_encoding = (!signature_encoding || signature_encoding == 'buffer' ? null : signature_encoding); |
@@ -0,0 +0,0 @@ /** |
@@ -0,0 +0,0 @@ /** |
@@ -0,0 +0,0 @@ /** |
@@ -0,0 +0,0 @@ module.exports = { |
@@ -56,1 +56,34 @@ /* | ||
}; | ||
module.exports._ = { | ||
isObject: function (value) { | ||
var type = typeof value; | ||
return !!value && (type == 'object' || type == 'function'); | ||
}, | ||
isString: function (value) { | ||
return typeof value == 'string' || value instanceof String; | ||
}, | ||
isNumber: function (value) { | ||
return typeof value == 'number' || !isNaN(parseFloat(value)) && isFinite(value); | ||
}, | ||
/** | ||
* Returns copy of `obj` without `removeProp` field. | ||
* @param obj | ||
* @param removeProp | ||
* @returns Object | ||
*/ | ||
omit: function (obj, removeProp) { | ||
var newObj = {}; | ||
for (var prop in obj) { | ||
if (!obj.hasOwnProperty(prop) || prop === removeProp) { | ||
continue; | ||
} | ||
newObj[prop] = obj[prop]; | ||
} | ||
return newObj; | ||
} | ||
}; |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1958492
1
45
54900
335
6
16
5
- Removedlodash@3.3.0
- Removedlodash@3.3.0(transitive)