node-forge 0.2.20 → 0.2.24

package/README.md

@@ -13,7 +13,131 @@ The Forge software is a fully native implementation of the [TLS][] protocol in
 JavaScript as well as a set of tools for developing Web Apps that utilize many
 network resources.
 
+## Getting Started
+------------------
+
+### Node.js ###
+
+If you want to use forge with [node.js][], it is available through `npm`:
+
+https://npmjs.org/package/node-forge
+
+Installation:
+
+    npm install node-forge
+
+You can then use forge as a regular module:
+
+    var forge = require('node-forge');
+
+### Requirements ###
+
+* General
+  * Optional: GNU autotools for the build infrastructure if using Flash.
+* Building a Browser Bundle:
+  * nodejs
+  * npm
+* Testing
+  * nodejs
+  * Optional: Python and OpenSSL development environment to build
+  * a special SSL module with session cache support for testing with flash.
+  * http://www.python.org/dev/
+  * http://www.openssl.org/
+  * Debian users should install python-dev and libssl-dev.
+* Optional: Flash
+  * A pre-built SocketPool.swf is included.
+  * Adobe Flex 3 SDK to build the Flash socket code.
+  * http://opensource.adobe.com/wiki/display/flexsdk/
+
+### Building a browser bundle ###
+
+To create a minimized JavaScript bundle, run the following:
+
+```
+npm install
+npm run minify
+```
+
+This will create a single minimized file that can be included in
+the browser:
+
+```
+js/forge.min.js
+```
+
+Include the file via:
+
+```html
+<script src="js/forge.min.js"></script>
+```
+
+To create a single non-minimized file that can be included in
+the browser:
+
+```
+npm install
+npm run bundle
+```
+
+This will create:
+
+```
+js/forge.bundle.js
+```
+
+Include the file via:
+
+```html
+<script src="js/forge.bundle.js"></script>
+```
+
+The above bundles will synchronously create a global 'forge' object.
+
+Keep in mind that these bundles will not include any WebWorker
+scripts (eg: prime.worker.js) or their dependencies, so these will
+need to be accessible from the browser if any WebWorkers are used.
+
+### Testing with NodeJS & RequireJS ###
+
+A test server for [node.js][] can be found at `./nodejs`. The following are included:
+
+  * Example of how to use `forge` within NodeJS in the form of a [mocha](http://visionmedia.github.io/mocha/) test.
+  * Example of how to serve `forge` to the browser using [RequireJS](http://requirejs.org/).
+
+To run:
+
+    cd nodejs
+    npm install
+    npm test
+    npm start
+
+
+### Old build system that includes flash support ###
+
+To build the whole project, including Flash, run the following:
+
+    $ ./build-setup
+    $ make
+
+This will create the SWF, symlink all the JavaScript files, and build a Python
+SSL module for testing. To see configure options, run `./configure --help`.
+
+### Old test system including flash support ###
+
+A test server is provided which can be run in TLS mode and non-TLS mode. Use
+the --help option to get help for configuring ports. The server will print out
+the local URL you can vist to run tests.
+
+Some of the simplier tests should be run with just the non-TLS server::
+
+    $ ./tests/server.py
+
+More advanced tests need TLS enabled::
+
+    $ ./tests/server.py --tls
+
 ## Documentation
+----------------
 
 ### Transports
 
@@ -114,7 +238,7 @@ var client = forge.tls.createConnection({
   connected: function(connection) {
     console.log('connected');
     // send message to server
-    connection.prepare('Hi server!');
+    connection.prepare(forge.util.encodeUtf8('Hi server!'));
   },
   /* provide a client-side cert if you want
   getCertificate: function(connection, hint) {
@@ -132,7 +256,8 @@ var client = forge.tls.createConnection({
   },
   dataReady: function(connection) {
     // clear data from the server is ready
-    console.log('the server sent: ' + connection.data.getBytes());
+    console.log('the server sent: ' +
+      forge.util.decodeUtf8(connection.data.getBytes()));
     // close connection
     connection.close();
   },
@@ -176,7 +301,7 @@ var server = forge.tls.createConnection({
   connected: function(connection) {
     console.log('connected');
     // send message to client
-    connection.prepare('Hi client!');
+    connection.prepare(forge.util.encodeUtf8('Hi client!'));
   },
   getCertificate: function(connection, hint) {
     return myServerCertificate;
@@ -192,7 +317,8 @@ var server = forge.tls.createConnection({
   },
   dataReady: function(connection) {
     // clear data from the client is ready
-    console.log('the client sent: ' + connection.data.getBytes());
+    console.log('the client sent: ' +
+      forge.util.decodeUtf8(connection.data.getBytes()));
     // close connection
     connection.close();
   },
@@ -222,7 +348,9 @@ var client = forge.tls.createConnection({
   },
   connected: function(connection) {
     console.log('[tls] connected');
-    // prepare some data to send
+    // prepare some data to send (note that the string is interpreted as
+    // 'binary' encoded, which works for HTTP which only uses ASCII, use
+    // forge.util.encodeUtf8(str) otherwise
     client.prepare('GET / HTTP/1.0\r\n\r\n');
   },
   tlsDataReady: function(connection) {
@@ -1102,83 +1230,6 @@ Policy. See `mod_fsp/README` for more details. This module makes it easy to
 modify an [Apache][] server to allow cross domain requests to be made to it.
 
 
----------------------------------------
-
-
-Getting Started
----------------
-
-### Node.js ###
-
-If you want to use forge with [node.js][], it is available through `npm`:
-
-https://npmjs.org/package/node-forge
-
-Installation:
-
-    npm install node-forge
-
-You can then use forge as a regular module:
-
-    var forge = require('node-forge');
-
-### Requirements ###
-
-* General
-  * GNU autotools for the build infrastructure.
-* Flash
-  * Optional: A pre-built SocketPool.swf is included.
-  * Adobe Flex 3 SDK to build the Flash socket code.
-  * http://opensource.adobe.com/wiki/display/flexsdk/
-* Testing
-  * Optional: Only needed for fast session cache during testing.
-  * Python and OpenSSL development environment to build a special SSL module
-    with session cache support.
-  * http://www.python.org/dev/
-  * http://www.openssl.org/
-  * Debian users should install python-dev and libssl-dev.
-
-### Building ###
-
-To build the whole project, run the following::
-
-    $ ./build-setup
-    $ make
-
-This will create the SWF, symlink all the JavaScript files, and build a Python
-SSL module for testing. To see configure options, run `./configure --help`.
-
-### Testing ###
-
-A test server is provided which can be run in TLS mode and non-TLS mode. Use
-the --help option to get help for configuring ports. The server will print out
-the local URL you can vist to run tests.
-
-Some of the simplier tests should be run with just the non-TLS server::
-
-    $ ./tests/server.py
-
-More advanced tests need TLS enabled::
-
-    $ ./tests/server.py --tls
-
-
-NodeJS & RequireJS
-------------------
-
-A test server for [node.js][] can be found at `./nodejs`. The following are included:
-
-  * Example of how to use `forge` within NodeJS in the form of a [mocha](http://visionmedia.github.io/mocha/) test.
-  * Example of how to serve `forge` to the browser using [RequireJS](http://requirejs.org/).
-
-To run:
-
-    cd nodejs
-    npm install
-    npm test
-    npm start
-
-
 Library Details
 ---------------
 

package/end.frag

@@ -0,0 +1,3 @@
+window.forge = require('js/forge');
+
+})();

package/js/asn1.js

@@ -290,7 +290,7 @@ asn1.fromDer = function(bytes, strict) {
       throw {
         message: 'Too few bytes to read ASN.1 value.',
         detail: bytes.length() + ' < ' + length
-      };
+      }
     }
     // Note: be lenient with truncated values
     length = bytes.length();
@@ -366,9 +366,15 @@ asn1.fromDer = function(bytes, strict) {
     // TODO: do DER to OID conversion and vice-versa in .toDer?
 
     if(length === undefined) {
-      throw {
-        message: 'Non-constructed ASN.1 object of indefinite length.'
-      };
+      if(strict) {
+        throw {
+          message: 'Non-constructed ASN.1 object of indefinite length.'
+        };
+      }
+      // be lenient and use remaining bytes
+      else {
+        length = bytes.length();
+      }
     }
 
     if(type === asn1.Type.BMPSTRING) {

package/js/oids.js

@@ -39,6 +39,9 @@ oids['sha384WithRSAEncryption'] = '1.2.840.113549.1.1.12';
 oids['1.2.840.113549.1.1.13'] = 'sha512WithRSAEncryption';
 oids['sha512WithRSAEncryption'] = '1.2.840.113549.1.1.13';
 
+oids['1.3.14.3.2.7'] = 'desCBC';
+oids['desCBC'] = '1.3.14.3.2.7';
+
 oids['1.3.14.3.2.26'] = 'sha1';
 oids['sha1'] = '1.3.14.3.2.26';
 oids['2.16.840.1.101.3.4.2.1'] = 'sha256';

package/js/pkcs7.js

@@ -355,6 +355,7 @@ var _decryptContent = function (msg) {
         ciph = forge.aes.createDecryptionCipher(msg.encryptedContent.key);
         break;
 
+      case forge.pki.oids['desCBC']:
       case forge.pki.oids['des-EDE3-CBC']:
         ciph = forge.des.createDecryptionCipher(msg.encryptedContent.key);
         break;
@@ -661,6 +662,7 @@ p7.createEnvelopedData = function() {
         && privKey !== undefined) {
         switch(recipient.encryptedContent.algorithm) {
           case forge.pki.oids.rsaEncryption:
+          case forge.pki.oids.desCBC:  
             var key = privKey.decrypt(recipient.encryptedContent.content);
             msg.encryptedContent.key = forge.util.createBuffer(key);
             break;

package/js/tls.js

@@ -3941,7 +3941,9 @@ tls.createConnection = function(options) {
    * tlsDataReady handler will be called when the TLS record(s) have been
    * prepared.
    *
-   * @param data the application data, as a string, to be sent.
+   * @param data the application data, as a raw 'binary' encoded string, to
+   *          be sent; to send utf-16/utf-8 string data, use the return value
+   *          of util.encodeUtf8(str).
    *
    * @return true on success, false on failure.
    */

package/minify.js

@@ -0,0 +1,10 @@
+({
+  name: 'node_modules/almond/almond',
+  include: ['js/forge'],
+  out: 'js/forge.min.js',
+  wrap: {
+    startFile: 'start.frag',
+    endFile: 'end.frag'
+  },
+  preserveLicenseComments: false
+})

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "node-forge",
-  "version": "0.2.20",
+  "version": "0.2.24",
   "description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilties.",
   "homepage": "http://github.com/digitalbazaar/forge",
   "author": {
@@ -18,6 +18,10 @@
     "name": "Christoph Dorn",
     "email": "christoph@christophdorn.com"
   }],
+  "devDependencies": {
+    "almond": "~0.2.6",
+    "requirejs": "~2.1.8"
+  },
   "repository": {
     "type" : "git",
     "url" : "http://github.com/digitalbazaar/forge"
@@ -53,5 +57,9 @@
     "tls",
     "x.509",
     "x509"
-  ]
+  ],
+  "scripts": {
+    "bundle": "./node_modules/requirejs/bin/r.js -o minify.js optimize=none out=js/forge.bundle.js",
+    "minify": "./node_modules/requirejs/bin/r.js -o minify.js"
+  }
 }

package/start.frag

@@ -0,0 +1 @@
+(function() {