xml-encryption - npm Package Compare versions

Comparing version 0.3.0 to 0.3.1

lib/xmlenc.js

@@ -29,5 +29,5 @@ var crypto = require('crypto');
       var rsa_pub = pki.publicKeyFromPem(options.rsa_pub);
-      var encryptedKey = rsa_pub.encrypt(symmetricKey.toString('base64'), 'RSA-OAEP'); 
-      var base64EncodedEncryptedKey = new Buffer(encryptedKey, 'binary').toString('base64');
-
+      var encrypted = rsa_pub.encrypt(symmetricKey.toString('binary'), 'RSA-OAEP'); 
+      var base64EncodedEncryptedKey = new Buffer(encrypted, 'binary').toString('base64');
+      
       var params = {
@@ -141,4 +141,5 @@ encryptedKey:  base64EncodedEncryptedKey,
       var key = new Buffer(encryptedKey.textContent, 'base64').toString('binary');
-      var privateKey = pki.privateKeyFromPem(options.key);
-      return new Buffer(privateKey.decrypt(key, 'RSA-OAEP'), 'base64');
+      var private_key = pki.privateKeyFromPem(options.key);
+      var decrypted = private_key.decrypt(key, 'RSA-OAEP');
+      return new Buffer(decrypted, 'binary');
     default:
@@ -145,0 +146,0 @@ throw new Error('key encryption algorithm ' + keyEncryptionAlgorighm + ' not supported');

package.json

 {
   "name": "xml-encryption",
-  "version": "0.3.0",
+  "version": "0.3.1",
   "devDependencies": {
     "mocha": "*",
-    "should": "~1.2.2"
+    "should": "~1.2.2",
+    "ursa": "*"
   },
@@ -8,0 +9,0 @@ "main": "./lib",

README.md

@@ -0,1 +1,3 @@
+[![Build Status](https://travis-ci.org/auth0/node-xml-encryption.png)](https://travis-ci.org/auth0/node-xml-encryption)
+
 W3C XML Encryption implementation for node.js (http://www.w3.org/TR/xmlenc-core/)
@@ -9,52 +11,56 @@
 
-    var xmlenc = require('xmlenc');
-    
-    var options = {
-      rsa_pub: fs.readFileSync(__dirname + '/your_rsa.pub'),
-      pem: fs.readFileSync(__dirname + '/your_public_cert.pem'),
-      encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes-256-cbc',
-      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
-    };
+~~~js
+var xmlenc = require('xmlenc');
 
-    xmlenc.encrypt('content to encrypt', options, function(err, result) { 
-        console.log(result);
-    }
+var options = {
+  rsa_pub: fs.readFileSync(__dirname + '/your_rsa.pub'),
+  pem: fs.readFileSync(__dirname + '/your_public_cert.pem'),
+  encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes-256-cbc',
+  keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
+};
 
-    // result
-    
-    <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
-      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes-256-cbc" />
-        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-          <e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#">
-            <e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
-              <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
-            </e:EncryptionMethod>
-            <KeyInfo>
-              <X509Data><X509Certificate>MIIEDzCCAveg... base64 cert... q3uaLvlAUo=</X509Certificate></X509Data>
-            </KeyInfo>
-            <e:CipherData>
-              <e:CipherValue>sGH0hhzkjmLWYYY0gyQMampDM... encrypted symmetric key ...gewHMbtZafk1MHh9A==</e:CipherValue>
-            </e:CipherData>
-          </e:EncryptedKey>
+xmlenc.encrypt('content to encrypt', options, function(err, result) { 
+    console.log(result);
+}
+~~~
+
+Result:
+~~~xml
+<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes-256-cbc" />
+    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+      <e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#">
+        <e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+          <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+        </e:EncryptionMethod>
+        <KeyInfo>
+          <X509Data><X509Certificate>MIIEDzCCAveg... base64 cert... q3uaLvlAUo=</X509Certificate></X509Data>
         </KeyInfo>
-        <xenc:CipherData>
-            <xenc:CipherValue>V3Vb1vDl055Lp92zvK..... encrypted content.... kNzP6xTu7/L9EMAeU</xenc:CipherValue>
-        </xenc:CipherData>
-    </xenc:EncryptedData>
+        <e:CipherData>
+          <e:CipherValue>sGH0hhzkjmLWYYY0gyQMampDM... encrypted symmetric key ...gewHMbtZafk1MHh9A==</e:CipherValue>
+        </e:CipherData>
+      </e:EncryptedKey>
+    </KeyInfo>
+    <xenc:CipherData>
+        <xenc:CipherValue>V3Vb1vDl055Lp92zvK..... encrypted content.... kNzP6xTu7/L9EMAeU</xenc:CipherValue>
+    </xenc:CipherData>
+</xenc:EncryptedData>
+~~~
 
 ### decrypt
 
+~~~js
+var options = {
+    key: fs.readFileSync(__dirname + '/your_private_key.key'),
+};
 
-    var options = {
-        key: fs.readFileSync(__dirname + '/your_private_key.key'),
-    };
+xmlenc.decrypt('<xenc:EncryptedData ..... </xenc:EncryptedData>', options, function(err, result) { 
+    console.log(result);
+}
 
-    xmlenc.decrypt('<xenc:EncryptedData ..... </xenc:EncryptedData>', options, function(err, result) { 
-        console.log(result);
-    }
+// result
 
-    // result
+decrypted content
+~~~
 
-    decrypted content
-
 ## Supported algorithms
@@ -61,0 +67,0 @@

test/xmlenc.encryptedkey.js

@@ -6,2 +6,5 @@ var assert = require('assert'),
 var crypto = require('crypto');
+var xmldom = require('xmldom');
+var xpath = require('xpath');
+var ursa = require('ursa');
 
@@ -19,2 +22,3 @@ describe('encrypt', function() {
       pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
+       key: fs.readFileSync(__dirname + '/test-auth0.key'),
       encryptionAlgorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
@@ -51,2 +55,28 @@ keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
 
+  it('should encrypt with forge and decrypt with ursa', function (done) {
+    var options = {
+      rsa_pub: fs.readFileSync(__dirname + '/test-auth0_rsa.pub'),
+      pem: fs.readFileSync(__dirname + '/test-auth0.pem'),
+      keyEncryptionAlgorighm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
+    };
+
+    crypto.randomBytes(32, function(err, randomBytes) {
+      if (err) return done(err);
+      xmlenc.encryptKeyInfo(randomBytes, options, function(err, result) { 
+        if (err) return done(err);
+  
+        var doc = new xmldom.DOMParser().parseFromString(result);
+        var encryptedContent = xpath.select("//*[local-name(.)='CipherValue']", doc)[0];
+        var encrypted = new Buffer(encryptedContent.textContent, 'base64');
+
+        var decodedencryptedKey = new Buffer(encrypted, 'binary');
+        var pk = ursa.createPrivateKey(fs.readFileSync(__dirname + '/test-auth0.key'));
+        var decryptedRandomBytes = pk.decrypt(decodedencryptedKey);
+
+        assert.equal(new Buffer(randomBytes).toString('base64'), new Buffer(decryptedRandomBytes).toString('base64'));
+        done();
+      });
+    });
+  });
+
 });

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

22010

increased by6.53%

Number of package files

15

increased by7.14%

Lines of code

222

increased by13.27%

Number of lines in readme file

73

increased by8.96%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dev dependency count

3

increased by50%

No dependency changes