node-forge 0.8.1 → 0.8.5

package/flash/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "node-forge-flash",
+  "version": "0.0.0",
+  "private": true,
+  "description": "Flash build support for Forge.",
+  "homepage": "https://github.com/digitalbazaar/forge",
+  "author": {
+    "name": "Digital Bazaar, Inc.",
+    "email": "support@digitalbazaar.com",
+    "url": "http://digitalbazaar.com/"
+  },
+  "devDependencies": {
+    "flex-sdk": ""
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/digitalbazaar/forge"
+  },
+  "bugs": {
+    "url": "https://github.com/digitalbazaar/forge/issues",
+    "email": "support@digitalbazaar.com"
+  },
+  "license": "(BSD-3-Clause OR GPL-2.0)",
+  "scripts": {
+    "build": "mxmlc -debug=false -define=CONFIG::debugging,false -define=CONFIG::release,true -compiler.source-path=. -static-link-runtime-shared-libraries -output=swf/SocketPool.swf SocketPool.as",
+    "build-debug": "mxmlc -debug=true -define=CONFIG::debugging,true -define=CONFIG::release,false -compiler.source-path=. -static-link-runtime-shared-libraries -output=swf/SocketPool.swf SocketPool.as"
+  }
+}

package/lib/aes.js

@@ -648,7 +648,7 @@ function initialize() {
  * of Nb*(Nr + 1) words: the algorithm requires an initial set of Nb words,
  * and each of the Nr rounds requires Nb words of key data. The resulting
  * key schedule consists of a linear array of 4-byte words, denoted [wi ],
- * with i in the range 0 ≤ i < Nb(Nr + 1).
+ * with i in the range 0 <= i < Nb(Nr + 1).
  *
  * KeyExpansion(byte key[4*Nk], word w[Nb*(Nr+1)], Nk)
  * AES-128 (Nb=4, Nk=4, Nr=10)
@@ -704,7 +704,7 @@ function _expandKey(key, decrypt) {
     w[i] = w[i - Nk] ^ temp;
   }
 
-   /* When we are updating a cipher block we always use the code path for
+  /* When we are updating a cipher block we always use the code path for
      encryption whether we are decrypting or not (to shorten code and
      simplify the generation of look up tables). However, because there
      are differences in the decryption algorithm, other than just swapping
@@ -805,7 +805,7 @@ function _updateBlock(w, input, output, decrypt) {
     byte state[4,Nb]
     state = in
     AddRoundKey(state, w[0, Nb-1])
-    for round = 1 step 1 to Nr–1
+    for round = 1 step 1 to Nr-1
       SubBytes(state)
       ShiftRows(state)
       MixColumns(state)
@@ -1017,7 +1017,7 @@ function _updateBlock(w, input, output, decrypt) {
     InvSubBytes(state)
     AddRoundKey(state, w[0, Nb-1])
    */
-   // Note: rows are shifted inline
+  // Note: rows are shifted inline
   output[0] =
     (sub[a >>> 24] << 24) ^
     (sub[b >>> 16 & 255] << 16) ^

package/lib/aesCipherSuites.js

@@ -16,7 +16,7 @@ var tls = module.exports = forge.tls;
  * Supported cipher suites.
  */
 tls.CipherSuites['TLS_RSA_WITH_AES_128_CBC_SHA'] = {
-  id: [0x00,0x2f],
+  id: [0x00, 0x2f],
   name: 'TLS_RSA_WITH_AES_128_CBC_SHA',
   initSecurityParameters: function(sp) {
     sp.bulk_cipher_algorithm = tls.BulkCipherAlgorithm.aes;
@@ -32,7 +32,7 @@ tls.CipherSuites['TLS_RSA_WITH_AES_128_CBC_SHA'] = {
   initConnectionState: initConnectionState
 };
 tls.CipherSuites['TLS_RSA_WITH_AES_256_CBC_SHA'] = {
-  id: [0x00,0x35],
+  id: [0x00, 0x35],
   name: 'TLS_RSA_WITH_AES_256_CBC_SHA',
   initSecurityParameters: function(sp) {
     sp.bulk_cipher_algorithm = tls.BulkCipherAlgorithm.aes;
@@ -199,10 +199,8 @@ function decrypt_aes_cbc_sha1_padding(blockSize, output, decrypt) {
  *
  * @return true on success, false on failure.
  */
-var count = 0;
 function decrypt_aes_cbc_sha1(record, s) {
   var rval = false;
-  ++count;
 
   var iv;
   if(record.version.minor === tls.Versions.TLS_1_0.minor) {

package/lib/asn1.js

@@ -619,7 +619,7 @@ function _fromDer(bytes, remaining, depth, options) {
   }
 
   // add BIT STRING contents if available
-  var asn1Options = bitStringContents === undefined ?  null : {
+  var asn1Options = bitStringContents === undefined ? null : {
     bitStringContents: bitStringContents
   };
 

package/lib/cipherModes.js

@@ -652,7 +652,7 @@ modes.gcm.prototype.encrypt = function(input, output, finish) {
       this._partialOutput.putInt32(input.getInt32() ^ this._outBlock[i]);
     }
 
-    if(partialBytes === 0 || finish) {
+    if(partialBytes <= 0 || finish) {
       // handle overflow prior to hashing
       if(finish) {
         // get block overflow

package/lib/des.js

@@ -7,7 +7,8 @@
  * Paul Tero, July 2001
  * http://www.tero.co.uk/des/
  *
- * Optimised for performance with large blocks by Michael Hayworth, November 2001
+ * Optimised for performance with large blocks by
+ * Michael Hayworth, November 2001
  * http://www.netdealing.com
  *
  * THIS SOFTWARE IS PROVIDED "AS IS" AND

package/lib/ed25519.js

@@ -168,7 +168,7 @@ function messageToNativeBuffer(options) {
 
   if(typeof message === 'string') {
     if(typeof Buffer !== 'undefined') {
-      return new Buffer(message, encoding);
+      return Buffer.from(message, encoding);
     }
     message = new ByteBuffer(message, encoding);
   } else if(!(message instanceof ByteBuffer)) {
@@ -217,7 +217,7 @@ function sha512(msg, msgLen) {
   md.update(buffer.getBytes(msgLen), 'binary');
   var hash = md.digest().getBytes();
   if(typeof Buffer !== 'undefined') {
-    return new Buffer(hash, 'binary');
+    return Buffer.from(hash, 'binary');
   }
   var out = new NativeBuffer(ed25519.constants.HASH_BYTE_LENGTH);
   for(var i = 0; i < 64; ++i) {

package/lib/pbkdf2.js

@@ -51,8 +51,8 @@ module.exports = forge.pbkdf2 = pkcs5.pbkdf2 = function(
       // default prf to SHA-1
       md = 'sha1';
     }
-    p = new Buffer(p, 'binary');
-    s = new Buffer(s, 'binary');
+    p = Buffer.from(p, 'binary');
+    s = Buffer.from(s, 'binary');
     if(!callback) {
       if(crypto.pbkdf2Sync.length === 4) {
         return crypto.pbkdf2Sync(p, s, c, dkLen).toString('binary');

package/lib/pkcs1.js

@@ -119,7 +119,7 @@ pkcs1.encode_rsa_oaep = function(key, message, options) {
 
   var PS = '';
   var PS_length = maxLength - message.length;
-  for (var i = 0; i < PS_length; i++) {
+  for(var i = 0; i < PS_length; i++) {
     PS += '\x00';
   }
 

package/lib/pkcs12.js

@@ -68,7 +68,7 @@
  * PKCS12Attribute ::= SEQUENCE {
  *   attrId ATTRIBUTE.&id ({PKCS12AttrSet}),
  *   attrValues SET OF ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId})
- * } -- This type is compatible with the X.500 type ’Attribute’
+ * } -- This type is compatible with the X.500 type 'Attribute'
  *
  * PKCS12AttrSet ATTRIBUTE ::= {
  *   friendlyName | -- from PKCS #9

package/lib/rsa.js

@@ -89,7 +89,6 @@ forge.pki = forge.pki || {};
 module.exports = forge.pki.rsa = forge.rsa = forge.rsa || {};
 var pki = forge.pki;
 
-
 // for finding primes, which are 30k+i for i = 1, 7, 11, 13, 17, 19, 23, 29
 var GCD_30_DELTA = [6, 4, 2, 4, 2, 4, 6, 2];
 
@@ -688,7 +687,7 @@ pki.rsa.stepKeyPairGenerationState = function(state, n) {
   var THIRTY = new BigInteger(null);
   THIRTY.fromInt(30);
   var deltaIdx = 0;
-  var op_or = function(x, y) { return x|y; };
+  var op_or = function(x, y) {return x | y;};
 
   // keep stepping until time limit is reached or done
   var t1 = +new Date();
@@ -737,7 +736,7 @@ pki.rsa.stepKeyPairGenerationState = function(state, n) {
         // ensure number is coprime with e
         state.pqState =
           (state.num.subtract(BigInteger.ONE).gcd(state.e)
-          .compareTo(BigInteger.ONE) === 0) ? 3 : 0;
+            .compareTo(BigInteger.ONE) === 0) ? 3 : 0;
       } else if(state.pqState === 3) {
         // store p or q
         state.pqState = 0;
@@ -907,7 +906,7 @@ pki.rsa.generateKeyPair = function(bits, e, options, callback) {
             format: 'pem'
           }
         }, function(err, pub, priv) {
-          if (err) {
+          if(err) {
             return callback(err);
           }
           callback(null, {
@@ -916,7 +915,8 @@ pki.rsa.generateKeyPair = function(bits, e, options, callback) {
           });
         });
       }
-      if(_detectSubtleCrypto('generateKey') && _detectSubtleCrypto('exportKey')) {
+      if(_detectSubtleCrypto('generateKey') &&
+        _detectSubtleCrypto('exportKey')) {
         // use standard native generateKey
         return util.globalScope.crypto.subtle.generateKey({
           name: 'RSASSA-PKCS1-v1_5',
@@ -1054,7 +1054,7 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {
         }
       };
     } else if(['RAW', 'NONE', 'NULL', null].indexOf(scheme) !== -1) {
-      scheme = { encode: function(e) { return e; } };
+      scheme = {encode: function(e) {return e;}};
     } else if(typeof scheme === 'string') {
       throw new Error('Unsupported encryption scheme: "' + scheme + '".');
     }
@@ -1095,37 +1095,37 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {
    *
    * @return true if the signature was verified, false if not.
    */
-   key.verify = function(digest, signature, scheme) {
-     if(typeof scheme === 'string') {
-       scheme = scheme.toUpperCase();
-     } else if(scheme === undefined) {
-       scheme = 'RSASSA-PKCS1-V1_5';
-     }
-
-     if(scheme === 'RSASSA-PKCS1-V1_5') {
-       scheme = {
-         verify: function(digest, d) {
-           // remove padding
-           d = _decodePkcs1_v1_5(d, key, true);
-           // d is ASN.1 BER-encoded DigestInfo
-           var obj = asn1.fromDer(d);
-           // compare the given digest to the decrypted one
-           return digest === obj.value[1].value;
-         }
-       };
-     } else if(scheme === 'NONE' || scheme === 'NULL' || scheme === null) {
-       scheme = {
-         verify: function(digest, d) {
-           // remove padding
-           d = _decodePkcs1_v1_5(d, key, true);
-           return digest === d;
-         }
-       };
-     }
-
-     // do rsa decryption w/o any decoding, then verify -- which does decoding
-     var d = pki.rsa.decrypt(signature, key, true, false);
-     return scheme.verify(digest, d, key.n.bitLength());
+  key.verify = function(digest, signature, scheme) {
+    if(typeof scheme === 'string') {
+      scheme = scheme.toUpperCase();
+    } else if(scheme === undefined) {
+      scheme = 'RSASSA-PKCS1-V1_5';
+    }
+
+    if(scheme === 'RSASSA-PKCS1-V1_5') {
+      scheme = {
+        verify: function(digest, d) {
+          // remove padding
+          d = _decodePkcs1_v1_5(d, key, true);
+          // d is ASN.1 BER-encoded DigestInfo
+          var obj = asn1.fromDer(d);
+          // compare the given digest to the decrypted one
+          return digest === obj.value[1].value;
+        }
+      };
+    } else if(scheme === 'NONE' || scheme === 'NULL' || scheme === null) {
+      scheme = {
+        verify: function(digest, d) {
+          // remove padding
+          d = _decodePkcs1_v1_5(d, key, true);
+          return digest === d;
+        }
+      };
+    }
+
+    // do rsa decryption w/o any decoding, then verify -- which does decoding
+    var d = pki.rsa.decrypt(signature, key, true, false);
+    return scheme.verify(digest, d, key.n.bitLength());
   };
 
   return key;
@@ -1183,7 +1183,7 @@ pki.setRsaPrivateKey = pki.rsa.setPrivateKey = function(
     var d = pki.rsa.decrypt(data, key, false, false);
 
     if(scheme === 'RSAES-PKCS1-V1_5') {
-      scheme = { decode: _decodePkcs1_v1_5 };
+      scheme = {decode: _decodePkcs1_v1_5};
     } else if(scheme === 'RSA-OAEP' || scheme === 'RSAES-OAEP') {
       scheme = {
         decode: function(d, key) {
@@ -1191,7 +1191,7 @@ pki.setRsaPrivateKey = pki.rsa.setPrivateKey = function(
         }
       };
     } else if(['RAW', 'NONE', 'NULL', null].indexOf(scheme) !== -1) {
-      scheme = { decode: function(d) { return d; } };
+      scheme = {decode: function(d) {return d;}};
     } else {
       throw new Error('Unsupported encryption scheme: "' + scheme + '".');
     }
@@ -1233,10 +1233,10 @@ pki.setRsaPrivateKey = pki.rsa.setPrivateKey = function(
     }
 
     if(scheme === undefined || scheme === 'RSASSA-PKCS1-V1_5') {
-      scheme = { encode: emsaPkcs1v15encode };
+      scheme = {encode: emsaPkcs1v15encode};
       bt = 0x01;
     } else if(scheme === 'NONE' || scheme === 'NULL' || scheme === null) {
-      scheme = { encode: function() { return md; } };
+      scheme = {encode: function() {return md;}};
       bt = 0x01;
     }
 
@@ -1271,7 +1271,7 @@ pki.wrapRsaPrivateKey = function(rsaKey) {
     // PrivateKey
     asn1.create(asn1.Class.UNIVERSAL, asn1.Type.OCTETSTRING, false,
       asn1.toDer(rsaKey).getBytes())
-    ]);
+  ]);
 };
 
 /**

package/lib/sha1.js

@@ -113,12 +113,12 @@ sha1.create = function() {
     return md;
   };
 
-   /**
-    * Produces the digest.
-    *
-    * @return a byte buffer containing the digest value.
-    */
-   md.digest = function() {
+  /**
+   * Produces the digest.
+   *
+   * @return a byte buffer containing the digest value.
+   */
+  md.digest = function() {
     /* Note: Here we copy the remaining bytes in the input buffer and
     add the appropriate SHA-1 padding. Then we do the final update
     on a copy of the state so that if the user wants to get

package/lib/sha512.js

@@ -81,7 +81,7 @@ sha512.create = function(algorithm) {
 
   // determine digest length by algorithm name (default)
   var digestLength = 64;
-  switch (algorithm) {
+  switch(algorithm) {
     case 'SHA-384':
       digestLength = 48;
       break;

package/lib/tls.js

@@ -3528,7 +3528,7 @@ var _alertDescToCertError = function(desc) {
  */
 tls.verifyCertificateChain = function(c, chain) {
   try {
-    // Make a copy of c.verifyOptions so that we can modify options.verify 
+    // Make a copy of c.verifyOptions so that we can modify options.verify
     // without modifying c.verifyOptions.
     var options = {};
     for (var key in c.verifyOptions) {
@@ -3726,7 +3726,7 @@ tls.createConnection = function(options) {
     virtualHost: options.virtualHost || null,
     verifyClient: options.verifyClient || false,
     verify: options.verify || function(cn, vfd, dpth, cts) {return vfd;},
-    verifyOptions: options.verifyOptions || {},
+    verifyOptions: options.verifyOptions || {},
     getCertificate: options.getCertificate || null,
     getPrivateKey: options.getPrivateKey || null,
     getSignature: options.getSignature || null,