npm - @xiboplayer/utils - Versions diffs - 0.3.1 → 0.3.3 - Mend

@xiboplayer/utils 0.3.1 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@xiboplayer/utils",
-  "version": "0.3.1",
+  "version": "0.3.3",
   "description": "Shared utilities for Xibo Player packages",
   "type": "module",
   "main": "./src/index.js",
@@ -10,7 +10,9 @@
     "./event-emitter": "./src/event-emitter.js",
     "./config": "./src/config.js"
   },
-  "dependencies": {},
+  "dependencies": {
+    "@xiboplayer/crypto": "0.3.3"
+  },
   "devDependencies": {
     "vitest": "^2.0.0"
   },

package/src/config.js CHANGED Viewed

@@ -4,6 +4,7 @@
  * In Node.js (tests, CLI): environment variables are the only source.
  * In browser (PWA player): localStorage is primary, env vars override if set.
  */
+import { generateRsaKeyPair, isValidPemKey } from '@xiboplayer/crypto';
 const STORAGE_KEY = 'xibo_config';
 const HW_DB_NAME = 'xibo-hw-backup';
@@ -99,10 +100,11 @@ export class Config {
   }
   /**
-   * Backup hardware key to IndexedDB (more persistent than localStorage).
+   * Backup keys to IndexedDB (more persistent than localStorage).
    * IndexedDB survives "Clear site data" in some browsers where localStorage doesn't.
+   * @param {Object} keys - Key-value pairs to store (e.g. { hardwareKey: '...', xmrPubKey: '...' })
    */
-  _backupHardwareKey(key) {
+  _backupKeys(keys) {
     try {
       const req = indexedDB.open(HW_DB_NAME, HW_DB_VERSION);
       req.onupgradeneeded = () => {
@@ -114,9 +116,12 @@ export class Config {
       req.onsuccess = () => {
         const db = req.result;
         const tx = db.transaction('keys', 'readwrite');
-        tx.objectStore('keys').put(key, 'hardwareKey');
+        const store = tx.objectStore('keys');
+        for (const [k, v] of Object.entries(keys)) {
+          store.put(v, k);
+        }
         tx.oncomplete = () => {
-          console.log('[Config] Hardware key backed up to IndexedDB');
+          console.log('[Config] Keys backed up to IndexedDB:', Object.keys(keys).join(', '));
           db.close();
         };
       };
@@ -125,6 +130,13 @@ export class Config {
     }
   }
+  /**
+   * Backup hardware key to IndexedDB (convenience wrapper).
+   */
+  _backupHardwareKey(key) {
+    this._backupKeys({ hardwareKey: key });
+  }
   /**
    * Restore hardware key from IndexedDB if localStorage was cleared.
    * Runs async after construction — if a backed-up key is found and
@@ -236,6 +248,31 @@ export class Config {
     });
   }
+  /**
+   * Ensure an RSA key pair exists for XMR registration.
+   * If keys are missing or invalid, generates a new pair and persists them.
+   * Idempotent — safe to call multiple times.
+   */
+  async ensureXmrKeyPair() {
+    if (this.data.xmrPubKey && isValidPemKey(this.data.xmrPubKey)) {
+      return;
+    }
+    console.log('[Config] Generating RSA key pair for XMR registration...');
+    const { publicKeyPem, privateKeyPem } = await generateRsaKeyPair();
+    this.data.xmrPubKey = publicKeyPem;
+    this.data.xmrPrivKey = privateKeyPem;
+    this.save();
+    // Backup RSA keys to IndexedDB alongside hardware key
+    if (typeof indexedDB !== 'undefined') {
+      this._backupKeys({ xmrPubKey: publicKeyPem, xmrPrivKey: privateKeyPem });
+    }
+    console.log('[Config] RSA key pair generated and saved');
+  }
   hash(str) {
     // FNV-1a hash algorithm (better distribution than simple hash)
     // Produces high-entropy 32-character hex string
@@ -283,6 +320,8 @@ export class Config {
     return this.data.hardwareKey;
   }
   get xmrChannel() { return this.data.xmrChannel; }
+  get xmrPubKey() { return this.data.xmrPubKey || ''; }
+  get xmrPrivKey() { return this.data.xmrPrivKey || ''; }
 }
 export const config = new Config();

package/src/config.test.js CHANGED Viewed

@@ -5,6 +5,25 @@
  */
 import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
+// Mock @xiboplayer/crypto before importing Config
+vi.mock('@xiboplayer/crypto', () => {
+  let callCount = 0;
+  return {
+    generateRsaKeyPair: vi.fn(async () => {
+      callCount++;
+      return {
+        publicKeyPem: `-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKEY${callCount}==\n-----END PUBLIC KEY-----`,
+        privateKeyPem: `-----BEGIN PRIVATE KEY-----\nMIICdgIBADANBgkqhkiG9w0BAQEFPRIVKEY${callCount}==\n-----END PRIVATE KEY-----`,
+      };
+    }),
+    isValidPemKey: vi.fn((pem) => {
+      if (!pem || typeof pem !== 'string') return false;
+      return /^-----BEGIN (PUBLIC KEY|PRIVATE KEY)-----\n/.test(pem);
+    }),
+  };
+});
 import { Config } from './config.js';
 describe('Config', () => {
@@ -470,4 +489,93 @@ describe('Config', () => {
       expect(config2.displayName).toBe('Persist Display');
     });
   });
+  describe('ensureXmrKeyPair()', () => {
+    beforeEach(() => {
+      config = new Config();
+    });
+    it('should generate and store RSA key pair', async () => {
+      expect(config.data.xmrPubKey).toBeUndefined();
+      expect(config.data.xmrPrivKey).toBeUndefined();
+      await config.ensureXmrKeyPair();
+      expect(config.data.xmrPubKey).toMatch(/^-----BEGIN PUBLIC KEY-----/);
+      expect(config.data.xmrPrivKey).toMatch(/^-----BEGIN PRIVATE KEY-----/);
+    });
+    it('should persist keys to localStorage', async () => {
+      await config.ensureXmrKeyPair();
+      const stored = JSON.parse(mockLocalStorage.getItem('xibo_config'));
+      expect(stored.xmrPubKey).toMatch(/^-----BEGIN PUBLIC KEY-----/);
+      expect(stored.xmrPrivKey).toMatch(/^-----BEGIN PRIVATE KEY-----/);
+    });
+    it('should be idempotent — second call preserves existing keys', async () => {
+      await config.ensureXmrKeyPair();
+      const firstPubKey = config.data.xmrPubKey;
+      const firstPrivKey = config.data.xmrPrivKey;
+      await config.ensureXmrKeyPair();
+      expect(config.data.xmrPubKey).toBe(firstPubKey);
+      expect(config.data.xmrPrivKey).toBe(firstPrivKey);
+    });
+    it('should regenerate keys if xmrPubKey is invalid', async () => {
+      config.data.xmrPubKey = 'invalid-key';
+      config.data.xmrPrivKey = 'invalid-key';
+      await config.ensureXmrKeyPair();
+      expect(config.data.xmrPubKey).toMatch(/^-----BEGIN PUBLIC KEY-----/);
+      expect(config.data.xmrPrivKey).toMatch(/^-----BEGIN PRIVATE KEY-----/);
+    });
+    it('should regenerate keys if xmrPubKey is empty string', async () => {
+      config.data.xmrPubKey = '';
+      await config.ensureXmrKeyPair();
+      expect(config.data.xmrPubKey).toMatch(/^-----BEGIN PUBLIC KEY-----/);
+    });
+    it('should survive config reload from localStorage', async () => {
+      await config.ensureXmrKeyPair();
+      const savedPubKey = config.data.xmrPubKey;
+      // Create new config (loads from localStorage)
+      const config2 = new Config();
+      expect(config2.data.xmrPubKey).toBe(savedPubKey);
+    });
+  });
+  describe('XMR Key Getters', () => {
+    beforeEach(() => {
+      config = new Config();
+    });
+    it('should return empty string for xmrPubKey when not set', () => {
+      expect(config.xmrPubKey).toBe('');
+    });
+    it('should return empty string for xmrPrivKey when not set', () => {
+      expect(config.xmrPrivKey).toBe('');
+    });
+    it('should return xmrPubKey after ensureXmrKeyPair', async () => {
+      await config.ensureXmrKeyPair();
+      expect(config.xmrPubKey).toMatch(/^-----BEGIN PUBLIC KEY-----/);
+    });
+    it('should return xmrPrivKey after ensureXmrKeyPair', async () => {
+      await config.ensureXmrKeyPair();
+      expect(config.xmrPrivKey).toMatch(/^-----BEGIN PRIVATE KEY-----/);
+    });
+  });
 });