libp2p-crypto
Advanced tools
Crypto primitives for libp2p in JavaScript
This repo contains the JavaScript implementation of the crypto primitives needed for libp2p. This is based on this go implementation.
crypto.aes
crypto.hmac
crypto.keyscrypto.keys.generateKeyPair(type, bits)crypto.keys.generateEphemeralKeyPair(curve)crypto.keys.keyStretcher(cipherType, hashType, secret)crypto.keys.marshalPublicKey(key, [type])crypto.keys.unmarshalPublicKey(buf)crypto.keys.marshalPrivateKey(key, [type])crypto.keys.unmarshalPrivateKey(buf)crypto.keys.import(pem, password)crypto.randomBytes(number)crypto.pbkdf2(password, salt, iterations, keySize, hash)npm install --save libp2p-crypto
const crypto = require('libp2p-crypto')
// Now available to you:
//
// crypto.aes
// crypto.hmac
// crypto.keys
// etc.
//
// See full API details below...
The libp2p-crypto library depends on the Web Crypto API in the browser. Web Crypto is available in all modern browsers, however browsers restrict its usage to Secure Contexts.
This means you will not be able to use some libp2p-crypto functions in the browser when the page is served over HTTP. To enable the Web Crypto API and allow libp2p-crypto to work fully, please serve your page over HTTPS.
crypto.aesExposes an interface to AES encryption (formerly Rijndael), as defined in U.S. Federal Information Processing Standards Publication 197.
This uses CTR mode.
crypto.aes.create(key, iv)key: Buffer The key, if length 16 then AES 128 is used. For length 32, AES 256 is used.iv: Buffer Must have length 16.Returns Promise<{decrypt<Function>, encrypt<Function>}>
decrypt(data)data: BufferReturns Promise<Buffer>
encrypt(data)data: BufferReturns Promise<Buffer>
const crypto = require('libp2p-crypto')
// Setting up Key and IV
// A 16 bytes array, 128 Bits, AES-128 is chosen
const key128 = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])
// A 16 bytes array, 128 Bits,
const IV = Buffer.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])
async function main () {
const decryptedMessage = 'Hello, world!'
// Encrypting
const cipher = await crypto.aes.create(key128, IV)
const encryptedBuffer = await cipher.encrypt(Buffer.from(decryptedMessage))
console.log(encryptedBuffer)
// prints: <Buffer 42 f1 67 d9 2e 42 d0 32 9e b1 f8 3c>
// Decrypting
const decipher = await crypto.aes.create(key128, IV)
const decryptedBuffer = await cipher.decrypt(encryptedBuffer)
console.log(decryptedBuffer)
// prints: <Buffer 42 f1 67 d9 2e 42 d0 32 9e b1 f8 3c>
console.log(decryptedBuffer.toString('utf-8'))
// prints: Hello, world!
}
main()
crypto.hmacExposes an interface to the Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. An HMAC is a cryptographic hash that uses a key to sign a message. The receiver verifies the hash by recomputing it using the same key.
crypto.hmac.create(hash, secret)hash: Stringsecret: BufferReturns Promise<{digest<Function>}>
digest(data)data: BufferReturns Promise<Buffer>
Example:
const crypto = require('libp2p-crypto')
async function main () {
const hash = 'SHA1' // 'SHA256' || 'SHA512'
const hmac = await crypto.hmac.create(hash, Buffer.from('secret'))
const sig = await hmac.digest(Buffer.from('hello world'))
console.log(sig)
}
main()
crypto.keysSupported Key Types
The generateKeyPair, marshalPublicKey, and marshalPrivateKey functions accept a string type argument.
Currently the 'RSA' and 'ed25519' types are supported, although ed25519 keys support only signing and verification of messages. For encryption / decryption support, RSA keys should be used.
Installing the libp2p-crypto-secp256k1 module adds support for the 'secp256k1' type, which supports ECDSA signatures using the secp256k1 elliptic curve popularized by Bitcoin. This module is not installed by default, and should be explicitly depended on if your project requires secp256k1 support.
crypto.keys.generateKeyPair(type, bits)type: String, see Supported Key Types above.bits: Number Minimum of 1024Returns Promise<{privateKey<Buffer>, publicKey<Buffer>}>
Generates a keypair of the given type and bitsize.
crypto.keys.generateEphemeralKeyPair(curve)curve: String, one of 'P-256', 'P-384', 'P-521' is currently supportedReturns Promise
Generates an ephemeral public key and returns a function that will compute the shared secret key.
Focuses only on ECDH now, but can be made more general in the future.
Resolves to an object of the form:
{
key: Buffer,
genSharedKey: Function
}
crypto.keys.keyStretcher(cipherType, hashType, secret)cipherType: String, one of 'AES-128', 'AES-256', 'Blowfish'hashType: String, one of 'SHA1', SHA256, SHA512secret: BufferReturns Promise
Generates a set of keys for each party by stretching the shared key.
Resolves to an object of the form:
{
k1: {
iv: Buffer,
cipherKey: Buffer,
macKey: Buffer
},
k2: {
iv: Buffer,
cipherKey: Buffer,
macKey: Buffer
}
}
crypto.keys.marshalPublicKey(key, [type])key: keys.rsa.RsaPublicKey | keys.ed25519.Ed25519PublicKey | require('libp2p-crypto-secp256k1').Secp256k1PublicKeytype: String, see Supported Key Types above. Defaults to 'rsa'.Returns Buffer
Converts a public key object into a protobuf serialized public key.
crypto.keys.unmarshalPublicKey(buf)buf: BufferReturns RsaPublicKey|Ed25519PublicKey|Secp256k1PublicKey
Converts a protobuf serialized public key into its representative object.
crypto.keys.marshalPrivateKey(key, [type])key: keys.rsa.RsaPrivateKey | keys.ed25519.Ed25519PrivateKey | require('libp2p-crypto-secp256k1').Secp256k1PrivateKeytype: String, see Supported Key Types above.Returns Buffer
Converts a private key object into a protobuf serialized private key.
crypto.keys.unmarshalPrivateKey(buf)buf: BufferReturns Promise<RsaPrivateKey|Ed25519PrivateKey|Secp256k1PrivateKey>
Converts a protobuf serialized private key into its representative object.
crypto.keys.import(pem, password)pem: stringpassword: stringReturns Promise<RsaPrivateKey>
Converts a PEM password protected private key into its representative object.
crypto.randomBytes(number)number: NumberReturns Buffer
Generates a Buffer with length number populated by random bytes.
crypto.pbkdf2(password, salt, iterations, keySize, hash)password: Stringsalt: Stringiterations: NumberkeySize: Number in byteshash: String the hashing algorithm ('sha1', 'sha2-512', ...)Computes the Password Based Key Derivation Function 2; returning a new password.
Feel free to join in. All welcome. Open an issue!
This repository falls under the IPFS Code of Conduct.
0.17.1 (2019-10-25)
<a name="0.17.0"></a>
FAQs
Crypto primitives for libp2p
We found that libp2p-crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.