Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
coap-packet
Advanced tools
CoAP-Packet is a generator and parser of CoAP packets for node.js.
What is CoAP?
Constrained Application Protocol (CoAP) is a software protocol intended to be used in very simple electronics devices that allows them to communicate interactively over the Internet. - Wikipedia
This library follows RFC 7252 and RFC 8974 for generating and parsing of CoAP packets. It also supports the method and option codes specified by other specifications, such as RFC 7641, RFC 7959, and RFC 8132.
It does not provide any CoAP semantics, it just parses the protocol.
CoAP-packet is an OPEN Open Source Project, see the Contributing section to find out what this means.
The library is being tested on Node versions 12, 14, and 16.
$: npm install coap-packet --save
The following example opens an UDP client and UDP server and sends a CoAP message between them:
const dgram = require('dgram')
const packet = require('coap-packet')
const parse = packet.parse
const generate = packet.generate
const payload = Buffer.from('Hello World')
const message = generate({ payload: payload })
const port = 41234
const client = dgram.createSocket('udp4')
const server = dgram.createSocket('udp4')
server.bind(port, function () {
client.send(message, 0, message.length, 41234, 'localhost', function (err, bytes) {
if (err) {
console.error(err.message)
}
client.close()
})
})
server.on('message', function (data) {
console.log(parse(data).payload.toString())
server.close()
})
The parse
function takes a buffer and returns a JS object that
follows a particular format.
The generate
function takes a JS object that
follows a particular format and transform it into
a CoAP packet.
The JS representation of a CoAP packet is:
{
token: Buffer.alloc(4),
code: '0.01',
messageId: 42,
payload: Buffer.alloc(200),
options: [{
name: 'If-Match',
value: Buffer.alloc(5)
}, {
name: 'Uri-Path',
value: Buffer.from('hello')
}]
}
Instead of numerical codes, it also supports humanized names, e.g.
GET
, POST
, PUT
, DELETE
.
Numerical codes can also be specified in HTTP format, like 500
or
'404'
.
CoAP-Packet is an OPEN Open Source Project. This means that:
Individuals making significant and valuable contributions are given commit-access to the project to contribute as they see fit. This project is more like an open wiki than a standard guarded open source project.
See the CONTRIBUTING.md file for more details.
Coap-Packet is only possible due to the excellent work of the following contributors:
Matteo Collina | GitHub/mcollina | Twitter/@matteocollina |
---|
MIT, see LICENSE.md file.
FAQs
Generate and Parse CoAP packets
The npm package coap-packet receives a total of 6,498 weekly downloads. As such, coap-packet popularity was classified as popular.
We found that coap-packet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.