97 lines
4.2 KiB
JSON
97 lines
4.2 KiB
JSON
{
|
|
"_args": [
|
|
[
|
|
{
|
|
"raw": "tsscmp@1.0.5",
|
|
"scope": null,
|
|
"escapedName": "tsscmp",
|
|
"name": "tsscmp",
|
|
"rawSpec": "1.0.5",
|
|
"spec": "1.0.5",
|
|
"type": "version"
|
|
},
|
|
"/Volumes/2009-SSD/GT2/GT2-iOS/node_modules/csrf"
|
|
]
|
|
],
|
|
"_from": "tsscmp@1.0.5",
|
|
"_id": "tsscmp@1.0.5",
|
|
"_inCache": true,
|
|
"_location": "/tsscmp",
|
|
"_nodeVersion": "5.6.0",
|
|
"_npmOperationalInternal": {
|
|
"host": "packages-16-east.internal.npmjs.com",
|
|
"tmp": "tmp/tsscmp-1.0.5.tgz_1464226502956_0.48576042777858675"
|
|
},
|
|
"_npmUser": {
|
|
"name": "suryagh",
|
|
"email": "surya.com@gmail.com"
|
|
},
|
|
"_npmVersion": "3.6.0",
|
|
"_phantomChildren": {},
|
|
"_requested": {
|
|
"raw": "tsscmp@1.0.5",
|
|
"scope": null,
|
|
"escapedName": "tsscmp",
|
|
"name": "tsscmp",
|
|
"rawSpec": "1.0.5",
|
|
"spec": "1.0.5",
|
|
"type": "version"
|
|
},
|
|
"_requiredBy": [
|
|
"/csrf"
|
|
],
|
|
"_resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.5.tgz",
|
|
"_shasum": "7dc4a33af71581ab4337da91d85ca5427ebd9a97",
|
|
"_shrinkwrap": null,
|
|
"_spec": "tsscmp@1.0.5",
|
|
"_where": "/Volumes/2009-SSD/GT2/GT2-iOS/node_modules/csrf",
|
|
"author": {
|
|
"name": "suryagh"
|
|
},
|
|
"bugs": {
|
|
"url": "https://github.com/suryagh/tsscmp/issues"
|
|
},
|
|
"dependencies": {},
|
|
"description": "Timing safe string compare using double HMAC",
|
|
"devDependencies": {},
|
|
"directories": {},
|
|
"dist": {
|
|
"shasum": "7dc4a33af71581ab4337da91d85ca5427ebd9a97",
|
|
"tarball": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.5.tgz"
|
|
},
|
|
"engines": {
|
|
"node": ">=0.6.x"
|
|
},
|
|
"gitHead": "095fb02b3e6102cbd1d2bdc9613e3da54e782f59",
|
|
"homepage": "https://github.com/suryagh/tsscmp#readme",
|
|
"keywords": [
|
|
"timing safe string compare",
|
|
"double hmac string compare",
|
|
"safe string compare",
|
|
"hmac"
|
|
],
|
|
"license": "MIT",
|
|
"main": "lib/index.js",
|
|
"maintainers": [
|
|
{
|
|
"name": "suryagh",
|
|
"email": "surya.com@gmail.com"
|
|
}
|
|
],
|
|
"name": "tsscmp",
|
|
"optionalDependencies": {},
|
|
"publishConfig": {
|
|
"registry": "https://registry.npmjs.org"
|
|
},
|
|
"readme": "# Timing safe string compare using double HMAC\n\n[](https://nodejs.org/en/download)\n[](https://npmjs.org/package/tsscmp)\n[](https://npmjs.org/package/tsscmp)\n[](https://travis-ci.org/suryagh/tsscmp)\n[](https://ci.appveyor.com/project/suryagh/tsscmp)\n[](https://david-dm.org/suryagh/tsscmp)\n[](LICENSE)\n\n\nPrevents [timing attacks](http://codahale.com/a-lesson-in-timing-attacks/) using Brad Hill's\n[Double HMAC pattern](https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/february/double-hmac-verification/)\nto perform secure string comparison. Double HMAC avoids the timing atacks by blinding the\ntiming channel using random time per attempt comparison against iterative brute force attacks.\n\n\n## Install\n\n```\nnpm install tsscmp\n```\n## Why\nTo compare secret values like **authentication tokens**, **passwords** or\n**capability urls** so that timing information is not\nleaked to the attacker.\n\n## Example\n\n```js\nvar timingSafeCompare = require('tsscmp');\n\nvar sessionToken = '127e6fbfe24a750e72930c';\nvar givenToken = '127e6fbfe24a750e72930c';\n\nif (timingSafeCompare(sessionToken, givenToken)) {\n console.log('good token');\n} else {\n console.log('bad token');\n}\n```\n##License: \n[MIT](LICENSE)\n\n**Credits to:** [@jsha](https://github.com/jsha) |\n[@bnoordhuis](https://github.com/bnoordhuis) |\n[@suryagh](https://github.com/suryagh) |\n ",
|
|
"readmeFilename": "README.md",
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "git+https://github.com/suryagh/tsscmp.git"
|
|
},
|
|
"scripts": {
|
|
"test": "node test/unit && node test/benchmark"
|
|
},
|
|
"version": "1.0.5"
|
|
}
|