Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@ledgerhq/hw-transport-webauthn
Advanced tools
@ledgerhq/hw-transport-webauthn - npm Package Compare versions
Comparing version 4.74.3-alpha.6 to 4.77.0
@@ -6,6 +6,9 @@ "use strict"; | ||
| }); | ||
| exports.default = void 0; | ||
| var _hwTransport = _interopRequireDefault(require("@ledgerhq/hw-transport")); | ||
| var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); | ||
| var _hwTransport = require("@ledgerhq/hw-transport"); | ||
| var _hwTransport2 = _interopRequireDefault(_hwTransport); | ||
| var _errors = require("@ledgerhq/errors"); | ||
@@ -19,3 +22,11 @@ | ||
| const attemptExchange = (apdu, timeout, scrambleKey) => { | ||
| function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; } | ||
| function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } | ||
| function _possibleConstructorReturn(self, call) { if (!self) { throw new ReferenceError("this hasn't been initialised - super() hasn't been called"); } return call && (typeof call === "object" || typeof call === "function") ? call : self; } | ||
| function _inherits(subClass, superClass) { if (typeof superClass !== "function" && superClass !== null) { throw new TypeError("Super expression must either be null or a function, not " + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; } | ||
| var attemptExchange = function attemptExchange(apdu, timeout, scrambleKey) { | ||
| if (!scrambleKey) { | ||
@@ -29,6 +40,7 @@ throw new _errors.TransportError("transport.setScrambleKey must be used to set a scramble key. Refer to documentation.", "NoScrambleKey"); | ||
| return navigator.credentials // $FlowFixMe | ||
| return navigator.credentials | ||
| // $FlowFixMe | ||
| .get({ | ||
| publicKey: { | ||
| timeout, | ||
| timeout: timeout, | ||
| challenge: new Uint8Array(32), | ||
@@ -40,5 +52,9 @@ allowCredentials: [{ | ||
| } | ||
| }) // $FlowFixMe | ||
| .then(r => Buffer.from(r.response.signature)); | ||
| }) | ||
| // $FlowFixMe | ||
| .then(function (r) { | ||
| return Buffer.from(r.response.signature); | ||
| }); | ||
| }; | ||
| /** | ||
@@ -52,68 +68,127 @@ * WebAuthn Transport implementation | ||
| var TransportWebAuthn = function (_Transport) { | ||
| _inherits(TransportWebAuthn, _Transport); | ||
| class TransportWebAuthn extends _hwTransport.default { | ||
| constructor(...args) { | ||
| super(...args); | ||
| this.scrambleKey = void 0; | ||
| } | ||
| function TransportWebAuthn() { | ||
| _classCallCheck(this, TransportWebAuthn); | ||
| static async open() { | ||
| return new TransportWebAuthn(); | ||
| return _possibleConstructorReturn(this, (TransportWebAuthn.__proto__ || Object.getPrototypeOf(TransportWebAuthn)).apply(this, arguments)); | ||
| } | ||
| /** | ||
| * Exchange with the device using APDU protocol. | ||
| * @param apdu | ||
| * @returns a promise of apdu response | ||
| */ | ||
| _createClass(TransportWebAuthn, [{ | ||
| key: "exchange", | ||
| async exchange(apdu) { | ||
| (0, _logs.log)("apdu", "=> " + apdu.toString("hex")); | ||
| const res = await attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey); | ||
| (0, _logs.log)("apdu", "<= " + res.toString("hex")); | ||
| return res; | ||
| } | ||
| /** | ||
| * A scramble key is a string that xor the data exchanged. | ||
| * It depends on the device app you need to exchange with. | ||
| * For instance it can be "BTC" for the bitcoin app, "B0L0S" for the dashboard. | ||
| * | ||
| * @example | ||
| * transport.setScrambleKey("B0L0S") | ||
| */ | ||
| /** | ||
| * Exchange with the device using APDU protocol. | ||
| * @param apdu | ||
| * @returns a promise of apdu response | ||
| */ | ||
| value: function () { | ||
| var _ref = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee(apdu) { | ||
| var res; | ||
| return regeneratorRuntime.wrap(function _callee$(_context) { | ||
| while (1) { | ||
| switch (_context.prev = _context.next) { | ||
| case 0: | ||
| (0, _logs.log)("apdu", "=> " + apdu.toString("hex")); | ||
| _context.next = 3; | ||
| return attemptExchange(apdu, this.exchangeTimeout, this.scrambleKey); | ||
| setScrambleKey(scrambleKey) { | ||
| this.scrambleKey = Buffer.from(scrambleKey, "ascii"); | ||
| } | ||
| case 3: | ||
| res = _context.sent; | ||
| close() { | ||
| return Promise.resolve(); | ||
| } | ||
| (0, _logs.log)("apdu", "<= " + res.toString("hex")); | ||
| return _context.abrupt("return", res); | ||
| } | ||
| case 6: | ||
| case "end": | ||
| return _context.stop(); | ||
| } | ||
| } | ||
| }, _callee, this); | ||
| })); | ||
| exports.default = TransportWebAuthn; | ||
| function exchange(_x) { | ||
| return _ref.apply(this, arguments); | ||
| } | ||
| TransportWebAuthn.isSupported = () => Promise.resolve(!!navigator.credentials); | ||
| return exchange; | ||
| }() | ||
| TransportWebAuthn.list = () => navigator.credentials ? [null] : []; | ||
| /** | ||
| * A scramble key is a string that xor the data exchanged. | ||
| * It depends on the device app you need to exchange with. | ||
| * For instance it can be "BTC" for the bitcoin app, "B0L0S" for the dashboard. | ||
| * | ||
| * @example | ||
| * transport.setScrambleKey("B0L0S") | ||
| */ | ||
| TransportWebAuthn.listen = observer => { | ||
| }, { | ||
| key: "setScrambleKey", | ||
| value: function setScrambleKey(scrambleKey) { | ||
| this.scrambleKey = Buffer.from(scrambleKey, "ascii"); | ||
| } | ||
| }, { | ||
| key: "close", | ||
| value: function close() { | ||
| return Promise.resolve(); | ||
| } | ||
| }], [{ | ||
| key: "open", | ||
| /* | ||
| */ | ||
| value: function () { | ||
| var _ref2 = _asyncToGenerator( /*#__PURE__*/regeneratorRuntime.mark(function _callee2() { | ||
| return regeneratorRuntime.wrap(function _callee2$(_context2) { | ||
| while (1) { | ||
| switch (_context2.prev = _context2.next) { | ||
| case 0: | ||
| return _context2.abrupt("return", new TransportWebAuthn()); | ||
| case 1: | ||
| case "end": | ||
| return _context2.stop(); | ||
| } | ||
| } | ||
| }, _callee2, this); | ||
| })); | ||
| function open() { | ||
| return _ref2.apply(this, arguments); | ||
| } | ||
| return open; | ||
| }() | ||
| /* | ||
| */ | ||
| }]); | ||
| return TransportWebAuthn; | ||
| }(_hwTransport2.default); | ||
| TransportWebAuthn.isSupported = function () { | ||
| return Promise.resolve(!!navigator.credentials); | ||
| }; | ||
| TransportWebAuthn.list = function () { | ||
| return navigator.credentials ? [null] : []; | ||
| }; | ||
| TransportWebAuthn.listen = function (observer) { | ||
| if (!navigator.credentials) { | ||
| observer.error(new _errors.TransportError("WebAuthn not supported", "NotSupported")); | ||
| return { | ||
| unsubscribe: () => {} | ||
| }; | ||
| return { unsubscribe: function unsubscribe() {} }; | ||
| } | ||
| observer.next({ | ||
| type: "add", | ||
| descriptor: null | ||
| }); | ||
| observer.next({ type: "add", descriptor: null }); | ||
| observer.complete(); | ||
| return { | ||
| unsubscribe: () => {} | ||
| }; | ||
| return { unsubscribe: function unsubscribe() {} }; | ||
| }; | ||
| exports.default = TransportWebAuthn; | ||
| //# sourceMappingURL=TransportWebAuthn.js.map |
| { | ||
| "name": "@ledgerhq/hw-transport-webauthn", | ||
| "version": "4.74.3-alpha.6+0750e69", | ||
| "version": "4.77.0", | ||
| "description": "Ledger Hardware Wallet Web implementation of the communication layer, using WebAuthN api", | ||
@@ -29,6 +29,6 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@ledgerhq/devices": "^4.74.3-alpha.6+0750e69", | ||
| "@ledgerhq/errors": "^4.74.3-alpha.6+0750e69", | ||
| "@ledgerhq/hw-transport": "^4.74.3-alpha.6+0750e69", | ||
| "@ledgerhq/logs": "^4.74.3-alpha.6+0750e69" | ||
| "@ledgerhq/devices": "^4.77.0", | ||
| "@ledgerhq/errors": "^4.77.0", | ||
| "@ledgerhq/hw-transport": "^4.77.0", | ||
| "@ledgerhq/logs": "^4.72.0" | ||
| }, | ||
@@ -46,3 +46,3 @@ "devDependencies": { | ||
| }, | ||
| "gitHead": "0750e6985bbd4a0faec44c9014352a46b094c66e" | ||
| "gitHead": "b25792920f55ec855fd74778ce37240ef7dbde01" | ||
| } |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by11.92%
31672
- Lines of code
- increased by32.09%
247
- Number of low quality alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-100%
0
Dependency changes
- Removed@ledgerhq/logs@4.74.3-alpha.6(transitive)
Updated@ledgerhq/devices@^4.77.0
Updated@ledgerhq/errors@^4.77.0
Updated@ledgerhq/logs@^4.72.0