chore: update license in package.json, bump version

2025-08-14 19:55:36 +00:00 · 2022-08-04 07:03:47 +03:00
16 changed files with 3619 additions and 4439 deletions
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -1,23 +0,0 @@
-name: CI
-
-on:
-  push:
-    branches: [ main, master ]
-  pull_request:
-    branches: [ main, master ]
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node: [ 18, 20, 22 ]
-    name: Node.js ${{ matrix.node }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup node
-        uses: actions/setup-node@v4
-        with:
-          node-version: ${{ matrix.node }}
-      - run: npm ci
-      - run: npm test
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,8 +1,8 @@
 language: node_js
 node_js:
-  - "16" # maintance lts
-  - "17"
-  - "18" # active lts
-  - "19"
-  - "20" # current
+  - "8"
+  - "9"
+  - "10"
+  - "11"
+  - "12"
 after_success: npm run coverage
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,27 +1,5 @@
 ### Changelog

-#### [v4.2.0]
-
- feat: update dependencies [`a03ec22`](https://github.com/node-ebics/node-ebics-client/commit/a03ec2283fdd3dcf750c5ed448f0195d92c5c9f0)
- chore: Update dev dependency libxmljs [`3a8dc1d`](https://github.com/node-ebics/node-ebics-client/commit/3a8dc1da0bac20a6f25a687da0a783f3b52d5163)
- feat: replace &lt;request&gt; with &lt;rock-req&gt; [`b6b2751`](https://github.com/node-ebics/node-ebics-client/commit/b6b27516d5854b38dcdbe56f23967001f844e631)
-
-#### [v4.0.0](https://github.com/node-ebics/node-ebics-client/compare/v3.0.0...v0.4.0)
-
- Add CI [`#75`](https://github.com/node-ebics/node-ebics-client/pull/75)
-
- feat: update dependencies [`a03ec22`](https://github.com/node-ebics/node-ebics-client/commit/a03ec2283fdd3dcf750c5ed448f0195d92c5c9f0)
- chore: Update dev dependency libxmljs [`3a8dc1d`](https://github.com/node-ebics/node-ebics-client/commit/3a8dc1da0bac20a6f25a687da0a783f3b52d5163)
- feat: replace &lt;request&gt; with &lt;rock-req&gt; [`b6b2751`](https://github.com/node-ebics/node-ebics-client/commit/b6b27516d5854b38dcdbe56f23967001f844e631)
-
-### [v3.0.0](https://github.com/node-ebics/node-ebics-client/compare/v0.2.1...v3.0.0)
-
-> 4 August 2022
-
- Update LICENSE [`7520a56`](https://github.com/node-ebics/node-ebics-client/commit/7520a56be8ba446d3466c6dc9202b1d65ea3396f)
- changelog [`fe0f585`](https://github.com/node-ebics/node-ebics-client/commit/fe0f585b277c390415841a343aa86d4533997057)
- chore: update license in package.json, bump version [`b46b214`](https://github.com/node-ebics/node-ebics-client/commit/b46b214e57cf1b4e30455da306b26b3a06dc8a5f)
-
 #### [v0.2.1](https://github.com/node-ebics/node-ebics-client/compare/v0.2.0...v0.2.1)

 > 30 March 2021
@@ -106,43 +84,38 @@

 #### [v0.1.1](https://github.com/node-ebics/node-ebics-client/compare/v0.1.0...v0.1.1)

-> 7 November 2019
+> 5 November 2019

 - chore: update license [`9aabe93`](https://github.com/node-ebics/node-ebics-client/commit/9aabe933e91b506ea38820b952ce8e5e58b4c2ff)

-#### [v0.1.0](https://github.com/node-ebics/node-ebics-client/compare/v0.0.36...v0.1.0)
+#### [v0.1.0](https://github.com/node-ebics/node-ebics-client/compare/v0.0.8...v0.1.0)

 > 5 November 2019

 - Feat: handle unsual exponent migrate to node-forge [`#16`](https://github.com/node-ebics/node-ebics-client/pull/16)
 - Add order generation tests and fix linting [`#15`](https://github.com/node-ebics/node-ebics-client/pull/15)
 - test script run mocha [`#14`](https://github.com/node-ebics/node-ebics-client/pull/14)
- chore: readme maintenance [`#11`](https://github.com/node-ebics/node-ebics-client/pull/11)
- Provide examples [`#10`](https://github.com/node-ebics/node-ebics-client/pull/10)
- * Add Z53 order type [`#7`](https://github.com/node-ebics/node-ebics-client/pull/7)
- remove eCollect from constant and minor verbose error handeling [`#2`](https://github.com/node-ebics/node-ebics-client/pull/2)
- add iso pain format XCT order type [`#1`](https://github.com/node-ebics/node-ebics-client/pull/1)
- remove eCollect from constant and minor verbose error handaling [`#4`](https://github.com/node-ebics/node-ebics-client/pull/4)
- add iso pain format XCT order type [`#5`](https://github.com/node-ebics/node-ebics-client/pull/5)
- Fix parsing of the bank keys in the HPB response [`#3`](https://github.com/node-ebics/node-ebics-client/pull/3)

 - feat: prepare order generation tests [`e40f79c`](https://github.com/node-ebics/node-ebics-client/commit/e40f79cee68a194272c93f07e763175b213a77a1)
- Major changes. Separating responsibilities. Orders builder, serializer. [`ff9a3a1`](https://github.com/node-ebics/node-ebics-client/commit/ff9a3a16b47d0a25674134c875bfd651995837e4)
- code optimization [`1876360`](https://github.com/node-ebics/node-ebics-client/commit/187636019c290d757aca77d4c14fb4f2519acd38)
+- chore: cleanup [`0c01420`](https://github.com/node-ebics/node-ebics-client/commit/0c01420c1e14992a4169098ccd47cd196b899f06)

 #### [v0.0.36](https://github.com/node-ebics/node-ebics-client/compare/v0.0.35...v0.0.36)

-> 7 November 2019
+> 1 June 2018

 - various modular fixes [`8492d94`](https://github.com/node-ebics/node-ebics-client/commit/8492d940542f61b17aa3a2da7de23f6539ffaad5)

-#### [v0.0.35](https://github.com/node-ebics/node-ebics-client/compare/v0.0.8...v0.0.35)
+#### [v0.0.35](https://github.com/node-ebics/node-ebics-client/compare/v0.0.3...v0.0.35)

-> 7 November 2019
+> 31 May 2018
+
+- update License to GPL v3 [`babcf76`](https://github.com/node-ebics/node-ebics-client/commit/babcf76b61af6eb737ab291a301e71bb84621820)
+- Add MGF1.js file - mask generation utility class [`7e6e2ff`](https://github.com/node-ebics/node-ebics-client/commit/7e6e2ff142688b0c453369fa7137b49e8b89cd81)
+- Add sign, _emsaPSS and _modPowe methods in Key.js file [`5ace213`](https://github.com/node-ebics/node-ebics-client/commit/5ace2137231af9a3563ab31fa0f70fbdf4b148cb)

 #### [v0.0.8](https://github.com/node-ebics/node-ebics-client/compare/v0.0.7...v0.0.8)

-> 7 November 2019
+> 8 October 2019

 - chore: readme maintenance [`#11`](https://github.com/node-ebics/node-ebics-client/pull/11)
 - Provide examples [`#10`](https://github.com/node-ebics/node-ebics-client/pull/10)
@@ -153,7 +126,7 @@

 #### [v0.0.7](https://github.com/node-ebics/node-ebics-client/compare/v0.0.6...v0.0.7)

-> 7 November 2019
+> 2 August 2019

 - * Add Z53 order type [`#7`](https://github.com/node-ebics/node-ebics-client/pull/7)
 - remove eCollect from constant and minor verbose error handeling [`#2`](https://github.com/node-ebics/node-ebics-client/pull/2)
@@ -165,7 +138,7 @@

 #### [v0.0.6](https://github.com/node-ebics/node-ebics-client/compare/v0.0.5...v0.0.6)

-> 7 November 2019
+> 24 July 2019

 - remove eCollect from constant and minor verbose error handaling [`#4`](https://github.com/node-ebics/node-ebics-client/pull/4)
 - add iso pain format XCT order type [`#5`](https://github.com/node-ebics/node-ebics-client/pull/5)
@@ -175,24 +148,24 @@

 #### [v0.0.5](https://github.com/node-ebics/node-ebics-client/compare/v0.0.4...v0.0.5)

-> 7 November 2019
+> 28 June 2019

 - Fix parsing of the bank keys in the HPB response [`#3`](https://github.com/node-ebics/node-ebics-client/pull/3)

 - tc for bank keys parsing error [`c571ef1`](https://github.com/node-ebics/node-ebics-client/commit/c571ef181bca2e0cbec70bc6df53c706acd6c829)
 - #2 corrected bank keys parsing [`5f0b6cd`](https://github.com/node-ebics/node-ebics-client/commit/5f0b6cd3747c4613920d2f71f3c04ce13225d397)

-#### [v0.0.4](https://github.com/node-ebics/node-ebics-client/compare/v0.0.3...v0.0.4)
+#### [v0.0.4](https://github.com/node-ebics/node-ebics-client/compare/v0.0.36...v0.0.4)

 > 3 September 2018

 - Major changes. Separating responsibilities. Orders builder, serializer. [`ff9a3a1`](https://github.com/node-ebics/node-ebics-client/commit/ff9a3a16b47d0a25674134c875bfd651995837e4)
 - code optimization [`1876360`](https://github.com/node-ebics/node-ebics-client/commit/187636019c290d757aca77d4c14fb4f2519acd38)
- various modular fixes [`8492d94`](https://github.com/node-ebics/node-ebics-client/commit/8492d940542f61b17aa3a2da7de23f6539ffaad5)
+- client and order optimization [`9454992`](https://github.com/node-ebics/node-ebics-client/commit/945499290a8698aed504b573019de2c23148006a)

 #### v0.0.3

-> 7 November 2019
+> 17 May 2018

 - initial commit [`1f947ff`](https://github.com/node-ebics/node-ebics-client/commit/1f947ff1480c522f89fa1f547581b55e2378d920)
 - Initial commit [`cd37de3`](https://github.com/node-ebics/node-ebics-client/commit/cd37de3895e32a61798c79ce3a6447e2f269019d)
--- a/README.md
+++ b/README.md
@@ -15,55 +15,30 @@
 <a href='https://coveralls.io/github/eCollect/node-ebics-client?branch=master' title="Coverage Status"><img src='https://coveralls.io/repos/github/eCollect/node-ebics-client/badge.svg?branch=master' alt='Coverage Status' /></a>
 </p>

-Pure Node.js (>= 16) implementation of [EBICS](https://en.wikipedia.org/wiki/Electronic_Banking_Internet_Communication_Standard) (Electronic Banking Internet Communication).
+Pure node.js ( >=8 ) implementation of [EBICS](https://en.wikipedia.org/wiki/Electronic_Banking_Internet_Communication_Standard) ( Electronic Banking Internet Communication ).

-The client is aimed to be 100% [ISO 20022](https://www.iso20022.org) compliant, and supports the complete initializations process (INI, HIA, HPB orders) and HTML letter generation.
+The client is aimed to be 100% [ISO 20022](https://www.iso20022.org) compliant, and supports the complete initializations process ( INI, HIA, HPB orders ) and HTML letter generation.

-## Usage
-
-For examples on how to use this library, take a look at the [examples](https://github.com/node-ebics/node-ebics-client/tree/master/examples).
-
-### A note on recent Node.js versions
-
-The latest Node.js versions don't support `RSA_PKCS1_PADDING` for private decryption for security reasons, throwing an error like _TypeError: RSA_PKCS1_PADDING is no longer supported for private decryption, this can be reverted with --security-revert=CVE-2023-46809_.
-
-EBICS requires this mode, so in order for this library to work, add the following parameter when starting Node.js: `--security-revert=CVE-2023-46809`
-
-### Initialization
-
-1. Create a configuration (see [example configs](https://github.com/node-ebics/node-ebics-client/tree/master/examples/config)) with the EBICS credentials you received from your bank and name it in this schema: `config.<environment>.<bank>[.<entity>].json` (the entity is optional).
-
-    - The fields `url`, `partnerId`, `userId`, `hostId` are provided by your bank.
-    - The `passphrase` is used to encrypt the keys file, which will be stored at the `storageLocation`.
-    - The `bankName` and `bankShortName` are used internally for creating files and identifying the bank to you.
-    - The `languageCode` is used when creating the Initialization Letter and can be either `de`, `en`, or `fr`.
-    - You can chose any environment, bank and, optionally, entity name. Entities are useful if you have multiple EBICS users for the same bank account.
-
-2. Run `node examples/initialize.js <environment> <bank> [entity]` to generate your key pair and perform the INI and HIA orders (ie. send the public keys to your bank)  
-   The generated keys are stored in the file specified in your config and encrypted with the specified passphrase.
-3. Run `node examples/bankLetter.js <environment> <bank> [entity]` to generate the Initialization Letter
-4. Print the letter, sign it and send it to your bank. Wait for them to activate your EBICS account.
-5. Download the bank keys by running `node examples/save-bank-keys.js <environment> <bank> [entity]`
-
-If all these steps were executed successfully, you can now do all things EBICS, like fetching bank statements by running `node examples/send-sta-order.js <environment> <bank> [entity]`, or actually use this library in your custom banking applications.

 ## Supported Banks
-
 The client is currently tested and verified to work with the following banks:

-   [Credit Suisse (Schweiz) AG](https://www.credit-suisse.com/ch/en.html)
-   [Zürcher Kantonalbank](https://www.zkb.ch/en/lg/ew.html)
-   [Raiffeisen Schweiz](https://www.raiffeisen.ch/rch/de.html)
-   [BW Bank](https://www.bw-bank.de/de/home.html)
-   [Bank GPB International S.A.](https://gazprombank.lu/e-banking)
-   [Bank GPB AO](https://gazprombank.ru/)
-   [J.P. Morgan](https://www.jpmorgan.com/)
+* [Credit Suisse (Schweiz) AG](https://www.credit-suisse.com/ch/en.html)
+* [Zürcher Kantonalbank](https://www.zkb.ch/en/lg/ew.html)
+* [Raiffeisen Schweiz](https://www.raiffeisen.ch/rch/de.html)
+* [BW Bank](https://www.bw-bank.de/de/home.html)
+* [Bank GPB International S.A.](https://gazprombank.lu/e-banking)
+* [Bank GPB AO](https://gazprombank.ru/)
+* [J.P. Morgan](https://www.jpmorgan.com/)
+

 ## Inspiration

 The basic concept of this library was inspired by the [EPICS](https://github.com/railslove/epics) library from the Railslove Team.

+
 ## Copyright

 Copyright: Dimitar Nanov, 2019-2022.  
 Licensed under the [MIT](LICENSE) license.
+
--- a/examples/bankLetter.js
+++ b/examples/bankLetter.js
@@ -10,7 +10,7 @@ const os = require('os');
 const config = require('./loadConfig')();
 const client = require('./getClient')(config);
 const bankName = client.bankName;
-const template = fs.readFileSync("./templates/ini_"+client.languageCode+".hbs", { encoding: 'utf8'});
+const template = fs.readFileSync("../templates/ini_"+client.languageCode+".hbs", { encoding: 'utf8'});
 const bankLetterFile = path.join("./", "bankLetter_"+client.bankShortName+"_"+client.languageCode+".html");

 const letter = new ebics.BankLetter({ client, bankName, template });
--- a/examples/getClient.js
+++ b/examples/getClient.js
@@ -10,7 +10,6 @@ module.exports = ({
 	userId,
 	hostId,
 	passphrase,
-	iv,
 	keyStoragePath,
 } = loadConfig()) => new Client({
 	url,
@@ -18,6 +17,5 @@ module.exports = ({
 	userId,
 	hostId,
 	passphrase,
-	iv,
 	keyStorage: fsKeysStorage(keyStoragePath),
 });
--- a/lib/Client.js
+++ b/lib/Client.js
@@ -1,6 +1,6 @@
 'use strict';

-const rock = require('rock-req');
+const $request = require('request');

 const constants = require('./consts');
 const Keys = require('./keymanagers/Keys');
@@ -43,8 +43,7 @@ const stringifyKeys = (keys) => {
 * @property {string} partnerId - PARTNERID provided by the bank
 * @property {string} hostId - HOSTID provided by the bank
 * @property {string} userId - USERID provided by the bank
- * @property {string|Buffer} passphrase - passphrase or key for keys encryption
- * @property {string|Buffer} iv - Initialization Vector for keys encryption
+ * @property {string} passphrase - passphrase for keys encryption
 * @property {KeyStorage} keyStorage - keyStorage implementation
 * @property {object} [tracesStorage] - traces (logs) storage implementation
 * @property {string} bankName - Full name of the bank to be used in the bank INI letters.
@@ -52,6 +51,8 @@ const stringifyKeys = (keys) => {
 * @property {string} languageCode - Language code to be used in the bank INI letters ("de", "en" and "fr" are currently supported).
 * @property {string} storageLocation - Location where to store the files that are downloaded. This can be a network share for example.
 */
+
+
 module.exports = class Client {
 	/**
 	 *Creates an instance of Client.
@@ -63,7 +64,6 @@ module.exports = class Client {
 		userId,
 		hostId,
 		passphrase,
-		iv,
 		keyStorage,
 		tracesStorage,
 		bankName,
@@ -71,17 +71,18 @@ module.exports = class Client {
 		languageCode,
 		storageLocation,
 	}) {
-		if (!url) throw new Error('EBICS URL is required');
-		if (!partnerId) throw new Error('partnerId is required');
-		if (!userId) throw new Error('userId is required');
-		if (!hostId) throw new Error('hostId is required');
-		if (!passphrase) throw new Error('passphrase is required');
+		if (!url)
+			throw new Error('EBICS URL is required');
+		if (!partnerId)
+			throw new Error('partnerId is required');
+		if (!userId)
+			throw new Error('userId is required');
+		if (!hostId)
+			throw new Error('hostId is required');
+		if (!passphrase)
+			throw new Error('passphrase is required');

-		if (
-			!keyStorage
-			|| typeof keyStorage.read !== 'function'
-			|| typeof keyStorage.write !== 'function'
-		)
+		if (!keyStorage || typeof keyStorage.read !== 'function' || typeof keyStorage.write !== 'function')
 			throw new Error('keyStorage implementation missing or wrong');

 		this.url = url;
@@ -89,7 +90,7 @@ module.exports = class Client {
 		this.userId = userId;
 		this.hostId = hostId;
 		this.keyStorage = keyStorage;
-		this.keyEncryptor = defaultKeyEncryptor({ passphrase, iv });
+		this.keyEncryptor = defaultKeyEncryptor({ passphrase });
 		this.tracesStorage = tracesStorage || null;
 		this.bankName = bankName || 'Dummy Bank Full Name';
 		this.bankShortName = bankShortName || 'BANKSHORTCODE';
@@ -98,25 +99,17 @@ module.exports = class Client {
 	}

 	async send(order) {
-		const isInObject = 'operation' in order;
+		const isInObject = ('operation' in order);

 		if (!isInObject) throw new Error('Operation for the order needed');

-		if (order.operation.toUpperCase() === constants.orderOperations.ini)
-			return this.initialization(order);
+		if (order.operation.toUpperCase() === constants.orderOperations.ini) return this.initialization(order);

 		const keys = await this.keys();
-		if (keys === null)
-			throw new Error(
-				'No keys provided. Can not send the order or any other order for that matter.',
-			);
+		if (keys === null) throw new Error('No keys provided. Can not send the order or any other order for that matter.');

-		if (order.operation.toUpperCase() === constants.orderOperations.upload)
-			return this.upload(order);
-		if (
-			order.operation.toUpperCase() === constants.orderOperations.download
-		)
-			return this.download(order);
+		if (order.operation.toUpperCase() === constants.orderOperations.upload) return this.upload(order);
+		if (order.operation.toUpperCase() === constants.orderOperations.download) return this.download(order);

 		throw new Error('Wrong order operation provided');
 	}
@@ -125,7 +118,8 @@ module.exports = class Client {
 		const keys = await this.keys();
 		if (keys === null) await this._generateKeys();

-		if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.INI');
+		if (this.tracesStorage)
+			this.tracesStorage.new().ofType('ORDER.INI');
 		const res = await this.ebicsRequest(order);
 		const xml = res.orderData();

@@ -138,9 +132,7 @@ module.exports = class Client {

 			technicalCode: returnedTechnicalCode,
 			technicalCodeSymbol: res.technicalSymbol(),
-			technicalCodeShortText: res.technicalShortText(
-				returnedTechnicalCode,
-			),
+			technicalCodeShortText: res.technicalShortText(returnedTechnicalCode),
 			technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode),

 			businessCode: returnedBusinessCode,
@@ -175,9 +167,7 @@ module.exports = class Client {

 			technicalCode: returnedTechnicalCode,
 			technicalCodeSymbol: res.technicalSymbol(),
-			technicalCodeShortText: res.technicalShortText(
-				returnedTechnicalCode,
-			),
+			technicalCodeShortText: res.technicalShortText(returnedTechnicalCode),
 			technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode),

 			businessCode: returnedBusinessCode,
@@ -188,7 +178,8 @@ module.exports = class Client {
 	}

 	async upload(order) {
-		if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.UPLOAD');
+		if (this.tracesStorage)
+			this.tracesStorage.new().ofType('ORDER.UPLOAD');
 		let res = await this.ebicsRequest(order);
 		const transactionId = res.transactionId();
 		const orderId = res.orderId();
@@ -206,33 +197,22 @@ module.exports = class Client {
 		return new Promise(async (resolve, reject) => {
 			const { version } = order;
 			const keys = await this.keys();
-			const r = signer
-				.version(version)
-				.sign((await serializer.use(order, this)).toXML(), keys.x());
+			const r = signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x());

 			if (this.tracesStorage)
-				this.tracesStorage
-					.label(`REQUEST.${order.orderDetails.OrderType}`)
-					.data(r)
-					.persist();
+				this.tracesStorage.label(`REQUEST.${order.orderDetails.OrderType}`).data(r).persist();

-			rock({
-				method: 'POST',
+			$request.post({
 				url: this.url,
 				body: r,
 				headers: { 'content-type': 'text/xml;charset=UTF-8' },
-			},
-			(err, res, data) => {
+			}, (err, res, data) => {
 				if (err) reject(err);

-				const ebicsResponse = response.version(version)(data.toString('utf-8'), keys);
+				const ebicsResponse = response.version(version)(data, keys);

 				if (this.tracesStorage)
-					this.tracesStorage
-						.label(`RESPONSE.${order.orderDetails.OrderType}`)
-						.connect()
-						.data(ebicsResponse.toXML())
-						.persist();
+					this.tracesStorage.label(`RESPONSE.${order.orderDetails.OrderType}`).connect().data(ebicsResponse.toXML()).persist();

 				resolve(ebicsResponse);
 			});
@@ -242,14 +222,13 @@ module.exports = class Client {
 	async signOrder(order) {
 		const { version } = order;
 		const keys = await this.keys();
-		return signer
-			.version(version)
-			.sign((await serializer.use(order, this)).toXML(), keys.x());
+		return signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x());
 	}

 	async keys() {
 		try {
 			const keysString = await this._readKeys();
+
 			return new Keys(JSON.parse(this.keyEncryptor.decrypt(keysString)));
 		} catch (err) {
 			return null;
@@ -274,8 +253,6 @@ module.exports = class Client {
 	}

 	_writeKeys(keysObject) {
-		return this.keyStorage.write(
-			this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys)),
-		);
+		return this.keyStorage.write(this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys)));
 	}
 };
--- a/lib/crypto/Crypto.js
+++ b/lib/crypto/Crypto.js
@@ -1,7 +1,6 @@
 'use strict';

 const crypto = require('crypto');
-const NodeRSA = require('node-rsa');

 const BigNumber = require('./BigNumber.js');
 const mgf1 = require('./MGF1');
@@ -55,14 +54,10 @@ module.exports = class Crypto {
 	}

 	static privateDecrypt(key, data) {
-		const keyRSA = new NodeRSA(
-			key.toPem(),
-			'pkcs1-private-pem', {
-				encryptionScheme: 'pkcs1',
-				environment: 'browser', // would use the crypto module by default, which blocks pkcs1
-			},
-		);
-		return keyRSA.decrypt(data);
+		return crypto.privateDecrypt({
+			key: key.toPem(),
+			padding: crypto.constants.RSA_PKCS1_PADDING,
+		}, data);
 	}

 	static privateSign(key, data, outputEncoding = 'base64') {
--- a/lib/crypto/encryptDecrypt.js
+++ b/lib/crypto/encryptDecrypt.js
@@ -1,66 +0,0 @@
-'use strict';
-
-const crypto = require('crypto');
-
-const createKeyAndIv = (passphrase) => {
-	// this generates a 256-bit key and a 128-bit iv for aes-256-cbc
-	// just like nodejs's deprecated/removed crypto.createCipher would
-	const a = crypto.createHash('md5').update(passphrase).digest();
-	const b = crypto
-		.createHash('md5')
-		.update(Buffer.concat([a, Buffer.from(passphrase)]))
-		.digest();
-	const c = crypto
-		.createHash('md5')
-		.update(Buffer.concat([b, Buffer.from(passphrase)]))
-		.digest();
-	const bytes = Buffer.concat([a, b, c]);
-	const key = bytes.subarray(0, 32);
-	const iv = bytes.subarray(32, 48);
-	return { key, iv };
-};
-
-const encrypt = (data, algorithm, passphrase, iv) => {
-	let cipher;
-	if (iv) {
-		cipher = crypto.createCipheriv(algorithm, passphrase, iv);
-	} else {
-		console.warn(
-			'[Deprecation notice] No IV provided, falling back to legacy key derivation.\n'
-            + 'This will be removed in a future major release. You should encrypt your keys with a proper key and IV.',
-		);
-		if (crypto.createCipher) {
-			// nodejs < 22
-			cipher = crypto.createCipher(algorithm, passphrase);
-		} else {
-			const { key, iv: generatedIv } = createKeyAndIv(passphrase);
-			cipher = crypto.createCipheriv(algorithm, key, generatedIv);
-		}
-	}
-	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
-	return Buffer.from(encrypted).toString('base64');
-};
-
-const decrypt = (data, algorithm, passphrase, iv) => {
-	data = Buffer.from(data, 'base64').toString();
-	let decipher;
-	if (iv) {
-		decipher = crypto.createDecipheriv(algorithm, passphrase, iv);
-	} else {
-		console.warn(
-			'[Deprecation notice] No IV provided, falling back to legacy key derivation.\n'
-			+ 'This will be removed in a future major release. You should re-encrypt your keys with a proper key and IV.',
-		);
-		if (crypto.createDecipher) {
-			// nodejs < 22
-			decipher = crypto.createDecipher(algorithm, passphrase);
-		} else {
-			const { key, iv: generatedIv } = createKeyAndIv(passphrase);
-			decipher = crypto.createDecipheriv(algorithm, key, generatedIv);
-		}
-	}
-	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');
-	return decrypted;
-};
-
-module.exports = { encrypt, decrypt };
--- a/lib/keymanagers/KeysManager.js
+++ b/lib/keymanagers/KeysManager.js
@@ -1,8 +1,24 @@
 'use strict';

-const { encrypt, decrypt } = require('../crypto/encryptDecrypt');
+const crypto = require('crypto');
+
 const Keys = require('./Keys');

+const encrypt = (data, algorithm, passphrase) => {
+	const cipher = crypto.createCipher(algorithm, passphrase);
+	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
+
+	return Buffer.from(encrypted).toString('base64');
+};
+const decrypt = (data, algorithm, passphrase) => {
+	data = (Buffer.from(data, 'base64')).toString();
+
+	const decipher = crypto.createDecipher(algorithm, passphrase);
+	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');
+
+	return decrypted;
+};
+
 module.exports = (keysStorage, passphrase, algorithm = 'aes-256-cbc') => {
 	const storage = keysStorage;
 	const pass = passphrase;
--- a/lib/keymanagers/defaultKeyEncryptor.js
+++ b/lib/keymanagers/defaultKeyEncryptor.js
@@ -1,9 +1,24 @@
 'use strict';

-const { encrypt, decrypt } = require('../crypto/encryptDecrypt');
+const crypto = require('crypto');

+const encrypt = (data, algorithm, passphrase) => {
+	const cipher = crypto.createCipher(algorithm, passphrase);
+	const encrypted = cipher.update(data, 'utf8', 'hex') + cipher.final('hex');
+	return Buffer.from(encrypted).toString('base64');
+};
+const decrypt = (data, algorithm, passphrase) => {
+	data = (Buffer.from(data, 'base64')).toString();
+	const decipher = crypto.createDecipher(algorithm, passphrase);
+	const decrypted = decipher.update(data, 'hex', 'utf8') + decipher.final('utf8');

-module.exports = ({ passphrase, iv, algorithm = 'aes-256-cbc' }) => ({
-	encrypt: data => encrypt(data, algorithm, passphrase, iv),
+	return decrypted;
+};
+
+module.exports = ({
+	passphrase,
+	algorithm = 'aes-256-cbc',
+}) => ({
+	encrypt: data => encrypt(data, algorithm, passphrase),
 	decrypt: data => decrypt(data, algorithm, passphrase),
 });
--- a/lib/orders/H004/response.js
+++ b/lib/orders/H004/response.js
@@ -5,7 +5,7 @@ const crypto = require('crypto');

 const Crypto = require('../../crypto/Crypto');

-const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');
+const { DOMParser, XMLSerializer } = require('xmldom');
 const xpath = require('xpath');
 const errors = require('./errors');

@@ -25,72 +25,45 @@ module.exports = (xml, keys) => ({

 	isSegmented() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			'//xmlns:header/xmlns:mutable/xmlns:SegmentNumber',
-			this.doc,
-		);
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:SegmentNumber', this.doc);

 		return !!node.length;
 	},

 	isLastSegment() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			"//xmlns:header/xmlns:mutable/*[@lastSegment='true']",
-			this.doc,
-		);
+		const node = select("//xmlns:header/xmlns:mutable/*[@lastSegment='true']", this.doc);

 		return !!node.length;
 	},

 	orderData() {
-		const orderDataNode = this.doc.getElementsByTagNameNS(
-			'urn:org:ebics:H004',
-			'OrderData',
-		);
+		const orderDataNode = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'OrderData');

 		if (!orderDataNode.length) return {};

 		const orderData = orderDataNode[0].textContent;
-		const decipher = crypto
-			.createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV)
-			.setAutoPadding(false);
-		const data = Buffer.from(
-			decipher.update(orderData, 'base64', 'binary')
-				+ decipher.final('binary'),
-			'binary',
-		);
+		const decipher = crypto.createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV).setAutoPadding(false);
+		const data = Buffer.from(decipher.update(orderData, 'base64', 'binary') + decipher.final('binary'), 'binary');

 		return zlib.inflateSync(data);
 	},

 	transactionKey() {
-		const keyNodeText = this.doc.getElementsByTagNameNS(
-			'urn:org:ebics:H004',
-			'TransactionKey',
-		)[0].textContent;
-		return Crypto.privateDecrypt(
-			this.keys.e(),
-			Buffer.from(keyNodeText, 'base64'),
-		);
+		const keyNodeText = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'TransactionKey')[0].textContent;
+		return Crypto.privateDecrypt(this.keys.e(), Buffer.from(keyNodeText, 'base64'));
 	},

 	transactionId() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			'//xmlns:header/xmlns:static/xmlns:TransactionID',
-			this.doc,
-		);
+		const node = select('//xmlns:header/xmlns:static/xmlns:TransactionID', this.doc);

 		return node.length ? node[0].textContent : '';
 	},

 	orderId() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			'.//xmlns:header/xmlns:mutable/xmlns:OrderID',
-			this.doc,
-		);
+		const node = select('.//xmlns:header/xmlns:mutable/xmlns:OrderID', this.doc);

 		return node.length ? node[0].textContent : '';
 	},
@@ -116,20 +89,14 @@ module.exports = (xml, keys) => ({

 	technicalCode() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			'//xmlns:header/xmlns:mutable/xmlns:ReturnCode',
-			this.doc,
-		);
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:ReturnCode', this.doc);

 		return node.length ? node[0].textContent : '';
 	},

 	technicalSymbol() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select(
-			'//xmlns:header/xmlns:mutable/xmlns:ReportText',
-			this.doc,
-		);
+		const node = select('//xmlns:header/xmlns:mutable/xmlns:ReportText', this.doc);

 		return node.length ? node[0].textContent : '';
 	},
@@ -155,14 +122,8 @@ module.exports = (xml, keys) => ({

 		for (let i = 0; i < keyNodes.length; i++) {
 			const type = lastChild(keyNodes[i].parentNode).textContent;
-			const modulus = xpath.select(
-				".//*[local-name(.)='Modulus']",
-				keyNodes[i],
-			)[0].textContent;
-			const exponent = xpath.select(
-				".//*[local-name(.)='Exponent']",
-				keyNodes[i],
-			)[0].textContent;
+			const modulus = xpath.select(".//*[local-name(.)='Modulus']", keyNodes[i])[0].textContent;
+			const exponent = xpath.select(".//*[local-name(.)='Exponent']", keyNodes[i])[0].textContent;

 			const mod = Buffer.from(modulus, 'base64');
 			const exp = Buffer.from(exponent, 'base64');
--- a/lib/orders/H004/signer.js
+++ b/lib/orders/H004/signer.js
@@ -1,32 +1,26 @@
+
 'use strict';

 // const crypto = require('crypto');
 const Crypto = require('../../crypto/Crypto');

-const { DOMParser, XMLSerializer } = require('@xmldom/xmldom');
+const { DOMParser, XMLSerializer } = require('xmldom');
 const xpath = require('xpath');
-const C14n =	require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization;
+const C14n = require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization;

 const digest = (doc) => {
 	// get the xml node, where the digested value is supposed to be
 	const nodeDigestValue = doc.getElementsByTagName('ds:DigestValue')[0];

 	// canonicalize the node that has authenticate='true' attribute
-	const contentToDigest = xpath
-		.select("//*[@authenticate='true']", doc)
-		.map(x => new C14n().process(x))
-		.join('');
+	const contentToDigest = xpath.select("//*[@authenticate='true']", doc)
+		.map(x => new C14n().process(x)).join('');

 	// fix the canonicalization
-	const fixedContent = contentToDigest.replace(
-		/xmlns="urn:org:ebics:H004"/g,
-		'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-	);
+	const fixedContent = contentToDigest.replace(/xmlns="urn:org:ebics:H004"/g, 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"');

 	if (nodeDigestValue)
-		nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent)
-			.toString('base64')
-			.trim();
+		nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent).toString('base64').trim();

 	return doc;
 };
@@ -35,15 +29,8 @@ const sign = (doc, key) => {
 	const nodeSignatureValue = doc.getElementsByTagName('ds:SignatureValue')[0];

 	if (nodeSignatureValue) {
-		const select = xpath.useNamespaces({
-			ds: 'http://www.w3.org/2000/09/xmldsig#',
-		});
-		const contentToSign = new C14n()
-			.process(select('//ds:SignedInfo', doc)[0])
-			.replace(
-				'xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-				'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"',
-			);
+		const select = xpath.useNamespaces({ ds: 'http://www.w3.org/2000/09/xmldsig#' });
+		const contentToSign = (new C14n().process(select('//ds:SignedInfo', doc)[0])).replace('xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"');

 		nodeSignatureValue.textContent = Crypto.privateSign(key, contentToSign); // this.keys.x().key.sign(contentToSign, 'base64');
 	}
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,7 +1,8 @@
 {
 	"name": "ebics-client",
-	"version": "5.0.0",
+	"version": "0.3.0",
 	"description": "Node.js ISO 20022 Compliant EBICS Client",
+	"license": "MIT",
 	"main": "index.js",
 	"files": [
 		"lib/**/*",
@@ -9,10 +10,7 @@
 	],
 	"scripts": {
 		"lint": "eslint .",
-		"test": "npm run test:node$(node -v | cut -d '.' -f 1 | cut -c 2-)",
-		"test:node22": "nyc node ./node_modules/.bin/mocha test/**/*.js",
-		"test:node20": "nyc node --security-revert=CVE-2023-46809 ./node_modules/.bin/mocha test/**/*.js",
-		"test:node18": "nyc node --security-revert=CVE-2023-46809 ./node_modules/.bin/mocha test/**/*.js",
+		"test": "nyc mocha test/**/*.js",
 		"coverage": "nyc report --reporter=text-lcov | coveralls",
 		"version": "auto-changelog -p -t changelog-template.hbs && git add CHANGELOG.md"
 	},
@@ -58,33 +56,27 @@
 		{
 			"name": "Herrie",
 			"url": "https://github.com/Herrie82"
-		},
-		{
-			"name": "Maik Marschner ",
-			"url": "https://github.com/leMaik"
 		}
 	],
-	"license": "MIT",
 	"dependencies": {
-		"@xmldom/xmldom": "^0.8.10",
-		"handlebars": "^4.7.8",
-		"js2xmlparser": "^5.0.0",
-		"node-forge": "^1.3.1",
-		"node-rsa": "^1.1.1",
-		"rock-req": "^5.1.3",
-		"uuid": "^9.0.1",
-		"xml-crypto": "^6.0.0",
+		"handlebars": "^4.7.7",
+		"js2xmlparser": "^4.0.1",
+		"node-forge": "^0.10.0",
+		"request": "^2.88.2",
+		"uuid": "^8.3.2",
+		"xml-crypto": "^2.1.1",
+		"xmldom": "^0.5.0",
 		"xpath": "0.0.32"
 	},
 	"devDependencies": {
-		"auto-changelog": "^2.4.0",
-		"chai": "^4.3.10",
-		"coveralls": "^3.1.1",
+		"auto-changelog": "^1.16.2",
+		"chai": "^4.3.4",
+		"coveralls": "^3.1.0",
 		"eslint": "^6.7.2",
 		"eslint-config-ecollect-base": "^0.1.2",
-		"eslint-plugin-import": "^2.28.1",
-		"mocha": "^10.2.0",
-		"nyc": "^15.1.0",
-		"xmllint-wasm": "^4.0.2"
+		"eslint-plugin-import": "^2.18.2",
+		"libxmljs": "^0.19.7",
+		"mocha": "^7.1.2",
+		"nyc": "^15.1.0"
 	}
 }
--- a/test/spec/H004.js
+++ b/test/spec/H004.js
@@ -9,36 +9,25 @@ const fs = require('fs');

 const ebics = require('../../');

-const xmlLintWasm = require('xmllint-wasm');
+const libxml = require('libxmljs');

-const validateXML = (() => {
-	const xsdDir = path.resolve(__dirname, '../xsd');
-	const schemaPath = path.resolve(xsdDir, 'ebics_H004.xsd');
-	const schemaDoc = fs.readFileSync(schemaPath, { encoding: 'utf8' });
-	const preload = fs
-		.readdirSync(xsdDir)
-		.filter(file => file.endsWith('.xsd') && file !== 'ebics_H004.xsd')
-		.map(file => ({
-			fileName: file,
-			contents: fs.readFileSync(path.join(xsdDir, file), {
-				encoding: 'utf8',
-			}),
-		}));
+const schemaPath = path.resolve(__dirname, '../xsd/ebics_H004.xsd');
+const schemaDoc = libxml.parseXml(fs.readFileSync(schemaPath, { encoding: 'utf8' }));

-	return async (str) => {
-		const results = await xmlLintWasm.validateXML({
-			xml: { fileName: 'ebics.xml', contents: str },
-			schema: [
-				{
-					fileName: 'ebics_H004.xsd',
-					contents: schemaDoc,
-				},
-			],
-			preload,
-		});
-		return results.valid;
-	};
-})();
+const schemaDir = path.dirname(schemaPath);
+const cwd = process.cwd();
+
+const validateXML = (str) => {
+	try {
+		process.chdir(schemaDir);
+		const isValid = libxml.parseXmlString(str).validate(schemaDoc);
+		process.chdir(cwd);
+		return isValid;
+	} catch (e) {
+		process.chdir(cwd);
+		return false;
+	}
+};

 const client = new ebics.Client({
 	url: 'https://iso20022test.credit-suisse.com/ebicsweb/ebicsweb',
@@ -46,9 +35,7 @@ const client = new ebics.Client({
 	userId: 'CRS04381',
 	hostId: 'CRSISOTB',
 	passphrase: 'test',
-	keyStorage: ebics.fsKeysStorage(
-		path.resolve(__dirname, '../support/TEST_KEYS.key'),
-	),
+	keyStorage: ebics.fsKeysStorage(path.resolve(__dirname, '../support/TEST_KEYS.key')),
 });

 const { Orders } = ebics;
@@ -96,8 +83,10 @@ const fnOrders = {
 };

 const getOrderObject = (name, order) => {
-	if (typeof order === 'object') return order;
-	if (fnOrders[name]) return fnOrders[name](order);
+	if (typeof order === 'object')
+		return order;
+	if (fnOrders[name])
+		return fnOrders[name](order);
 	return null;
 };

@@ -105,14 +94,15 @@ describe('H004 order generation', () => {
 	// eslint-disable-next-line no-restricted-syntax
 	for (const [name, orderDefinition] of Object.entries(Orders)) {
 		const order = getOrderObject(name, orderDefinition);
-		if (!order) continue;
+		if (!order)
+			continue;

 		const type = order.orderDetails.OrderType;
 		const { operation } = order;

 		it(`[${operation}] ${type} order generation`, async () => {
 			const signedOrder = await client.signOrder(order);
-			assert.isTrue(await validateXML(signedOrder));
+			assert.isTrue(validateXML(signedOrder));
 		});
 	}
 });