Bump node-rsa from 1.1.1 to 2.0.0

[dependabot]

Bumps node-rsa from 1.1.1 to 2.0.0.

Release notes

Sourced from node-rsa's releases.

v2.0.0 - TypeScript rewrite, native node:crypto fast paths, security audit fixes

Full TypeScript rewrite of v1 with the same public API. The node bundle now routes RSA primitives through node:crypto whenever possible; the browser bundle defaults to native BigInt.

See CHANGELOG.md for the full list and MIGRATION.md for upgrade guidance.

Highlights

Performance

• Keygen via crypto.generateKeyPairSync — 2048-bit drops from ~2.3 s to ~50 ms (~45× faster).
• PKCS#1 v1.5 / PSS sign+verify via crypto.sign/crypto.verify — PSS-SHA256 sign on 2048-bit drops from ~17 ms to sub-millisecond.
• Browser bundle uses native BigInt — ~4–5× faster than jsbn on PSS sign/verify. Falls back to jsbn on pre-2020 runtimes.

Security fixes (no API change)

• Constant-time OAEP decode (closes Manger padding-oracle), PKCS#1 v1.5 decode (Bleichenbacher/ROBOT), and PSS verify.
• Private-key operations are blinded (Kocher / Brumley-Boneh defence).
• Miller-Rabin uses CSPRNG witnesses with FIPS 186-4 round counts (was Math.random() over a fixed 168-element table).
• Imported private keys are CRT-consistency-checked — closes a Boneh-DeMillo-Lipton fault-injection vector.
• Hardened PKCS#8 / OpenSSH parsers; public-exponent and RSA-primitive bounds checks per RFC 8017.
• generate(B) refuses B < 512 and warns below 2048; Fermat-distance defence on |p − q|.

Breaking changes

• Min Node.js is now 20.
• ESM-first with dual ESM/CJS via package.json#exports.
• Browser default return type is Uint8Array (was a Buffer polyfill); Node still returns Buffer.
• Browser bundle has zero Node-builtin imports — no Buffer/crypto shims, CI-enforced.
• Default signing scheme switched from pkcs1 to pss (RFC 8017 / NIST best practice). Pass signingScheme: 'pkcs1' to keep v1 behaviour. Bare sha256 shorthand now resolves to pss-sha256.
• MD4 is Node-only and provider-gated (OpenSSL 3 no longer loads the legacy provider by default).
• Native PKCS#1 v1.5 privateDecrypt falls back to JS engine on modern Node (security-deprecated upstream); plaintext is byte-identical.
• Custom MGF for PSS throws on the node bundle — node:crypto only supports MGF1 with hash equal to signing hash.
• setOptions({environment}) is a deprecated no-op (still forces JS engine when set to 'browser').
• asn1 npm dependency removed — replaced by an in-tree ~150-line DER reader/writer; byte-identical output.

Added

• TypeScript types for every public surface.
• @noble/hashes runtime dependency (~6 KB gzipped, audited).
• CI-enforced bundle size budget: browser <100 KB raw / <30 KB gzipped; node <120 KB raw / <35 KB gzipped.

Internal

• Modern tooling: tsup, vitest, biome, strict TypeScript.
• 1006 test cases across 27 files; the v1 mocha suite (61 it() blocks) is ported verbatim and runs in both node and browser-emulated vitest projects.

v2.0.0-rc.0 — TypeScript rewrite (first pre-release)

First pre-release of the v2 line. Full rewrite of the v1 library in TypeScript with the same public API, native node:crypto fast paths on Node, and a native-BigInt path for modern browsers.

See CHANGELOG.md and MIGRATION.md for the full behaviour-change summary.

Changelog

Sourced from node-rsa's changelog.

2.0.0 — TypeScript rewrite, native node:crypto fast paths, security audit fixes

Full rewrite of the v1 library in TypeScript with the same public API. The node bundle now routes RSA primitives through node:crypto whenever possible, and the browser bundle defaults to native BigInt.

Performance — node bundle uses node:crypto natively

• Keygen uses crypto.generateKeyPairSync. 2048-bit drops from ~2.3 s to ~50 ms (~45× faster) on modern hardware; 1024-bit from ~240 ms to ~10 ms.
• PKCS#1 v1.5 and PSS sign/verify use crypto.sign / crypto.verify. PSS-SHA256 sign on 2048-bit drops from ~17 ms to sub-millisecond.
• OAEP encrypt / PKCS#1 v1.5 encrypt route through NodeNativeEngine — also node:crypto-backed.

Performance — browser bundle defaults to native BigInt

A drop-in BigInteger implementation lives at https://github.com/rzcoder/node-rsa/blob/master/src/bigint/big-integer-native.ts and uses ES2020's native BigInt. The browser bundle picks it at load time; the node bundle stays on the audited jsbn implementation. Round-trips identically through every API; switch back to jsbn with new NodeRSA(key, { bigIntImpl: 'jsbn' }) if you ever need to.

2048-bit, JS path	jsbn	native	speedup
PSS-SHA256 sign	~16 ms	~4 ms	~4×
PSS-SHA256 verify	~0.4 ms	~0.08 ms	~5×

The bigIntImpl option (also accepted by setOptions) must be set BEFORE the key is imported or generated; switching it on an instance that already has key components throws, since the two implementations produce incompatible BigInteger instances.

The browser bundle silently falls back to jsbn on runtimes without globalThis.BigInt (i.e. pre-2020 environments). No user action needed.

Breaking changes

• Min Node.js is now 20. v1 worked back to Node 8.11; v2 requires Node 20+ for node:crypto, globalThis.crypto, and modern ESM features.
• Module shape: ESM-first. package.json#exports provides a dual ESM/CJS layout — import NodeRSA from 'node-rsa' for ESM, require('node-rsa').default for CommonJS.
• Browser default return type is Uint8Array (was Buffer via polyfill). Node return type stays Buffer (which extends Uint8Array, so most existing consumers continue to work). Internal byte handling is Uint8Array end-to-end; the Node entry wraps results as Buffer at the API boundary.
• No more Buffer or crypto shims for browsers. The browser bundle

... (truncated)

Commits

• 5479862 chore: release v2.0.0
• b3049c5 chore(bigint): silence IDE warnings — drop dead store, use destructuring swap
• 9a4d332 doc: Removed mentions of missing files.
• 7004c47 Merge pull request #237 from rzcoder/refactor/typescript
• 0eade68 doc: update readme
• d8cc10f chore(deps): upgrade biome 2, vitest 4, ts 6, chai 6, @​noble/hashes 2
• c08e6d8 chore: drop non-null assertions — narrow in src, allow in test specs
• 7e74461 feat(security): timing-safe JS decrypt, key.destroy(), weak-hash warning
• b96c25d chore(release): prep 2.0.0-rc.0
• 1906e6d fix: preserve bytes ≥0x80 through 'binary'/'latin1' encoding
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for node-rsa since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)