chore: update license in package.json, bump version

.github/workflows/CI.yml

@@ -1,23 +0,0 @@
-name: CI
-
-on:
-  push:
-    branches: [ main, master ]
-  pull_request:
-    branches: [ main, master ]
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node: [ 18, 20, 22 ]
-    name: Node.js ${{ matrix.node }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup node
-        uses: actions/setup-node@v4
-        with:
-          node-version: ${{ matrix.node }}
-      - run: npm ci
-      - run: npm test

.travis.yml

@@ -1,8 +1,8 @@
 language: node_js
 node_js:
-  - "16" # maintance lts
+  - "8"
-  - "17"
+  - "9"
-  - "18" # active lts
+  - "10"
-  - "19"
+  - "11"
-  - "20" # current
+  - "12"
 after_success: npm run coverage

CHANGELOG.md

@@ -1,27 +1,5 @@
 ### Changelog
 
-#### [v4.2.0]
-
-- feat: update dependencies [`a03ec22`](https://github.com/node-ebics/node-ebics-client/commit/a03ec2283fdd3dcf750c5ed448f0195d92c5c9f0)
-- chore: Update dev dependency libxmljs [`3a8dc1d`](https://github.com/node-ebics/node-ebics-client/commit/3a8dc1da0bac20a6f25a687da0a783f3b52d5163)
-- feat: replace <request> with <rock-req> [`b6b2751`](https://github.com/node-ebics/node-ebics-client/commit/b6b27516d5854b38dcdbe56f23967001f844e631)
-
-#### [v4.0.0](https://github.com/node-ebics/node-ebics-client/compare/v3.0.0...v0.4.0)
-
-- Add CI [`#75`](https://github.com/node-ebics/node-ebics-client/pull/75)
-
-- feat: update dependencies [`a03ec22`](https://github.com/node-ebics/node-ebics-client/commit/a03ec2283fdd3dcf750c5ed448f0195d92c5c9f0)
-- chore: Update dev dependency libxmljs [`3a8dc1d`](https://github.com/node-ebics/node-ebics-client/commit/3a8dc1da0bac20a6f25a687da0a783f3b52d5163)
-- feat: replace <request> with <rock-req> [`b6b2751`](https://github.com/node-ebics/node-ebics-client/commit/b6b27516d5854b38dcdbe56f23967001f844e631)
-
-### [v3.0.0](https://github.com/node-ebics/node-ebics-client/compare/v0.2.1...v3.0.0)
-
-> 4 August 2022
-
-- Update LICENSE [`7520a56`](https://github.com/node-ebics/node-ebics-client/commit/7520a56be8ba446d3466c6dc9202b1d65ea3396f)
-- changelog [`fe0f585`](https://github.com/node-ebics/node-ebics-client/commit/fe0f585b277c390415841a343aa86d4533997057)
-- chore: update license in package.json, bump version [`b46b214`](https://github.com/node-ebics/node-ebics-client/commit/b46b214e57cf1b4e30455da306b26b3a06dc8a5f)
-
 #### [v0.2.1](https://github.com/node-ebics/node-ebics-client/compare/v0.2.0...v0.2.1)
 
 > 30 March 2021
@@ -106,43 +84,38 @@
 
 #### [v0.1.1](https://github.com/node-ebics/node-ebics-client/compare/v0.1.0...v0.1.1)
 
-> 7 November 2019
+> 5 November 2019
 
 - chore: update license [`9aabe93`](https://github.com/node-ebics/node-ebics-client/commit/9aabe933e91b506ea38820b952ce8e5e58b4c2ff)
 
-#### [v0.1.0](https://github.com/node-ebics/node-ebics-client/compare/v0.0.36...v0.1.0)
+#### [v0.1.0](https://github.com/node-ebics/node-ebics-client/compare/v0.0.8...v0.1.0)
 
 > 5 November 2019
 
 - Feat: handle unsual exponent migrate to node-forge [`#16`](https://github.com/node-ebics/node-ebics-client/pull/16)
 - Add order generation tests and fix linting [`#15`](https://github.com/node-ebics/node-ebics-client/pull/15)
 - test script run mocha [`#14`](https://github.com/node-ebics/node-ebics-client/pull/14)
-- chore: readme maintenance [`#11`](https://github.com/node-ebics/node-ebics-client/pull/11)
-- Provide examples [`#10`](https://github.com/node-ebics/node-ebics-client/pull/10)
-- * Add Z53 order type [`#7`](https://github.com/node-ebics/node-ebics-client/pull/7)
-- remove eCollect from constant and minor verbose error handeling [`#2`](https://github.com/node-ebics/node-ebics-client/pull/2)
-- add iso pain format XCT order type [`#1`](https://github.com/node-ebics/node-ebics-client/pull/1)
-- remove eCollect from constant and minor verbose error handaling [`#4`](https://github.com/node-ebics/node-ebics-client/pull/4)
-- add iso pain format XCT order type [`#5`](https://github.com/node-ebics/node-ebics-client/pull/5)
-- Fix parsing of the bank keys in the HPB response [`#3`](https://github.com/node-ebics/node-ebics-client/pull/3)
 
 - feat: prepare order generation tests [`e40f79c`](https://github.com/node-ebics/node-ebics-client/commit/e40f79cee68a194272c93f07e763175b213a77a1)
-- Major changes. Separating responsibilities. Orders builder, serializer. [`ff9a3a1`](https://github.com/node-ebics/node-ebics-client/commit/ff9a3a16b47d0a25674134c875bfd651995837e4)
+- chore: cleanup [`0c01420`](https://github.com/node-ebics/node-ebics-client/commit/0c01420c1e14992a4169098ccd47cd196b899f06)
-- code optimization [`1876360`](https://github.com/node-ebics/node-ebics-client/commit/187636019c290d757aca77d4c14fb4f2519acd38)
 
 #### [v0.0.36](https://github.com/node-ebics/node-ebics-client/compare/v0.0.35...v0.0.36)
 
-> 7 November 2019
+> 1 June 2018
 
 - various modular fixes [`8492d94`](https://github.com/node-ebics/node-ebics-client/commit/8492d940542f61b17aa3a2da7de23f6539ffaad5)
 
-#### [v0.0.35](https://github.com/node-ebics/node-ebics-client/compare/v0.0.8...v0.0.35)
+#### [v0.0.35](https://github.com/node-ebics/node-ebics-client/compare/v0.0.3...v0.0.35)
 
-> 7 November 2019
+> 31 May 2018
+
+- update License to GPL v3 [`babcf76`](https://github.com/node-ebics/node-ebics-client/commit/babcf76b61af6eb737ab291a301e71bb84621820)
+- Add MGF1.js file - mask generation utility class [`7e6e2ff`](https://github.com/node-ebics/node-ebics-client/commit/7e6e2ff142688b0c453369fa7137b49e8b89cd81)
+- Add sign, _emsaPSS and _modPowe methods in Key.js file [`5ace213`](https://github.com/node-ebics/node-ebics-client/commit/5ace2137231af9a3563ab31fa0f70fbdf4b148cb)
 
 #### [v0.0.8](https://github.com/node-ebics/node-ebics-client/compare/v0.0.7...v0.0.8)
 
-> 7 November 2019
+> 8 October 2019
 
 - chore: readme maintenance [`#11`](https://github.com/node-ebics/node-ebics-client/pull/11)
 - Provide examples [`#10`](https://github.com/node-ebics/node-ebics-client/pull/10)
@@ -153,7 +126,7 @@
 
 #### [v0.0.7](https://github.com/node-ebics/node-ebics-client/compare/v0.0.6...v0.0.7)
 
-> 7 November 2019
+> 2 August 2019
 
 - * Add Z53 order type [`#7`](https://github.com/node-ebics/node-ebics-client/pull/7)
 - remove eCollect from constant and minor verbose error handeling [`#2`](https://github.com/node-ebics/node-ebics-client/pull/2)
@@ -165,7 +138,7 @@
 
 #### [v0.0.6](https://github.com/node-ebics/node-ebics-client/compare/v0.0.5...v0.0.6)
 
-> 7 November 2019
+> 24 July 2019
 
 - remove eCollect from constant and minor verbose error handaling [`#4`](https://github.com/node-ebics/node-ebics-client/pull/4)
 - add iso pain format XCT order type [`#5`](https://github.com/node-ebics/node-ebics-client/pull/5)
@@ -175,24 +148,24 @@
 
 #### [v0.0.5](https://github.com/node-ebics/node-ebics-client/compare/v0.0.4...v0.0.5)
 
-> 7 November 2019
+> 28 June 2019
 
 - Fix parsing of the bank keys in the HPB response [`#3`](https://github.com/node-ebics/node-ebics-client/pull/3)
 
 - tc for bank keys parsing error [`c571ef1`](https://github.com/node-ebics/node-ebics-client/commit/c571ef181bca2e0cbec70bc6df53c706acd6c829)
 - #2 corrected bank keys parsing [`5f0b6cd`](https://github.com/node-ebics/node-ebics-client/commit/5f0b6cd3747c4613920d2f71f3c04ce13225d397)
 
-#### [v0.0.4](https://github.com/node-ebics/node-ebics-client/compare/v0.0.3...v0.0.4)
+#### [v0.0.4](https://github.com/node-ebics/node-ebics-client/compare/v0.0.36...v0.0.4)
 
 > 3 September 2018
 
 - Major changes. Separating responsibilities. Orders builder, serializer. [`ff9a3a1`](https://github.com/node-ebics/node-ebics-client/commit/ff9a3a16b47d0a25674134c875bfd651995837e4)
 - code optimization [`1876360`](https://github.com/node-ebics/node-ebics-client/commit/187636019c290d757aca77d4c14fb4f2519acd38)
-- various modular fixes [`8492d94`](https://github.com/node-ebics/node-ebics-client/commit/8492d940542f61b17aa3a2da7de23f6539ffaad5)
+- client and order optimization [`9454992`](https://github.com/node-ebics/node-ebics-client/commit/945499290a8698aed504b573019de2c23148006a)
 
 #### v0.0.3
 
-> 7 November 2019
+> 17 May 2018
 
 - initial commit [`1f947ff`](https://github.com/node-ebics/node-ebics-client/commit/1f947ff1480c522f89fa1f547581b55e2378d920)
 - Initial commit [`cd37de3`](https://github.com/node-ebics/node-ebics-client/commit/cd37de3895e32a61798c79ce3a6447e2f269019d)

README.md

@@ -15,55 +15,30 @@
 <a href='https://coveralls.io/github/eCollect/node-ebics-client?branch=master' title="Coverage Status"><img src='https://coveralls.io/repos/github/eCollect/node-ebics-client/badge.svg?branch=master' alt='Coverage Status' /></a>
 </p>
 
-Pure Node.js (>= 16) implementation of [EBICS](https://en.wikipedia.org/wiki/Electronic_Banking_Internet_Communication_Standard) (Electronic Banking Internet Communication).
+Pure node.js ( >=8 ) implementation of [EBICS](https://en.wikipedia.org/wiki/Electronic_Banking_Internet_Communication_Standard) ( Electronic Banking Internet Communication ).
 
-The client is aimed to be 100% [ISO 20022](https://www.iso20022.org) compliant, and supports the complete initializations process (INI, HIA, HPB orders) and HTML letter generation.
+The client is aimed to be 100% [ISO 20022](https://www.iso20022.org) compliant, and supports the complete initializations process ( INI, HIA, HPB orders ) and HTML letter generation.
 
-## Usage
-
-For examples on how to use this library, take a look at the [examples](https://github.com/node-ebics/node-ebics-client/tree/master/examples).
-
-### A note on recent Node.js versions
-
-The latest Node.js versions don't support `RSA_PKCS1_PADDING` for private decryption for security reasons, throwing an error like _TypeError: RSA_PKCS1_PADDING is no longer supported for private decryption, this can be reverted with --security-revert=CVE-2023-46809_.
-
-EBICS requires this mode, so in order for this library to work, add the following parameter when starting Node.js: `--security-revert=CVE-2023-46809`
-
-### Initialization
-
-1. Create a configuration (see [example configs](https://github.com/node-ebics/node-ebics-client/tree/master/examples/config)) with the EBICS credentials you received from your bank and name it in this schema: `config.<environment>.<bank>[.<entity>].json` (the entity is optional).
-
-    - The fields `url`, `partnerId`, `userId`, `hostId` are provided by your bank.
-    - The `passphrase` is used to encrypt the keys file, which will be stored at the `storageLocation`.
-    - The `bankName` and `bankShortName` are used internally for creating files and identifying the bank to you.
-    - The `languageCode` is used when creating the Initialization Letter and can be either `de`, `en`, or `fr`.
-    - You can chose any environment, bank and, optionally, entity name. Entities are useful if you have multiple EBICS users for the same bank account.
-
-2. Run `node examples/initialize.js <environment> <bank> [entity]` to generate your key pair and perform the INI and HIA orders (ie. send the public keys to your bank)  
-   The generated keys are stored in the file specified in your config and encrypted with the specified passphrase.
-3. Run `node examples/bankLetter.js <environment> <bank> [entity]` to generate the Initialization Letter
-4. Print the letter, sign it and send it to your bank. Wait for them to activate your EBICS account.
-5. Download the bank keys by running `node examples/save-bank-keys.js <environment> <bank> [entity]`
-
-If all these steps were executed successfully, you can now do all things EBICS, like fetching bank statements by running `node examples/send-sta-order.js <environment> <bank> [entity]`, or actually use this library in your custom banking applications.
 
 ## Supported Banks
-
 The client is currently tested and verified to work with the following banks:
 
--   [Credit Suisse (Schweiz) AG](https://www.credit-suisse.com/ch/en.html)
+* [Credit Suisse (Schweiz) AG](https://www.credit-suisse.com/ch/en.html)
--   [Zürcher Kantonalbank](https://www.zkb.ch/en/lg/ew.html)
+* [Zürcher Kantonalbank](https://www.zkb.ch/en/lg/ew.html)
--   [Raiffeisen Schweiz](https://www.raiffeisen.ch/rch/de.html)
+* [Raiffeisen Schweiz](https://www.raiffeisen.ch/rch/de.html)
--   [BW Bank](https://www.bw-bank.de/de/home.html)
+* [BW Bank](https://www.bw-bank.de/de/home.html)
--   [Bank GPB International S.A.](https://gazprombank.lu/e-banking)
+* [Bank GPB International S.A.](https://gazprombank.lu/e-banking)
--   [Bank GPB AO](https://gazprombank.ru/)
+* [Bank GPB AO](https://gazprombank.ru/)
--   [J.P. Morgan](https://www.jpmorgan.com/)
+* [J.P. Morgan](https://www.jpmorgan.com/)
+
 
 ## Inspiration
 
 The basic concept of this library was inspired by the [EPICS](https://github.com/railslove/epics) library from the Railslove Team.
 
+
 ## Copyright
 
 Copyright: Dimitar Nanov, 2019-2022.  
 Licensed under the [MIT](LICENSE) license.
+

examples/bankLetter.js

@@ -10,7 +10,7 @@ const os = require('os');
 const config = require('./loadConfig')();
 const client = require('./getClient')(config);
 const bankName = client.bankName;
-const template = fs.readFileSync("./templates/ini_"+client.languageCode+".hbs", { encoding: 'utf8'});
+const template = fs.readFileSync("../templates/ini_"+client.languageCode+".hbs", { encoding: 'utf8'});
 const bankLetterFile = path.join("./", "bankLetter_"+client.bankShortName+"_"+client.languageCode+".html");
 
 const letter = new ebics.BankLetter({ client, bankName, template });

examples/getClient.js

@@ -10,7 +10,6 @@ module.exports = ({
 	userId,
 	hostId,
 	passphrase,
-	iv,
 	keyStoragePath,
 } = loadConfig()) => new Client({
 	url,
@@ -18,6 +17,5 @@ module.exports = ({
 	userId,
 	hostId,
 	passphrase,
-	iv,
 	keyStorage: fsKeysStorage(keyStoragePath),
 });

lib/Client.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const rock = require('rock-req');
+const $request = require('request');
 
 const constants = require('./consts');
 const Keys = require('./keymanagers/Keys');
@@ -43,8 +43,7 @@ const stringifyKeys = (keys) => {
  * @property {string} partnerId - PARTNERID provided by the bank
  * @property {string} hostId - HOSTID provided by the bank
  * @property {string} userId - USERID provided by the bank
- * @property {string|Buffer} passphrase - passphrase or key for keys encryption
+ * @property {string} passphrase - passphrase for keys encryption
- * @property {string|Buffer} iv - Initialization Vector for keys encryption
  * @property {KeyStorage} keyStorage - keyStorage implementation
  * @property {object} [tracesStorage] - traces (logs) storage implementation
  * @property {string} bankName - Full name of the bank to be used in the bank INI letters.
@@ -52,6 +51,8 @@ const stringifyKeys = (keys) => {
  * @property {string} languageCode - Language code to be used in the bank INI letters ("de", "en" and "fr" are currently supported).
  * @property {string} storageLocation - Location where to store the files that are downloaded. This can be a network share for example.
  */
+
+
 module.exports = class Client {
 	/**
 	 *Creates an instance of Client.
@@ -63,7 +64,6 @@ module.exports = class Client {
 		userId,
 		hostId,
 		passphrase,
-		iv,
 		keyStorage,
 		tracesStorage,
 		bankName,
@@ -71,17 +71,18 @@ module.exports = class Client {
 		languageCode,
 		storageLocation,
 	}) {
-		if (!url) throw new Error('EBICS URL is required');
+		if (!url)
-		if (!partnerId) throw new Error('partnerId is required');
+			throw new Error('EBICS URL is required');
-		if (!userId) throw new Error('userId is required');
+		if (!partnerId)
-		if (!hostId) throw new Error('hostId is required');
+			throw new Error('partnerId is required');
-		if (!passphrase) throw new Error('passphrase is required');
+		if (!userId)
+			throw new Error('userId is required');
+		if (!hostId)
+			throw new Error('hostId is required');
+		if (!passphrase)
+			throw new Error('passphrase is required');
 
-		if (
+		if (!keyStorage || typeof keyStorage.read !== 'function' || typeof keyStorage.write !== 'function')
-			!keyStorage
-			|| typeof keyStorage.read !== 'function'
-			|| typeof keyStorage.write !== 'function'
-		)
 			throw new Error('keyStorage implementation missing or wrong');
 
 		this.url = url;
@@ -89,7 +90,7 @@ module.exports = class Client {
 		this.userId = userId;
 		this.hostId = hostId;
 		this.keyStorage = keyStorage;
-		this.keyEncryptor = defaultKeyEncryptor({ passphrase, iv });
+		this.keyEncryptor = defaultKeyEncryptor({ passphrase });
 		this.tracesStorage = tracesStorage || null;
 		this.bankName = bankName || 'Dummy Bank Full Name';
 		this.bankShortName = bankShortName || 'BANKSHORTCODE';
@@ -98,25 +99,17 @@ module.exports = class Client {
 	}
 
 	async send(order) {
-		const isInObject = 'operation' in order;
+		const isInObject = ('operation' in order);
 
 		if (!isInObject) throw new Error('Operation for the order needed');
 
-		if (order.operation.toUpperCase() === constants.orderOperations.ini)
+		if (order.operation.toUpperCase() === constants.orderOperations.ini) return this.initialization(order);
-			return this.initialization(order);
 
 		const keys = await this.keys();
-		if (keys === null)
+		if (keys === null) throw new Error('No keys provided. Can not send the order or any other order for that matter.');
-			throw new Error(
-				'No keys provided. Can not send the order or any other order for that matter.',
-			);
 
-		if (order.operation.toUpperCase() === constants.orderOperations.upload)
+		if (order.operation.toUpperCase() === constants.orderOperations.upload) return this.upload(order);
-			return this.upload(order);
+		if (order.operation.toUpperCase() === constants.orderOperations.download) return this.download(order);
-		if (
-			order.operation.toUpperCase() === constants.orderOperations.download
-		)
-			return this.download(order);
 
 		throw new Error('Wrong order operation provided');
 	}
@@ -125,7 +118,8 @@ module.exports = class Client {
 		const keys = await this.keys();
 		if (keys === null) await this._generateKeys();
 
-		if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.INI');
+		if (this.tracesStorage)
+			this.tracesStorage.new().ofType('ORDER.INI');
 		const res = await this.ebicsRequest(order);
 		const xml = res.orderData();
 
@@ -138,9 +132,7 @@ module.exports = class Client {
 
 			technicalCode: returnedTechnicalCode,
 			technicalCodeSymbol: res.technicalSymbol(),
-			technicalCodeShortText: res.technicalShortText(
+			technicalCodeShortText: res.technicalShortText(returnedTechnicalCode),
-				returnedTechnicalCode,
-			),
 			technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode),
 
 			businessCode: returnedBusinessCode,
@@ -175,9 +167,7 @@ module.exports = class Client {
 
 			technicalCode: returnedTechnicalCode,
 			technicalCodeSymbol: res.technicalSymbol(),
-			technicalCodeShortText: res.technicalShortText(
+			technicalCodeShortText: res.technicalShortText(returnedTechnicalCode),
-				returnedTechnicalCode,
-			),
 			technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode),
 
 			businessCode: returnedBusinessCode,
@@ -188,7 +178,8 @@ module.exports = class Client {
 	}
 
 	async upload(order) {
-		if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.UPLOAD');
+		if (this.tracesStorage)
+			this.tracesStorage.new().ofType('ORDER.UPLOAD');
 		let res = await this.ebicsRequest(order);
 		const transactionId = res.transactionId();
 		const orderId = res.orderId();
@@ -206,33 +197,22 @@ module.exports = class Client {
 		return new Promise(async (resolve, reject) => {
 			const { version } = order;
 			const keys = await this.keys();
-			const r = signer
+			const r = signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x());
-				.version(version)
-				.sign((await serializer.use(order, this)).toXML(), keys.x());
 
 			if (this.tracesStorage)
-				this.tracesStorage
+				this.tracesStorage.label(`REQUEST.${order.orderDetails.OrderType}`).data(r).persist();
-					.label(`REQUEST.${order.orderDetails.OrderType}`)
-					.data(r)
-					.persist();
 
-			rock({
+			$request.post({
-				method: 'POST',
 				url: this.url,
 				body: r,
 				headers: { 'content-type': 'text/xml;charset=UTF-8' },
-			},
+			}, (err, res, data) => {
-			(err, res, data) => {
 				if (err) reject(err);
 
-				const ebicsResponse = response.version(version)(data.toString('utf-8'), keys);
+				const ebicsResponse = response.version(version)(data, keys);
 
 				if (this.tracesStorage)
-					this.tracesStorage
+					this.tracesStorage.label(`RESPONSE.${order.orderDetails.OrderType}`).connect().data(ebicsResponse.toXML()).persist();
-						.label(`RESPONSE.${order.orderDetails.OrderType}`)
-						.connect()
-						.data(ebicsResponse.toXML())
-						.persist();
 
 				resolve(ebicsResponse);
 			});
@@ -242,14 +222,13 @@ module.exports = class Client {
 	async signOrder(order) {
 		const { version } = order;
 		const keys = await this.keys();
-		return signer
+		return signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x());
-			.version(version)
-			.sign((await serializer.use(order, this)).toXML(), keys.x());
 	}
 
 	async keys() {
 		try {
 			const keysString = await this._readKeys();
+
 			return new Keys(JSON.parse(this.keyEncryptor.decrypt(keysString)));
 		} catch (err) {
 			return null;
@@ -274,8 +253,6 @@ module.exports = class Client {
 	}
 
 	_writeKeys(keysObject) {
-		return this.keyStorage.write(
+		return this.keyStorage.write(this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys)));
-			this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys)),
-		);
 	}
 };

lib/crypto/Crypto.js

@@ -1,7 +1,6 @@
 'use strict';
 
 const crypto = require('crypto');
-const NodeRSA = require('node-rsa');
 
 const BigNumber = require('./BigNumber.js');
 const mgf1 = require('./MGF1');
@@ -55,14 +54,10 @@ module.exports = class Crypto {
 	}
 
 	static privateDecrypt(key, data) {
-		const keyRSA = new NodeRSA(
+		return crypto.privateDecrypt({
-			key.toPem(),
+			key: key.toPem(),
-			'pkcs1-private-pem', {
+			padding: crypto.constants.RSA_PKCS1_PADDING,
-				encryptionScheme: 'pkcs1',
+		}, data);
-				environment: 'browser', // would use the crypto module by default, which blocks pkcs1
-			},
-		);
-		return keyRSA.decrypt(data);
 	}
 
 	static privateSign(key, data, outputEncoding = 'base64') {

lib/crypto/encryptDecrypt.js

@@ -1,66 +0,0 @@
-'use strict';
-
-const crypto = require('crypto');
-
-const createKeyAndIv = (passphrase) => {
-	// this generates a 256-bit key and a 128-bit iv for aes-256-cbc
-	// just like nodejs's deprecated/removed crypto.createCipher would
-	const a = crypto.createHash('md5').update(passphrase).digest();
-	const b = crypto
-		.createHash('md5')
-		.update(Buffer.concat([a, Buffer.from(passphrase)]))
-		.digest();
-	const c = crypto
-		.createHash('md5')
-		.update(Buffer.concat([b, Buffer.from(passphrase)]))
-		.digest();
-	const bytes = Buffer.concat([a, b, c]);
-	const key = bytes.subarray(0, 32);
-	const iv = bytes.subarray(32, 48);
-	return { key, iv };
-};
-
-const encrypt = (data, algorithm, passphrase, iv) => {
-	let cipher;
-	if (iv) {
-		cipher = crypto.createCipheriv(algorithm, passphrase, iv);
-	} else {
-		console.warn(
-			'[Deprecation notice] No IV provided, falling back to legacy key derivation.\n'
-            + 'This will be removed in a future major release. You should encrypt your keys with a proper key and IV.',
-		);
-		if (crypto.createCipher) {
-			// nodejs < 22
-			cipher = crypto.createCipher(algorithm, passphrase);
-		} else {
-			const { key, iv: generatedIv } = createKeyAndIv(passphrase);
-			cipher = crypto.createCipheriv(algorithm, key, generatedIv);
-		}
-	}
-	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
-	return Buffer.from(encrypted).toString('base64');
-};
-
-const decrypt = (data, algorithm, passphrase, iv) => {
-	data = Buffer.from(data, 'base64').toString();
-	let decipher;
-	if (iv) {
-		decipher = crypto.createDecipheriv(algorithm, passphrase, iv);
-	} else {
-		console.warn(
-			'[Deprecation notice] No IV provided, falling back to legacy key derivation.\n'
-			+ 'This will be removed in a future major release. You should re-encrypt your keys with a proper key and IV.',
-		);
-		if (crypto.createDecipher) {
-			// nodejs < 22
-			decipher = crypto.createDecipher(algorithm, passphrase);
-		} else {
-			const { key, iv: generatedIv } = createKeyAndIv(passphrase);
-			decipher = crypto.createDecipheriv(algorithm, key, generatedIv);
-		}
-	}
-	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');
-	return decrypted;
-};
-
-module.exports = { encrypt, decrypt };

lib/keymanagers/KeysManager.js

@@ -1,8 +1,24 @@
 'use strict';
 
-const { encrypt, decrypt } = require('../crypto/encryptDecrypt');
+const crypto = require('crypto');
+
 const Keys = require('./Keys');
 
+const encrypt = (data, algorithm, passphrase) => {
+	const cipher = crypto.createCipher(algorithm, passphrase);
+	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
+
+	return Buffer.from(encrypted).toString('base64');
+};
+const decrypt = (data, algorithm, passphrase) => {
+	data = (Buffer.from(data, 'base64')).toString();
+
+	const decipher = crypto.createDecipher(algorithm, passphrase);
+	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');
+
+	return decrypted;
+};
+
 module.exports = (keysStorage, passphrase, algorithm = 'aes-256-cbc') => {
 	const storage = keysStorage;
 	const pass = passphrase;

lib/keymanagers/defaultKeyEncryptor.js

@@ -1,9 +1,24 @@
 'use strict';
 
-const { encrypt, decrypt } = require('../crypto/encryptDecrypt');
+const crypto = require('crypto');
 
+const encrypt = (data, algorithm, passphrase) => {
+	const cipher = crypto.createCipher(algorithm, passphrase);
+	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
+	return Buffer.from(encrypted).toString('base64');
+};
+const decrypt = (data, algorithm, passphrase) => {
+	data = (Buffer.from(data, 'base64')).toString();
+	const decipher = crypto.createDecipher(algorithm, passphrase);
+	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');
 
-module.exports = ({ passphrase, iv, algorithm = 'aes-256-cbc' }) => ({
+	return decrypted;
-	encrypt: data => encrypt(data, algorithm, passphrase, iv),
+};
+
+module.exports = ({
+	passphrase,
+	algorithm = 'aes-256-cbc',
+}) => ({
+	encrypt: data => encrypt(data, algorithm, passphrase),
 	decrypt: data => decrypt(data, algorithm, passphrase),
 });

lib/orders/H004/response.js

@@ -5,7 +5,7 @@ const crypto = require('crypto');
 
 const Crypto = require('../../crypto/Crypto');
 
-const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');
+const { DOMParser, XMLSerializer } = require('xmldom');
 const xpath = require('xpath');
 const errors = require('./errors');
 
@@ -25,72 +25,45 @@ module.exports = (xml, keys) => ({
 
 	isSegmented() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:SegmentNumber', this.doc);
-			'//xmlns:header/xmlns:mutable/xmlns:SegmentNumber',
-			this.doc,
-		);
 
 		return !!node.length;
 	},
 
 	isLastSegment() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select("//xmlns:header/xmlns:mutable/*[@lastSegment='true']", this.doc);
-			"//xmlns:header/xmlns:mutable/*[@lastSegment='true']",
-			this.doc,
-		);
 
 		return !!node.length;
 	},
 
 	orderData() {
-		const orderDataNode = this.doc.getElementsByTagNameNS(
+		const orderDataNode = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'OrderData');
-			'urn:org:ebics:H004',
-			'OrderData',
-		);
 
 		if (!orderDataNode.length) return {};
 
 		const orderData = orderDataNode[0].textContent;
-		const decipher = crypto
+		const decipher = crypto.createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV).setAutoPadding(false);
-			.createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV)
+		const data = Buffer.from(decipher.update(orderData, 'base64', 'binary') + decipher.final('binary'), 'binary');
-			.setAutoPadding(false);
-		const data = Buffer.from(
-			decipher.update(orderData, 'base64', 'binary')
-				+ decipher.final('binary'),
-			'binary',
-		);
 
 		return zlib.inflateSync(data);
 	},
 
 	transactionKey() {
-		const keyNodeText = this.doc.getElementsByTagNameNS(
+		const keyNodeText = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'TransactionKey')[0].textContent;
-			'urn:org:ebics:H004',
+		return Crypto.privateDecrypt(this.keys.e(), Buffer.from(keyNodeText, 'base64'));
-			'TransactionKey',
-		)[0].textContent;
-		return Crypto.privateDecrypt(
-			this.keys.e(),
-			Buffer.from(keyNodeText, 'base64'),
-		);
 	},
 
 	transactionId() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select('//xmlns:header/xmlns:static/xmlns:TransactionID', this.doc);
-			'//xmlns:header/xmlns:static/xmlns:TransactionID',
-			this.doc,
-		);
 
 		return node.length ? node[0].textContent : '';
 	},
 
 	orderId() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select('.//xmlns:header/xmlns:mutable/xmlns:OrderID', this.doc);
-			'.//xmlns:header/xmlns:mutable/xmlns:OrderID',
-			this.doc,
-		);
 
 		return node.length ? node[0].textContent : '';
 	},
@@ -116,20 +89,14 @@ module.exports = (xml, keys) => ({
 
 	technicalCode() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:ReturnCode', this.doc);
-			'//xmlns:header/xmlns:mutable/xmlns:ReturnCode',
-			this.doc,
-		);
 
 		return node.length ? node[0].textContent : '';
 	},
 
 	technicalSymbol() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:ReportText', this.doc);
-			'//xmlns:header/xmlns:mutable/xmlns:ReportText',
-			this.doc,
-		);
 
 		return node.length ? node[0].textContent : '';
 	},
@@ -155,14 +122,8 @@ module.exports = (xml, keys) => ({
 
 		for (let i = 0; i < keyNodes.length; i++) {
 			const type = lastChild(keyNodes[i].parentNode).textContent;
-			const modulus = xpath.select(
+			const modulus = xpath.select(".//*[local-name(.)='Modulus']", keyNodes[i])[0].textContent;
-				".//*[local-name(.)='Modulus']",
+			const exponent = xpath.select(".//*[local-name(.)='Exponent']", keyNodes[i])[0].textContent;
-				keyNodes[i],
-			)[0].textContent;
-			const exponent = xpath.select(
-				".//*[local-name(.)='Exponent']",
-				keyNodes[i],
-			)[0].textContent;
 
 			const mod = Buffer.from(modulus, 'base64');
 			const exp = Buffer.from(exponent, 'base64');

lib/orders/H004/signer.js

@@ -1,9 +1,10 @@
+
 'use strict';
 
 // const crypto = require('crypto');
 const Crypto = require('../../crypto/Crypto');
 
-const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');
+const { DOMParser, XMLSerializer } = require('xmldom');
 const xpath = require('xpath');
 const C14n = require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization;
 
@@ -12,21 +13,14 @@ const digest = (doc) => {
 	const nodeDigestValue = doc.getElementsByTagName('ds:DigestValue')[0];
 
 	// canonicalize the node that has authenticate='true' attribute
-	const contentToDigest = xpath
+	const contentToDigest = xpath.select("//*[@authenticate='true']", doc)
-		.select("//*[@authenticate='true']", doc)
+		.map(x => new C14n().process(x)).join('');
-		.map(x => new C14n().process(x))
-		.join('');
 
 	// fix the canonicalization
-	const fixedContent = contentToDigest.replace(
+	const fixedContent = contentToDigest.replace(/xmlns="urn:org:ebics:H004"/g, 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"');
-		/xmlns="urn:org:ebics:H004"/g,
-		'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-	);
 
 	if (nodeDigestValue)
-		nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent)
+		nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent).toString('base64').trim();
-			.toString('base64')
-			.trim();
 
 	return doc;
 };
@@ -35,15 +29,8 @@ const sign = (doc, key) => {
 	const nodeSignatureValue = doc.getElementsByTagName('ds:SignatureValue')[0];
 
 	if (nodeSignatureValue) {
-		const select = xpath.useNamespaces({
+		const select = xpath.useNamespaces({ ds: 'http://www.w3.org/2000/09/xmldsig#' });
-			ds: 'http://www.w3.org/2000/09/xmldsig#',
+		const contentToSign = (new C14n().process(select('//ds:SignedInfo', doc)[0])).replace('xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"');
-		});
-		const contentToSign = new C14n()
-			.process(select('//ds:SignedInfo', doc)[0])
-			.replace(
-				'xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-				'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-			);
 
 		nodeSignatureValue.textContent = Crypto.privateSign(key, contentToSign); // this.keys.x().key.sign(contentToSign, 'base64');
 	}

package.json

@@ -1,7 +1,8 @@
 {
 	"name": "ebics-client",
-	"version": "5.0.0",
+	"version": "0.3.0",
 	"description": "Node.js ISO 20022 Compliant EBICS Client",
+	"license": "MIT",
 	"main": "index.js",
 	"files": [
 		"lib/**/*",
@@ -9,10 +10,7 @@
 	],
 	"scripts": {
 		"lint": "eslint .",
-		"test": "npm run test:node$(node -v | cut -d '.' -f 1 | cut -c 2-)",
+		"test": "nyc mocha test/**/*.js",
-		"test:node22": "nyc node ./node_modules/.bin/mocha test/**/*.js",
-		"test:node20": "nyc node --security-revert=CVE-2023-46809 ./node_modules/.bin/mocha test/**/*.js",
-		"test:node18": "nyc node --security-revert=CVE-2023-46809 ./node_modules/.bin/mocha test/**/*.js",
 		"coverage": "nyc report --reporter=text-lcov | coveralls",
 		"version": "auto-changelog -p -t changelog-template.hbs && git add CHANGELOG.md"
 	},
@@ -58,33 +56,27 @@
 		{
 			"name": "Herrie",
 			"url": "https://github.com/Herrie82"
-		},
-		{
-			"name": "Maik Marschner ",
-			"url": "https://github.com/leMaik"
 		}
 	],
-	"license": "MIT",
 	"dependencies": {
-		"@xmldom/xmldom": "^0.8.10",
+		"handlebars": "^4.7.7",
-		"handlebars": "^4.7.8",
+		"js2xmlparser": "^4.0.1",
-		"js2xmlparser": "^5.0.0",
+		"node-forge": "^0.10.0",
-		"node-forge": "^1.3.1",
+		"request": "^2.88.2",
-		"node-rsa": "^1.1.1",
+		"uuid": "^8.3.2",
-		"rock-req": "^5.1.3",
+		"xml-crypto": "^2.1.1",
-		"uuid": "^9.0.1",
+		"xmldom": "^0.5.0",
-		"xml-crypto": "^6.0.0",
 		"xpath": "0.0.32"
 	},
 	"devDependencies": {
-		"auto-changelog": "^2.4.0",
+		"auto-changelog": "^1.16.2",
-		"chai": "^4.3.10",
+		"chai": "^4.3.4",
-		"coveralls": "^3.1.1",
+		"coveralls": "^3.1.0",
 		"eslint": "^6.7.2",
 		"eslint-config-ecollect-base": "^0.1.2",
-		"eslint-plugin-import": "^2.28.1",
+		"eslint-plugin-import": "^2.18.2",
-		"mocha": "^10.2.0",
+		"libxmljs": "^0.19.7",
-		"nyc": "^15.1.0",
+		"mocha": "^7.1.2",
-		"xmllint-wasm": "^4.0.2"
+		"nyc": "^15.1.0"
 	}
 }

test/spec/H004.js

@@ -9,36 +9,25 @@ const fs = require('fs');
 
 const ebics = require('../../');
 
-const xmlLintWasm = require('xmllint-wasm');
+const libxml = require('libxmljs');
 
-const validateXML = (() => {
+const schemaPath = path.resolve(__dirname, '../xsd/ebics_H004.xsd');
-	const xsdDir = path.resolve(__dirname, '../xsd');
+const schemaDoc = libxml.parseXml(fs.readFileSync(schemaPath, { encoding: 'utf8' }));
-	const schemaPath = path.resolve(xsdDir, 'ebics_H004.xsd');
-	const schemaDoc = fs.readFileSync(schemaPath, { encoding: 'utf8' });
-	const preload = fs
-		.readdirSync(xsdDir)
-		.filter(file => file.endsWith('.xsd') && file !== 'ebics_H004.xsd')
-		.map(file => ({
-			fileName: file,
-			contents: fs.readFileSync(path.join(xsdDir, file), {
-				encoding: 'utf8',
-			}),
-		}));
 
-	return async (str) => {
+const schemaDir = path.dirname(schemaPath);
-		const results = await xmlLintWasm.validateXML({
+const cwd = process.cwd();
-			xml: { fileName: 'ebics.xml', contents: str },
+
-			schema: [
+const validateXML = (str) => {
-				{
+	try {
-					fileName: 'ebics_H004.xsd',
+		process.chdir(schemaDir);
-					contents: schemaDoc,
+		const isValid = libxml.parseXmlString(str).validate(schemaDoc);
-				},
+		process.chdir(cwd);
-			],
+		return isValid;
-			preload,
+	} catch (e) {
-		});
+		process.chdir(cwd);
-		return results.valid;
+		return false;
-	};
+	}
-})();
+};
 
 const client = new ebics.Client({
 	url: 'https://iso20022test.credit-suisse.com/ebicsweb/ebicsweb',
@@ -46,9 +35,7 @@ const client = new ebics.Client({
 	userId: 'CRS04381',
 	hostId: 'CRSISOTB',
 	passphrase: 'test',
-	keyStorage: ebics.fsKeysStorage(
+	keyStorage: ebics.fsKeysStorage(path.resolve(__dirname, '../support/TEST_KEYS.key')),
-		path.resolve(__dirname, '../support/TEST_KEYS.key'),
-	),
 });
 
 const { Orders } = ebics;
@@ -96,8 +83,10 @@ const fnOrders = {
 };
 
 const getOrderObject = (name, order) => {
-	if (typeof order === 'object') return order;
+	if (typeof order === 'object')
-	if (fnOrders[name]) return fnOrders[name](order);
+		return order;
+	if (fnOrders[name])
+		return fnOrders[name](order);
 	return null;
 };
 
@@ -105,14 +94,15 @@ describe('H004 order generation', () => {
 	// eslint-disable-next-line no-restricted-syntax
 	for (const [name, orderDefinition] of Object.entries(Orders)) {
 		const order = getOrderObject(name, orderDefinition);
-		if (!order) continue;
+		if (!order)
+			continue;
 
 		const type = order.orderDetails.OrderType;
 		const { operation } = order;
 
 		it(`[${operation}] ${type} order generation`, async () => {
 			const signedOrder = await client.signOrder(order);
-			assert.isTrue(await validateXML(signedOrder));
+			assert.isTrue(validateXML(signedOrder));
 		});
 	}
 });