@libp2p/crypto 3.0.4-856ccd708 → 3.0.4-ddaa59a60

package/src/keys/rsa-utils.ts

@@ -1,408 +1,74 @@
+import 'node-forge/lib/asn1.js'
+import 'node-forge/lib/rsa.js'
 import { CodeError } from '@libp2p/interface'
-import { pbkdf2Async } from '@noble/hashes/pbkdf2'
-import { sha512 } from '@noble/hashes/sha512'
-import * as asn1js from 'asn1js'
+// @ts-expect-error types are missing
+import forge from 'node-forge/lib/forge.js'
 import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
 import { toString as uint8ArrayToString } from 'uint8arrays/to-string'
-import randomBytes from '../random-bytes.js'
-import webcrypto from '../webcrypto.js'
-import { type RsaPrivateKey, unmarshalRsaPrivateKey } from './rsa-class.js'
+import { bigIntegerToUintBase64url, base64urlToBigInteger } from './../util.js'
 
-/**
- * Convert a PKCS#1 in ASN1 DER format to a JWK key
- */
+// Convert a PKCS#1 in ASN1 DER format to a JWK key
 export function pkcs1ToJwk (bytes: Uint8Array): JsonWebKey {
-  const { result } = asn1js.fromBER(bytes)
+  const asn1 = forge.asn1.fromDer(uint8ArrayToString(bytes, 'ascii'))
+  const privateKey = forge.pki.privateKeyFromAsn1(asn1)
 
-  // @ts-expect-error this looks fragile but DER is a canonical format so we are
-  // safe to have deeply property chains like this
-  const values: asn1js.Integer[] = result.valueBlock.value
-
-  const key = {
-    n: uint8ArrayToString(bnToBuf(values[1].toBigInt()), 'base64url'),
-    e: uint8ArrayToString(bnToBuf(values[2].toBigInt()), 'base64url'),
-    d: uint8ArrayToString(bnToBuf(values[3].toBigInt()), 'base64url'),
-    p: uint8ArrayToString(bnToBuf(values[4].toBigInt()), 'base64url'),
-    q: uint8ArrayToString(bnToBuf(values[5].toBigInt()), 'base64url'),
-    dp: uint8ArrayToString(bnToBuf(values[6].toBigInt()), 'base64url'),
-    dq: uint8ArrayToString(bnToBuf(values[7].toBigInt()), 'base64url'),
-    qi: uint8ArrayToString(bnToBuf(values[8].toBigInt()), 'base64url'),
+  // https://tools.ietf.org/html/rfc7518#section-6.3.1
+  return {
     kty: 'RSA',
+    n: bigIntegerToUintBase64url(privateKey.n),
+    e: bigIntegerToUintBase64url(privateKey.e),
+    d: bigIntegerToUintBase64url(privateKey.d),
+    p: bigIntegerToUintBase64url(privateKey.p),
+    q: bigIntegerToUintBase64url(privateKey.q),
+    dp: bigIntegerToUintBase64url(privateKey.dP),
+    dq: bigIntegerToUintBase64url(privateKey.dQ),
+    qi: bigIntegerToUintBase64url(privateKey.qInv),
     alg: 'RS256'
   }
-
-  return key
 }
 
-/**
- * Convert a JWK key into PKCS#1 in ASN1 DER format
- */
+// Convert a JWK key into PKCS#1 in ASN1 DER format
 export function jwkToPkcs1 (jwk: JsonWebKey): Uint8Array {
   if (jwk.n == null || jwk.e == null || jwk.d == null || jwk.p == null || jwk.q == null || jwk.dp == null || jwk.dq == null || jwk.qi == null) {
     throw new CodeError('JWK was missing components', 'ERR_INVALID_PARAMETERS')
   }
 
-  const root = new asn1js.Sequence({
-    value: [
-      new asn1js.Integer({ value: 0 }),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.n, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.e, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.d, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.p, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.q, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.dp, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.dq, 'base64url'))),
-      asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.qi, 'base64url')))
-    ]
+  const asn1 = forge.pki.privateKeyToAsn1({
+    n: base64urlToBigInteger(jwk.n),
+    e: base64urlToBigInteger(jwk.e),
+    d: base64urlToBigInteger(jwk.d),
+    p: base64urlToBigInteger(jwk.p),
+    q: base64urlToBigInteger(jwk.q),
+    dP: base64urlToBigInteger(jwk.dp),
+    dQ: base64urlToBigInteger(jwk.dq),
+    qInv: base64urlToBigInteger(jwk.qi)
   })
 
-  const der = root.toBER()
-
-  return new Uint8Array(der, 0, der.byteLength)
+  return uint8ArrayFromString(forge.asn1.toDer(asn1).getBytes(), 'ascii')
 }
 
-/**
- * Convert a PKCIX in ASN1 DER format to a JWK key
- */
+// Convert a PKCIX in ASN1 DER format to a JWK key
 export function pkixToJwk (bytes: Uint8Array): JsonWebKey {
-  const { result } = asn1js.fromBER(bytes)
-
-  // @ts-expect-error this looks fragile but DER is a canonical format so we are
-  // safe to have deeply property chains like this
-  const values: asn1js.Integer[] = result.valueBlock.value[1].valueBlock.value[0].valueBlock.value
+  const asn1 = forge.asn1.fromDer(uint8ArrayToString(bytes, 'ascii'))
+  const publicKey = forge.pki.publicKeyFromAsn1(asn1)
 
   return {
     kty: 'RSA',
-    n: uint8ArrayToString(bnToBuf(values[0].toBigInt()), 'base64url'),
-    e: uint8ArrayToString(bnToBuf(values[1].toBigInt()), 'base64url')
+    n: bigIntegerToUintBase64url(publicKey.n),
+    e: bigIntegerToUintBase64url(publicKey.e)
   }
 }
 
-/**
- * Convert a JWK key to PKCIX in ASN1 DER format
- */
+// Convert a JWK key to PKCIX in ASN1 DER format
 export function jwkToPkix (jwk: JsonWebKey): Uint8Array {
   if (jwk.n == null || jwk.e == null) {
     throw new CodeError('JWK was missing components', 'ERR_INVALID_PARAMETERS')
   }
 
-  const root = new asn1js.Sequence({
-    value: [
-      new asn1js.Sequence({
-        value: [
-          // rsaEncryption
-          new asn1js.ObjectIdentifier({
-            value: '1.2.840.113549.1.1.1'
-          }),
-          new asn1js.Null()
-        ]
-      }),
-      // this appears to be a bug in asn1js.js - this should really be a Sequence
-      // and not a BitString but it generates the same bytes as node-forge so 🤷‍♂️
-      new asn1js.BitString({
-        valueHex: new asn1js.Sequence({
-          value: [
-            asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.n, 'base64url'))),
-            asn1js.Integer.fromBigInt(bufToBn(uint8ArrayFromString(jwk.e, 'base64url')))
-          ]
-        }).toBER()
-      })
-    ]
-  })
-
-  const der = root.toBER()
-
-  return new Uint8Array(der, 0, der.byteLength)
-}
-
-function bnToBuf (bn: bigint): Uint8Array {
-  let hex = bn.toString(16)
-
-  if (hex.length % 2 > 0) {
-    hex = `0${hex}`
-  }
-
-  const len = hex.length / 2
-  const u8 = new Uint8Array(len)
-
-  let i = 0
-  let j = 0
-
-  while (i < len) {
-    u8[i] = parseInt(hex.slice(j, j + 2), 16)
-    i += 1
-    j += 2
-  }
-
-  return u8
-}
-
-function bufToBn (u8: Uint8Array): bigint {
-  const hex: string[] = []
-
-  u8.forEach(function (i) {
-    let h = i.toString(16)
-
-    if (h.length % 2 > 0) {
-      h = `0${h}`
-    }
-
-    hex.push(h)
-  })
-
-  return BigInt('0x' + hex.join(''))
-}
-
-const SALT_LENGTH = 16
-const KEY_SIZE = 32
-const ITERATIONS = 10000
-
-export async function exportToPem (privateKey: RsaPrivateKey, password: string): Promise<string> {
-  const crypto = webcrypto.get()
-
-  // PrivateKeyInfo
-  const keyWrapper = new asn1js.Sequence({
-    value: [
-      // version (0)
-      new asn1js.Integer({ value: 0 }),
-
-      // privateKeyAlgorithm
-      new asn1js.Sequence({
-        value: [
-        // rsaEncryption OID
-          new asn1js.ObjectIdentifier({
-            value: '1.2.840.113549.1.1.1'
-          }),
-          new asn1js.Null()
-        ]
-      }),
-
-      // PrivateKey
-      new asn1js.OctetString({
-        valueHex: privateKey.marshal()
-      })
-    ]
+  const asn1 = forge.pki.publicKeyToAsn1({
+    n: base64urlToBigInteger(jwk.n),
+    e: base64urlToBigInteger(jwk.e)
   })
 
-  const keyBuf = keyWrapper.toBER()
-  const keyArr = new Uint8Array(keyBuf, 0, keyBuf.byteLength)
-  const salt = randomBytes(SALT_LENGTH)
-
-  const encryptionKey = await pbkdf2Async(
-    sha512,
-    password,
-    salt, {
-      c: ITERATIONS,
-      dkLen: KEY_SIZE
-    }
-  )
-
-  const iv = randomBytes(16)
-  const cryptoKey = await crypto.subtle.importKey('raw', encryptionKey, 'AES-CBC', false, ['encrypt'])
-  const encrypted = await crypto.subtle.encrypt({
-    name: 'AES-CBC',
-    iv
-  }, cryptoKey, keyArr)
-
-  const pbkdf2Params = new asn1js.Sequence({
-    value: [
-      // salt
-      new asn1js.OctetString({ valueHex: salt }),
-
-      // iteration count
-      new asn1js.Integer({ value: ITERATIONS }),
-
-      // key length
-      new asn1js.Integer({ value: KEY_SIZE }),
-
-      // AlgorithmIdentifier
-      new asn1js.Sequence({
-        value: [
-          // hmacWithSHA512
-          new asn1js.ObjectIdentifier({ value: '1.2.840.113549.2.11' }),
-          new asn1js.Null()
-        ]
-      })
-    ]
-  })
-
-  const encryptionAlgorithm = new asn1js.Sequence({
-    value: [
-      // pkcs5PBES2
-      new asn1js.ObjectIdentifier({
-        value: '1.2.840.113549.1.5.13'
-      }),
-      new asn1js.Sequence({
-        value: [
-          // keyDerivationFunc
-          new asn1js.Sequence({
-            value: [
-              // pkcs5PBKDF2
-              new asn1js.ObjectIdentifier({
-                value: '1.2.840.113549.1.5.12'
-              }),
-              // PBKDF2-params
-              pbkdf2Params
-            ]
-          }),
-
-          // encryptionScheme
-          new asn1js.Sequence({
-            value: [
-              // aes256-CBC
-              new asn1js.ObjectIdentifier({
-                value: '2.16.840.1.101.3.4.1.42'
-              }),
-              // iv
-              new asn1js.OctetString({
-                valueHex: iv
-              })
-            ]
-          })
-        ]
-      })
-    ]
-  })
-
-  const finalWrapper = new asn1js.Sequence({
-    value: [
-      encryptionAlgorithm,
-      new asn1js.OctetString({ valueHex: encrypted })
-    ]
-  })
-
-  const finalWrapperBuf = finalWrapper.toBER()
-  const finalWrapperArr = new Uint8Array(finalWrapperBuf, 0, finalWrapperBuf.byteLength)
-
-  return [
-    '-----BEGIN ENCRYPTED PRIVATE KEY-----',
-    ...uint8ArrayToString(finalWrapperArr, 'base64pad').split(/(.{64})/).filter(Boolean),
-    '-----END ENCRYPTED PRIVATE KEY-----'
-  ].join('\n')
-}
-
-export async function importFromPem (pem: string, password: string): Promise<RsaPrivateKey> {
-  const crypto = webcrypto.get()
-  let plaintext: Uint8Array
-
-  if (pem.includes('-----BEGIN ENCRYPTED PRIVATE KEY-----')) {
-    const key = uint8ArrayFromString(
-      pem
-        .replace('-----BEGIN ENCRYPTED PRIVATE KEY-----', '')
-        .replace('-----END ENCRYPTED PRIVATE KEY-----', '')
-        .replace(/\n/g, '')
-        .trim(),
-      'base64pad'
-    )
-
-    const { result } = asn1js.fromBER(key)
-
-    const {
-      iv,
-      salt,
-      iterations,
-      keySize,
-      cipherText
-    } = findEncryptedPEMData(result)
-
-    const encryptionKey = await pbkdf2Async(
-      sha512,
-      password,
-      salt, {
-        c: iterations,
-        dkLen: keySize
-      }
-    )
-
-    const cryptoKey = await crypto.subtle.importKey('raw', encryptionKey, 'AES-CBC', false, ['decrypt'])
-    const decrypted = toUint8Array(await crypto.subtle.decrypt({
-      name: 'AES-CBC',
-      iv
-    }, cryptoKey, cipherText))
-
-    const { result: decryptedResult } = asn1js.fromBER(decrypted)
-    plaintext = findPEMData(decryptedResult)
-  } else if (pem.includes('-----BEGIN PRIVATE KEY-----')) {
-    const key = uint8ArrayFromString(
-      pem
-        .replace('-----BEGIN PRIVATE KEY-----', '')
-        .replace('-----END PRIVATE KEY-----', '')
-        .replace(/\n/g, '')
-        .trim(),
-      'base64pad'
-    )
-
-    const { result } = asn1js.fromBER(key)
-
-    plaintext = findPEMData(result)
-  } else {
-    throw new CodeError('Could not parse private key from PEM data', 'ERR_INVALID_PARAMETERS')
-  }
-
-  return unmarshalRsaPrivateKey(plaintext)
-}
-
-function findEncryptedPEMData (root: any): { cipherText: Uint8Array, iv: Uint8Array, salt: Uint8Array, iterations: number, keySize: number } {
-  const encryptionAlgorithm = root.valueBlock.value[0]
-  const scheme = encryptionAlgorithm.valueBlock.value[0].toString()
-
-  if (scheme !== 'OBJECT IDENTIFIER : 1.2.840.113549.1.5.13') {
-    throw new CodeError('Only pkcs5PBES2 encrypted private keys are supported', 'ERR_INVALID_PARAMS')
-  }
-
-  const keyDerivationFunc = encryptionAlgorithm.valueBlock.value[1].valueBlock.value[0]
-  const keyDerivationFuncName = keyDerivationFunc.valueBlock.value[0].toString()
-
-  if (keyDerivationFuncName !== 'OBJECT IDENTIFIER : 1.2.840.113549.1.5.12') {
-    throw new CodeError('Only pkcs5PBKDF2 key derivation functions are supported', 'ERR_INVALID_PARAMS')
-  }
-
-  const pbkdf2Params = keyDerivationFunc.valueBlock.value[1]
-
-  const salt = toUint8Array(pbkdf2Params.valueBlock.value[0].getValue())
-
-  let iterations = ITERATIONS
-  let keySize = KEY_SIZE
-
-  if (pbkdf2Params.valueBlock.value.length === 3) {
-    iterations = Number((pbkdf2Params.valueBlock.value[1] as asn1js.Integer).toBigInt())
-    keySize = Number((pbkdf2Params.valueBlock.value[2]).toBigInt())
-  } else if (pbkdf2Params.valueBlock.value.length === 2) {
-    throw new CodeError('Could not derive key size and iterations from PEM file - please use @libp2p/rsa to re-import your key', 'ERR_INVALID_PARAMS')
-  }
-
-  const encryptionScheme = encryptionAlgorithm.valueBlock.value[1].valueBlock.value[1]
-  const encryptionSchemeName = encryptionScheme.valueBlock.value[0].toString()
-
-  if (encryptionSchemeName === 'OBJECT IDENTIFIER : 1.2.840.113549.3.7') {
-    // des-EDE3-CBC
-  } else if (encryptionSchemeName === 'OBJECT IDENTIFIER : 1.3.14.3.2.7') {
-    // des-CBC
-  } else if (encryptionSchemeName === 'OBJECT IDENTIFIER : 2.16.840.1.101.3.4.1.2') {
-    // aes128-CBC
-  } else if (encryptionSchemeName === 'OBJECT IDENTIFIER : 2.16.840.1.101.3.4.1.22') {
-    // aes192-CBC
-  } else if (encryptionSchemeName === 'OBJECT IDENTIFIER : 2.16.840.1.101.3.4.1.42') {
-    // aes256-CBC
-  } else {
-    throw new CodeError('Only AES-CBC encryption schemes are supported', 'ERR_INVALID_PARAMS')
-  }
-
-  const iv = toUint8Array(encryptionScheme.valueBlock.value[1].getValue())
-
-  return {
-    cipherText: toUint8Array(root.valueBlock.value[1].getValue()),
-    salt,
-    iterations,
-    keySize,
-    iv
-  }
-}
-
-function findPEMData (seq: any): Uint8Array {
-  return toUint8Array(seq.valueBlock.value[2].getValue())
-}
-
-function toUint8Array (buf: ArrayBuffer): Uint8Array {
-  return new Uint8Array(buf, 0, buf.byteLength)
+  return uint8ArrayFromString(forge.asn1.toDer(asn1).getBytes(), 'ascii')
 }

package/src/keys/rsa.ts

@@ -1,7 +1,6 @@
 import crypto from 'crypto'
 import { promisify } from 'util'
 import { CodeError } from '@libp2p/interface'
-import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
 import randomBytes from '../random-bytes.js'
 import * as utils from './rsa-utils.js'
 import type { JWKKeyPair } from './interface.js'
@@ -74,12 +73,34 @@ export async function hashAndVerify (key: JsonWebKey, sig: Uint8Array, msg: Uint
   return hash.verify({ format: 'jwk', key }, sig)
 }
 
+const padding = crypto.constants.RSA_PKCS1_PADDING
+
+export function encrypt (key: JsonWebKey, bytes: Uint8Array | Uint8ArrayList): Uint8Array {
+  if (bytes instanceof Uint8Array) {
+    // @ts-expect-error node types are missing jwk as a format
+    return crypto.publicEncrypt({ format: 'jwk', key, padding }, bytes)
+  } else {
+    // @ts-expect-error node types are missing jwk as a format
+    return crypto.publicEncrypt({ format: 'jwk', key, padding }, bytes.subarray())
+  }
+}
+
+export function decrypt (key: JsonWebKey, bytes: Uint8Array | Uint8ArrayList): Uint8Array {
+  if (bytes instanceof Uint8Array) {
+    // @ts-expect-error node types are missing jwk as a format
+    return crypto.privateDecrypt({ format: 'jwk', key, padding }, bytes)
+  } else {
+    // @ts-expect-error node types are missing jwk as a format
+    return crypto.privateDecrypt({ format: 'jwk', key, padding }, bytes.subarray())
+  }
+}
+
 export function keySize (jwk: JsonWebKey): number {
   if (jwk.kty !== 'RSA') {
     throw new CodeError('invalid key type', 'ERR_INVALID_KEY_TYPE')
   } else if (jwk.n == null) {
     throw new CodeError('invalid key modulus', 'ERR_INVALID_KEY_MODULUS')
   }
-  const modulus = uint8ArrayFromString(jwk.n, 'base64url')
+  const modulus = Buffer.from(jwk.n, 'base64')
   return modulus.length * 8
 }

package/src/pbkdf2.ts

@@ -1,41 +1,39 @@
 import { CodeError } from '@libp2p/interface'
-import { pbkdf2 as pbkdf2Sync } from '@noble/hashes/pbkdf2'
-import { sha1 } from '@noble/hashes/sha1'
-import { sha256 } from '@noble/hashes/sha256'
-import { sha512 } from '@noble/hashes/sha512'
-import { base64 } from 'multiformats/bases/base64'
+// @ts-expect-error types are missing
+import forgePbkdf2 from 'node-forge/lib/pbkdf2.js'
+// @ts-expect-error types are missing
+import forgeUtil from 'node-forge/lib/util.js'
 
 /**
- * Maps an IPFS hash name to its @noble/hashes equivalent.
+ * Maps an IPFS hash name to its node-forge equivalent.
  *
  * See https://github.com/multiformats/multihash/blob/master/hashtable.csv
  *
  * @private
  */
 const hashName = {
-  sha1,
-  'sha2-256': sha256,
-  'sha2-512': sha512
+  sha1: 'sha1',
+  'sha2-256': 'sha256',
+  'sha2-512': 'sha512'
 }
 
 /**
  * Computes the Password-Based Key Derivation Function 2.
  */
-export default function pbkdf2 (password: string, salt: string | Uint8Array, iterations: number, keySize: number, hash: string): string {
+export default function pbkdf2 (password: string, salt: string, iterations: number, keySize: number, hash: string): string {
   if (hash !== 'sha1' && hash !== 'sha2-256' && hash !== 'sha2-512') {
     const types = Object.keys(hashName).join(' / ')
     throw new CodeError(`Hash '${hash}' is unknown or not supported. Must be ${types}`, 'ERR_UNSUPPORTED_HASH_TYPE')
   }
 
   const hasher = hashName[hash]
-  const dek = pbkdf2Sync(
-    hasher,
+  const dek = forgePbkdf2(
     password,
-    salt, {
-      c: iterations,
-      dkLen: keySize
-    }
+    salt,
+    iterations,
+    keySize,
+    hasher
   )
 
-  return base64.encode(dek).substring(1)
+  return forgeUtil.encode64(dek, null)
 }

package/src/util.ts

@@ -1,5 +1,34 @@
+import 'node-forge/lib/util.js'
+import 'node-forge/lib/jsbn.js'
+// @ts-expect-error types are missing
+import forge from 'node-forge/lib/forge.js'
 import { concat as uint8ArrayConcat } from 'uint8arrays/concat'
 import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
+import { toString as uint8ArrayToString } from 'uint8arrays/to-string'
+
+export function bigIntegerToUintBase64url (num: { abs(): any }, len?: number): string {
+  // Call `.abs()` to convert to unsigned
+  let buf = Uint8Array.from(num.abs().toByteArray()) // toByteArray converts to big endian
+
+  // toByteArray() gives us back a signed array, which will include a leading 0
+  // byte if the most significant bit of the number is 1:
+  // https://docs.microsoft.com/en-us/windows/win32/seccertenroll/about-integer
+  // Our number will always be positive so we should remove the leading padding.
+  buf = buf[0] === 0 ? buf.subarray(1) : buf
+
+  if (len != null) {
+    if (buf.length > len) throw new Error('byte array longer than desired length')
+    buf = uint8ArrayConcat([new Uint8Array(len - buf.length), buf])
+  }
+
+  return uint8ArrayToString(buf, 'base64url')
+}
+
+// Convert a base64url encoded string to a BigInteger
+export function base64urlToBigInteger (str: string): typeof forge.jsbn.BigInteger {
+  const buf = base64urlToBuffer(str)
+  return new forge.jsbn.BigInteger(uint8ArrayToString(buf, 'base16'), 16)
+}
 
 export function base64urlToBuffer (str: string, len?: number): Uint8Array {
   let buf = uint8ArrayFromString(str, 'base64urlpad')

package/src/webcrypto.ts

@@ -1,11 +1,24 @@
 /* eslint-env browser */
 
-import { webcrypto } from 'crypto'
-
-// globalThis `SubtleCrypto` shipped in node.js 19.x, Electron currently uses
-// v18.x so this override file is necessary until Electron updates
+// Check native crypto exists and is enabled (In insecure context `self.crypto`
+// exists but `self.crypto.subtle` does not).
 export default {
   get (win = globalThis) {
-    return webcrypto
+    const nativeCrypto = win.crypto
+
+    if (nativeCrypto == null || nativeCrypto.subtle == null) {
+      throw Object.assign(
+        new Error(
+          'Missing Web Crypto API. ' +
+          'The most likely cause of this error is that this page is being accessed ' +
+          'from an insecure context (i.e. not HTTPS). For more information and ' +
+          'possible resolutions see ' +
+          'https://github.com/libp2p/js-libp2p/blob/main/packages/crypto/README.md#web-crypto-api'
+        ),
+        { code: 'ERR_MISSING_WEB_CRYPTO' }
+      )
+    }
+
+    return nativeCrypto
   }
 }

package/dist/src/webcrypto-browser.d.ts

@@ -1,5 +0,0 @@
-declare const _default: {
-    get(win?: typeof globalThis): Crypto;
-};
-export default _default;
-//# sourceMappingURL=webcrypto-browser.d.ts.map

package/dist/src/webcrypto-browser.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"webcrypto-browser.d.ts","sourceRoot":"","sources":["../../src/webcrypto-browser.ts"],"names":[],"mappings":";;;AAIA,wBAmBC"}

package/dist/src/webcrypto-browser.js

@@ -1,17 +0,0 @@
-/* eslint-env browser */
-// Check native crypto exists and is enabled (In insecure context `self.crypto`
-// exists but `self.crypto.subtle` does not).
-export default {
-    get(win = globalThis) {
-        const nativeCrypto = win.crypto;
-        if (nativeCrypto == null || nativeCrypto.subtle == null) {
-            throw Object.assign(new Error('Missing Web Crypto API. ' +
-                'The most likely cause of this error is that this page is being accessed ' +
-                'from an insecure context (i.e. not HTTPS). For more information and ' +
-                'possible resolutions see ' +
-                'https://github.com/libp2p/js-libp2p/blob/main/packages/crypto/README.md#web-crypto-api'), { code: 'ERR_MISSING_WEB_CRYPTO' });
-        }
-        return nativeCrypto;
-    }
-};
-//# sourceMappingURL=webcrypto-browser.js.map

package/dist/src/webcrypto-browser.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"webcrypto-browser.js","sourceRoot":"","sources":["../../src/webcrypto-browser.ts"],"names":[],"mappings":"AAAA,wBAAwB;AAExB,+EAA+E;AAC/E,6CAA6C;AAC7C,eAAe;IACb,GAAG,CAAE,GAAG,GAAG,UAAU;QACnB,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAA;QAE/B,IAAI,YAAY,IAAI,IAAI,IAAI,YAAY,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC;YACxD,MAAM,MAAM,CAAC,MAAM,CACjB,IAAI,KAAK,CACP,0BAA0B;gBAC1B,0EAA0E;gBAC1E,sEAAsE;gBACtE,2BAA2B;gBAC3B,wFAAwF,CACzF,EACD,EAAE,IAAI,EAAE,wBAAwB,EAAE,CACnC,CAAA;QACH,CAAC;QAED,OAAO,YAAY,CAAA;IACrB,CAAC;CACF,CAAA"}

package/src/webcrypto-browser.ts

@@ -1,24 +0,0 @@
-/* eslint-env browser */
-
-// Check native crypto exists and is enabled (In insecure context `self.crypto`
-// exists but `self.crypto.subtle` does not).
-export default {
-  get (win = globalThis) {
-    const nativeCrypto = win.crypto
-
-    if (nativeCrypto == null || nativeCrypto.subtle == null) {
-      throw Object.assign(
-        new Error(
-          'Missing Web Crypto API. ' +
-          'The most likely cause of this error is that this page is being accessed ' +
-          'from an insecure context (i.e. not HTTPS). For more information and ' +
-          'possible resolutions see ' +
-          'https://github.com/libp2p/js-libp2p/blob/main/packages/crypto/README.md#web-crypto-api'
-        ),
-        { code: 'ERR_MISSING_WEB_CRYPTO' }
-      )
-    }
-
-    return nativeCrypto
-  }
-}