cassproject 1.5.9 → 1.5.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +41 -3
  2. package/index.js +1 -0
  3. package/package.json +16 -12
  4. package/src/com/eduworks/ec/crypto/EcAesCtrAsync.js +28 -0
  5. package/src/com/eduworks/ec/crypto/EcRsaOaepAsync.js +31 -5
  6. package/src/com/eduworks/ec/remote/EcRemote.js +14 -0
package/README.md CHANGED
@@ -35,10 +35,11 @@ Development unit tests presume you have a CaSS Repository running on `localhost:
35
35
 
36
36
  ## Publish checklist
37
37
 
38
- * Review dependencies, autocomplete version numbers
39
- * Increment version number in package.json and yuidoc.json
38
+ * Review dependencies, autocomplete version numbers to latest versions.
39
+ * Increment version number in package.json and yuidoc.json.
40
+ * Update changelog.
40
41
  * Update documentation, `npm run docs`
41
- * Delete yuidocs from package.json, delete package-lock.json
42
+ * Delete yuidocs from package.json, delete package-lock.json.
42
43
  * `npm install`
43
44
  * `npm test` - Must not fail any tests.
44
45
  * Document code coverage output by the previous step.
@@ -48,6 +49,43 @@ Development unit tests presume you have a CaSS Repository running on `localhost:
48
49
 
49
50
  # Changelog
50
51
 
52
+ ## 1.5.10
53
+ * FIPS support on Node 18 with custom Node 18 compilation and compiled OpenSSL library.
54
+
55
+ ## 1.5.9
56
+ * Code coverage documentation
57
+ * Login record migration
58
+
59
+ ## 1.5.8
60
+ * Added additional webworker fallback for forge in web worker mode.
61
+ * Fixes to http2 mode
62
+ * CTDLASN CSV Import fixes.
63
+ * Static analysis fixes.
64
+
65
+ ## 1.5.7
66
+ * Browser crypto module now detected correctly
67
+
68
+ ## 1.5.6
69
+ * Plugin support now informed by repository
70
+
71
+ ## 1.5.5
72
+ * Compatibility with Vite
73
+ * Directories of private frameworks are no longer encrypted.
74
+
75
+ ## 1.5.4
76
+ * HTTP2 support.
77
+
78
+ ## 1.5.3
79
+ * Library Version Increment
80
+ * CTDL-ASN bug fix.
81
+
82
+ ## 1.5.2
83
+ * Library Version Increment
84
+ * CTDL-ASN bug fix.
85
+
86
+ ## 1.5.1
87
+ * CTDL-ASN bug fix.
88
+
51
89
  ## 1.5.0
52
90
  * Version increment
53
91
 
package/index.js CHANGED
@@ -2,6 +2,7 @@ if (typeof window !== "undefined" && window) {
2
2
  window.global = window;
3
3
  window.module = {};
4
4
  }
5
+
5
6
  global.generateUUID = function () {
6
7
  var d = new Date().getTime();
7
8
  if (typeof window !== "undefined" && window && window.performance && typeof window.performance.now === "function") {
package/package.json CHANGED
@@ -1,19 +1,23 @@
1
1
  {
2
2
  "name": "cassproject",
3
- "version": "1.5.9",
3
+ "version": "1.5.10",
4
4
  "description": "Competency and Skills Service",
5
5
  "main": "index.js",
6
6
  "scripts": {
7
7
  "test": "npm run test15Https11 && npm run test15Https && npm run test15 && npm run test14 && npm run test13 && npm run test12",
8
- "testCassTest": "npm run testkill && docker run -d --name cass-test -p80:80 cass-test && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
9
- "testDevHttps": "npm run testkill && docker run -d --name cass-test -p443:80 -e HTTPS=true cassproject/cass:dev && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode16Https && npm run testNode15Https && npm run testNode14Https && npm run testNode13Https && npm run testNode12Https",
10
- "test15Https": "npm run testkill && docker run -d --name cass-test -p443:443 -e HTTPS=true cassproject/cass:1.5.5 && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode16Https && npm run testkill",
11
- "test15Https11": "npm run testkill && docker run -d --name cass-test -p443:443 -e HTTPS=true -e HTTP2=false cassproject/cass:dev && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode16Https && npm run testkill",
12
- "test15": "npm run testkill && docker run -d --name cass-test -p80:80 cassproject/cass:1.5.8 && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
8
+ "testCassTest": "npm run testkill && docker run -d --name cass-test -p80:80 cass-test && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode18 && npm run testNode18Fips && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
9
+ "testDevHttps": "npm run testkill && docker run -d --name cass-test -p443:80 -e HTTPS=true cassproject/cass:dev && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode18HttpsFips && npm run testNode18Https && npm run testNode16Https && npm run testNode15Https && npm run testNode14Https && npm run testNode13Https && npm run testNode12Https",
10
+ "test15Https": "npm run testkill && docker run -d --name cass-test -p443:443 -e HTTPS=true cassproject/cass:1.5.10 && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode18HttpsFips && npm run testNode18Https && npm run testNode16Https && npm run testkill",
11
+ "test15Https11": "npm run testkill && docker run -d --name cass-test -p443:443 -e HTTPS=true -e HTTP2=false cassproject/cass:1.5.10 && wait-on https://localhost/api/ping && npm run testCypressEdgeHttps && npm run testCypressHttps && npm run testNode18HttpsFips && npm run testNode18Https && npm run testNode16Https && npm run testkill",
12
+ "test15": "npm run testkill && docker run -d --name cass-test -p80:80 cassproject/cass:1.5.10 && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode18 && npm run testNode18Fips && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
13
13
  "test14": "npm run testkill && docker run -d --name cass-test -p80:80 cassproject/cass:1.4.4 && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
14
14
  "test13": "npm run testkill && docker run -d --name cass-test -p80:80 cassproject/cass:1.3.18 && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
15
15
  "test12": "npm run testkill && docker run -d --name cass-test -p80:80 cassproject/cass:1.2.44 && wait-on http://localhost/api/ping && npm run testCypressEdge && npm run testCypress && npm run testNode16 && npm run testNode15 && npm run testNode14 && npm run testNode13 && npm run testNode12 && npm run testkill",
16
16
  "testkill": "docker kill cass-test | exit 0 && docker rm cass-test | exit 0",
17
+ "testNode18": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node18 -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
18
+ "testNode18Https": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node18https -t npm-cass . & docker run -it --network=\"host\" --name npm-cass npm-cass",
19
+ "testNode18HttpsFips": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node18httpsfips -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
20
+ "testNode18Fips": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node18fips -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
17
21
  "testNode16": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node16 -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
18
22
  "testNode16Https": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node16https -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
19
23
  "testNode15": "docker kill npm-cass & docker rm -f npm-cass & docker build --progress plain -f docker/node15 -t npm-cass . & docker run --network=\"host\" --name npm-cass npm-cass",
@@ -31,9 +35,9 @@
31
35
  "autotest": "nodemon test.js",
32
36
  "autoindex": "nodemon index.js",
33
37
  "mocha": "nyc --reporter=lcov --reporter=text mocha -b src/**/*.test.js",
34
- "mocha:httpsNoHttp2": "export CASS_LOOPBACK=https://localhost/api/|| set CASS_LOOPBACK=https://localhost/api/&&export HTTP2=false|| set HTTP2=false&& mocha -b src/**/*.test.js",
35
- "mocha:https": "export CASS_LOOPBACK=https://localhost/api/|| set CASS_LOOPBACK=https://localhost/api/&& mocha -b src/**/*.test.js",
36
- "mocha:clientSideCertificates": "export CASS_LOOPBACK=https://localhost/api/|| set CASS_LOOPBACK=https://localhost/api/&& mocha -b src/**/*.test.js",
38
+ "mocha:httpsNoHttp2": "export CASS_LOOPBACK=https://127.0.0.1/api/|| set CASS_LOOPBACK=https://127.0.0.1/api/&&export HTTP2=false|| set HTTP2=false&& mocha -b src/**/*.test.js",
39
+ "mocha:https": "export CASS_LOOPBACK=https://127.0.0.1/api/|| set CASS_LOOPBACK=https://127.0.0.1/api/&& mocha -b src/**/*.test.js",
40
+ "mocha:clientSideCertificates": "export CASS_LOOPBACK=https://127.0.0.1/api/|| set CASS_LOOPBACK=https://127.0.0.1/api/&& mocha -b src/**/*.test.js",
37
41
  "mochaGraph": "mocha -b src/com/eduworks/ec/graph/**/*.test.js",
38
42
  "automocha": "nodemon --exec \"npm run mocha\"",
39
43
  "automochaGraph": "nodemon --exec \"npm run mochaGraph\"",
@@ -112,20 +116,20 @@
112
116
  "@babel/preset-env": "^7.18.2",
113
117
  "@cypress/browserify-preprocessor": "^3.0.2",
114
118
  "@cypress/vite-dev-server": "^2.2.3",
115
- "@cypress/webpack-preprocessor": "^5.11.1",
119
+ "@cypress/webpack-preprocessor": "^5.12.0",
116
120
  "babel-eslint": "^10.1.0",
117
121
  "babel-loader": "^8.2.5",
118
122
  "babel-plugin-transform-remove-strict-mode": "^0.0.2",
119
123
  "chai": "^4.3.6",
120
124
  "convert-hrtime": "^5.0.0",
121
125
  "cypress": "^9.7.0",
122
- "eslint": "^8.16.0",
126
+ "eslint": "^8.17.0",
123
127
  "mocha": "^10.0.0",
124
128
  "node-polyfill-webpack-plugin": "^1.1.4",
125
129
  "nodemon": "^2.0.16",
126
130
  "nyc": "^15.1.0",
127
131
  "wait-on": "^6.0.1",
128
- "webpack": "^5.72.1",
132
+ "webpack": "^5.73.0",
129
133
  "webpack-cli": "^4.9.2"
130
134
  }
131
135
  }
package/src/com/eduworks/ec/crypto/EcAesCtrAsync.js CHANGED
@@ -11,16 +11,40 @@ if (typeof crypto == 'undefined')
11
11
  console.log("Webcrypto not available. Tests will fail. Please upgrade, if possible, to Node 16. Non-test mode will fallback to slower cryptograpy methods.: " + err);
12
12
  }
13
13
  }
14
+
14
15
  let EcCrypto = require("./EcCrypto.js");
15
16
  let EcAesCtrAsyncWorker = require("./EcAesCtrAsyncWorker.js");
16
17
  let cassPromisify = require("../promises/helpers.js").cassPromisify;
17
18
  let cassReturnAsPromise = require("../promises/helpers.js").cassReturnAsPromise;
19
+ let realCrypto = require('crypto');
18
20
  /**
19
21
  * Async version of EcAesCtr that uses browser extensions (window.crypto) to accomplish cryptography much faster.
20
22
  * Falls back to EcAesCtrAsyncWorker, if window.crypto is not available.
21
23
  * @class EcAesCtrAsync
22
24
  */
23
25
  module.exports = class EcAesCtrAsync {
26
+ static fipsOn(){
27
+ if (process && process.env && process.env.FIPS)
28
+ if (realCrypto.getFips() == 0)
29
+ try {
30
+ realCrypto.setFips(true);
31
+ //console.log("FIPS compliant crypto provider has been enabled.");
32
+ } catch (e) {
33
+ console.log("ERR_CRYPTO_FIPS_UNAVAILABLE",e);
34
+ }
35
+ }
36
+
37
+ static fipsOff(){
38
+ if (process && process.env && process.env.FIPS)
39
+ if (realCrypto.getFips() == 1)
40
+ try {
41
+ realCrypto.setFips(false);
42
+ //console.log("FIPS compliant crypto provider has been disabled.");
43
+ } catch (e) {
44
+ console.log("ERR_CRYPTO_FIPS_UNAVAILABLE",e);
45
+ }
46
+ }
47
+
24
48
  /**
25
49
  * Asynchronous form of {{#crossLink
26
50
  * "EcAesCtr/encrypt:method"}}EcAesCtr.encrypt{{/crossLink}}
@@ -50,6 +74,7 @@ module.exports = class EcAesCtrAsync {
50
74
  failure
51
75
  );
52
76
  }
77
+ this.fipsOn();
53
78
  var keyUsages = [];
54
79
  keyUsages.push("encrypt", "decrypt");
55
80
  var algorithm = {};
@@ -71,6 +96,7 @@ module.exports = class EcAesCtrAsync {
71
96
  return crypto.subtle
72
97
  .encrypt(algorithm, key, data)
73
98
  .then(function (p1) {
99
+ EcAesCtrAsync.fipsOff();
74
100
  return base64.encode(p1);
75
101
  });
76
102
  }),
@@ -113,6 +139,7 @@ module.exports = class EcAesCtrAsync {
113
139
  failure
114
140
  );
115
141
  }
142
+ this.fipsOn();
116
143
  var keyUsages = ["encrypt", "decrypt"];
117
144
  var algorithm = {};
118
145
  algorithm.name = "AES-CTR";
@@ -136,6 +163,7 @@ module.exports = class EcAesCtrAsync {
136
163
  EcCrypto.decryptionCache[
137
164
  secret + iv + ciphertext
138
165
  ] = EcCrypto.ab2str(p1);
166
+ EcAesCtrAsync.fipsOff();
139
167
  return EcCrypto.ab2str(p1);
140
168
  });
141
169
  }),
package/src/com/eduworks/ec/crypto/EcRsaOaepAsync.js CHANGED
@@ -1,5 +1,6 @@
1
1
  var base64 = require("base64-arraybuffer");
2
2
  let forge = require("node-forge");
3
+ const EcAesCtrAsync = require("./EcAesCtrAsync.js");
3
4
  if (typeof crypto == 'undefined')
4
5
  {
5
6
  if (typeof window !== 'undefined' && window != null && window !== undefined)
@@ -11,6 +12,7 @@ if (typeof crypto == 'undefined')
11
12
  console.log("Webcrypto not available. Tests will fail. Please upgrade, if possible, to Node 16. Non-test mode will fallback to slower cryptograpy methods.: " + err);
12
13
  }
13
14
  }
15
+
14
16
  let EcCrypto = require("./EcCrypto.js");
15
17
  let EcRsaOaepAsyncWorker = require("./EcRsaOaepAsyncWorker.js");
16
18
  let cassPromisify = require("../promises/helpers.js").cassPromisify;
@@ -48,6 +50,7 @@ module.exports = class EcRsaOaepAsync {
48
50
  failure
49
51
  );
50
52
  }
53
+ EcAesCtrAsync.fipsOn();
51
54
  var keyUsages = [];
52
55
  keyUsages.push("encrypt");
53
56
  var algorithm = {};
@@ -73,6 +76,7 @@ module.exports = class EcRsaOaepAsync {
73
76
  );
74
77
  }
75
78
  p = p.then((result) => {
79
+ EcAesCtrAsync.fipsOff();
76
80
  return base64.encode(result);
77
81
  });
78
82
  return cassPromisify(p, success, failure);
@@ -111,6 +115,7 @@ module.exports = class EcRsaOaepAsync {
111
115
  failure
112
116
  );
113
117
  }
118
+ EcAesCtrAsync.fipsOn();
114
119
  var algorithm = {};
115
120
  algorithm.name = "RSA-OAEP";
116
121
  algorithm.hash = "SHA-1";
@@ -123,6 +128,7 @@ module.exports = class EcRsaOaepAsync {
123
128
  if (EcCrypto.caching) {
124
129
  EcCrypto.decryptionCache[ppk.toPem() + cipherText] = result;
125
130
  }
131
+ EcAesCtrAsync.fipsOff();
126
132
  return result;
127
133
  };
128
134
  if (ppk.key == null) {
@@ -141,6 +147,7 @@ module.exports = class EcRsaOaepAsync {
141
147
  .then(afterKeyIsImported)
142
148
  .catch((error) => {
143
149
  console.trace(ppk, cipherText, error);
150
+ EcAesCtrAsync.fipsOff();
144
151
  return null;
145
152
  });
146
153
  return cassPromisify(p, success, failure);
@@ -150,6 +157,7 @@ module.exports = class EcRsaOaepAsync {
150
157
  .then(afterKeyIsImported)
151
158
  .catch((error) => {
152
159
  console.trace(error);
160
+ EcAesCtrAsync.fipsOff();
153
161
  return null;
154
162
  });
155
163
  return cassPromisify(p, success, failure);
@@ -180,6 +188,7 @@ module.exports = class EcRsaOaepAsync {
180
188
  if (text == null) {
181
189
  return cassReturnAsPromise(null, success, failure);
182
190
  }
191
+ //EcAesCtrAsync.fipsOn();// OPENSSL3 signing with this method doesn't seem to work right now.
183
192
  var keyUsages = [];
184
193
  keyUsages.push("sign");
185
194
  var algorithm = {};
@@ -198,6 +207,7 @@ module.exports = class EcRsaOaepAsync {
198
207
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
199
208
  )
200
209
  .then(function (p1) {
210
+ //EcAesCtrAsync.fipsOff();// OPENSSL3 signing with this method doesn't seem to work right now.
201
211
  return base64.encode(p1);
202
212
  });
203
213
  }),
@@ -241,6 +251,7 @@ module.exports = class EcRsaOaepAsync {
241
251
  ) {
242
252
  return EcRsaOaepAsyncWorker.sign(ppk, text, success, failure);
243
253
  }
254
+ EcAesCtrAsync.fipsOn();
244
255
  var keyUsages = [];
245
256
  keyUsages.push("sign");
246
257
  var algorithm = {};
@@ -265,7 +276,8 @@ module.exports = class EcRsaOaepAsync {
265
276
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
266
277
  );
267
278
 
268
- p = p.then(function (p1) {
279
+ p = p.then(function (p1) {
280
+ EcAesCtrAsync.fipsOff();
269
281
  return base64.encode(p1);
270
282
  });
271
283
  return cassPromisify(p, success, failure);
@@ -299,6 +311,7 @@ module.exports = class EcRsaOaepAsync {
299
311
  failure
300
312
  );
301
313
  }
314
+ EcAesCtrAsync.fipsOn();
302
315
  var algorithm = {};
303
316
  algorithm.name = "RSASSA-PKCS1-v1_5";
304
317
  algorithm.hash = "SHA-1";
@@ -315,7 +328,10 @@ module.exports = class EcRsaOaepAsync {
315
328
  key,
316
329
  base64.decode(signature),
317
330
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
318
- );
331
+ ).then((result)=>{
332
+ EcAesCtrAsync.fipsOff();
333
+ return result;
334
+ });
319
335
  }),
320
336
  success,
321
337
  failure
@@ -327,7 +343,10 @@ module.exports = class EcRsaOaepAsync {
327
343
  pk.signKey,
328
344
  base64.decode(signature),
329
345
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
330
- ),
346
+ ).then((result)=>{
347
+ EcAesCtrAsync.fipsOff();
348
+ return result;
349
+ }),
331
350
  success,
332
351
  failure
333
352
  );
@@ -362,6 +381,7 @@ module.exports = class EcRsaOaepAsync {
362
381
  failure
363
382
  );
364
383
  }
384
+ EcAesCtrAsync.fipsOn();
365
385
  var algorithm = {};
366
386
  algorithm.name = "RSASSA-PKCS1-v1_5";
367
387
  algorithm.hash = "SHA-256";
@@ -378,7 +398,10 @@ module.exports = class EcRsaOaepAsync {
378
398
  key,
379
399
  base64.decode(signature),
380
400
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
381
- );
401
+ ).then((result)=>{
402
+ EcAesCtrAsync.fipsOff();
403
+ return result;
404
+ });
382
405
  }),
383
406
  success,
384
407
  failure
@@ -390,7 +413,10 @@ module.exports = class EcRsaOaepAsync {
390
413
  pk.signKey256,
391
414
  base64.decode(signature),
392
415
  EcCrypto.str2ab(forge.util.encodeUtf8(text))
393
- ),
416
+ ).then((result)=>{
417
+ EcAesCtrAsync.fipsOff();
418
+ return result;
419
+ }),
394
420
  success,
395
421
  failure
396
422
  );
package/src/com/eduworks/ec/remote/EcRemote.js CHANGED
@@ -8,6 +8,20 @@ if (typeof process === 'object') {
8
8
  }
9
9
  }
10
10
 
11
+ if (isNode)
12
+ {
13
+ try{
14
+ const dns = require('node:dns');
15
+ if (dns && dns.setDefaultResultOrder)
16
+ {
17
+ //Support for Node 18 using Docker containers with a network that doesn't support ipv6 loopback.
18
+ dns.setDefaultResultOrder('ipv4first');
19
+ }
20
+ }
21
+ catch(ex){
22
+ }
23
+ }
24
+
11
25
  global.httpOptions = [];
12
26
  global.http2Enabled = {};
13
27
  if (global.axios == null)