pal-explorer-cli 0.4.0

package/lib/core/fileDiff.js

@@ -0,0 +1,69 @@
+import { createHash } from 'crypto';
+import { readFileSync, statSync, readdirSync, existsSync } from 'fs';
+import { join, relative } from 'path';
+
+export function hashFile(filePath, algorithm = 'sha256') {
+  const content = readFileSync(filePath);
+  return createHash(algorithm).update(content).digest('hex');
+}
+
+export function buildManifest(dirPath, basePath = dirPath) {
+  const manifest = {};
+  const entries = readdirSync(dirPath, { withFileTypes: true });
+  for (const entry of entries) {
+    const fullPath = join(dirPath, entry.name);
+    const relPath = relative(basePath, fullPath).replace(/\\/g, '/');
+    if (entry.isDirectory()) {
+      Object.assign(manifest, buildManifest(fullPath, basePath));
+    } else if (entry.isFile()) {
+      const stat = statSync(fullPath);
+      manifest[relPath] = {
+        size: stat.size,
+        mtime: stat.mtimeMs,
+        hash: hashFile(fullPath),
+      };
+    }
+  }
+  return manifest;
+}
+
+export function diffManifests(localManifest, remoteManifest) {
+  const result = {
+    added: [],
+    modified: [],
+    deleted: [],
+    unchanged: [],
+  };
+
+  for (const [path, remote] of Object.entries(remoteManifest)) {
+    const local = localManifest[path];
+    if (!local) {
+      result.added.push({ path, ...remote });
+    } else if (local.hash !== remote.hash) {
+      result.modified.push({ path, localHash: local.hash, remoteHash: remote.hash, size: remote.size });
+    } else {
+      result.unchanged.push({ path, size: remote.size });
+    }
+  }
+
+  for (const path of Object.keys(localManifest)) {
+    if (!remoteManifest[path]) {
+      result.deleted.push({ path, ...localManifest[path] });
+    }
+  }
+
+  return result;
+}
+
+export function diffSummary(diff) {
+  const totalAdded = diff.added.reduce((s, f) => s + (f.size || 0), 0);
+  const totalModified = diff.modified.reduce((s, f) => s + (f.size || 0), 0);
+  return {
+    addedCount: diff.added.length,
+    modifiedCount: diff.modified.length,
+    deletedCount: diff.deleted.length,
+    unchangedCount: diff.unchanged.length,
+    transferBytes: totalAdded + totalModified,
+    skippedFiles: diff.unchanged.length + diff.deleted.length,
+  };
+}

package/lib/core/groups.js

@@ -0,0 +1,119 @@
+import config from '../utils/config.js';
+import crypto from 'crypto';
+
+export function getGroups() {
+  return config.get('groups') || [];
+}
+
+export function getGroup(idOrName) {
+  return getGroups().find(g => g.id === idOrName || g.name === idOrName);
+}
+
+export function createGroup(name, ownerPublicKey, options = {}) {
+  const groups = getGroups();
+  if (groups.find(g => g.name === name)) {
+    throw new Error(`Group '${name}' already exists`);
+  }
+  const group = {
+    id: crypto.randomUUID(),
+    name,
+    description: options.description || null,
+    visibility: options.visibility || 'private',
+    owner: ownerPublicKey || null,
+    members: [],
+    createdAt: new Date().toISOString()
+  };
+  groups.push(group);
+  config.set('groups', groups);
+  return group;
+}
+
+export function addMemberToGroup(groupId, pal) {
+  const groups = getGroups();
+  const group = groups.find(g => g.id === groupId || g.name === groupId);
+  if (!group) throw new Error('Group not found');
+  if (group.members.find(m => m.id === pal.id || (pal.publicKey && m.id === pal.publicKey))) throw new Error('Pal already in group');
+  group.members.push({
+    id: pal.id,
+    name: pal.name,
+    handle: pal.handle,
+    publicKey: pal.publicKey || pal.id,
+    role: 'member',
+    addedAt: new Date().toISOString()
+  });
+  config.set('groups', groups);
+  return group;
+}
+
+export function removeMemberFromGroup(groupId, palId) {
+  const groups = getGroups();
+  const group = groups.find(g => g.id === groupId || g.name === groupId);
+  if (!group) throw new Error('Group not found');
+  const before = group.members.length;
+  group.members = group.members.filter(m => m.id !== palId && m.name !== palId && m.handle !== palId);
+  if (group.members.length === before) throw new Error('Pal not found in group');
+  config.set('groups', groups);
+  return group;
+}
+
+export function updateGroup(idOrName, updates, requesterId) {
+  const groups = getGroups();
+  const group = groups.find(g => g.id === idOrName || g.name === idOrName);
+  if (!group) throw new Error('Group not found');
+  if (requesterId && group.owner && group.owner !== requesterId) {
+    throw new Error('Only the group owner can edit this group');
+  }
+  if (updates.name !== undefined && updates.name !== group.name) {
+    if (groups.find(g => g.name === updates.name && g.id !== group.id)) {
+      throw new Error(`Group '${updates.name}' already exists`);
+    }
+    group.name = updates.name;
+  }
+  if (updates.description !== undefined) group.description = updates.description;
+  if (updates.icon !== undefined) group.icon = updates.icon;
+  group.updatedAt = new Date().toISOString();
+  config.set('groups', groups);
+  return group;
+}
+
+export function deleteGroup(idOrName, requesterId) {
+  const group = getGroup(idOrName);
+  if (!group) throw new Error('Group not found');
+  if (requesterId && group.owner && group.owner !== requesterId) {
+    throw new Error('Only the group owner can delete this group');
+  }
+  const groups = getGroups().filter(g => g.id !== idOrName && g.name !== idOrName);
+  config.set('groups', groups);
+}
+
+export function getGroupMembers(idOrName) {
+  const group = getGroup(idOrName);
+  return group ? group.members : [];
+}
+
+export function getShareComments(shareId) {
+  const all = config.get('shareComments') || {};
+  return all[shareId] || [];
+}
+
+export function addShareComment(shareId, { authorHandle, authorName, text }) {
+  const all = config.get('shareComments') || {};
+  if (!all[shareId]) all[shareId] = [];
+  const comment = {
+    id: crypto.randomUUID(),
+    authorHandle,
+    authorName,
+    text,
+    createdAt: new Date().toISOString()
+  };
+  all[shareId].push(comment);
+  config.set('shareComments', all);
+  return comment;
+}
+
+export function deleteShareComment(shareId, commentId) {
+  const all = config.get('shareComments') || {};
+  if (!all[shareId]) return;
+  all[shareId] = all[shareId].filter(c => c.id !== commentId);
+  config.set('shareComments', all);
+}

package/lib/core/identity.js

@@ -0,0 +1,340 @@
+import sodium from 'sodium-native';
+import crypto from 'crypto';
+import os from 'os';
+import fs from 'fs';
+import path from 'path';
+import keytar from 'keytar';
+import * as bip39 from 'bip39';
+import config from '../utils/config.js';
+
+const KEYTAR_SERVICE = 'pal-explorer';
+const KEYFILE_ALGORITHM = 'aes-256-gcm';
+
+function getKeyFilePath() {
+  const dir = path.join(os.homedir(), '.palexplorer');
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
+  return path.join(dir, '.keys.json');
+}
+
+function deriveFileKey(pin, salt) {
+  return crypto.scryptSync(pin, salt, 32);
+}
+
+function encryptKeyData(data, pin) {
+  const salt = crypto.randomBytes(32);
+  const key = deriveFileKey(pin, salt);
+  const iv = crypto.randomBytes(16);
+  const cipher = crypto.createCipheriv(KEYFILE_ALGORITHM, key, iv);
+  const encrypted = Buffer.concat([cipher.update(JSON.stringify(data), 'utf8'), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return JSON.stringify({
+    encrypted: true,
+    v: 2,
+    salt: salt.toString('hex'),
+    iv: iv.toString('hex'),
+    tag: tag.toString('hex'),
+    data: encrypted.toString('hex'),
+  });
+}
+
+function decryptKeyData(raw, pin) {
+  const obj = JSON.parse(raw);
+  if (!obj.encrypted) return obj;
+  const salt = obj.salt ? Buffer.from(obj.salt, 'hex') : 'palexplorer-keyfile-salt-v1';
+  const key = deriveFileKey(pin, salt);
+  const decipher = crypto.createDecipheriv(KEYFILE_ALGORITHM, key, Buffer.from(obj.iv, 'hex'));
+  decipher.setAuthTag(Buffer.from(obj.tag, 'hex'));
+  const decrypted = Buffer.concat([decipher.update(Buffer.from(obj.data, 'hex')), decipher.final()]);
+  return JSON.parse(decrypted.toString('utf8'));
+}
+
+let _keyfilePin = null;
+
+export function setKeyfilePin(pin) {
+  _keyfilePin = pin;
+}
+
+function getMachineKey() {
+  return `pe:${os.hostname()}:${os.userInfo().username}:${process.platform}:${os.arch()}`;
+}
+
+function getEffectivePin() {
+  return _keyfilePin || getMachineKey();
+}
+
+function readKeyFile() {
+  try {
+    const p = getKeyFilePath();
+    if (!fs.existsSync(p)) return {};
+    const raw = fs.readFileSync(p, 'utf-8');
+    const parsed = JSON.parse(raw);
+    if (parsed.encrypted) {
+      // Try user PIN first, then machine key
+      if (_keyfilePin) {
+        try { return decryptKeyData(raw, _keyfilePin); } catch {}
+      }
+      try { return decryptKeyData(raw, getMachineKey()); } catch {}
+      return {};
+    }
+    // Plaintext found — migrate to encrypted on next write
+    return parsed;
+  } catch { return {}; }
+}
+
+function writeKeyFile(keys) {
+  const p = getKeyFilePath();
+  // Always encrypt — use PIN if available, otherwise machine-derived key
+  fs.writeFileSync(p, encryptKeyData(keys, getEffectivePin()), { mode: 0o600 });
+}
+
+const useKeytar = process.platform === 'win32' || process.platform === 'darwin';
+
+async function storeKey(publicKey, privateKey) {
+  if (useKeytar) {
+    try {
+      await keytar.setPassword(KEYTAR_SERVICE, publicKey, privateKey);
+      const verified = await keytar.getPassword(KEYTAR_SERVICE, publicKey);
+      if (verified !== privateKey) throw new Error('Keytar read-back verification failed');
+      return;
+    } catch {}
+  }
+  const keys = readKeyFile();
+  const hadPlaintext = Object.keys(keys).length > 0 && !_keyfilePin;
+  keys[publicKey] = privateKey;
+  writeKeyFile(keys); // Always encrypts now (PIN or machine key)
+  if (hadPlaintext) {
+    // Migrated plaintext → encrypted
+  }
+}
+
+async function retrieveKey(publicKey) {
+  if (useKeytar) {
+    try {
+      const key = await keytar.getPassword(KEYTAR_SERVICE, publicKey);
+      if (key) return key;
+    } catch {}
+  }
+  const keys = readKeyFile();
+  return keys[publicKey] || null;
+}
+
+let guestSession = null;
+
+export async function guestLogin(mnemonic) {
+  if (!bip39.validateMnemonic(mnemonic)) {
+    throw new Error('Invalid mnemonic phrase');
+  }
+  const seed = Buffer.from(bip39.mnemonicToEntropy(mnemonic), 'hex');
+  const { publicKey, privateKey } = keypairFromSeed(seed);
+
+  guestSession = {
+    publicKey: publicKey.toString('hex'),
+    privateKey: privateKey.toString('hex'),
+    name: 'Guest',
+    handle: null,
+    isGuest: true,
+  };
+  return guestSession;
+}
+
+export function guestLogout() {
+  if (guestSession) {
+    try {
+      const pkBuf = Buffer.from(guestSession.privateKey, 'hex');
+      sodium.sodium_memzero(pkBuf);
+    } catch {}
+    guestSession = null;
+  }
+}
+
+export function isGuestSession() {
+  return guestSession !== null;
+}
+
+const makeDeviceId = () => {
+  if (typeof crypto.randomUUID === 'function') {
+    return crypto.randomUUID();
+  }
+  return crypto.randomBytes(16).toString('hex');
+};
+
+export function getDeviceInfo() {
+  const existing = config.get('device');
+  const defaultName = os.hostname() || 'pal-device';
+
+  if (!existing || typeof existing !== 'object') {
+    const created = {
+      id: makeDeviceId(),
+      name: defaultName,
+      createdAt: new Date().toISOString()
+    };
+    config.set('device', created);
+    return created;
+  }
+
+  let updated = false;
+  const normalized = { ...existing };
+  if (!normalized.id) {
+    normalized.id = makeDeviceId();
+    updated = true;
+  }
+  if (!normalized.name) {
+    normalized.name = defaultName;
+    updated = true;
+  }
+  if (!normalized.createdAt) {
+    normalized.createdAt = new Date().toISOString();
+    updated = true;
+  }
+
+  if (updated) {
+    config.set('device', normalized);
+  }
+
+  return normalized;
+}
+
+export function setDeviceName(name) {
+  const device = getDeviceInfo();
+  const next = {
+    ...device,
+    name: (name || '').trim() || device.name,
+    updatedAt: new Date().toISOString()
+  };
+  config.set('device', next);
+  return next;
+}
+
+export function setIdentityHandle(handle) {
+  const identity = config.get('identity');
+  if (!identity) return null;
+
+  const updated = {
+    ...identity,
+    handle,
+    updatedAt: new Date().toISOString()
+  };
+  config.set('identity', updated);
+  return updated;
+}
+
+export function updateProfile(fields) {
+  const identity = config.get('identity');
+  if (!identity) return null;
+
+  const allowed = ['avatar', 'bio', 'status', 'displayName'];
+  const updated = { ...identity };
+  for (const key of allowed) {
+    if (fields[key] !== undefined) updated[key] = fields[key];
+  }
+  updated.updatedAt = new Date().toISOString();
+  config.set('identity', updated);
+  return updated;
+}
+
+function keypairFromSeed(seed) {
+  const publicKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES);
+  const privateKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES);
+  sodium.crypto_sign_seed_keypair(publicKey, privateKey, seed);
+  return { publicKey, privateKey };
+}
+
+export async function createIdentity(name, options = {}) {
+  const device = getDeviceInfo();
+  const existingIdentity = config.get('identity');
+
+  if (existingIdentity && !options.force) {
+    throw new Error('Identity already exists! Use --force to overwrite.');
+  }
+
+  // Generate mnemonic and derive keypair from seed
+  const mnemonic = bip39.generateMnemonic(256); // 24 words
+  const seed = Buffer.from(bip39.mnemonicToEntropy(mnemonic), 'hex');
+  const { publicKey, privateKey } = keypairFromSeed(seed);
+
+  const identity = {
+    name: name || 'Anonymous',
+    publicKey: publicKey.toString('hex'),
+    privateKey: privateKey.toString('hex'),
+    handle: existingIdentity?.handle || null,
+    deviceId: device.id,
+    deviceName: device.name,
+    createdAt: new Date().toISOString()
+  };
+
+  await storeKey(identity.publicKey, identity.privateKey);
+  const { privateKey: _pk, ...identityWithoutKey } = identity;
+  config.set('identity', identityWithoutKey);
+  return { ...identity, mnemonic };
+}
+
+export async function recoverIdentity(mnemonic, name) {
+  if (!bip39.validateMnemonic(mnemonic)) {
+    throw new Error('Invalid mnemonic phrase');
+  }
+
+  const device = getDeviceInfo();
+  const existing = config.get('identity');
+  const seed = Buffer.from(bip39.mnemonicToEntropy(mnemonic), 'hex');
+  const { publicKey, privateKey } = keypairFromSeed(seed);
+
+  const identity = {
+    name: name || existing?.name || 'Recovered',
+    publicKey: publicKey.toString('hex'),
+    privateKey: privateKey.toString('hex'),
+    handle: null,
+    deviceId: device.id,
+    deviceName: device.name,
+    createdAt: new Date().toISOString(),
+    recoveredAt: new Date().toISOString()
+  };
+
+  await storeKey(identity.publicKey, identity.privateKey);
+  const { privateKey: _pk, ...identityWithoutKey } = identity;
+  config.set('identity', identityWithoutKey);
+  return identity;
+}
+
+let _getIdentityInFlight = null;
+
+export async function getIdentity() {
+  if (guestSession) {
+    const device = getDeviceInfo();
+    return { ...guestSession, deviceId: device.id, deviceName: device.name };
+  }
+
+  if (_getIdentityInFlight) return _getIdentityInFlight;
+  _getIdentityInFlight = _getIdentityImpl().finally(() => { _getIdentityInFlight = null; });
+  return _getIdentityInFlight;
+}
+
+async function _getIdentityImpl() {
+  const identity = config.get('identity');
+  if (!identity || !identity.publicKey) return null;
+
+  const device = getDeviceInfo();
+
+  // Migration: if privateKey still in config, move to secure store
+  if (identity.privateKey) {
+    await storeKey(identity.publicKey, identity.privateKey);
+    const { privateKey, ...rest } = identity;
+    config.set('identity', rest);
+    return { ...identity, deviceId: device.id, deviceName: device.name };
+  }
+
+  let privateKey;
+  try {
+    privateKey = await retrieveKey(identity.publicKey);
+  } catch {
+    privateKey = null;
+  }
+  const result = { ...identity, privateKey, deviceId: device.id, deviceName: device.name };
+  // Validate required fields to prevent returning incomplete identity
+  if (!result.publicKey) return null;
+  return result;
+}
+
+export async function getPublicKey() {
+  const identity = config.get('identity');
+  return identity ? identity.publicKey : null;
+}

package/lib/core/mdnsService.js

@@ -0,0 +1,126 @@
+import { Bonjour } from 'bonjour-service';
+import config from '../utils/config.js';
+import { sendRequest } from './signalingServer.js';
+
+let bonjour = null;
+let service = null;
+let browser = null;
+const nearbyPeers = new Map();
+let advertisedTxtExtras = {};
+let verifyBeforeCaching = true;
+
+// HIGH-1 fix: verify a discovered peer is running PAL/1.0 before caching
+// Combined with MEDIUM-3 (cache by public key only) and CRITICAL-1 (authenticated share_list),
+// this prevents blind cache poisoning from unauthenticated mDNS advertisers.
+async function verifyPeerAlive(ip, port) {
+  try {
+    const resp = await sendRequest(ip, port, { type: 'status' }, 3000);
+    return resp.ok && resp.protocol === 'PAL/1.0';
+  } catch {
+    return false;
+  }
+}
+
+// MEDIUM-3 fix: persist peer addresses keyed ONLY by public key
+function persistPeerAddress(peer) {
+  try {
+    const cache = config.get('peerAddressCache') || {};
+    const key = peer.publicKey;
+    if (!key || !peer.ip || peer.ip === 'unknown') return;
+    cache[key] = {
+      ip: peer.ip,
+      port: 7474,
+      handle: peer.handle || null,
+      publicKey: peer.publicKey || null,
+      name: peer.name || null,
+      updatedAt: new Date().toISOString(),
+    };
+    // Do NOT cache by handle — handles are spoofable
+    config.set('peerAddressCache', cache);
+  } catch {}
+}
+
+export function getCachedPeerAddress(identifiers) {
+  const cache = config.get('peerAddressCache') || {};
+  // Only look up by public key (first valid hex key in identifiers)
+  for (const id of identifiers) {
+    if (id && /^[0-9a-f]{64}$/i.test(id) && cache[id]) return cache[id];
+  }
+  return null;
+}
+
+export function startMdns(identity, opts = {}) {
+  if (bonjour) return;
+  if (!identity?.publicKey) return;
+  verifyBeforeCaching = opts.verifyPeers !== false;
+  const advertise = opts.advertise !== false;
+
+  advertisedTxtExtras = {};
+  if (opts.torrentPort) advertisedTxtExtras.tp = String(opts.torrentPort);
+  if (opts.webPort) advertisedTxtExtras.wp = String(opts.webPort);
+
+  bonjour = new Bonjour();
+
+  if (advertise) {
+    try {
+      service = bonjour.publish({
+        name: `palexplorer-${identity.handle || identity.publicKey.slice(0, 8)}`,
+        type: 'palexplorer',
+        port: 7474,
+        txt: {
+          pk: identity.publicKey,
+          h: identity.handle || '',
+          n: identity.name || '',
+          ...advertisedTxtExtras,
+        },
+      });
+    } catch {
+      // mDNS publish can fail if service name is already registered or port conflicts
+      service = null;
+    }
+  }
+
+  browser = bonjour.find({ type: 'palexplorer' }, async (svc) => {
+    const txt = svc.txt || {};
+    const pk = txt.pk;
+    if (!pk || !/^[0-9a-f]{64}$/i.test(pk)) return;
+    if (pk === identity.publicKey) return;
+    if (nearbyPeers.has(pk)) return;
+
+    const ip = (svc.addresses && svc.addresses[0]) || svc.host || 'unknown';
+    if (ip === 'unknown') return;
+
+    // HIGH-1 fix: verify the peer is running PAL/1.0 before caching
+    if (verifyBeforeCaching) {
+      const alive = await verifyPeerAlive(ip, 7474);
+      if (!alive) return;
+    }
+
+    const peer = {
+      publicKey: pk,
+      name: txt.n || 'Unknown',
+      handle: txt.h || null,
+      ip,
+      torrentPort: txt.tp ? parseInt(txt.tp, 10) : null,
+      webPort: txt.wp ? parseInt(txt.wp, 10) : null,
+      discoveredAt: new Date().toISOString(),
+    };
+    nearbyPeers.set(pk, peer);
+    persistPeerAddress(peer);
+  });
+}
+
+export function stopMdns() {
+  if (browser) { browser.stop(); browser = null; }
+  if (service) { service.stop(); service = null; }
+  if (bonjour) { bonjour.destroy(); bonjour = null; }
+  nearbyPeers.clear();
+}
+
+export function getNearbyPeers() {
+  return [...nearbyPeers.values()];
+}
+
+export function isRunning() {
+  return bonjour !== null;
+}