hypercore 10.21.4 → 10.21.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/caps.js +2 -4
- package/lib/core.js +7 -2
- package/lib/messages.js +1 -0
- package/package.json +1 -1
package/lib/caps.js
CHANGED
|
@@ -2,7 +2,6 @@ const crypto = require('hypercore-crypto')
|
|
|
2
2
|
const sodium = require('sodium-universal')
|
|
3
3
|
const b4a = require('b4a')
|
|
4
4
|
const c = require('compact-encoding')
|
|
5
|
-
const m = require('./messages')
|
|
6
5
|
|
|
7
6
|
// TODO: rename this to "crypto" and move everything hashing related etc in here
|
|
8
7
|
// Also lets move the tree stuff from hypercore-crypto here
|
|
@@ -18,11 +17,10 @@ exports.replicate = function (isInitiator, key, handshakeHash) {
|
|
|
18
17
|
}
|
|
19
18
|
|
|
20
19
|
exports.manifestHash = function (manifest) {
|
|
21
|
-
const state = { start: 0, end: 32, buffer: null }
|
|
22
|
-
m.manifest.preencode(state, manifest)
|
|
20
|
+
const state = { start: 0, end: 32 + manifest.byteLength, buffer: null }
|
|
23
21
|
state.buffer = b4a.allocUnsafe(state.end)
|
|
24
22
|
c.raw.encode(state, MANIFEST)
|
|
25
|
-
|
|
23
|
+
c.raw.encode(state, manifest)
|
|
26
24
|
const out = b4a.allocUnsafe(32)
|
|
27
25
|
sodium.crypto_generichash(out, state.buffer)
|
|
28
26
|
return out
|
package/lib/core.js
CHANGED
|
@@ -8,6 +8,7 @@ const BlockStore = require('./block-store')
|
|
|
8
8
|
const Bitfield = require('./bitfield')
|
|
9
9
|
const Info = require('./info')
|
|
10
10
|
const { BAD_ARGUMENT, STORAGE_EMPTY, STORAGE_CONFLICT, INVALID_SIGNATURE } = require('hypercore-errors')
|
|
11
|
+
const c = require('compact-encoding')
|
|
11
12
|
const m = require('./messages')
|
|
12
13
|
const caps = require('./caps')
|
|
13
14
|
|
|
@@ -104,7 +105,7 @@ module.exports = class Core {
|
|
|
104
105
|
|
|
105
106
|
header = {
|
|
106
107
|
external: null,
|
|
107
|
-
key: opts.key || (opts.compat ? manifest.signer.publicKey :
|
|
108
|
+
key: opts.key || (opts.compat ? manifest.signer.publicKey : hashManifest(manifest)),
|
|
108
109
|
manifest,
|
|
109
110
|
keyPair,
|
|
110
111
|
userData: [],
|
|
@@ -453,7 +454,7 @@ module.exports = class Core {
|
|
|
453
454
|
if (!this.header.manifest) {
|
|
454
455
|
if (!manifest) { // compat mode, remove in future version
|
|
455
456
|
manifest = defaultSignerManifest(this.header.key)
|
|
456
|
-
} else if (!manifest || !b4a.equals(this.header.key,
|
|
457
|
+
} else if (!manifest || !b4a.equals(this.header.key, hashManifest(manifest))) {
|
|
457
458
|
throw INVALID_SIGNATURE('Proof contains an invalid manifest') // TODO: proper error type
|
|
458
459
|
}
|
|
459
460
|
}
|
|
@@ -800,4 +801,8 @@ function defaultSignerManifest (publicKey) {
|
|
|
800
801
|
}
|
|
801
802
|
}
|
|
802
803
|
|
|
804
|
+
function hashManifest (manifest) {
|
|
805
|
+
return caps.manifestHash(c.encode(m.manifest, manifest))
|
|
806
|
+
}
|
|
807
|
+
|
|
803
808
|
function noop () {}
|
package/lib/messages.js
CHANGED