srp - npm Package Compare versions

Comparing version 0.0.3 to 0.0.4

lib/srp.js

@@ -232,8 +232,9 @@ const crypto = require('crypto'),
   alg = alg || ALG;
+  var S_pad = new Buffer(pad(S, N));
   return bigint(
     crypto
       .createHash(alg)
-      .update(S.toBuffer())
+      .update(S_pad)
       .digest('hex'), 16);
 };
 

package.json

 {
   "name": "srp",
   "description": "Secure Remote Password (SRP)",
-  "version": "0.0.3",
+  "version": "0.0.4",
 
@@ -6,0 +6,0 @@ "main": "index.js",

README.md

@@ -20,8 +20,2 @@ [![build status](https://secure.travis-ci.org/jedp/node-srp.png)](http://travis-ci.org/jedp/node-srp)
 
-Additionally, I would like the API to provide:
-
-- A way to bind messages of intent to the session key in a way that
-  preserves integrity, confidentiality, and protects against replay
-  attacks.
-
 ##Prerequisites
@@ -44,4 +38,5 @@
 
-Tests include the [RFC 5054 test
-vectors](https://tools.ietf.org/html/rfc5054#appendix-B).
+Tests include vectors from:
+- [RFC 5054, Appendix B](https://tools.ietf.org/html/rfc5054#appendix-B).
+- [Mozilla Identity Attached Services](https://wiki.mozilla.org/Identity/AttachedServices/KeyServerProtocol)
 
@@ -48,0 +43,0 @@ ##Description of the Protocol

test/test_rfc_5054.js

@@ -62,3 +62,2 @@ const vows = require('vows'),
       assert(k_expected.eq(srp.getk(N, g, 'sha1')));
-
     },
@@ -65,0 +64,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

47968

increased by22.6%

Number of package files

19

increased by5.56%

Lines of code

966

increased by16.81%

Worsened metrics

Number of lines in readme file

154

decreased by-3.14%

No dependency changes