xml-encryption - npm Package Compare versions

Comparing version 0.4.0 to 0.4.1

lib/xmlenc.js

		@@ -103,39 +103,45 @@ var crypto = require('crypto');
		if (!xml)
		return callback(Error('must provide XML to encrypt'));
		return callback(new Error('must provide XML to encrypt'));
		if (!options.key)
		return callback(new Error('key option is mandatory and you should provide a valid RSA private key'));

		var doc = new xmldom.DOMParser().parseFromString(xml);

		var decrypted;

		var symmetricKey = decryptKeyInfo(doc, options);
		var encryptionMethod = xpath.select("/[local-name(.)='EncryptedData']/[local-name(.)='EncryptionMethod']", doc)[0];
		var encryptionAlgorithm = encryptionMethod.getAttribute('Algorithm');
		try {
		var doc = new xmldom.DOMParser().parseFromString(xml);

		var decipher, decrypted;
		var encryptedContent = xpath.select("/[local-name(.)='EncryptedData']/[local-name(.)='CipherData']/*[local-name(.)='CipherValue']", doc)[0];
		var encrypted = new Buffer(encryptedContent.textContent, 'base64');
		var symmetricKey = decryptKeyInfo(doc, options);
		var encryptionMethod = xpath.select("/[local-name(.)='EncryptedData']/[local-name(.)='EncryptionMethod']", doc)[0];
		var encryptionAlgorithm = encryptionMethod.getAttribute('Algorithm');

		switch (encryptionAlgorithm) {
		case 'http://www.w3.org/2001/04/xmlenc#aes128-cbc':
		decipher = crypto.createDecipheriv('aes-128-cbc', symmetricKey, encrypted.slice(0, 16));
		if (typeof options.autopadding !== 'undefined') {
		decipher.setAutoPadding(options.autopadding);
		}
		decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final();

		// HACK: padding is not working as expected,
		// so this is a hack to remove characters which should not be there
		// since the decrypted content will be xml, we just remove chars after >
		if (decrypted.lastIndexOf('>') > 0) {
		decrypted = decrypted.substr(0, decrypted.lastIndexOf('>') + 1);
		}
		var decipher;
		var encryptedContent = xpath.select("/[local-name(.)='EncryptedData']/[local-name(.)='CipherData']/*[local-name(.)='CipherValue']", doc)[0];
		var encrypted = new Buffer(encryptedContent.textContent, 'base64');

		break;
		case 'http://www.w3.org/2001/04/xmlenc#aes256-cbc':
		decipher = crypto.createDecipheriv('aes-256-cbc', symmetricKey, encrypted.slice(0, 16));
		decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final();
		switch (encryptionAlgorithm) {
		case 'http://www.w3.org/2001/04/xmlenc#aes128-cbc':
		decipher = crypto.createDecipheriv('aes-128-cbc', symmetricKey, encrypted.slice(0, 16));
		if (typeof options.autopadding !== 'undefined') {
		decipher.setAutoPadding(options.autopadding);
		}
		decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final();

		// HACK: padding is not working as expected,
		// so this is a hack to remove characters which should not be there
		// since the decrypted content will be xml, we just remove chars after >
		if (decrypted.lastIndexOf('>') > 0) {
		decrypted = decrypted.substr(0, decrypted.lastIndexOf('>') + 1);
		}

		break;
		default:
		return callback(new Error('encryption algorithm ' + encryptionAlgorithm + ' not supported'));
		break;
		case 'http://www.w3.org/2001/04/xmlenc#aes256-cbc':
		decipher = crypto.createDecipheriv('aes-256-cbc', symmetricKey, encrypted.slice(0, 16));
		decrypted = decipher.update(encrypted.slice(16), null, 'binary') + decipher.final();

		break;
		default:
		return callback(new Error('encryption algorithm ' + encryptionAlgorithm + ' not supported'));
		}
		} catch (e) {
		return callback(e);
		}
		@@ -142,0 +148,0 @@

package.json

		{
		"name": "xml-encryption",
		"version": "0.4.0",
		"version": "0.4.1",
		"devDependencies": {
		@@ -5,0 +5,0 @@ "mocha": "*",

xml-encryption - npm Package Compare versions

Improved metrics