diff --git a/lib/asn1/base/buffer.js b/lib/asn1/base/buffer.js index e30c67b..bb5bc06 100644 --- a/lib/asn1/base/buffer.js +++ b/lib/asn1/base/buffer.js @@ -2,7 +2,7 @@ const inherits = require('inherits'); const Reporter = require('../base/reporter').Reporter; -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; function DecoderBuffer(base, options) { Reporter.call(this, options); @@ -127,7 +127,7 @@ EncoderBuffer.isEncoderBuffer = function isEncoderBuffer(data) { EncoderBuffer.prototype.join = function join(out, offset) { if (!out) - out = new Buffer(this.length); + out = Buffer.alloc(this.length); if (!offset) offset = 0; diff --git a/lib/asn1/decoders/pem.js b/lib/asn1/decoders/pem.js index 5e524fd..2b050ef 100644 --- a/lib/asn1/decoders/pem.js +++ b/lib/asn1/decoders/pem.js @@ -1,7 +1,7 @@ 'use strict'; const inherits = require('inherits'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; const DERDecoder = require('./der'); @@ -46,6 +46,6 @@ PEMDecoder.prototype.decode = function decode(data, options) { // Remove excessive symbols base64.replace(/[^a-z0-9+/=]+/gi, ''); - const input = new Buffer(base64, 'base64'); + const input = Buffer.from(base64, 'base64'); return DERDecoder.prototype.decode.call(this, input, options); }; diff --git a/lib/asn1/encoders/der.js b/lib/asn1/encoders/der.js index 7fc89f8..55eb435 100644 --- a/lib/asn1/encoders/der.js +++ b/lib/asn1/encoders/der.js @@ -1,7 +1,7 @@ 'use strict'; const inherits = require('inherits'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; const Node = require('../base/node'); // Import DER constants @@ -37,7 +37,7 @@ DERNode.prototype._encodeComposite = function encodeComposite(tag, // Short form if (content.length < 0x80) { - const header = new Buffer(2); + const header = Buffer.alloc(2); header[0] = encodedTag; header[1] = content.length; return this._createEncoderBuffer([ header, content ]); @@ -49,7 +49,7 @@ DERNode.prototype._encodeComposite = function encodeComposite(tag, for (let i = content.length; i >= 0x100; i >>= 8) lenOctets++; - const header = new Buffer(1 + 1 + lenOctets); + const header = Buffer.alloc(1 + 1 + lenOctets); header[0] = encodedTag; header[1] = 0x80 | lenOctets; @@ -63,7 +63,7 @@ DERNode.prototype._encodeStr = function encodeStr(str, tag) { if (tag === 'bitstr') { return this._createEncoderBuffer([ str.unused | 0, str.data ]); } else if (tag === 'bmpstr') { - const buf = new Buffer(str.length * 2); + const buf = Buffer.alloc(str.length * 2); for (let i = 0; i < str.length; i++) { buf.writeUInt16BE(str.charCodeAt(i), i * 2); } @@ -128,7 +128,7 @@ DERNode.prototype._encodeObjid = function encodeObjid(id, values, relative) { size++; } - const objid = new Buffer(size); + const objid = Buffer.alloc(size); let offset = objid.length - 1; for (let i = id.length - 1; i >= 0; i--) { let ident = id[i]; @@ -199,7 +199,7 @@ DERNode.prototype._encodeInt = function encodeInt(num, values) { if (!num.sign && numArray[0] & 0x80) { numArray.unshift(0); } - num = new Buffer(numArray); + num = Buffer.from(numArray); } if (Buffer.isBuffer(num)) { @@ -207,7 +207,7 @@ DERNode.prototype._encodeInt = function encodeInt(num, values) { if (num.length === 0) size++; - const out = new Buffer(size); + const out = Buffer.alloc(size); num.copy(out); if (num.length === 0) out[0] = 0; @@ -233,7 +233,7 @@ DERNode.prototype._encodeInt = function encodeInt(num, values) { out.unshift(0); } - return this._createEncoderBuffer(new Buffer(out)); + return this._createEncoderBuffer(Buffer.from(out)); }; DERNode.prototype._encodeBool = function encodeBool(value) { diff --git a/package-lock.json b/package-lock.json index 1f00a4a..204c59b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -414,9 +414,9 @@ } }, "esprima": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.0.tgz", - "integrity": "sha512-oftTcaMu/EGrEIu904mWteKIv8vMuOgGYo7EhVJJN00R/EED9DCua/xxHRdYnKtcECzVg7xOWhflvJMnqcFZjw==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", "dev": true }, "esquery": { @@ -725,9 +725,9 @@ "dev": true }, "js-yaml": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.11.0.tgz", - "integrity": "sha512-saJstZWv7oNeOyBh3+Dx1qWzhW0+e6/8eDzo7p5rDFqxntSztloLtuKu+Ejhtq82jsilwOIZYsCz+lIjthg1Hw==", + "version": "3.13.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz", + "integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==", "dev": true, "requires": { "argparse": "^1.0.7", @@ -757,9 +757,9 @@ } }, "lodash": { - "version": "4.17.10", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz", - "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg==", + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", "dev": true }, "lru-cache": { @@ -1094,8 +1094,7 @@ "safer-buffer": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", - "dev": true + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "semver": { "version": "5.5.0", diff --git a/package.json b/package.json index 8427730..647ed5e 100644 --- a/package.json +++ b/package.json @@ -30,6 +30,7 @@ "dependencies": { "bn.js": "^4.0.0", "inherits": "^2.0.1", - "minimalistic-assert": "^1.0.0" + "minimalistic-assert": "^1.0.0", + "safer-buffer": "^2.1.0" } } diff --git a/rfc/2560/test/basic-test.js b/rfc/2560/test/basic-test.js index 1bf30a9..923313a 100644 --- a/rfc/2560/test/basic-test.js +++ b/rfc/2560/test/basic-test.js @@ -4,11 +4,11 @@ const assert = require('assert'); const rfc2560 = require('..'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js RFC2560', function() { it('should decode OCSP response', function() { - const data = new Buffer( + const data = Buffer.from( '308201d40a0100a08201cd308201c906092b0601050507300101048201ba308201b630' + '819fa216041499e4405f6b145e3e05d9ddd36354fc62b8f700ac180f32303133313133' + '303037343531305a30743072304a300906052b0e03021a050004140226ee2f5fa28108' + @@ -58,8 +58,8 @@ describe('asn1.js RFC2560', function() { { reqCert: { hashAlgorithm: { algorithm: [ 1, 3, 14, 3, 2, 26 ] }, - issuerNameHash: new Buffer('01', 'hex'), - issuerKeyHash: new Buffer('02', 'hex'), + issuerNameHash: Buffer.from('01', 'hex'), + issuerKeyHash: Buffer.from('02', 'hex'), serialNumber: 0x2b } } @@ -68,7 +68,7 @@ describe('asn1.js RFC2560', function() { { extnID: [ 1, 3, 6, 1, 5, 5, 7, 48, 1, 2 ], critical: false, - extnValue: new Buffer('03', 'hex') + extnValue: Buffer.from('03', 'hex') } ] }; diff --git a/rfc/5280/test/basic-test.js b/rfc/5280/test/basic-test.js index 31ca86b..90ab583 100644 --- a/rfc/5280/test/basic-test.js +++ b/rfc/5280/test/basic-test.js @@ -6,7 +6,7 @@ const fs = require('fs'); const asn1 = require('../../../'); const rfc5280 = require('..'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js RFC5280', function() { @@ -48,7 +48,7 @@ describe('asn1.js RFC5280', function() { }); it('should decode AuthorityInfoAccess', function() { - const data = new Buffer('305a302b06082b06010505073002861f687474703a2f2f70' + + const data = Buffer.from('305a302b06082b06010505073002861f687474703a2f2f70' + '6b692e676f6f676c652e636f6d2f47494147322e63727430' + '2b06082b06010505073001861f687474703a2f2f636c6965' + '6e7473312e676f6f676c652e636f6d2f6f637370', @@ -60,7 +60,7 @@ describe('asn1.js RFC5280', function() { }); it('should decode directoryName in GeneralName', function() { - const data = new Buffer('a411300f310d300b06022a03160568656c6c6f', 'hex'); + const data = Buffer.from('a411300f310d300b06022a03160568656c6c6f', 'hex'); const name = rfc5280.GeneralName.decode(data, 'der'); assert.equal(name.type, 'directoryName'); @@ -124,7 +124,7 @@ describe('asn1.js RFC5280', function() { onlyContainsCACerts: false, indirectCRL: true, onlyContainsAttributeCerts: false, - onlySomeReasons: { unused: 0, data: new Buffer('asdf') } + onlySomeReasons: { unused: 0, data: Buffer.from('asdf') } }; data = rfc5280.IssuingDistributionPoint.encode(input); diff --git a/test/der-decode-test.js b/test/der-decode-test.js index 9d28754..7e4f5c9 100644 --- a/test/der-decode-test.js +++ b/test/der-decode-test.js @@ -4,7 +4,7 @@ const assert = require('assert'); const asn1 = require('..'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js DER decoder', function() { it('should propagate implicit tag', function() { @@ -20,7 +20,7 @@ describe('asn1.js DER decoder', function() { ); }); - const out = A.decode(new Buffer('300720050403313233', 'hex'), 'der'); + const out = A.decode(Buffer.from('300720050403313233', 'hex'), 'der'); assert.equal(out.a.b.toString(), '123'); }); @@ -31,7 +31,7 @@ describe('asn1.js DER decoder', function() { this.optional().key('opt').bool() ); }); - const out = A.decode(new Buffer('30030101ff', 'hex'), 'der'); + const out = A.decode(Buffer.from('30030101ff', 'hex'), 'der'); assert.deepEqual(out, { 'key': true }); }); @@ -42,14 +42,14 @@ describe('asn1.js DER decoder', function() { this.optional().key('opt').octstr().def('default') ); }); - const out = A.decode(new Buffer('30030101ff', 'hex'), 'der'); + const out = A.decode(Buffer.from('30030101ff', 'hex'), 'der'); assert.deepEqual(out, { 'key': true, 'opt': 'default' }); }); function test(name, model, inputHex, expected) { it(name, function() { const M = asn1.define('Model', model); - const decoded = M.decode(new Buffer(inputHex,'hex'), 'der'); + const decoded = M.decode(Buffer.from(inputHex,'hex'), 'der'); assert.deepEqual(decoded, expected); }); } @@ -69,7 +69,7 @@ describe('asn1.js DER decoder', function() { this.optional().use(B); }); - const out = A.decode(new Buffer('020101', 'hex'), 'der'); + const out = A.decode(Buffer.from('020101', 'hex'), 'der'); assert.equal(out.toString(10), '1'); }); @@ -81,7 +81,7 @@ describe('asn1.js DER decoder', function() { test('should decode objDesc', function() { this.objDesc(); - }, '0703323830', new Buffer('280')); + }, '0703323830', Buffer.from('280')); test('should decode bmpstr', function() { this.bmpstr(); @@ -108,7 +108,7 @@ describe('asn1.js DER decoder', function() { this.octstr().contains(B); }); - const out = A.decode(new Buffer('04053003020105', 'hex'), 'der'); + const out = A.decode(Buffer.from('04053003020105', 'hex'), 'der'); assert.equal(out.nested.toString(10), '5'); }); @@ -141,14 +141,14 @@ describe('asn1.js DER decoder', function() { ); }); - let out = A.decode(new Buffer( + let out = A.decode(Buffer.from( '3018300A30030201013003020102300A30030201033003020104', 'hex'), 'der'); assert.equal(out.test1[0].num.toString(10), 1); assert.equal(out.test1[1].num.toString(10), 2); assert.equal(out.test2[0].num.toString(10), 3); assert.equal(out.test2[1].num.toString(10), 4); - out = A.decode(new Buffer('300C300A30030201013003020102', 'hex'), 'der'); + out = A.decode(Buffer.from('300C300A30030201013003020102', 'hex'), 'der'); assert.equal(out.test1[0].num.toString(10), 1); assert.equal(out.test1[1].num.toString(10), 2); assert.equal(out.test2, undefined); @@ -161,7 +161,7 @@ describe('asn1.js DER decoder', function() { }); }); // Note no decoder specified, defaults to 'der' - const decoded = M.decode(new Buffer('0101ff', 'hex')); + const decoded = M.decode(Buffer.from('0101ff', 'hex')); assert.deepEqual(decoded, { 'type': 'apple', 'value': true }); }); }); diff --git a/test/der-encode-test.js b/test/der-encode-test.js index b94174c..6a6534d 100644 --- a/test/der-encode-test.js +++ b/test/der-encode-test.js @@ -5,7 +5,7 @@ const assert = require('assert'); const asn1 = require('..'); const BN = require('bn.js'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js DER encoder', function() { /* @@ -29,13 +29,13 @@ describe('asn1.js DER encoder', function() { let Model, derActual; Model = asn1.define('Model', model_definition); derActual = Model.encode(model_value, 'der'); - assert.deepEqual(derActual, new Buffer(der_expected,'hex')); + assert.deepEqual(derActual, Buffer.from(der_expected,'hex')); }); } test('should encode objDesc', function() { this.objDesc(); - }, new Buffer('280'), '0703323830'); + }, Buffer.from('280'), '0703323830'); test('should encode choice', function() { this.choice({ @@ -146,6 +146,6 @@ describe('asn1.js DER encoder', function() { }); // Note no encoder specified, defaults to 'der' const encoded = M.encode({ 'type': 'apple', 'value': true }); - assert.deepEqual(encoded, new Buffer('0101ff', 'hex')); + assert.deepEqual(encoded, Buffer.from('0101ff', 'hex')); }); }); diff --git a/test/error-test.js b/test/error-test.js index eb6bc22..d4985ee 100644 --- a/test/error-test.js +++ b/test/error-test.js @@ -7,7 +7,7 @@ const bn = asn1.bignum; const fixtures = require('./fixtures'); const jsonEqual = fixtures.jsonEqual; -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js error', function() { describe('encoder', function() { @@ -104,13 +104,13 @@ describe('asn1.js error', function() { let error; assert.throws(function() { try { - const decoded = M.decode(new Buffer(input, 'hex'), 'der'); + const decoded = M.decode(Buffer.from(input, 'hex'), 'der'); } catch (e) { error = e; throw e; } }); - const partial = M.decode(new Buffer(input, 'hex'), 'der', { + const partial = M.decode(Buffer.from(input, 'hex'), 'der', { partial: true }); @@ -181,7 +181,7 @@ describe('asn1.js error', function() { it('should support ' + name, function() { const M = asn1.define('TestModel', model); - const decoded = M.decode(new Buffer(input, 'hex'), 'der', { + const decoded = M.decode(Buffer.from(input, 'hex'), 'der', { partial: true }); diff --git a/test/pem-test.js b/test/pem-test.js index 4bbec9b..05afc8b 100644 --- a/test/pem-test.js +++ b/test/pem-test.js @@ -5,7 +5,7 @@ const assert = require('assert'); const asn1 = require('..'); const BN = require('bn.js'); -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js PEM encoder/decoder', function() { const model = asn1.define('Model', function() { @@ -16,8 +16,7 @@ describe('asn1.js PEM encoder/decoder', function() { ); }); - const hundred = new Buffer(100); - hundred.fill('A'); + const hundred = Buffer.alloc(100, 'A'); it('should encode PEM', function() { diff --git a/test/ping-pong-test.js b/test/ping-pong-test.js index 23b1874..7c8dd61 100644 --- a/test/ping-pong-test.js +++ b/test/ping-pong-test.js @@ -6,7 +6,7 @@ const asn1 = require('..'); const fixtures = require('./fixtures'); const jsonEqual = fixtures.jsonEqual; -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js ping/pong', function() { function test(name, model, input, expected) { @@ -30,15 +30,15 @@ describe('asn1.js ping/pong', function() { test('octstr', function() { this.octstr(); - }, new Buffer('hello')); + }, Buffer.from('hello')); test('objDesc', function() { this.objDesc() - }, new Buffer('hello')); + }, Buffer.from('hello')); test('bitstr', function() { this.bitstr(); - }, { unused: 4, data: new Buffer('hello!') }); + }, { unused: 4, data: Buffer.from('hello!') }); test('ia5str', function() { this.ia5str(); @@ -100,7 +100,7 @@ describe('asn1.js ping/pong', function() { test('any', function() { this.any(); - }, new Buffer('02210081347a0d3d674aeeb563061d94a3aea5f6a7' + + }, Buffer.from('02210081347a0d3d674aeeb563061d94a3aea5f6a7' + 'c6dc153ea90a42c1ca41929ac1b9', 'hex')); test('default explicit', function() { @@ -164,7 +164,7 @@ describe('asn1.js ping/pong', function() { this.seq().obj( this.key('content').optional().any() ); - }, { content: new Buffer('0500', 'hex') }); + }, { content: Buffer.from('0500', 'hex') }); test('seqof', function() { const S = asn1.define('S', function() { diff --git a/test/use-test.js b/test/use-test.js index 03bab57..a430b2f 100644 --- a/test/use-test.js +++ b/test/use-test.js @@ -7,7 +7,7 @@ const bn = asn1.bignum; const fixtures = require('./fixtures'); const jsonEqual = fixtures.jsonEqual; -const Buffer = require('buffer').Buffer; +const Buffer = require('safer-buffer').Buffer; describe('asn1.js models', function() { describe('plain use', function() { @@ -24,7 +24,7 @@ describe('asn1.js models', function() { ); }); - const data = {a: new bn(1), sub: {b: new Buffer("XXX")}}; + const data = {a: new bn(1), sub: {b: Buffer.from("XXX")}}; const wire = Model.encode(data, 'der'); assert.equal(wire.toString('hex'), '300a02010130050403585858'); const back = Model.decode(wire, 'der'); @@ -44,7 +44,7 @@ describe('asn1.js models', function() { ); }); - const data = {a: new bn(1), sub: {x: new Buffer("123")}}; + const data = {a: new bn(1), sub: {x: Buffer.from("123")}}; const wire = Model.encode(data, 'der'); assert.equal(wire.toString('hex'), '300a020101a0050403313233'); const back = Model.decode(wire, 'der'); @@ -64,7 +64,7 @@ describe('asn1.js models', function() { ); }); - const data = {a: new bn(1), sub: {x: new Buffer("123")}}; + const data = {a: new bn(1), sub: {x: Buffer.from("123")}}; const wire = Model.encode(data, 'der'); assert.equal(wire.toString('hex'), '300c020101a00730050403313233'); const back = Model.decode(wire, 'der'); @@ -88,7 +88,7 @@ describe('asn1.js models', function() { ); }); - const data = {a: new bn(1), sub: {x: new Buffer("123")}}; + const data = {a: new bn(1), sub: {x: Buffer.from("123")}}; const wire = Model.encode(data, 'der'); assert.equal(wire.toString('hex'), '300a02010130050403313233'); const back = Model.decode(wire, 'der');