upgrade dependencies

author: Florian Dold <florian.dold@gmail.com> 2017-12-10 21:51:33 +0100
committer: Florian Dold <florian.dold@gmail.com> 2017-12-10 21:51:33 +0100
commit: 0469abd4a9c9270a1fdc962969e36e63699af8b4 (patch)
tree: f9864d4a4148621378958794cbbfdc2393733283 /node_modules/evp_bytestokey
parent: 6947e79bbc258f7bc96af424ddb71a511f0c15a3 (diff)
download: wallet-core-0469abd4a9c9270a1fdc962969e36e63699af8b4.tar.xz
5 files changed, 143 insertions, 99 deletions
diff --git a/node_modules/evp_bytestokey/LICENSE b/node_modules/evp_bytestokey/LICENSE
new file mode 100644
index 000000000..f06007ae3
--- /dev/null
+++ b/node_modules/evp_bytestokey/LICENSE
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 crypto-browserify contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/node_modules/evp_bytestokey/README.md b/node_modules/evp_bytestokey/README.md
new file mode 100644
index 000000000..36da2382f
--- /dev/null
+++ b/node_modules/evp_bytestokey/README.md
@@ -0,0 +1,51 @@
+# EVP\_BytesToKey
+[![NPM Package](https://img.shields.io/npm/v/evp_bytestokey.svg?style=flat-square)](https://www.npmjs.org/package/evp_bytestokey)
+[![Build Status](https://img.shields.io/travis/crypto-browserify/EVP_BytesToKey.svg?branch=master&style=flat-square)](https://travis-ci.org/crypto-browserify/EVP_BytesToKey)
+[![Dependency status](https://img.shields.io/david/crypto-browserify/EVP_BytesToKey.svg?style=flat-square)](https://david-dm.org/crypto-browserify/EVP_BytesToKey#info=dependencies)
+
+[![js-standard-style](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)
+
+The insecure [key derivation algorithm from OpenSSL.][1]
+
+**WARNING: DO NOT USE, except for compatibility reasons.**
+
+MD5 is insecure.
+
+Use at least `scrypt` or `pbkdf2-hmac-sha256` instead.
+
+
+## API
+`EVP_BytesToKey(password, salt, keyLen, ivLen)`
+
+* `password` - `Buffer`, password used to derive the key data.
+* `salt` - 8 byte `Buffer` or `null`, salt is used as a salt in the derivation.
+* `keyBits` - `number`, key length in **bits**.
+* `ivLen` - `number`, iv length in bytes.
+
+*Returns*: `{ key: Buffer, iv: Buffer }`
+
+
+## Examples
+MD5 with `aes-256-cbc`:
+
+```js
+const crypto = require('crypto')
+const EVP_BytesToKey = require('evp_bytestokey')
+
+const result = EVP_BytesToKey(
+  'my-secret-password',
+  null,
+  32,
+  16
+)
+// =>
+// { key: <Buffer e3 4f 96 f3 86 24 82 7c c2 5d ff 23 18 6f 77 72 54 45 7f 49 d4 be 4b dd 4f 6e 1b cc 92 a4 27 33>,
+//   iv: <Buffer 85 71 9a bf ae f4 1e 74 dd 46 b6 13 79 56 f5 5b> }
+
+const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv)
+```
+
+## LICENSE [MIT](LICENSE)
+
+[1]: https://wiki.openssl.org/index.php/Manual:EVP_BytesToKey(3)
+[2]: https://nodejs.org/api/crypto.html#crypto_class_hash
diff --git a/node_modules/evp_bytestokey/index.js b/node_modules/evp_bytestokey/index.js
index 25fbc9c24..f9d4757dd 100644
--- a/node_modules/evp_bytestokey/index.js
+++ b/node_modules/evp_bytestokey/index.js
@@ -1,68 +1,45 @@
-var md5 = require('create-hash/md5')
-module.exports = EVP_BytesToKey
-function EVP_BytesToKey (password, salt, keyLen, ivLen) {
-  if (!Buffer.isBuffer(password)) {
-    password = new Buffer(password, 'binary')
-  }
-  if (salt && !Buffer.isBuffer(salt)) {
-    salt = new Buffer(salt, 'binary')
+var Buffer = require('safe-buffer').Buffer
+var MD5 = require('md5.js')
+
+/* eslint-disable camelcase */
+function EVP_BytesToKey (password, salt, keyBits, ivLen) {
+  if (!Buffer.isBuffer(password)) password = Buffer.from(password, 'binary')
+  if (salt) {
+    if (!Buffer.isBuffer(salt)) salt = Buffer.from(salt, 'binary')
+    if (salt.length !== 8) throw new RangeError('salt should be Buffer with 8 byte length')
   }
-  keyLen = keyLen / 8
-  ivLen = ivLen || 0
-  var ki = 0
-  var ii = 0
-  var key = new Buffer(keyLen)
-  var iv = new Buffer(ivLen)
-  var addmd = 0
-  var md_buf
-  var i
-  var bufs = []
-  while (true) {
-    if (addmd++ > 0) {
-      bufs.push(md_buf)
-    }
-    bufs.push(password)
-    if (salt) {
-      bufs.push(salt)
-    }
-    md_buf = md5(Buffer.concat(bufs))
-    bufs = []
-    i = 0
+
+  var keyLen = keyBits / 8
+  var key = Buffer.alloc(keyLen)
+  var iv = Buffer.alloc(ivLen || 0)
+  var tmp = Buffer.alloc(0)
+
+  while (keyLen > 0 || ivLen > 0) {
+    var hash = new MD5()
+    hash.update(tmp)
+    hash.update(password)
+    if (salt) hash.update(salt)
+    tmp = hash.digest()
+
+    var used = 0
+
     if (keyLen > 0) {
-      while (true) {
-        if (keyLen === 0) {
-          break
-        }
-        if (i === md_buf.length) {
-          break
-        }
-        key[ki++] = md_buf[i]
-        keyLen--
-        i++
-      }
+      var keyStart = key.length - keyLen
+      used = Math.min(keyLen, tmp.length)
+      tmp.copy(key, keyStart, 0, used)
+      keyLen -= used
     }
-    if (ivLen > 0 && i !== md_buf.length) {
-      while (true) {
-        if (ivLen === 0) {
-          break
-        }
-        if (i === md_buf.length) {
-          break
-        }
-        iv[ii++] = md_buf[i]
-        ivLen--
-        i++
-      }
+
+    if (used < tmp.length && ivLen > 0) {
+      var ivStart = iv.length - ivLen
+      var length = Math.min(ivLen, tmp.length - used)
+      tmp.copy(iv, ivStart, used, used + length)
+      ivLen -= length
     }
-    if (keyLen === 0 && ivLen === 0) {
-      break
-    }
-  }
-  for (i = 0; i < md_buf.length; i++) {
-    md_buf[i] = 0
-  }
-  return {
-    key: key,
-    iv: iv
   }
+
+  tmp.fill(0)
+  return { key: key, iv: iv }
 }
+
+module.exports = EVP_BytesToKey
diff --git a/node_modules/evp_bytestokey/package.json b/node_modules/evp_bytestokey/package.json
index e9e96b8ac..517891ad2 100644
--- a/node_modules/evp_bytestokey/package.json
+++ b/node_modules/evp_bytestokey/package.json
@@ -1,31 +1,45 @@
 {
   "name": "evp_bytestokey",
-  "version": "1.0.0",
-  "description": "he super secure key derivation algorithm from openssl",
-  "main": "index.js",
-  "scripts": {
-    "test": "standard && node test.js | tspec"
-  },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/crypto-browserify/EVP_BytesToKey.git"
-  },
+  "version": "1.0.3",
+  "description": "The insecure key derivation algorithm from OpenSSL",
   "keywords": [
     "crypto",
     "openssl"
   ],
-  "author": "Calvin Metcalf <calvin.metcalf@gmail.com>",
-  "license": "MIT",
+  "homepage": "https://github.com/crypto-browserify/EVP_BytesToKey",
   "bugs": {
     "url": "https://github.com/crypto-browserify/EVP_BytesToKey/issues"
   },
-  "homepage": "https://github.com/crypto-browserify/EVP_BytesToKey",
-  "dependencies": {
-    "create-hash": "^1.1.1"
+  "license": "MIT",
+  "author": "Calvin Metcalf <calvin.metcalf@gmail.com>",
+  "contributors": [
+    "Kirill Fomichev <fanatid@ya.ru>"
+  ],
+  "files": [
+    "index.js"
+  ],
+  "main": "index.js",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/crypto-browserify/EVP_BytesToKey.git"
+  },
+  "scripts": {
+    "coverage": "nyc tape test/*.js",
+    "lint": "standard",
+    "test": "npm run lint && npm run unit",
+    "test:prepare": "node-gyp rebuild",
+    "unit": "tape test/*.js"
   },
   "devDependencies": {
-    "standard": "^5.3.1",
-    "tap-spec": "^4.1.0",
-    "tape": "^4.2.0"
+    "bindings": "^1.2.1",
+    "nan": "^2.4.0",
+    "nyc": "^8.1.0",
+    "standard": "^8.0.0",
+    "tape": "^4.6.0"
+  },
+  "gypfile": false,
+  "dependencies": {
+    "md5.js": "^1.3.4",
+    "safe-buffer": "^5.1.1"
   }
 }
diff --git a/node_modules/evp_bytestokey/test.js b/node_modules/evp_bytestokey/test.js
deleted file mode 100644
index a638fa03f..000000000
--- a/node_modules/evp_bytestokey/test.js
+++ /dev/null
@@ -1,19 +0,0 @@
-var test = require('tape')
-var evp = require('./')
-var crypto = require('crypto')
-
-function runTest (password) {
-  test('password: ' + password, function (t) {
-    t.plan(1)
-    var keys = evp(password, false, 256, 16)
-    var nodeCipher = crypto.createCipher('aes-256-ctr', password)
-    var ourCipher = crypto.createCipheriv('aes-256-ctr', keys.key, keys.iv)
-    var nodeOut = nodeCipher.update('foooooo')
-    var ourOut = ourCipher.update('foooooo')
-    t.equals(nodeOut.toString('hex'), ourOut.toString('hex'))
-  })
-}
-runTest('password')
-runTest('ふっかつ　あきる　すぶり　はやい　つける　まゆげ　たんさん　みんぞく　ねほりはほり　せまい　たいまつばな　ひはん')
-runTest('Z͑ͫ̓ͪ̂ͫ̽͏̴̙̤̞͉͚̯̞̠͍A̴̵̜̰͔ͫ͗͢L̠ͨͧͩ͘G̴̻͈͍͔̹̑͗̎̅͛́Ǫ̵̹̻̝̳͂̌̌͘!͖̬̰̙̗̿̋ͥͥ̂ͣ̐́́͜͞')
-runTest('💩')
author	Florian Dold <florian.dold@gmail.com>	2017-12-10 21:51:33 +0100
committer	Florian Dold <florian.dold@gmail.com>	2017-12-10 21:51:33 +0100
commit	0469abd4a9c9270a1fdc962969e36e63699af8b4 (patch)
tree	f9864d4a4148621378958794cbbfdc2393733283 /node_modules/evp_bytestokey
parent	6947e79bbc258f7bc96af424ddb71a511f0c15a3 (diff)
download	wallet-core-0469abd4a9c9270a1fdc962969e36e63699af8b4.tar.xz