Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

node-jose-browserify

newtonjoshua1.3kApache-2.01.1.14

An advanced version of Cisco's node-jose module that works in both browser and the server.

node-jose, angular, web-app, browser, cisco, crypto, jose, jwa, jwe, jwk, jws

readme

published

node-jose-browserify

An advanced version of Cisco's node-jose module that works in both browser and the server. It is compatible with node.js and angular

Refer to https://github.com/cisco/node-jose for documentation.

Install

    npm i node-jose-browserify

Angular Usage

Import and use as any other package. All the methods will be supported in the browser, just as in node.js.

import * as jose from 'node-jose-browserify';

The following changes are required to make few node-modules available in the browser

  • angular compilerOptions for stream

    In tsconfig.json , compilerOptions add

      "paths": {
      "stream": ["../node_modules/stream-browserify/index.js"]
  }

    This is to avoid the below error

    ERROR in ./node_modules/browserify-zlib/lib/index.js. Module not found: Error: Can't resolve 'stream' in '***/node_modules/browserify-zlib/lib'

  • polyfil for global object In polyfills.ts add 
      // Polyfill for node-jose
  (window as any)['global'] = window;
    This is to avoid the below error

    Uncaught ReferenceError: global is not defined

Merging node-jose updates

To pull the latest updates from node-jose into node-jose-browserify

$ git pull https://github.com/cisco/node-jose.git master

PR

PR https://github.com/cisco/node-jose/pull/264 is raised to merge the changes with the node-jose repo

changelog

Release Notes

1.1.3 (2019-03-18)

  • fail to verify PS signatures with incorrect padding in node (93399b6)

1.1.2 (2019-02-28)

  • replaced outdated vulnerable lodash dependencies (b9c4f0e)

1.1.1 (2019-02-01)

1.1.0 (2018-11-05)

Bug Fixes

  • remove setImmediate/nextTick hack (fixes #203) (4e24931)
  • correct jws verify input validation check (fixes #210) (be66519)
  • [node] use native crypto for RS signing (fixes #202) (59636c3)

Features

  • [node] use native crypto for AES-KW Key-Wrapping (f18011f)
  • [node] use native crypto for RSA-OAEP and RSA1_5 encryption (bba0a13)
  • [node] use native crypto for RSA1_5 decryption (2a9e48a)
  • [node] use native crypto for RSA-PSS (8a05f35)
  • [node] use native crypto for ECDSA (aa5a48d)

1.0.0 (2018-05-30)

Update

Fix

Build

Package

0.11.1 (2018-05-15)

NOTE: This is a security patch, replacing base64url with b64u to address a vulnerability in the previous dependency.

Chore

0.11.0 (2017-11-30)

NOTICE This release includes a potentially breaking change. The default of jose.JWS.Verifier.verify() before 0.11.0 was to successfully verify if an embedded key was present and verification succeeds. Now the default is to instead fail verification. Applications that rely on embedded keys for JWS verification now must provide an opts Object to either jose.JWS.createVerify() or jose.JWS.Verifier.verify(), with the member allowEmbeddedKeys set to true.

Update

Doc

0.10.0 (2017-09-29)

Update

Fix

Build

0.9.5 (2017-08-07)

Update

Fix

Doc

Build

0.9.4 (2017-04-13)

Update

Doc

Build

0.9.3 (2017-02-20)

Update

Fix

Doc

Build

0.9.2 (2016-12-29)

Build

Fix

0.9.1 (2016-08-23)

Build

0.9.0 (2016-07-17)

Update

Fix

0.8.1 (2016-07-13)

Fix

Build

0.8.0 (2016-04-18)

Update

Fix

Build

0.7.1 (2016-02-09)

Fix

0.7.0 (2016-01-14)

Update

0.6.0 (2015-12-12)

Update

0.5.2 (2015-11-30)

Fix

Doc

Build

0.5.1 (2015-11-19)

Fix

Build

0.5.0 (2015-10-31)

Update

Fix

0.4.0 (2015-10-12)

Breaking

Update

0.3.1 (2015-10-06)

Fix

Update

Doc

Build

[0.3.0] (2015-09-11)

Initial public release.