Skip to content

Commit 291f3f1

Browse files
esarafianouesarafianou
authored
Merge pull request #86 from forty/forty/remove-node-forge
Replace node-forge by native node crypto.
2 parents f5f6532 + 7aaa734 commit 291f3f1

File tree

4 files changed

+13
-14
lines changed

4 files changed

+13
-14
lines changed

README.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
W3C XML Encryption implementation for node.js (http://www.w3.org/TR/xmlenc-core/)
44

5-
Supports node >= 8
5+
Supports node >= 12
66

77
## Usage
88

lib/xmlenc.js

+12-7
Original file line numberDiff line numberDiff line change
@@ -2,18 +2,23 @@ var crypto = require('crypto');
22
var xmldom = require('@xmldom/xmldom');
33
var xpath = require('xpath');
44
var utils = require('./utils');
5-
var pki = require('node-forge').pki;
65

76
const insecureAlgorithms = [
87
//https://www.w3.org/TR/xmlenc-core1/#rsav15note
98
'http://www.w3.org/2001/04/xmlenc#rsa-1_5',
109
//https://csrc.nist.gov/News/2017/Update-to-Current-Use-and-Deprecation-of-TDEA
1110
'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'];
11+
1212
function encryptKeyInfoWithScheme(symmetricKey, options, scheme, callback) {
13+
const padding = scheme === 'RSA-OAEP' ? crypto.constants.RSA_PKCS1_OAEP_PADDING : crypto.constants.RSA_PKCS1_PADDING;
14+
const symmetricKeyBuffer = Buffer.isBuffer(symmetricKey) ? symmetricKey : Buffer.from(symmetricKey, 'utf-8');
15+
1316
try {
14-
var rsa_pub = pki.publicKeyFromPem(options.rsa_pub);
15-
var encrypted = rsa_pub.encrypt(symmetricKey.toString('binary'), scheme);
16-
var base64EncodedEncryptedKey = Buffer.from(encrypted, 'binary').toString('base64');
17+
var encrypted = crypto.publicEncrypt({
18+
key: options.rsa_pub,
19+
padding: padding
20+
}, symmetricKeyBuffer);
21+
var base64EncodedEncryptedKey = encrypted.toString('base64');
1722

1823
var params = {
1924
encryptedKey: base64EncodedEncryptedKey,
@@ -248,9 +253,9 @@ function decryptKeyInfo(doc, options) {
248253
}
249254

250255
function decryptKeyInfoWithScheme(encryptedKey, options, scheme) {
251-
var key = Buffer.from(encryptedKey.textContent, 'base64').toString('binary');
252-
var private_key = pki.privateKeyFromPem(options.key);
253-
var decrypted = private_key.decrypt(key, scheme);
256+
var padding = scheme === 'RSA-OAEP' ? crypto.constants.RSA_PKCS1_OAEP_PADDING : crypto.constants.RSA_PKCS1_PADDING;
257+
var key = Buffer.from(encryptedKey.textContent, 'base64');
258+
var decrypted = crypto.privateDecrypt({ key: options.key, padding: padding}, key);
254259
return Buffer.from(decrypted, 'binary');
255260
}
256261

package-lock.json

-5
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,6 @@
2222
"dependencies": {
2323
"@xmldom/xmldom": "^0.7.0",
2424
"escape-html": "^1.0.3",
25-
"node-forge": "^0.10.0",
2625
"xpath": "0.0.32"
2726
},
2827
"files": [

0 commit comments

Comments
 (0)