libp2p-secio - npm Package Compare versions

Comparing version 0.4.2 to 0.4.3

lib/etm.js

@@ -9,2 +9,7 @@ 'use strict';
 
+var lpOpts = {
+  fixed: true,
+  bytes: 4
+};
+
 exports.createBoxStream = function (cipher, mac) {
@@ -16,4 +21,4 @@ var pt = through(function (chunk) {
       var data = new Buffer(cipher.output.getBytes(), 'binary');
-      mac.update(data);
-      var macBuffer = new Buffer(mac.getMac().getBytes(), 'binary');
+      mac.update(data.toString('binary'));
+      var macBuffer = new Buffer(mac.digest().getBytes(), 'binary');
 
@@ -26,3 +31,3 @@ this.queue(Buffer.concat([data, macBuffer]));
 
-  return pull(pt, lp.encode());
+  return pull(pt, lp.encode(lpOpts));
 };
@@ -46,3 +51,3 @@
 
-    mac.update(data);
+    mac.update(data.toString('binary'));
     var expected = new Buffer(mac.getMac().getBytes(), 'binary');
@@ -65,3 +70,3 @@
 
-  return pull(lp.decode(), pt);
+  return pull(lp.decode(lpOpts), pt);
 };

lib/handshake/crypto.js

@@ -143,7 +143,6 @@ 'use strict';
   var n1 = state.proposal.out.rand;
-  if (!n1.equals(n2)) {
-    throw new Error('Failed to read our encrypted nonce: ' + n1.toString('hex') + ' != ' + n2.toString('hex'));
-  }
 
-  log('3. finish - finish', n1.toString('hex'), n2.toString('hex'));
+  if (n1.equals(n2)) return;
+
+  throw new Error('Failed to read our encrypted nonce: ' + n1.toString('hex') + ' != ' + n2.toString('hex'));
 };

lib/handshake/exchange.js

@@ -17,3 +17,4 @@ 'use strict';
   log('2. exchange - writing exchange');
-  support.write(state, crypto.createExchange(state), function (err, size) {
+  support.write(state, crypto.createExchange(state));
+  support.read(state.shake, function (err, msg) {
     if (err) {
@@ -23,20 +24,14 @@ return cb(err);
 
-    support.read(state, null, function (err, msg) {
-      if (err) {
-        return cb(err);
-      }
+    log('2. exchange - reading exchange');
 
-      log('2. exchange - reading exchange');
+    try {
+      crypto.verify(state, msg);
+      crypto.generateKeys(state);
+    } catch (err) {
+      return cb(err);
+    }
 
-      try {
-        crypto.verify(state, msg);
-        crypto.generateKeys(state);
-      } catch (err) {
-        return cb(err);
-      }
-
-      log('2. exchange - finish');
-      cb();
-    });
+    log('2. exchange - finish');
+    cb();
   });
 };

lib/handshake/finish.js

@@ -22,21 +22,29 @@ 'use strict';
 
-  pull(stream, etm.createUnboxStream(proto.local.cipher, proto.local.mac), shake, etm.createBoxStream(proto.remote.cipher, proto.remote.mac), stream);
+  pull(stream, etm.createUnboxStream(proto.remote.cipher, proto.remote.mac), shake, etm.createBoxStream(proto.local.cipher, proto.local.mac), stream);
 
   shake.handshake.write(state.proposal.in.rand);
   shake.handshake.read(state.proposal.in.rand.length, function (err, nonceBack) {
-    if (err) {
-      return cb(err);
-    }
+    var fail = function fail(err) {
+      log.error(err);
+      state.secure.resolve({
+        source: pull.error(err),
+        sink: function sink(read) {}
+      });
+      cb(err);
+    };
 
+    if (err) return fail(err);
+
     try {
       crypto.verifyNonce(state, nonceBack);
     } catch (err) {
-      state.secure.resolve(pull.error(err));
-      return cb(err);
+      return fail(err);
     }
 
+    log('3. finish - finish');
+
     // Awesome that's all folks.
     state.secure.resolve(shake.handshake.rest());
-    cb(null);
+    cb();
   });
 };

lib/handshake/propose.js

@@ -16,4 +16,5 @@ 'use strict';
 
-  log('1. propse - writing proposal');
-  support.write(state, crypto.createProposal(state), function (err, size) {
+  log('1. propose - writing proposal');
+  support.write(state, crypto.createProposal(state));
+  support.read(state.shake, function (err, msg) {
     if (err) {
@@ -23,21 +24,15 @@ return cb(err);
 
-    support.read(state, size, function (err, msg) {
-      if (err) {
-        return cb(err);
-      }
+    log('1. propose - reading proposal', msg);
 
-      log('1. propse - reading proposal', msg);
+    try {
+      crypto.identify(state, msg);
+      crypto.selectProtocols(state);
+    } catch (err) {
+      return cb(err);
+    }
 
-      try {
-        crypto.identify(state, msg);
-        crypto.selectProtocols(state);
-      } catch (err) {
-        return cb(err);
-      }
+    log('1. propose - finish');
 
-      log('1. propose - finish');
-
-      cb();
-    });
+    cb();
   });
 };

lib/index.js

 'use strict';
 
-var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }();
-
-function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } }
-
 var pull = require('pull-stream');
-var toPull = require('stream-to-pull-stream');
-var toStream = require('pull-stream-to-stream');
+var Connection = require('interface-connection').Connection;
 
@@ -14,6 +9,5 @@ var handshake = require('./handshake');
 
-exports.SecureSession = function () {
-  function SecureSession(local, key, insecure) {
-    _classCallCheck(this, SecureSession);
-
+module.exports = {
+  tag: '/secio/1.0.0',
+  encrypt: function encrypt(local, key, insecure) {
     if (!local) {
@@ -27,7 +21,2 @@ throw new Error('no local id provided');
 
-    // Enable when implemented in js-peer-id
-    // if (!this.localPeer.matchesPrivateKey(this.localKey)) {
-    //   throw new Error('peer.ID does not match privateKey')
-    // }
-
     if (!insecure) {
@@ -37,15 +26,8 @@ throw new Error('no insecure stream provided');
 
-    this.state = new State(local, key);
+    var state = new State(local, key);
 
-    pull(toPull.source(insecure), handshake(this.state), toPull.sink(insecure));
+    pull(insecure, handshake(state), insecure);
+
+    return new Connection(state.secure, insecure);
   }
-
-  _createClass(SecureSession, [{
-    key: 'secureStream',
-    value: function secureStream() {
-      return toStream(this.state.secure);
-    }
-  }]);
-
-  return SecureSession;
-}();
+};

lib/state.js

@@ -39,2 +39,4 @@ 'use strict';
 
+      this.shake = null;
+
       this.cleanSecrets();
@@ -74,4 +76,2 @@ }
       };
-
-      this.shake = null;
     }
@@ -78,0 +78,0 @@ }]);

lib/support.js

@@ -150,32 +150,14 @@ 'use strict';
 exports.write = function write(state, msg, cb) {
-  pull(pull.values([msg]), lp.encode(), pull.collect(function (err, res) {
+  cb = cb || function () {};
+  pull(pull.values([msg]), lp.encode({ fixed: true, bytes: 4 }), pull.collect(function (err, res) {
     if (err) {
       return cb(err);
     }
-
     state.shake.write(res[0]);
-    cb(null, res[0].length);
+    cb();
   }));
 };
 
-exports.read = function read(state, size, cb) {
-  state.shake.read(size, handleRead);
-
-  function handleRead(err, msg) {
-    if (!err && !msg) {
-      return state.shake.read(null, handleRead);
-    }
-
-    if (err) {
-      return cb(err);
-    }
-
-    pull(pull.values([msg]), lp.decode(), pull.collect(function (err, res) {
-      if (err) {
-        return cb(err);
-      }
-
-      cb(null, res[0]);
-    }));
-  }
+exports.read = function read(reader, cb) {
+  lp.decodeFromReader(reader, { fixed: true, bytes: 4 }, cb);
 };

package.json

 {
   "name": "libp2p-secio",
-  "version": "0.4.2",
+  "version": "0.4.3",
   "description": "Secio implementation in JavaScript",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

README.md

@@ -38,6 +38,8 @@ # js-libp2p-secio
 
-### `SecureSession`
+### `tag`
 
-#### `constructor(id, key, insecure)`
+The current `secio` tag, usable in `multistream`.
 
+### `encrypt(id, key, insecure)`
+
 - `id: PeerId` - The id of the node.
@@ -47,4 +49,2 @@ - `key: RSAPrivateKey` - The private key of the node.
 
-### `.secure`
-
 Returns the `insecure` connection provided, wrapped with secio. This is a pull-stream.
@@ -51,0 +51,0 @@

src/index.js

@@ -9,4 +9,5 @@ 'use strict'
 
-exports.SecureSession = class SecureSession {
-  constructor (local, key, insecure) {
+module.exports = {
+  tag: '/secio/1.0.0',
+  encrypt (local, key, insecure) {
     if (!local) {
@@ -24,15 +25,12 @@ throw new Error('no local id provided')
 
-    this.state = new State(local, key)
-    this.insecure = insecure
+    const state = new State(local, key)
 
     pull(
-      this.insecure,
-      handshake(this.state),
-      this.insecure
+      insecure,
+      handshake(state),
+      insecure
     )
-  }
 
-  get secure () {
-    return new Connection(this.state.secure, this.insecure)
+    return new Connection(state.secure, insecure)
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

45

decreased by-2.17%

Worsened metrics

Total package byte prevSize

5273709

decreased by-3.43%

Number of package files

30

decreased by-3.23%

Lines of code

63082

decreased by-2.6%

Number of medium supply chain risk alerts

9

increased by12.5%

No dependency changes