Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@ledgerhq/hw-transport-u2f

Package Overview
Dependencies
Maintainers
12
Versions
184
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@ledgerhq/hw-transport-u2f - npm Package Compare versions

Comparing version 4.74.2 to 4.74.3-alpha.6

255

lib/TransportU2F.js

@@ -6,13 +6,8 @@ "use strict";

});
exports.default = void 0;
var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; };
var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }();
var _u2fApi = require("u2f-api");
var _hwTransport = require("@ledgerhq/hw-transport");
var _hwTransport = _interopRequireDefault(require("@ledgerhq/hw-transport"));
var _hwTransport2 = _interopRequireDefault(_hwTransport);
var _logs = require("@ledgerhq/logs");

@@ -24,13 +19,5 @@

function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; }
function wrapU2FTransportError(originalError, message, id) {
const err = new _errors.TransportError(message, id); // $FlowFixMe
function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }
function _possibleConstructorReturn(self, call) { if (!self) { throw new ReferenceError("this hasn't been initialised - super() hasn't been called"); } return call && (typeof call === "object" || typeof call === "function") ? call : self; }
function _inherits(subClass, superClass) { if (typeof superClass !== "function" && superClass !== null) { throw new TypeError("Super expression must either be null or a function, not " + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; }
function wrapU2FTransportError(originalError, message, id) {
var err = new _errors.TransportError(message, id);
// $FlowFixMe
err.originalError = originalError;

@@ -41,23 +28,21 @@ return err;

function wrapApdu(apdu, key) {
var result = Buffer.alloc(apdu.length);
for (var i = 0; i < apdu.length; i++) {
const result = Buffer.alloc(apdu.length);
for (let i = 0; i < apdu.length; i++) {
result[i] = apdu[i] ^ key[i % key.length];
}
return result;
}
} // Convert from normal to web-safe, strip trailing "="s
// Convert from normal to web-safe, strip trailing "="s
var webSafe64 = function webSafe64(base64) {
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
};
// Convert from web-safe to normal, add trailing "="s
var normal64 = function normal64(base64) {
return base64.replace(/-/g, "+").replace(/_/g, "/") + "==".substring(0, 3 * base64.length % 4);
};
const webSafe64 = base64 => base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, ""); // Convert from web-safe to normal, add trailing "="s
const normal64 = base64 => base64.replace(/-/g, "+").replace(/_/g, "/") + "==".substring(0, 3 * base64.length % 4);
function attemptExchange(apdu, timeoutMillis, scrambleKey, unwrap) {
var keyHandle = wrapApdu(apdu, scrambleKey);
var challenge = Buffer.from("0000000000000000000000000000000000000000000000000000000000000000", "hex");
var signRequest = {
const keyHandle = wrapApdu(apdu, scrambleKey);
const challenge = Buffer.from("0000000000000000000000000000000000000000000000000000000000000000", "hex");
const signRequest = {
version: "U2F_V2",

@@ -69,8 +54,11 @@ keyHandle: webSafe64(keyHandle.toString("base64")),

(0, _logs.log)("apdu", "=> " + apdu.toString("hex"));
return (0, _u2fApi.sign)(signRequest, timeoutMillis / 1000).then(function (response) {
var signatureData = response.signatureData;
return (0, _u2fApi.sign)(signRequest, timeoutMillis / 1000).then(response => {
const {
signatureData
} = response;
if (typeof signatureData === "string") {
var data = Buffer.from(normal64(signatureData), "base64");
var result = void 0;
const data = Buffer.from(normal64(signatureData), "base64");
let result;
if (!unwrap) {

@@ -81,2 +69,3 @@ result = data;

}
(0, _logs.log)("apdu", "<= " + result.toString("hex"));

@@ -90,8 +79,6 @@ return result;

var transportInstances = [];
let transportInstances = [];
function emitDisconnect() {
transportInstances.forEach(function (t) {
return t.emit("disconnect");
});
transportInstances.forEach(t => t.emit("disconnect"));
transportInstances = [];

@@ -103,3 +90,2 @@ }

}
/**

@@ -113,57 +99,23 @@ * U2F web Transport implementation

var TransportU2F = function (_Transport) {
_inherits(TransportU2F, _Transport);
_createClass(TransportU2F, null, [{
key: "open",
class TransportU2F extends _hwTransport.default {
/*
*/
/*
*/
/**
* static function to create a new Transport from a connected Ledger device discoverable via U2F (browser support)
*/
/**
* static function to create a new Transport from a connected Ledger device discoverable via U2F (browser support)
*/
static async open(_, _openTimeout = 5000) {
return new TransportU2F();
}
/*
*/
value: function () {
var _ref = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee(_) {
var _openTimeout = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 5000;
return regeneratorRuntime.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
return _context.abrupt("return", new TransportU2F());
case 1:
case "end":
return _context.stop();
}
}
}, _callee, this);
}));
function open(_x) {
return _ref.apply(this, arguments);
}
return open;
}()
/*
*/
}]);
function TransportU2F() {
_classCallCheck(this, TransportU2F);
var _this = _possibleConstructorReturn(this, (TransportU2F.__proto__ || Object.getPrototypeOf(TransportU2F)).call(this));
_this.unwrap = true;
transportInstances.push(_this);
return _this;
constructor() {
super();
this.scrambleKey = void 0;
this.unwrap = true;
transportInstances.push(this);
}
/**

@@ -176,97 +128,58 @@ * Exchange with the device using APDU protocol.

_createClass(TransportU2F, [{
key: "exchange",
value: function () {
var _ref2 = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee2(apdu) {
var isU2FError;
return regeneratorRuntime.wrap(function _callee2$(_context2) {
while (1) {
switch (_context2.prev = _context2.next) {
case 0:
_context2.prev = 0;
_context2.next = 3;
return attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey, this.unwrap);
async exchange(apdu) {
try {
return await attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey, this.unwrap);
} catch (e) {
const isU2FError = typeof e.metaData === "object";
case 3:
return _context2.abrupt("return", _context2.sent);
if (isU2FError) {
if (isTimeoutU2FError(e)) {
emitDisconnect();
} // the wrapping make error more usable and "printable" to the end user.
case 6:
_context2.prev = 6;
_context2.t0 = _context2["catch"](0);
isU2FError = _typeof(_context2.t0.metaData) === "object";
if (!isU2FError) {
_context2.next = 14;
break;
}
if (isTimeoutU2FError(_context2.t0)) {
emitDisconnect();
}
// the wrapping make error more usable and "printable" to the end user.
throw wrapU2FTransportError(_context2.t0, "Failed to sign with Ledger device: U2F " + _context2.t0.metaData.type, "U2F_" + _context2.t0.metaData.code);
case 14:
throw _context2.t0;
case 15:
case "end":
return _context2.stop();
}
}
}, _callee2, this, [[0, 6]]);
}));
function exchange(_x3) {
return _ref2.apply(this, arguments);
throw wrapU2FTransportError(e, "Failed to sign with Ledger device: U2F " + e.metaData.type, "U2F_" + e.metaData.code);
} else {
throw e;
}
}
}
/**
*/
return exchange;
}()
/**
*/
setScrambleKey(scrambleKey) {
this.scrambleKey = Buffer.from(scrambleKey, "ascii");
}
/**
*/
}, {
key: "setScrambleKey",
value: function setScrambleKey(scrambleKey) {
this.scrambleKey = Buffer.from(scrambleKey, "ascii");
}
/**
*/
setUnwrap(unwrap) {
this.unwrap = unwrap;
}
}, {
key: "setUnwrap",
value: function setUnwrap(unwrap) {
this.unwrap = unwrap;
}
}, {
key: "close",
value: function close() {
// u2f have no way to clean things up
return Promise.resolve();
}
}]);
close() {
// u2f have no way to clean things up
return Promise.resolve();
}
return TransportU2F;
}(_hwTransport2.default);
}
exports.default = TransportU2F;
TransportU2F.isSupported = _u2fApi.isSupported;
TransportU2F.list = function () {
return (
// this transport is not discoverable but we are going to guess if it is here with isSupported()
(0, _u2fApi.isSupported)().then(function (supported) {
return supported ? [null] : [];
})
);
};
TransportU2F.list = () => // this transport is not discoverable but we are going to guess if it is here with isSupported()
(0, _u2fApi.isSupported)().then(supported => supported ? [null] : []);
TransportU2F.listen = function (observer) {
var unsubscribed = false;
(0, _u2fApi.isSupported)().then(function (supported) {
TransportU2F.listen = observer => {
let unsubscribed = false;
(0, _u2fApi.isSupported)().then(supported => {
if (unsubscribed) return;
if (supported) {
observer.next({ type: "add", descriptor: null });
observer.next({
type: "add",
descriptor: null
});
observer.complete();

@@ -278,3 +191,3 @@ } else {

return {
unsubscribe: function unsubscribe() {
unsubscribe: () => {
unsubscribed = true;

@@ -284,4 +197,2 @@ }

};
exports.default = TransportU2F;
//# sourceMappingURL=TransportU2F.js.map

10

package.json
{
"name": "@ledgerhq/hw-transport-u2f",
"version": "4.74.2",
"version": "4.74.3-alpha.6+0750e69",
"description": "Ledger Hardware Wallet Web implementation of the communication layer, using U2F api",

@@ -29,5 +29,5 @@ "keywords": [

"dependencies": {
"@ledgerhq/errors": "^4.74.2",
"@ledgerhq/hw-transport": "^4.74.2",
"@ledgerhq/logs": "^4.72.0",
"@ledgerhq/errors": "^4.74.3-alpha.6+0750e69",
"@ledgerhq/hw-transport": "^4.74.3-alpha.6+0750e69",
"@ledgerhq/logs": "^4.74.3-alpha.6+0750e69",
"u2f-api": "0.2.7"

@@ -45,3 +45,3 @@ },

},
"gitHead": "5f74b291e1bfd836d23a829a5948f7273af16359"
"gitHead": "0750e6985bbd4a0faec44c9014352a46b094c66e"
}
lib/TransportU2F.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc