Skip to content

Commit

Permalink
1.3.10
Browse files Browse the repository at this point in the history
  • Loading branch information
braintreeps committed Jun 23, 2014
1 parent d83ac7d commit 551358c
Show file tree
Hide file tree
Showing 8 changed files with 34 additions and 25 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
== 1.3.10

* Update to latest jsbn to fix global variable leak (issue #11)

== 1.3.9

* Fix issue #14 in safari where an svg element in a form would prevent submission. Thanks to @oveddan (Dan Oved) for the fix (pull request #15)
Expand Down
2 changes: 1 addition & 1 deletion LICENSE
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Copyright (c) 2009-2013 Braintree Payment Solutions
Copyright (c) 2009-2014 Braintree, a division of PayPal, Inc.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

Expand Down
2 changes: 1 addition & 1 deletion build/minified_header.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*!
* Braintree End-to-End Encryption Library
* https://www.braintreepayments.com
* Copyright (c) 2009-2013 Braintree Payment Solutions
* Copyright (c) 2009-2014 Braintree, a division of PayPal, Inc.
*
* JSBN
* Copyright (c) 2005 Tom Wu
Expand Down
11 changes: 8 additions & 3 deletions lib/braintree.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

var Braintree = {
sjcl: sjcl,
version: "1.3.9"
version: "1.3.10"
};

Braintree.generateAesKey = function () {
Expand Down Expand Up @@ -148,8 +148,13 @@ Braintree.EncryptionClient = function (publicKey) {
signature = hmac.sign(sjcl.codec.base64.toBits(ciphertext)),
combinedKey = sjcl.bitArray.concat(aes.key, hmac.key),
encodedKey = sjcl.codec.base64.fromBits(combinedKey),
encryptedKey = rsa.encrypt_b64(encodedKey),
prefix = "$bt4|javascript_" + self.version.replace(/\./g, "_") + "$";
hexEncryptedKey = rsa.encrypt(encodedKey),
prefix = "$bt4|javascript_" + self.version.replace(/\./g, "_") + "$",
encryptedKey = null;

if(hexEncryptedKey) {
encryptedKey = hex2b64(hexEncryptedKey);
}

return prefix + encryptedKey + "$" + ciphertext + "$" + signature;
};
Expand Down
9 changes: 5 additions & 4 deletions lib/jsbn/base64.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
var b64map="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
var b64pad="=";
var b64padchar="=";

function hex2b64(h) {
var i;
Expand All @@ -17,18 +17,19 @@ function hex2b64(h) {
c = parseInt(h.substring(i,i+2),16);
ret += b64map.charAt(c >> 2) + b64map.charAt((c & 3) << 4);
}
while((ret.length & 3) > 0) ret += b64pad;
while((ret.length & 3) > 0) ret += b64padchar;
return ret;
}

// convert a base64 string to hex
function b64tohex(s) {
var ret = ""
var ret = "";
var i;
var k = 0; // b64 state, 0-3
var slop;
var v;
for(i = 0; i < s.length; ++i) {
if(s.charAt(i) == b64pad) break;
if(s.charAt(i) == b64padchar) break;
v = b64map.indexOf(s.charAt(i));
if(v < 0) continue;
if(k == 0) {
Expand Down
2 changes: 1 addition & 1 deletion lib/jsbn/jsbn.js
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ function bnpFromInt(x) {
this.t = 1;
this.s = (x<0)?-1:0;
if(x > 0) this[0] = x;
else if(x < -1) this[0] = x+DV;
else if(x < -1) this[0] = x+this.DV;
else this.t = 0;
}

Expand Down
15 changes: 7 additions & 8 deletions lib/jsbn/rsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,7 @@ function byte2Hex(b) {
// PKCS#1 (type 2, random) pad input string s to n bytes, and return a bigint
function pkcs1pad2(s,n) {
if(n < s.length + 11) { // TODO: fix for utf-8
alert("Message too long for RSA");
return null;
throw new Error("Message too long for RSA");
}
var ba = new Array();
var i = s.length - 1;
Expand Down Expand Up @@ -86,7 +85,7 @@ function RSASetPublic(N,E) {
this.e = parseInt(E,16);
}
else
alert("Invalid RSA public key");
throw new Error("Invalid RSA public key");
}

// Perform raw public operation on "x": return x^e (mod n)
Expand All @@ -105,15 +104,15 @@ function RSAEncrypt(text) {
}

// Return the PKCS#1 RSA encryption of "text" as a Base64-encoded string
function RSAEncryptB64(text) {
var h = this.encrypt(text);
if(h) return hex2b64(h); else return null;
}
//function RSAEncryptB64(text) {
// var h = this.encrypt(text);
// if(h) return hex2b64(h); else return null;
//}

// protected
RSAKey.prototype.doPublic = RSADoPublic;

// public
RSAKey.prototype.setPublic = RSASetPublic;
RSAKey.prototype.encrypt = RSAEncrypt;
RSAKey.prototype.encrypt_b64 = RSAEncryptB64;
//RSAKey.prototype.encrypt_b64 = RSAEncryptB64;
14 changes: 7 additions & 7 deletions spec/infrastructure/rsa2.js
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ function RSASetPrivate(N,E,D) {
this.d = parseBigInt(D,16);
}
else
alert("Invalid RSA private key");
throw new Error("Invalid RSA private key");
}

// Set the private key fields N, e, d and CRT params from hex strings
Expand All @@ -54,7 +54,7 @@ function RSASetPrivateEx(N,E,D,P,Q,DP,DQ,C) {
this.coeff = parseBigInt(C,16);
}
else
alert("Invalid RSA private key");
throw new Error("Invalid RSA private key");
}

// Generate a new random private key B bits long, using public expt E
Expand Down Expand Up @@ -116,10 +116,10 @@ function RSADecrypt(ctext) {

// Return the PKCS#1 RSA decryption of "ctext".
// "ctext" is a Base64-encoded string and the output is a plain string.
function RSAB64Decrypt(ctext) {
var h = b64tohex(ctext);
if(h) return this.decrypt(h); else return null;
}
//function RSAB64Decrypt(ctext) {
// var h = b64tohex(ctext);
// if(h) return this.decrypt(h); else return null;
//}

// protected
RSAKey.prototype.doPrivate = RSADoPrivate;
Expand All @@ -129,4 +129,4 @@ RSAKey.prototype.setPrivate = RSASetPrivate;
RSAKey.prototype.setPrivateEx = RSASetPrivateEx;
RSAKey.prototype.generate = RSAGenerate;
RSAKey.prototype.decrypt = RSADecrypt;
RSAKey.prototype.b64_decrypt = RSAB64Decrypt;
//RSAKey.prototype.b64_decrypt = RSAB64Decrypt;

0 comments on commit 551358c

Please sign in to comment.