libp2p-secio
Advanced tools
Comparing version 0.4.2 to 0.4.3
@@ -9,2 +9,7 @@ 'use strict'; | ||
var lpOpts = { | ||
fixed: true, | ||
bytes: 4 | ||
}; | ||
exports.createBoxStream = function (cipher, mac) { | ||
@@ -16,4 +21,4 @@ var pt = through(function (chunk) { | ||
var data = new Buffer(cipher.output.getBytes(), 'binary'); | ||
mac.update(data); | ||
var macBuffer = new Buffer(mac.getMac().getBytes(), 'binary'); | ||
mac.update(data.toString('binary')); | ||
var macBuffer = new Buffer(mac.digest().getBytes(), 'binary'); | ||
@@ -26,3 +31,3 @@ this.queue(Buffer.concat([data, macBuffer])); | ||
return pull(pt, lp.encode()); | ||
return pull(pt, lp.encode(lpOpts)); | ||
}; | ||
@@ -46,3 +51,3 @@ | ||
mac.update(data); | ||
mac.update(data.toString('binary')); | ||
var expected = new Buffer(mac.getMac().getBytes(), 'binary'); | ||
@@ -65,3 +70,3 @@ | ||
return pull(lp.decode(), pt); | ||
return pull(lp.decode(lpOpts), pt); | ||
}; |
@@ -143,7 +143,6 @@ 'use strict'; | ||
var n1 = state.proposal.out.rand; | ||
if (!n1.equals(n2)) { | ||
throw new Error('Failed to read our encrypted nonce: ' + n1.toString('hex') + ' != ' + n2.toString('hex')); | ||
} | ||
log('3. finish - finish', n1.toString('hex'), n2.toString('hex')); | ||
if (n1.equals(n2)) return; | ||
throw new Error('Failed to read our encrypted nonce: ' + n1.toString('hex') + ' != ' + n2.toString('hex')); | ||
}; |
@@ -17,3 +17,4 @@ 'use strict'; | ||
log('2. exchange - writing exchange'); | ||
support.write(state, crypto.createExchange(state), function (err, size) { | ||
support.write(state, crypto.createExchange(state)); | ||
support.read(state.shake, function (err, msg) { | ||
if (err) { | ||
@@ -23,20 +24,14 @@ return cb(err); | ||
support.read(state, null, function (err, msg) { | ||
if (err) { | ||
return cb(err); | ||
} | ||
log('2. exchange - reading exchange'); | ||
log('2. exchange - reading exchange'); | ||
try { | ||
crypto.verify(state, msg); | ||
crypto.generateKeys(state); | ||
} catch (err) { | ||
return cb(err); | ||
} | ||
try { | ||
crypto.verify(state, msg); | ||
crypto.generateKeys(state); | ||
} catch (err) { | ||
return cb(err); | ||
} | ||
log('2. exchange - finish'); | ||
cb(); | ||
}); | ||
log('2. exchange - finish'); | ||
cb(); | ||
}); | ||
}; |
@@ -22,21 +22,29 @@ 'use strict'; | ||
pull(stream, etm.createUnboxStream(proto.local.cipher, proto.local.mac), shake, etm.createBoxStream(proto.remote.cipher, proto.remote.mac), stream); | ||
pull(stream, etm.createUnboxStream(proto.remote.cipher, proto.remote.mac), shake, etm.createBoxStream(proto.local.cipher, proto.local.mac), stream); | ||
shake.handshake.write(state.proposal.in.rand); | ||
shake.handshake.read(state.proposal.in.rand.length, function (err, nonceBack) { | ||
if (err) { | ||
return cb(err); | ||
} | ||
var fail = function fail(err) { | ||
log.error(err); | ||
state.secure.resolve({ | ||
source: pull.error(err), | ||
sink: function sink(read) {} | ||
}); | ||
cb(err); | ||
}; | ||
if (err) return fail(err); | ||
try { | ||
crypto.verifyNonce(state, nonceBack); | ||
} catch (err) { | ||
state.secure.resolve(pull.error(err)); | ||
return cb(err); | ||
return fail(err); | ||
} | ||
log('3. finish - finish'); | ||
// Awesome that's all folks. | ||
state.secure.resolve(shake.handshake.rest()); | ||
cb(null); | ||
cb(); | ||
}); | ||
}; |
@@ -16,4 +16,5 @@ 'use strict'; | ||
log('1. propse - writing proposal'); | ||
support.write(state, crypto.createProposal(state), function (err, size) { | ||
log('1. propose - writing proposal'); | ||
support.write(state, crypto.createProposal(state)); | ||
support.read(state.shake, function (err, msg) { | ||
if (err) { | ||
@@ -23,21 +24,15 @@ return cb(err); | ||
support.read(state, size, function (err, msg) { | ||
if (err) { | ||
return cb(err); | ||
} | ||
log('1. propose - reading proposal', msg); | ||
log('1. propse - reading proposal', msg); | ||
try { | ||
crypto.identify(state, msg); | ||
crypto.selectProtocols(state); | ||
} catch (err) { | ||
return cb(err); | ||
} | ||
try { | ||
crypto.identify(state, msg); | ||
crypto.selectProtocols(state); | ||
} catch (err) { | ||
return cb(err); | ||
} | ||
log('1. propose - finish'); | ||
log('1. propose - finish'); | ||
cb(); | ||
}); | ||
cb(); | ||
}); | ||
}; |
'use strict'; | ||
var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); | ||
function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } | ||
var pull = require('pull-stream'); | ||
var toPull = require('stream-to-pull-stream'); | ||
var toStream = require('pull-stream-to-stream'); | ||
var Connection = require('interface-connection').Connection; | ||
@@ -14,6 +9,5 @@ var handshake = require('./handshake'); | ||
exports.SecureSession = function () { | ||
function SecureSession(local, key, insecure) { | ||
_classCallCheck(this, SecureSession); | ||
module.exports = { | ||
tag: '/secio/1.0.0', | ||
encrypt: function encrypt(local, key, insecure) { | ||
if (!local) { | ||
@@ -27,7 +21,2 @@ throw new Error('no local id provided'); | ||
// Enable when implemented in js-peer-id | ||
// if (!this.localPeer.matchesPrivateKey(this.localKey)) { | ||
// throw new Error('peer.ID does not match privateKey') | ||
// } | ||
if (!insecure) { | ||
@@ -37,15 +26,8 @@ throw new Error('no insecure stream provided'); | ||
this.state = new State(local, key); | ||
var state = new State(local, key); | ||
pull(toPull.source(insecure), handshake(this.state), toPull.sink(insecure)); | ||
pull(insecure, handshake(state), insecure); | ||
return new Connection(state.secure, insecure); | ||
} | ||
_createClass(SecureSession, [{ | ||
key: 'secureStream', | ||
value: function secureStream() { | ||
return toStream(this.state.secure); | ||
} | ||
}]); | ||
return SecureSession; | ||
}(); | ||
}; |
@@ -39,2 +39,4 @@ 'use strict'; | ||
this.shake = null; | ||
this.cleanSecrets(); | ||
@@ -74,4 +76,2 @@ } | ||
}; | ||
this.shake = null; | ||
} | ||
@@ -78,0 +78,0 @@ }]); |
@@ -150,32 +150,14 @@ 'use strict'; | ||
exports.write = function write(state, msg, cb) { | ||
pull(pull.values([msg]), lp.encode(), pull.collect(function (err, res) { | ||
cb = cb || function () {}; | ||
pull(pull.values([msg]), lp.encode({ fixed: true, bytes: 4 }), pull.collect(function (err, res) { | ||
if (err) { | ||
return cb(err); | ||
} | ||
state.shake.write(res[0]); | ||
cb(null, res[0].length); | ||
cb(); | ||
})); | ||
}; | ||
exports.read = function read(state, size, cb) { | ||
state.shake.read(size, handleRead); | ||
function handleRead(err, msg) { | ||
if (!err && !msg) { | ||
return state.shake.read(null, handleRead); | ||
} | ||
if (err) { | ||
return cb(err); | ||
} | ||
pull(pull.values([msg]), lp.decode(), pull.collect(function (err, res) { | ||
if (err) { | ||
return cb(err); | ||
} | ||
cb(null, res[0]); | ||
})); | ||
} | ||
exports.read = function read(reader, cb) { | ||
lp.decodeFromReader(reader, { fixed: true, bytes: 4 }, cb); | ||
}; |
{ | ||
"name": "libp2p-secio", | ||
"version": "0.4.2", | ||
"version": "0.4.3", | ||
"description": "Secio implementation in JavaScript", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -38,6 +38,8 @@ # js-libp2p-secio | ||
### `SecureSession` | ||
### `tag` | ||
#### `constructor(id, key, insecure)` | ||
The current `secio` tag, usable in `multistream`. | ||
### `encrypt(id, key, insecure)` | ||
- `id: PeerId` - The id of the node. | ||
@@ -47,4 +49,2 @@ - `key: RSAPrivateKey` - The private key of the node. | ||
### `.secure` | ||
Returns the `insecure` connection provided, wrapped with secio. This is a pull-stream. | ||
@@ -51,0 +51,0 @@ |
@@ -9,4 +9,5 @@ 'use strict' | ||
exports.SecureSession = class SecureSession { | ||
constructor (local, key, insecure) { | ||
module.exports = { | ||
tag: '/secio/1.0.0', | ||
encrypt (local, key, insecure) { | ||
if (!local) { | ||
@@ -24,15 +25,12 @@ throw new Error('no local id provided') | ||
this.state = new State(local, key) | ||
this.insecure = insecure | ||
const state = new State(local, key) | ||
pull( | ||
this.insecure, | ||
handshake(this.state), | ||
this.insecure | ||
insecure, | ||
handshake(state), | ||
insecure | ||
) | ||
} | ||
get secure () { | ||
return new Connection(this.state.secure, this.insecure) | ||
return new Connection(state.secure, insecure) | ||
} | ||
} |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
45
5273709
30
63082
9