@libp2p/pnet 1.0.0-68db79f6b → 1.0.0-6b6ba9ab7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.min.js +10 -10
- package/dist/src/crypto.d.ts +1 -2
- package/dist/src/crypto.d.ts.map +1 -1
- package/dist/src/crypto.js +2 -2
- package/dist/src/crypto.js.map +1 -1
- package/dist/src/index.d.ts +1 -9
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +24 -16
- package/dist/src/index.js.map +1 -1
- package/dist/src/key-generator.js.map +1 -1
- package/package.json +7 -12
- package/src/crypto.ts +4 -5
- package/src/index.ts +27 -28
package/dist/src/crypto.d.ts
CHANGED
@@ -1,9 +1,8 @@
|
|
1
1
|
import type { Source } from 'it-stream-types';
|
2
|
-
import type { Uint8ArrayList } from 'uint8arraylist';
|
3
2
|
/**
|
4
3
|
* Creates a stream iterable to encrypt messages in a private network
|
5
4
|
*/
|
6
|
-
export declare function createBoxStream(nonce: Uint8Array, psk: Uint8Array): (source: Source<Uint8Array
|
5
|
+
export declare function createBoxStream(nonce: Uint8Array, psk: Uint8Array): (source: Source<Uint8Array>) => AsyncIterable<Uint8Array>;
|
7
6
|
/**
|
8
7
|
* Creates a stream iterable to decrypt messages in a private network
|
9
8
|
*/
|
package/dist/src/crypto.d.ts.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/crypto.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/crypto.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAE7C;;GAEG;AACH,wBAAgB,eAAe,CAAE,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,CAAC,KAAK,aAAa,CAAC,UAAU,CAAC,CAQ9H;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAE,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,YACnD,OAAO,UAAU,CAAC,+CAOnC;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAE,SAAS,EAAE,UAAU,GAAG;IAAE,GAAG,EAAE,MAAM,GAAG,SAAS,CAAC;IAAC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAAC,GAAG,EAAE,UAAU,CAAA;CAAE,CAyB/H"}
|
package/dist/src/crypto.js
CHANGED
@@ -10,7 +10,7 @@ export function createBoxStream(nonce, psk) {
|
|
10
10
|
const xor = xsalsa20(nonce, psk);
|
11
11
|
return (source) => (async function* () {
|
12
12
|
for await (const chunk of source) {
|
13
|
-
yield Uint8Array.from(xor.update(chunk.
|
13
|
+
yield Uint8Array.from(xor.update(chunk.slice()));
|
14
14
|
}
|
15
15
|
})();
|
16
16
|
}
|
@@ -21,7 +21,7 @@ export function createUnboxStream(nonce, psk) {
|
|
21
21
|
return (source) => (async function* () {
|
22
22
|
const xor = xsalsa20(nonce, psk);
|
23
23
|
for await (const chunk of source) {
|
24
|
-
yield Uint8Array.from(xor.update(chunk.
|
24
|
+
yield Uint8Array.from(xor.update(chunk.slice()));
|
25
25
|
}
|
26
26
|
})();
|
27
27
|
}
|
package/dist/src/crypto.js.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAC5E,OAAO,EAAE,QAAQ,IAAI,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AACtE,OAAO,QAAQ,MAAM,UAAU,CAAA;AAC/B,OAAO,KAAK,MAAM,MAAM,aAAa,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAC5E,OAAO,EAAE,QAAQ,IAAI,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AACtE,OAAO,QAAQ,MAAM,UAAU,CAAA;AAC/B,OAAO,KAAK,MAAM,MAAM,aAAa,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAG/C;;GAEG;AACH,MAAM,UAAU,eAAe,CAAE,KAAiB,EAAE,GAAe;IACjE,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IAEhC,OAAO,CAAC,MAA0B,EAAE,EAAE,CAAC,CAAC,KAAK,SAAU,CAAC;QACtD,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,MAAM,EAAE;YAChC,MAAM,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;SACjD;IACH,CAAC,CAAC,EAAE,CAAA;AACN,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAE,KAAiB,EAAE,GAAe;IACnE,OAAO,CAAC,MAA0B,EAAE,EAAE,CAAC,CAAC,KAAK,SAAU,CAAC;QACtD,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAEhC,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,MAAM,EAAE;YAChC,MAAM,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;SACjD;IACH,CAAC,CAAC,EAAE,CAAA;AACN,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAE,SAAqB;IAChD,IAAI;QACF,0DAA0D;QAC1D,6DAA6D;QAC7D,yDAAyD;QACzD,2DAA2D;QAC3D,0BAA0B;QAC1B,MAAM,QAAQ,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QACvE,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;QAC/B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;QAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;QAClC,MAAM,GAAG,GAAG,oBAAoB,CAAC,SAAS,IAAI,EAAE,EAAE,QAAQ,CAAC,CAAA;QAE3D,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;SACpC;QAED,OAAO;YACL,GAAG,EAAE,MAAM;YACX,SAAS,EAAE,KAAK;YAChB,GAAG;SACJ,CAAA;KACF;IAAC,OAAO,GAAQ,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;KACpC;AACH,CAAC"}
|
package/dist/src/index.d.ts
CHANGED
@@ -59,16 +59,8 @@ import type { ComponentLogger } from '@libp2p/interface';
|
|
59
59
|
import type { ConnectionProtector } from '@libp2p/interface/connection';
|
60
60
|
export { generateKey } from './key-generator.js';
|
61
61
|
export interface ProtectorInit {
|
62
|
-
|
63
|
-
* A pre-shared key. This must be the same byte value for all peers in the
|
64
|
-
* swarm in order for them to communicate.
|
65
|
-
*/
|
62
|
+
enabled?: boolean;
|
66
63
|
psk: Uint8Array;
|
67
|
-
/**
|
68
|
-
* The initial nonce exchange must complete within this many milliseconds
|
69
|
-
* (default: 1000)
|
70
|
-
*/
|
71
|
-
timeout?: number;
|
72
64
|
}
|
73
65
|
export interface ProtectorComponents {
|
74
66
|
logger: ComponentLogger;
|
package/dist/src/index.d.ts.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AAeH,OAAO,KAAK,EAAE,eAAe,EAAU,MAAM,mBAAmB,CAAA;AAChE,OAAO,KAAK,EAAE,mBAAmB,EAAuB,MAAM,8BAA8B,CAAA;
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AAeH,OAAO,KAAK,EAAE,eAAe,EAAU,MAAM,mBAAmB,CAAA;AAChE,OAAO,KAAK,EAAE,mBAAmB,EAAuB,MAAM,8BAA8B,CAAA;AAE5F,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,MAAM,WAAW,aAAa;IAC5B,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,GAAG,EAAE,UAAU,CAAA;CAChB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,eAAe,CAAA;CACxB;AA6ED,wBAAgB,YAAY,CAAE,IAAI,EAAE,aAAa,GAAG,CAAC,UAAU,EAAE,mBAAmB,KAAK,mBAAmB,CAE3G"}
|
package/dist/src/index.js
CHANGED
@@ -57,7 +57,7 @@
|
|
57
57
|
*/
|
58
58
|
import { randomBytes } from '@libp2p/crypto';
|
59
59
|
import { CodeError } from '@libp2p/interface/errors';
|
60
|
-
import {
|
60
|
+
import { handshake } from 'it-handshake';
|
61
61
|
import map from 'it-map';
|
62
62
|
import { duplexPair } from 'it-pair/duplex';
|
63
63
|
import { pipe } from 'it-pipe';
|
@@ -69,17 +69,23 @@ class PreSharedKeyConnectionProtector {
|
|
69
69
|
tag;
|
70
70
|
log;
|
71
71
|
psk;
|
72
|
-
|
72
|
+
enabled;
|
73
73
|
/**
|
74
74
|
* Takes a Private Shared Key (psk) and provides a `protect` method
|
75
75
|
* for wrapping existing connections in a private encryption stream.
|
76
76
|
*/
|
77
77
|
constructor(components, init) {
|
78
78
|
this.log = components.logger.forComponent('libp2p:pnet');
|
79
|
-
this.
|
80
|
-
|
81
|
-
|
82
|
-
|
79
|
+
this.enabled = init.enabled !== false;
|
80
|
+
if (this.enabled) {
|
81
|
+
const decodedPSK = decodeV1PSK(init.psk);
|
82
|
+
this.psk = decodedPSK.psk;
|
83
|
+
this.tag = decodedPSK.tag ?? '';
|
84
|
+
}
|
85
|
+
else {
|
86
|
+
this.psk = new Uint8Array();
|
87
|
+
this.tag = '';
|
88
|
+
}
|
83
89
|
}
|
84
90
|
/**
|
85
91
|
* Takes a given Connection and creates a private encryption stream
|
@@ -87,27 +93,29 @@ class PreSharedKeyConnectionProtector {
|
|
87
93
|
* created with.
|
88
94
|
*/
|
89
95
|
async protect(connection) {
|
96
|
+
if (!this.enabled) {
|
97
|
+
return connection;
|
98
|
+
}
|
90
99
|
if (connection == null) {
|
91
100
|
throw new CodeError(Errors.NO_HANDSHAKE_CONNECTION, Errors.ERR_INVALID_PARAMETERS);
|
92
101
|
}
|
93
102
|
// Exchange nonces
|
94
103
|
this.log('protecting the connection');
|
95
104
|
const localNonce = randomBytes(NONCE_LENGTH);
|
96
|
-
const
|
97
|
-
|
98
|
-
await
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
const remoteNonce = result.subarray();
|
105
|
+
const shake = handshake(connection);
|
106
|
+
shake.write(localNonce);
|
107
|
+
const result = await shake.reader.next(NONCE_LENGTH);
|
108
|
+
if (result.value == null) {
|
109
|
+
throw new CodeError(Errors.STREAM_ENDED, Errors.ERR_INVALID_PARAMETERS);
|
110
|
+
}
|
111
|
+
const remoteNonce = result.value.slice();
|
112
|
+
shake.rest();
|
105
113
|
// Create the boxing/unboxing pipe
|
106
114
|
this.log('exchanged nonces');
|
107
115
|
const [internal, external] = duplexPair();
|
108
116
|
pipe(external,
|
109
117
|
// Encrypt all outbound traffic
|
110
|
-
createBoxStream(localNonce, this.psk),
|
118
|
+
createBoxStream(localNonce, this.psk), shake.stream, (source) => map(source, (buf) => buf.subarray()),
|
111
119
|
// Decrypt all inbound traffic
|
112
120
|
createUnboxStream(remoteNonce, this.psk), external).catch(this.log.error);
|
113
121
|
return {
|
package/dist/src/index.js.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAA;AACpD,OAAO,EAAE,
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAA;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,GAAG,MAAM,QAAQ,CAAA;AACxB,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAC9B,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,WAAW,EACZ,MAAM,aAAa,CAAA;AACpB,OAAO,KAAK,MAAM,MAAM,aAAa,CAAA;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAIjD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAWhD,MAAM,+BAA+B;IAC5B,GAAG,CAAQ;IACD,GAAG,CAAQ;IACX,GAAG,CAAY;IACf,OAAO,CAAS;IAEjC;;;OAGG;IACH,YAAa,UAA+B,EAAE,IAAmB;QAC/D,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC,CAAA;QACxD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,KAAK,CAAA;QAErC,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACxC,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,GAAG,CAAA;YACzB,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,GAAG,IAAI,EAAE,CAAA;SAChC;aAAM;YACL,IAAI,CAAC,GAAG,GAAG,IAAI,UAAU,EAAE,CAAA;YAC3B,IAAI,CAAC,GAAG,GAAG,EAAE,CAAA;SACd;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,OAAO,CAAE,UAA+B;QAC5C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,OAAO,UAAU,CAAA;SAClB;QAED,IAAI,UAAU,IAAI,IAAI,EAAE;YACtB,MAAM,IAAI,SAAS,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,sBAAsB,CAAC,CAAA;SACnF;QAED,kBAAkB;QAClB,IAAI,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;QACrC,MAAM,UAAU,GAAG,WAAW,CAAC,YAAY,CAAC,CAAA;QAE5C,MAAM,KAAK,GAAG,SAAS,CAAC,UAAU,CAAC,CAAA;QACnC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QAEvB,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAEpD,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,EAAE;YACxB,MAAM,IAAI,SAAS,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,sBAAsB,CAAC,CAAA;SACxE;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;QACxC,KAAK,CAAC,IAAI,EAAE,CAAA;QAEZ,kCAAkC;QAClC,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;QAC5B,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,UAAU,EAAc,CAAA;QACrD,IAAI,CACF,QAAQ;QACR,+BAA+B;QAC/B,eAAe,CAAC,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,EACrC,KAAK,CAAC,MAAM,EACZ,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAChD,8BAA8B;QAC9B,iBAAiB,CAAC,WAAW,EAAE,IAAI,CAAC,GAAG,CAAC,EACxC,QAAQ,CACT,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAEvB,OAAO;YACL,GAAG,UAAU;YACb,GAAG,QAAQ;SACZ,CAAA;IACH,CAAC;CACF;AAED,MAAM,UAAU,YAAY,CAAE,IAAmB;IAC/C,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,+BAA+B,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;AAC9E,CAAC"}
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"file":"key-generator.js","sourceRoot":"","sources":["../../src/key-generator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAC5E,OAAO,EAAE,QAAQ,IAAI,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAEtE;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAE,KAAsC;IACjE,MAAM,GAAG,GAAG,kBAAkB,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,CAAA;IACjE,MAAM,GAAG,GAAG,oBAAoB,CAAC,mCAAmC,GAAG,GAAG,CAAC,CAAA;IAE3E,IAAI,KAAK,YAAY,UAAU,EAAE
|
1
|
+
{"version":3,"file":"key-generator.js","sourceRoot":"","sources":["../../src/key-generator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAC5E,OAAO,EAAE,QAAQ,IAAI,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAEtE;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAE,KAAsC;IACjE,MAAM,GAAG,GAAG,kBAAkB,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,CAAA;IACjE,MAAM,GAAG,GAAG,oBAAoB,CAAC,mCAAmC,GAAG,GAAG,CAAC,CAAA;IAE3E,IAAI,KAAK,YAAY,UAAU,EAAE;QAC/B,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;KACf;SAAM;QACL,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;KACjB;AACH,CAAC;AAED,MAAM,CAAC,MAAM,YAAY,GAAG,EAAE,CAAA;AAC9B,MAAM,CAAC,MAAM,UAAU,GAAG,EAAE,CAAA"}
|
package/package.json
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
{
|
2
2
|
"name": "@libp2p/pnet",
|
3
|
-
"version": "1.0.0-
|
3
|
+
"version": "1.0.0-6b6ba9ab7",
|
4
4
|
"description": "Implementation of Connection protection management via a shared secret",
|
5
5
|
"license": "Apache-2.0 OR MIT",
|
6
6
|
"homepage": "https://github.com/libp2p/js-libp2p/tree/main/packages/pnet#readme",
|
@@ -11,10 +11,6 @@
|
|
11
11
|
"bugs": {
|
12
12
|
"url": "https://github.com/libp2p/js-libp2p/issues"
|
13
13
|
},
|
14
|
-
"publishConfig": {
|
15
|
-
"access": "public",
|
16
|
-
"provenance": true
|
17
|
-
},
|
18
14
|
"type": "module",
|
19
15
|
"types": "./dist/src/index.d.ts",
|
20
16
|
"files": [
|
@@ -49,21 +45,20 @@
|
|
49
45
|
"dep-check": "aegir dep-check"
|
50
46
|
},
|
51
47
|
"dependencies": {
|
52
|
-
"@libp2p/crypto": "2.0.8-
|
53
|
-
"@libp2p/interface": "0.1.6-
|
54
|
-
"it-
|
48
|
+
"@libp2p/crypto": "2.0.8-6b6ba9ab7",
|
49
|
+
"@libp2p/interface": "0.1.6-6b6ba9ab7",
|
50
|
+
"it-handshake": "^4.1.3",
|
55
51
|
"it-map": "^3.0.4",
|
56
52
|
"it-pair": "^2.0.6",
|
57
53
|
"it-pipe": "^3.0.1",
|
58
54
|
"it-stream-types": "^2.0.1",
|
59
|
-
"uint8arraylist": "^2.4.7",
|
60
55
|
"uint8arrays": "^4.0.6",
|
61
56
|
"xsalsa20": "^1.1.0"
|
62
57
|
},
|
63
58
|
"devDependencies": {
|
64
|
-
"@libp2p/interface-compliance-tests": "4.1.5-
|
65
|
-
"@libp2p/logger": "3.1.0-
|
66
|
-
"@libp2p/peer-id-factory": "3.0.8-
|
59
|
+
"@libp2p/interface-compliance-tests": "4.1.5-6b6ba9ab7",
|
60
|
+
"@libp2p/logger": "3.1.0-6b6ba9ab7",
|
61
|
+
"@libp2p/peer-id-factory": "3.0.8-6b6ba9ab7",
|
67
62
|
"@multiformats/multiaddr": "^12.1.10",
|
68
63
|
"@types/xsalsa20": "^1.1.0",
|
69
64
|
"aegir": "^41.0.2",
|
package/src/crypto.ts
CHANGED
@@ -4,17 +4,16 @@ import xsalsa20 from 'xsalsa20'
|
|
4
4
|
import * as Errors from './errors.js'
|
5
5
|
import { KEY_LENGTH } from './key-generator.js'
|
6
6
|
import type { Source } from 'it-stream-types'
|
7
|
-
import type { Uint8ArrayList } from 'uint8arraylist'
|
8
7
|
|
9
8
|
/**
|
10
9
|
* Creates a stream iterable to encrypt messages in a private network
|
11
10
|
*/
|
12
|
-
export function createBoxStream (nonce: Uint8Array, psk: Uint8Array): (source: Source<Uint8Array
|
11
|
+
export function createBoxStream (nonce: Uint8Array, psk: Uint8Array): (source: Source<Uint8Array>) => AsyncIterable<Uint8Array> {
|
13
12
|
const xor = xsalsa20(nonce, psk)
|
14
13
|
|
15
|
-
return (source: Source<Uint8Array
|
14
|
+
return (source: Source<Uint8Array>) => (async function * () {
|
16
15
|
for await (const chunk of source) {
|
17
|
-
yield Uint8Array.from(xor.update(chunk.
|
16
|
+
yield Uint8Array.from(xor.update(chunk.slice()))
|
18
17
|
}
|
19
18
|
})()
|
20
19
|
}
|
@@ -27,7 +26,7 @@ export function createUnboxStream (nonce: Uint8Array, psk: Uint8Array) {
|
|
27
26
|
const xor = xsalsa20(nonce, psk)
|
28
27
|
|
29
28
|
for await (const chunk of source) {
|
30
|
-
yield Uint8Array.from(xor.update(chunk.
|
29
|
+
yield Uint8Array.from(xor.update(chunk.slice()))
|
31
30
|
}
|
32
31
|
})()
|
33
32
|
}
|
package/src/index.ts
CHANGED
@@ -58,7 +58,7 @@
|
|
58
58
|
|
59
59
|
import { randomBytes } from '@libp2p/crypto'
|
60
60
|
import { CodeError } from '@libp2p/interface/errors'
|
61
|
-
import {
|
61
|
+
import { handshake } from 'it-handshake'
|
62
62
|
import map from 'it-map'
|
63
63
|
import { duplexPair } from 'it-pair/duplex'
|
64
64
|
import { pipe } from 'it-pipe'
|
@@ -71,21 +71,12 @@ import * as Errors from './errors.js'
|
|
71
71
|
import { NONCE_LENGTH } from './key-generator.js'
|
72
72
|
import type { ComponentLogger, Logger } from '@libp2p/interface'
|
73
73
|
import type { ConnectionProtector, MultiaddrConnection } from '@libp2p/interface/connection'
|
74
|
-
import type { Uint8ArrayList } from 'uint8arraylist'
|
75
74
|
|
76
75
|
export { generateKey } from './key-generator.js'
|
77
76
|
|
78
77
|
export interface ProtectorInit {
|
79
|
-
|
80
|
-
* A pre-shared key. This must be the same byte value for all peers in the
|
81
|
-
* swarm in order for them to communicate.
|
82
|
-
*/
|
78
|
+
enabled?: boolean
|
83
79
|
psk: Uint8Array
|
84
|
-
/**
|
85
|
-
* The initial nonce exchange must complete within this many milliseconds
|
86
|
-
* (default: 1000)
|
87
|
-
*/
|
88
|
-
timeout?: number
|
89
80
|
}
|
90
81
|
|
91
82
|
export interface ProtectorComponents {
|
@@ -96,7 +87,7 @@ class PreSharedKeyConnectionProtector implements ConnectionProtector {
|
|
96
87
|
public tag: string
|
97
88
|
private readonly log: Logger
|
98
89
|
private readonly psk: Uint8Array
|
99
|
-
private readonly
|
90
|
+
private readonly enabled: boolean
|
100
91
|
|
101
92
|
/**
|
102
93
|
* Takes a Private Shared Key (psk) and provides a `protect` method
|
@@ -104,11 +95,16 @@ class PreSharedKeyConnectionProtector implements ConnectionProtector {
|
|
104
95
|
*/
|
105
96
|
constructor (components: ProtectorComponents, init: ProtectorInit) {
|
106
97
|
this.log = components.logger.forComponent('libp2p:pnet')
|
107
|
-
this.
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
98
|
+
this.enabled = init.enabled !== false
|
99
|
+
|
100
|
+
if (this.enabled) {
|
101
|
+
const decodedPSK = decodeV1PSK(init.psk)
|
102
|
+
this.psk = decodedPSK.psk
|
103
|
+
this.tag = decodedPSK.tag ?? ''
|
104
|
+
} else {
|
105
|
+
this.psk = new Uint8Array()
|
106
|
+
this.tag = ''
|
107
|
+
}
|
112
108
|
}
|
113
109
|
|
114
110
|
/**
|
@@ -117,6 +113,10 @@ class PreSharedKeyConnectionProtector implements ConnectionProtector {
|
|
117
113
|
* created with.
|
118
114
|
*/
|
119
115
|
async protect (connection: MultiaddrConnection): Promise<MultiaddrConnection> {
|
116
|
+
if (!this.enabled) {
|
117
|
+
return connection
|
118
|
+
}
|
119
|
+
|
120
120
|
if (connection == null) {
|
121
121
|
throw new CodeError(Errors.NO_HANDSHAKE_CONNECTION, Errors.ERR_INVALID_PARAMETERS)
|
122
122
|
}
|
@@ -125,27 +125,26 @@ class PreSharedKeyConnectionProtector implements ConnectionProtector {
|
|
125
125
|
this.log('protecting the connection')
|
126
126
|
const localNonce = randomBytes(NONCE_LENGTH)
|
127
127
|
|
128
|
-
const
|
128
|
+
const shake = handshake(connection)
|
129
|
+
shake.write(localNonce)
|
129
130
|
|
130
|
-
const
|
131
|
-
await bytes.write(localNonce, {
|
132
|
-
signal
|
133
|
-
})
|
131
|
+
const result = await shake.reader.next(NONCE_LENGTH)
|
134
132
|
|
135
|
-
|
136
|
-
|
137
|
-
}
|
133
|
+
if (result.value == null) {
|
134
|
+
throw new CodeError(Errors.STREAM_ENDED, Errors.ERR_INVALID_PARAMETERS)
|
135
|
+
}
|
138
136
|
|
139
|
-
const remoteNonce = result.
|
137
|
+
const remoteNonce = result.value.slice()
|
138
|
+
shake.rest()
|
140
139
|
|
141
140
|
// Create the boxing/unboxing pipe
|
142
141
|
this.log('exchanged nonces')
|
143
|
-
const [internal, external] = duplexPair<Uint8Array
|
142
|
+
const [internal, external] = duplexPair<Uint8Array>()
|
144
143
|
pipe(
|
145
144
|
external,
|
146
145
|
// Encrypt all outbound traffic
|
147
146
|
createBoxStream(localNonce, this.psk),
|
148
|
-
|
147
|
+
shake.stream,
|
149
148
|
(source) => map(source, (buf) => buf.subarray()),
|
150
149
|
// Decrypt all inbound traffic
|
151
150
|
createUnboxStream(remoteNonce, this.psk),
|