@ledgerhq/hw-transport-u2f
Advanced tools
Comparing version 4.74.2 to 4.74.3-alpha.6
@@ -6,13 +6,8 @@ "use strict"; | ||
}); | ||
exports.default = void 0; | ||
var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; | ||
var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); | ||
var _u2fApi = require("u2f-api"); | ||
var _hwTransport = require("@ledgerhq/hw-transport"); | ||
var _hwTransport = _interopRequireDefault(require("@ledgerhq/hw-transport")); | ||
var _hwTransport2 = _interopRequireDefault(_hwTransport); | ||
var _logs = require("@ledgerhq/logs"); | ||
@@ -24,13 +19,5 @@ | ||
function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; } | ||
function wrapU2FTransportError(originalError, message, id) { | ||
const err = new _errors.TransportError(message, id); // $FlowFixMe | ||
function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } | ||
function _possibleConstructorReturn(self, call) { if (!self) { throw new ReferenceError("this hasn't been initialised - super() hasn't been called"); } return call && (typeof call === "object" || typeof call === "function") ? call : self; } | ||
function _inherits(subClass, superClass) { if (typeof superClass !== "function" && superClass !== null) { throw new TypeError("Super expression must either be null or a function, not " + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; } | ||
function wrapU2FTransportError(originalError, message, id) { | ||
var err = new _errors.TransportError(message, id); | ||
// $FlowFixMe | ||
err.originalError = originalError; | ||
@@ -41,23 +28,21 @@ return err; | ||
function wrapApdu(apdu, key) { | ||
var result = Buffer.alloc(apdu.length); | ||
for (var i = 0; i < apdu.length; i++) { | ||
const result = Buffer.alloc(apdu.length); | ||
for (let i = 0; i < apdu.length; i++) { | ||
result[i] = apdu[i] ^ key[i % key.length]; | ||
} | ||
return result; | ||
} | ||
} // Convert from normal to web-safe, strip trailing "="s | ||
// Convert from normal to web-safe, strip trailing "="s | ||
var webSafe64 = function webSafe64(base64) { | ||
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, ""); | ||
}; | ||
// Convert from web-safe to normal, add trailing "="s | ||
var normal64 = function normal64(base64) { | ||
return base64.replace(/-/g, "+").replace(/_/g, "/") + "==".substring(0, 3 * base64.length % 4); | ||
}; | ||
const webSafe64 = base64 => base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, ""); // Convert from web-safe to normal, add trailing "="s | ||
const normal64 = base64 => base64.replace(/-/g, "+").replace(/_/g, "/") + "==".substring(0, 3 * base64.length % 4); | ||
function attemptExchange(apdu, timeoutMillis, scrambleKey, unwrap) { | ||
var keyHandle = wrapApdu(apdu, scrambleKey); | ||
var challenge = Buffer.from("0000000000000000000000000000000000000000000000000000000000000000", "hex"); | ||
var signRequest = { | ||
const keyHandle = wrapApdu(apdu, scrambleKey); | ||
const challenge = Buffer.from("0000000000000000000000000000000000000000000000000000000000000000", "hex"); | ||
const signRequest = { | ||
version: "U2F_V2", | ||
@@ -69,8 +54,11 @@ keyHandle: webSafe64(keyHandle.toString("base64")), | ||
(0, _logs.log)("apdu", "=> " + apdu.toString("hex")); | ||
return (0, _u2fApi.sign)(signRequest, timeoutMillis / 1000).then(function (response) { | ||
var signatureData = response.signatureData; | ||
return (0, _u2fApi.sign)(signRequest, timeoutMillis / 1000).then(response => { | ||
const { | ||
signatureData | ||
} = response; | ||
if (typeof signatureData === "string") { | ||
var data = Buffer.from(normal64(signatureData), "base64"); | ||
var result = void 0; | ||
const data = Buffer.from(normal64(signatureData), "base64"); | ||
let result; | ||
if (!unwrap) { | ||
@@ -81,2 +69,3 @@ result = data; | ||
} | ||
(0, _logs.log)("apdu", "<= " + result.toString("hex")); | ||
@@ -90,8 +79,6 @@ return result; | ||
var transportInstances = []; | ||
let transportInstances = []; | ||
function emitDisconnect() { | ||
transportInstances.forEach(function (t) { | ||
return t.emit("disconnect"); | ||
}); | ||
transportInstances.forEach(t => t.emit("disconnect")); | ||
transportInstances = []; | ||
@@ -103,3 +90,2 @@ } | ||
} | ||
/** | ||
@@ -113,57 +99,23 @@ * U2F web Transport implementation | ||
var TransportU2F = function (_Transport) { | ||
_inherits(TransportU2F, _Transport); | ||
_createClass(TransportU2F, null, [{ | ||
key: "open", | ||
class TransportU2F extends _hwTransport.default { | ||
/* | ||
*/ | ||
/* | ||
*/ | ||
/** | ||
* static function to create a new Transport from a connected Ledger device discoverable via U2F (browser support) | ||
*/ | ||
/** | ||
* static function to create a new Transport from a connected Ledger device discoverable via U2F (browser support) | ||
*/ | ||
static async open(_, _openTimeout = 5000) { | ||
return new TransportU2F(); | ||
} | ||
/* | ||
*/ | ||
value: function () { | ||
var _ref = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee(_) { | ||
var _openTimeout = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 5000; | ||
return regeneratorRuntime.wrap(function _callee$(_context) { | ||
while (1) { | ||
switch (_context.prev = _context.next) { | ||
case 0: | ||
return _context.abrupt("return", new TransportU2F()); | ||
case 1: | ||
case "end": | ||
return _context.stop(); | ||
} | ||
} | ||
}, _callee, this); | ||
})); | ||
function open(_x) { | ||
return _ref.apply(this, arguments); | ||
} | ||
return open; | ||
}() | ||
/* | ||
*/ | ||
}]); | ||
function TransportU2F() { | ||
_classCallCheck(this, TransportU2F); | ||
var _this = _possibleConstructorReturn(this, (TransportU2F.__proto__ || Object.getPrototypeOf(TransportU2F)).call(this)); | ||
_this.unwrap = true; | ||
transportInstances.push(_this); | ||
return _this; | ||
constructor() { | ||
super(); | ||
this.scrambleKey = void 0; | ||
this.unwrap = true; | ||
transportInstances.push(this); | ||
} | ||
/** | ||
@@ -176,97 +128,58 @@ * Exchange with the device using APDU protocol. | ||
_createClass(TransportU2F, [{ | ||
key: "exchange", | ||
value: function () { | ||
var _ref2 = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee2(apdu) { | ||
var isU2FError; | ||
return regeneratorRuntime.wrap(function _callee2$(_context2) { | ||
while (1) { | ||
switch (_context2.prev = _context2.next) { | ||
case 0: | ||
_context2.prev = 0; | ||
_context2.next = 3; | ||
return attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey, this.unwrap); | ||
async exchange(apdu) { | ||
try { | ||
return await attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey, this.unwrap); | ||
} catch (e) { | ||
const isU2FError = typeof e.metaData === "object"; | ||
case 3: | ||
return _context2.abrupt("return", _context2.sent); | ||
if (isU2FError) { | ||
if (isTimeoutU2FError(e)) { | ||
emitDisconnect(); | ||
} // the wrapping make error more usable and "printable" to the end user. | ||
case 6: | ||
_context2.prev = 6; | ||
_context2.t0 = _context2["catch"](0); | ||
isU2FError = _typeof(_context2.t0.metaData) === "object"; | ||
if (!isU2FError) { | ||
_context2.next = 14; | ||
break; | ||
} | ||
if (isTimeoutU2FError(_context2.t0)) { | ||
emitDisconnect(); | ||
} | ||
// the wrapping make error more usable and "printable" to the end user. | ||
throw wrapU2FTransportError(_context2.t0, "Failed to sign with Ledger device: U2F " + _context2.t0.metaData.type, "U2F_" + _context2.t0.metaData.code); | ||
case 14: | ||
throw _context2.t0; | ||
case 15: | ||
case "end": | ||
return _context2.stop(); | ||
} | ||
} | ||
}, _callee2, this, [[0, 6]]); | ||
})); | ||
function exchange(_x3) { | ||
return _ref2.apply(this, arguments); | ||
throw wrapU2FTransportError(e, "Failed to sign with Ledger device: U2F " + e.metaData.type, "U2F_" + e.metaData.code); | ||
} else { | ||
throw e; | ||
} | ||
} | ||
} | ||
/** | ||
*/ | ||
return exchange; | ||
}() | ||
/** | ||
*/ | ||
setScrambleKey(scrambleKey) { | ||
this.scrambleKey = Buffer.from(scrambleKey, "ascii"); | ||
} | ||
/** | ||
*/ | ||
}, { | ||
key: "setScrambleKey", | ||
value: function setScrambleKey(scrambleKey) { | ||
this.scrambleKey = Buffer.from(scrambleKey, "ascii"); | ||
} | ||
/** | ||
*/ | ||
setUnwrap(unwrap) { | ||
this.unwrap = unwrap; | ||
} | ||
}, { | ||
key: "setUnwrap", | ||
value: function setUnwrap(unwrap) { | ||
this.unwrap = unwrap; | ||
} | ||
}, { | ||
key: "close", | ||
value: function close() { | ||
// u2f have no way to clean things up | ||
return Promise.resolve(); | ||
} | ||
}]); | ||
close() { | ||
// u2f have no way to clean things up | ||
return Promise.resolve(); | ||
} | ||
return TransportU2F; | ||
}(_hwTransport2.default); | ||
} | ||
exports.default = TransportU2F; | ||
TransportU2F.isSupported = _u2fApi.isSupported; | ||
TransportU2F.list = function () { | ||
return ( | ||
// this transport is not discoverable but we are going to guess if it is here with isSupported() | ||
(0, _u2fApi.isSupported)().then(function (supported) { | ||
return supported ? [null] : []; | ||
}) | ||
); | ||
}; | ||
TransportU2F.list = () => // this transport is not discoverable but we are going to guess if it is here with isSupported() | ||
(0, _u2fApi.isSupported)().then(supported => supported ? [null] : []); | ||
TransportU2F.listen = function (observer) { | ||
var unsubscribed = false; | ||
(0, _u2fApi.isSupported)().then(function (supported) { | ||
TransportU2F.listen = observer => { | ||
let unsubscribed = false; | ||
(0, _u2fApi.isSupported)().then(supported => { | ||
if (unsubscribed) return; | ||
if (supported) { | ||
observer.next({ type: "add", descriptor: null }); | ||
observer.next({ | ||
type: "add", | ||
descriptor: null | ||
}); | ||
observer.complete(); | ||
@@ -278,3 +191,3 @@ } else { | ||
return { | ||
unsubscribe: function unsubscribe() { | ||
unsubscribe: () => { | ||
unsubscribed = true; | ||
@@ -284,4 +197,2 @@ } | ||
}; | ||
exports.default = TransportU2F; | ||
//# sourceMappingURL=TransportU2F.js.map |
{ | ||
"name": "@ledgerhq/hw-transport-u2f", | ||
"version": "4.74.2", | ||
"version": "4.74.3-alpha.6+0750e69", | ||
"description": "Ledger Hardware Wallet Web implementation of the communication layer, using U2F api", | ||
@@ -29,5 +29,5 @@ "keywords": [ | ||
"dependencies": { | ||
"@ledgerhq/errors": "^4.74.2", | ||
"@ledgerhq/hw-transport": "^4.74.2", | ||
"@ledgerhq/logs": "^4.72.0", | ||
"@ledgerhq/errors": "^4.74.3-alpha.6+0750e69", | ||
"@ledgerhq/hw-transport": "^4.74.3-alpha.6+0750e69", | ||
"@ledgerhq/logs": "^4.74.3-alpha.6+0750e69", | ||
"u2f-api": "0.2.7" | ||
@@ -45,3 +45,3 @@ }, | ||
}, | ||
"gitHead": "5f74b291e1bfd836d23a829a5948f7273af16359" | ||
"gitHead": "0750e6985bbd4a0faec44c9014352a46b094c66e" | ||
} |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
0
38895
312
1
1
+ Added@ledgerhq/logs@4.74.3-alpha.6(transitive)