npm - jssign - Versions diffs - 0.2.7 → 0.3.0 - Mend

jssign 0.2.7 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -43,7 +43,7 @@ console.log(data) // { foo: 'bar' }
 ### More secure Usage
 For a more secure (but slower) encryption and decryption of data using a secret, `jssign` exports the following functions that uses [sjcl](https://www.npmjs.com/package/sjcl) under the hood:
-- `encrypt(data, secret, options)`: return encrypted token
+- `encrypt(data, secret, options, sjclOptions)`: return encrypted token
 - `decrypt(token, secret)`: returns decrypted data
 ```javascript
 import { encrypt, decrypt } from 'jssign'
@@ -60,5 +60,7 @@ console.log(data) // { id: 'confidential_data' }
 `options`:
 - `expiresIn` can be a numeric value representing time in ms (no expiration by default).
+`sjclOptions` are the options taken by `sjcl.encrypt` method having type `SjclCipherEncryptParams`
 ## Author
 [Sahil Aggarwal](https://www.github.com/SahilAggarwal2004)

package/dist/cjs/index.js CHANGED Viewed

@@ -5,7 +5,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.decrypt = exports.encrypt = exports.verify = exports.sign = void 0;
 const sjcl_1 = __importDefault(require("sjcl"));
-const defaults = { v: 1, iter: 10000, ks: 128, ts: 64, mode: "ccm", adata: "", cipher: "aes" };
 const characters = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '`', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0', '-', '=', '[', ']', ';', ',', '.', '/', '~', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '+', '{', '}', ':', '<', '>', '?'];
 const encoder = new TextEncoder();
 const decoder = new TextDecoder();
@@ -69,16 +68,21 @@ function verify(token, secret) {
     }
 }
 exports.verify = verify;
-function encrypt(data, secret, { expiresIn = 0 } = {}) {
-    const { ct, iv, salt } = JSON.parse(sjcl_1.default.encrypt(secret, JSON.stringify({ data, iat: Date.now(), exp: expiresIn })));
-    return `${ct}.${iv}.${salt}`;
+function encrypt(data, secret, { expiresIn = 0 } = {}, sjclOptions) {
+    const encryptedObj = JSON.parse(sjcl_1.default.encrypt(secret, JSON.stringify({ data, iat: Date.now(), exp: expiresIn }), sjclOptions));
+    const encryptedArr = Object.entries(encryptedObj).map(([key, value]) => `${key}:${value}`);
+    return encryptedArr.join('.');
 }
 exports.encrypt = encrypt;
 function decrypt(token, secret) {
     try {
-        const [ct, iv, salt] = token.split('.');
-        token = JSON.stringify(Object.assign({ ct, iv, salt }, defaults));
-        const { data, iat, exp } = JSON.parse(sjcl_1.default.decrypt(secret, token));
+        const encryptedArr = token.split('.');
+        const encryptedObj = encryptedArr.reduce((obj, str) => {
+            const [key, value] = str.split(':');
+            obj[key] = +value || value;
+            return obj;
+        }, {});
+        const { data, iat, exp } = JSON.parse(sjcl_1.default.decrypt(secret, JSON.stringify(encryptedObj)));
         if (!exp || Date.now() < iat + exp)
             return data;
         throw new Error();

package/dist/esm/index.d.ts CHANGED Viewed

@@ -1,11 +1,12 @@
+import { SjclCipherEncryptParams } from 'sjcl';
 export type EncryptOptions = {
     expiresIn?: number;
 };
 export type SignOptions = EncryptOptions & {
     sl?: number;
 };
-declare function sign(data: any, secret: string, { expiresIn, sl }?: SignOptions): string;
-declare function verify(token: string, secret: string): any;
-declare function encrypt(data: any, secret: string, { expiresIn }?: EncryptOptions): string;
-declare function decrypt(token: string, secret: string): any;
-export { sign, verify, encrypt, decrypt };
+export type { SjclCipherEncryptParams };
+export declare function sign(data: any, secret: string, { expiresIn, sl }?: SignOptions): string;
+export declare function verify(token: string, secret: string): any;
+export declare function encrypt(data: any, secret: string, { expiresIn }?: EncryptOptions, sjclOptions?: SjclCipherEncryptParams): string;
+export declare function decrypt(token: string, secret: string): any;

package/dist/esm/index.js CHANGED Viewed

@@ -1,5 +1,4 @@
 import sjcl from 'sjcl';
-const defaults = { v: 1, iter: 10000, ks: 128, ts: 64, mode: "ccm", adata: "", cipher: "aes" };
 const characters = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '`', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0', '-', '=', '[', ']', ';', ',', '.', '/', '~', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '+', '{', '}', ':', '<', '>', '?'];
 const encoder = new TextEncoder();
 const decoder = new TextDecoder();
@@ -42,13 +41,13 @@ function decode(token, secret, type) {
         decodedBytes[i] = tokenBytes[i] ^ secretBytes[i % secretLength];
     return decoder.decode(decodedBytes);
 }
-function sign(data, secret, { expiresIn = 0, sl = 32 } = {}) {
+export function sign(data, secret, { expiresIn = 0, sl = 32 } = {}) {
     const salt = genSalt(sl);
     const token = encode(JSON.stringify({ data, iat: Date.now(), exp: expiresIn }), salt, 1);
     const signature = encode(salt, secret, 0);
     return `${token}.${signature}`;
 }
-function verify(token, secret) {
+export function verify(token, secret) {
     try {
         const [dataStr, signature] = token.split('.');
         const salt = decode(signature, secret, 0);
@@ -61,15 +60,20 @@ function verify(token, secret) {
         throw new Error('Invalid token or secret!');
     }
 }
-function encrypt(data, secret, { expiresIn = 0 } = {}) {
-    const { ct, iv, salt } = JSON.parse(sjcl.encrypt(secret, JSON.stringify({ data, iat: Date.now(), exp: expiresIn })));
-    return `${ct}.${iv}.${salt}`;
+export function encrypt(data, secret, { expiresIn = 0 } = {}, sjclOptions) {
+    const encryptedObj = JSON.parse(sjcl.encrypt(secret, JSON.stringify({ data, iat: Date.now(), exp: expiresIn }), sjclOptions));
+    const encryptedArr = Object.entries(encryptedObj).map(([key, value]) => `${key}:${value}`);
+    return encryptedArr.join('.');
 }
-function decrypt(token, secret) {
+export function decrypt(token, secret) {
     try {
-        const [ct, iv, salt] = token.split('.');
-        token = JSON.stringify(Object.assign({ ct, iv, salt }, defaults));
-        const { data, iat, exp } = JSON.parse(sjcl.decrypt(secret, token));
+        const encryptedArr = token.split('.');
+        const encryptedObj = encryptedArr.reduce((obj, str) => {
+            const [key, value] = str.split(':');
+            obj[key] = +value || value;
+            return obj;
+        }, {});
+        const { data, iat, exp } = JSON.parse(sjcl.decrypt(secret, JSON.stringify(encryptedObj)));
         if (!exp || Date.now() < iat + exp)
             return data;
         throw new Error();
@@ -78,4 +82,3 @@ function decrypt(token, secret) {
         throw new Error('Invalid token or secret!');
     }
 }
-export { sign, verify, encrypt, decrypt };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "jssign",
-  "version": "0.2.7",
+  "version": "0.3.0",
   "description": "A token generator library to encode and decode data using a secret key",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
@@ -35,7 +35,7 @@
     "sjcl": "^1.0.8"
   },
   "devDependencies": {
-    "@types/sjcl": "^1.0.31"
+    "@types/sjcl": "^1.0.34"
   },
   "scripts": {
     "esm": "tsc",