Comparing version 7.2.0 to 7.2.1
10
index.js
@@ -153,5 +153,11 @@ 'use strict' | ||
function ssbSecretKeyToPrivateBoxSecret (keys) { | ||
return sodium.crypto_sign_ed25519_sk_to_curve25519(u.toBuffer(keys.private || keys)) | ||
} | ||
exports.ssbSecretKeyToPrivateBoxSecret = ssbSecretKeyToPrivateBoxSecret | ||
exports.unboxKey = function (boxed, keys) { | ||
boxed = u.toBuffer(boxed) | ||
var sk = sodium.crypto_sign_ed25519_sk_to_curve25519(u.toBuffer(keys.private || keys)) | ||
var sk = ssbSecretKeyToPrivateBoxSecret(keys) | ||
return pb.multibox_open_key(boxed, sk) | ||
@@ -192,2 +198,2 @@ } | ||
return JSON.parse(ptxt.toString()) | ||
} | ||
} |
{ | ||
"name": "ssb-keys", | ||
"description": "keyfile operations for ssb", | ||
"version": "7.2.0", | ||
"version": "7.2.1", | ||
"homepage": "https://github.com/ssbc/ssb-keys", | ||
@@ -6,0 +6,0 @@ "repository": { |
@@ -148,2 +148,6 @@ # SSB-Keys | ||
### ssbSecretKeyToPrivateBoxSecret(keys) | ||
Convert from the ed25519 secret key (ssb secret key type) to the curve25519 key type that is used by `private-box`. | ||
### LICENSE | ||
@@ -150,0 +154,0 @@ |
@@ -35,17 +35,17 @@ 'use strict' | ||
return [ | ||
'# this is your SECRET name.', | ||
'# this name gives you magical powers.', | ||
'# with it you can mark your messages so that your friends can verify', | ||
'# that they really did come from you.', | ||
'#', | ||
'# if any one learns this name, they can use it to destroy your identity', | ||
'# NEVER show this to anyone!!!', | ||
'', | ||
legacy ? keys.private : JSON.stringify(keys, null, 2), | ||
'', | ||
'# WARNING! It\'s vital that you DO NOT edit OR share your secret name', | ||
'# instead, share your public name', | ||
'# your public name: ' + keys.id | ||
].join('\n') | ||
return `# WARNING: Never show this to anyone. | ||
# WARNING: Never edit it or use it on multiple devices at once. | ||
# | ||
# This is your SECRET, it gives you magical powers. With your secret you can | ||
# sign your messages so that your friends can verify that the messages came | ||
# from you. If anyone learns your secret, they can use it to impersonate you. | ||
# | ||
# If you use this secret on more than one device you will create a fork and | ||
# your friends will stop replicating your content. | ||
# | ||
${legacy ? keys.private : JSON.stringify(keys, null, 2)} | ||
# | ||
# The only part of this file that's safe to share is your public name: | ||
# | ||
# ${keys.id}` | ||
} | ||
@@ -52,0 +52,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
22843
504
164
1