Installations

npm install node-aes-cmac

Developer Guide

BETA

Typescript

No

Module System

CommonJS

NPM Version

1.4.14 Score

75.1

Supply Chain

89.7

Quality

75.1

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

1

Total

1

Closed

0

Issues

Open

0

Total

1

Closed

1

Releases

Unable to fetch releases

Contributors

1

Unable to fetch Contributors

View all 1 contributors

Languages

1

JavaScript

JavaScript (100%)

Developer

allan-stewart

Download Statistics

Total Downloads

372,066

Last Day

37

Last Week

849

Last Month

6,673

Last Year

71,564

GitHub Statistics

14 Stars

20 Commits

11 Forks

1 Watching

1 Branches

1 Contributors

Maintainers

1

Package Meta Information

Latest Version

0.1.1

Package Id

node-aes-cmac@0.1.1

Size

6.77 kB

NPM Version

1.4.14

Publised On

12 Nov 2014

Total Downloads

Cumulative downloads

Total Downloads

372,066

Last day

-79.2%

37

Compared to previous day

Last week

-30.9%

849

Compared to previous week

Last month

-33.4%

6,673

Compared to previous month

Last year

-7.8%

71,564

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

1

mocha

Versions

node-aes-cmac

A pure Node.js implementation of the AES-CMAC algorithm per NIST Special Publication 800-38B and (RFC 4493). This algorithm creates a cryptographic message authentication code (CMAC) from a given message using the AES cipher with 128, 192, and 256 bit keys.

Why?

At work we had a need to run AES-CMAC from Node.js. A coworker created an implementation which uses a C++ addon which wrapped Crypto++, but unfortunately the module was only known to build correctly on Ubuntu. OS X support was added through some further hacking, but Windows support was extremely difficult.

Searching the web yielded no alternatives, so I started this project with a goal to create an AES-CMAC implementation to share with the Node.js community which would be easy to use on OS X, Windows, and Linux.

Currently the project only uses the built-in cryptographic functions provided by Node.js and avoids using C/C++ addons. This was a conscious trade-off favoring simplicity over raw performance.

Installation

npm install node-aes-cmac

Usage

The module exposes a single method: aesCmac(key, message[, options])

Arguments

key - (string | Buffer) the cryptographic key to use for the operation. Must be 128, 192, or 256 bits in length.
message - (string | Buffer) the message.
options - (object optional) a set of extra options to pass into the method:
- returnAsBuffer - (boolean) set to true to get the returned CMAC as a Buffer instead of a string. Defaults to false.

Return Value

The method normally returns the CMAC as a lowercase hexadecimal string. It can also return a Buffer if the returnAsBuffer option is set to true.

Example

1var aesCmac = require('node-aes-cmac').aesCmac;
2
3// Simple example.
4var key = 'k3Men*p/2.3j4abB';
5var message = 'this|is|a|test|message';
6var cmac = aesCmac(key, message);
7// cmac will be: '0125c538f8be7c4eea370f992a4ffdcb'
8
9// Example with buffers.
10var bufferKey = new Buffer('6b334d656e2a702f322e336a34616242', 'hex');
11var bufferMessage = new Buffer('this|is|a|test|message');
12var options = {returnAsBuffer: true};
13cmac = aesCmac(bufferKey, bufferMessage, options);
14// cmac will be a Buffer containing:
15// <01 25 c5 38 f8 be 7c 4e ea 37 0f 99 2a 4f fd cb>

License

This code is provided under an MIT license. See the LICENSE file for full details.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

0

SAST

Determines if the project uses static code analysis.

0

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

Score

3

/10

Last Scanned on 2024-12-23

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More