xml-crypto - npm Package Compare versions

Comparing version 5.1.1 to 6.0.0

lib/signed-xml.js

@@ -101,4 +101,4 @@ "use strict";
         this.keyInfoAttributes = keyInfoAttributes ?? this.keyInfoAttributes;
-        this.getKeyInfoContent = getKeyInfoContent ?? SignedXml.noop;
-        this.getCertFromKeyInfo = getCertFromKeyInfo ?? this.getCertFromKeyInfo;
+        this.getKeyInfoContent = getKeyInfoContent ?? this.getKeyInfoContent;
+        this.getCertFromKeyInfo = getCertFromKeyInfo ?? SignedXml.noop;
         this.CanonicalizationAlgorithms;
@@ -105,0 +105,0 @@ this.HashAlgorithms;

package.json

 {
   "name": "xml-crypto",
-  "version": "5.1.1",
+  "version": "6.0.0",
   "private": false,
@@ -5,0 +5,0 @@ "description": "Xml digital signature and encryption library for Node.js",

README.md

@@ -60,4 +60,4 @@ # xml-crypto
 - `publicCert` - **[optional]** a `Buffer` or pem encoded `String` containing your public key
-- `signatureAlgorithm` - **[optional]** one of the supported [signature algorithms](#signature-algorithms). Ex: `sign.signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"`
-- `canonicalizationAlgorithm` - **[optional]** one of the supported [canonicalization algorithms](#canonicalization-and-transformation-algorithms). Ex: `sign.canonicalizationAlgorithm = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"`
+- `signatureAlgorithm` - **[required]** one of the supported [signature algorithms](#signature-algorithms). Ex: `sign.signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"`
+- `canonicalizationAlgorithm` - **[required]** one of the supported [canonicalization algorithms](#canonicalization-and-transformation-algorithms). Ex: `sign.canonicalizationAlgorithm = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"`
 
@@ -110,3 +110,20 @@ Use this code:
 
-If you set the `publicCert` property, a `<X509Data></X509Data>` element with the public certificate will be generated in the signature.
+If you set the `publicCert` and the `getKeyInfoContent` properties, a `<KeyInfo></KeyInfo>` element with the public certificate will be generated in the signature:
+
+```xml
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+  <SignedInfo>
+    ...[signature info removed]...
+  </SignedInfo>
+  <SignatureValue>vhWzpQyIYuncHUZV9W...[long base64 removed]...</SignatureValue>
+  <KeyInfo>
+    <X509Data>
+      <X509Certificate>MIIGYjCCBJagACCBN...[long base64 removed]...</X509Certificate>
+    </X509Data>
+  </KeyInfo>
+</Signature>
+```
+
+For `getKeyInfoContent`, a default implementation `SignedXml.getKeyInfoContent` is available.
+
 To customize this see [customizing algorithms](#customizing-algorithms) for an example.
@@ -113,0 +130,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

266510

increased by0.18%

Number of lines in readme file

562

increased by3.12%

No dependency changes