react-native-ble-mesh 1.1.1 → 2.0.0

package/src/service/HandshakeManager.js

@@ -8,6 +8,7 @@
 const EventEmitter = require('../utils/EventEmitter');
 const { HandshakeError } = require('../errors');
 const { MESSAGE_TYPE, MESH_CONFIG, EVENTS } = require('../constants');
+const { randomBytes, concat } = require('../utils/bytes');
 
 const STATE = Object.freeze({
   IDLE: 'idle', INITIATOR_WAITING: 'initiator_waiting',
@@ -51,9 +52,15 @@ class HandshakeManager extends EventEmitter {
 
   async handleIncomingHandshake(peerId, type, payload, transport) {
     try {
-      if (type === MESSAGE_TYPE.HANDSHAKE_INIT) { return await this._onInit(peerId, payload, transport); }
-      if (type === MESSAGE_TYPE.HANDSHAKE_RESPONSE) { return await this._onResponse(peerId, payload, transport); }
-      if (type === MESSAGE_TYPE.HANDSHAKE_FINAL) { return await this._onFinal(peerId, payload); }
+      if (type === MESSAGE_TYPE.HANDSHAKE_INIT) {
+        return await this._onInit(peerId, payload, transport);
+      }
+      if (type === MESSAGE_TYPE.HANDSHAKE_RESPONSE) {
+        return await this._onResponse(peerId, payload, transport);
+      }
+      if (type === MESSAGE_TYPE.HANDSHAKE_FINAL) {
+        return await this._onFinal(peerId, payload);
+      }
       throw HandshakeError.handshakeFailed(peerId, null, { reason: 'Unknown type' });
     } catch (err) {
       this._fail(peerId, err);
@@ -81,23 +88,160 @@ class HandshakeManager extends EventEmitter {
     };
   }
 
-  _createNoise() {
+  _createNoise(keyPair, isInitiator) {
+    // Get crypto provider from keyManager if available
+    const provider = this._keyManager.provider;
+
+    // Generate ephemeral key pair for this handshake
+    let ephemeralKeyPair;
+    if (provider && typeof provider.generateKeyPair === 'function') {
+      ephemeralKeyPair = provider.generateKeyPair();
+    } else {
+      // Fallback to random keys if no provider available
+      ephemeralKeyPair = { publicKey: randomBytes(32), secretKey: randomBytes(32) };
+    }
+
+    let remoteEphemeralPublic = null;
+    let sharedSecret = null;
+    let sessionKeys = null;
+    let complete = false;
+
+    const deriveSessionKeys = (secret) => {
+      // Derive send/receive keys from shared secret
+      // Use hash to derive two different keys from the secret
+      if (provider && typeof provider.hash === 'function') {
+        const h1 = provider.hash(concat(secret, new Uint8Array([0x01])));
+        const h2 = provider.hash(concat(secret, new Uint8Array([0x02])));
+        return isInitiator
+          ? { sendKey: h1, recvKey: h2 }
+          : { sendKey: h2, recvKey: h1 };
+      }
+      throw new Error('Crypto provider required for key derivation. Install tweetnacl: npm install tweetnacl');
+    };
+
     return {
-      writeMessage1: () => new Uint8Array(32), readMessage1: () => {},
-      writeMessage2: () => new Uint8Array(80), readMessage2: () => {},
-      writeMessage3: () => new Uint8Array(48), readMessage3: () => {},
-      isComplete: () => false, getSession: () => ({ encrypt: () => {}, decrypt: () => {} }),
-      getRemotePublicKey: () => new Uint8Array(32)
+      writeMessage1: () => {
+        // Initiator sends ephemeral public key
+        return ephemeralKeyPair.publicKey;
+      },
+
+      readMessage1: (msg) => {
+        // Responder receives initiator's ephemeral public key
+        remoteEphemeralPublic = new Uint8Array(msg);
+      },
+
+      writeMessage2: () => {
+        // Responder sends ephemeral public key and derives shared secret
+        if (provider && typeof provider.sharedSecret === 'function') {
+          sharedSecret = provider.sharedSecret(ephemeralKeyPair.secretKey, remoteEphemeralPublic);
+        } else {
+          throw new Error('Crypto provider required for secure handshake. Install tweetnacl: npm install tweetnacl');
+        }
+        sessionKeys = deriveSessionKeys(sharedSecret);
+        return ephemeralKeyPair.publicKey;
+      },
+
+      readMessage2: (msg) => {
+        // Initiator receives responder's ephemeral public key and derives shared secret
+        remoteEphemeralPublic = new Uint8Array(msg);
+        if (provider && typeof provider.sharedSecret === 'function') {
+          sharedSecret = provider.sharedSecret(ephemeralKeyPair.secretKey, remoteEphemeralPublic);
+        } else {
+          throw new Error('Crypto provider required for secure handshake. Install tweetnacl: npm install tweetnacl');
+        }
+        sessionKeys = deriveSessionKeys(sharedSecret);
+      },
+
+      writeMessage3: () => {
+        // Initiator confirms handshake completion
+        complete = true;
+        return ephemeralKeyPair.publicKey;
+      },
+
+      readMessage3: (_msg) => {
+        // Responder confirms handshake completion
+        complete = true;
+      },
+
+      isComplete: () => complete,
+
+      getRemotePublicKey: () => remoteEphemeralPublic || new Uint8Array(32),
+
+      getSession: () => {
+        if (!sessionKeys) {
+          throw new Error('Handshake not complete');
+        }
+
+        const sendKey = sessionKeys.sendKey;
+        const recvKey = sessionKeys.recvKey;
+        let sendNonce = 0;
+        let recvNonce = 0;
+
+        return {
+          encrypt: (plaintext) => {
+            if (provider && typeof provider.encrypt === 'function') {
+              // Use proper AEAD encryption with nonce
+              const nonce = new Uint8Array(24); // tweetnacl uses 24-byte nonces
+              const view = new DataView(nonce.buffer);
+              // Store counter in last 8 bytes of nonce
+              if (nonce.byteLength >= 8) {
+                view.setUint32(nonce.byteLength - 8, 0, true);
+                view.setUint32(nonce.byteLength - 4, sendNonce++, true);
+              }
+              return provider.encrypt(sendKey, nonce, plaintext);
+            }
+            throw new Error('Crypto provider required for encryption');
+          },
+
+          decrypt: (ciphertext) => {
+            if (provider && typeof provider.decrypt === 'function') {
+              // Use proper AEAD decryption with nonce
+              const nonce = new Uint8Array(24);
+              const view = new DataView(nonce.buffer);
+              if (nonce.byteLength >= 8) {
+                view.setUint32(nonce.byteLength - 8, 0, true);
+                view.setUint32(nonce.byteLength - 4, recvNonce++, true);
+              }
+              return provider.decrypt(recvKey, nonce, ciphertext);
+            }
+            throw new Error('Crypto provider required for encryption');
+          },
+
+          export: () => ({
+            sendKey: Array.from(sendKey),
+            recvKey: Array.from(recvKey),
+            sendNonce,
+            recvNonce,
+            nonceSize: 24
+          })
+        };
+      }
     };
   }
 
   async _onInit(peerId, payload, transport) {
-    if (this._pending.has(peerId)) { throw HandshakeError.alreadyInProgress(peerId); }
+    const existing = this._pending.get(peerId);
+
+    if (existing) {
+      // Tie-breaking: compare public keys, lower key becomes responder
+      const localKey = this._keyManager.getPublicKey();
+      const shouldYield = this._compareKeys(localKey, peerId) > 0;
+
+      if (shouldYield) {
+        // Cancel our outgoing handshake and accept incoming
+        this.cancelHandshake(peerId);
+      } else {
+        // Keep our outgoing, reject incoming
+        throw HandshakeError.alreadyInProgress(peerId);
+      }
+    }
+
     const hs = this._createState(peerId, false);
     this._pending.set(peerId, hs);
     this.emit(EVENTS.HANDSHAKE_STARTED, { peerId, role: 'responder' });
     hs.noise.readMessage1(payload);
-    await transport.send(peerId, this._wrap(MESSAGE_TYPE.HANDSHAKE_RESPONSE, hs.noise.writeMessage2()));
+    const msg2 = hs.noise.writeMessage2();
+    await transport.send(peerId, this._wrap(MESSAGE_TYPE.HANDSHAKE_RESPONSE, msg2));
     hs.state = STATE.RESPONDER_WAITING;
     hs.step = 2;
     this.emit(EVENTS.HANDSHAKE_PROGRESS, { peerId, step: 2, role: 'responder' });
@@ -107,9 +251,12 @@ class HandshakeManager extends EventEmitter {
 
   async _onResponse(peerId, payload, transport) {
     const hs = this._pending.get(peerId);
-    if (!hs || !hs.isInitiator) { throw HandshakeError.invalidState(peerId, 2); }
+    if (!hs || !hs.isInitiator) {
+      throw HandshakeError.invalidState(peerId, 2);
+    }
     hs.noise.readMessage2(payload);
-    await transport.send(peerId, this._wrap(MESSAGE_TYPE.HANDSHAKE_FINAL, hs.noise.writeMessage3()));
+    const msg3 = hs.noise.writeMessage3();
+    await transport.send(peerId, this._wrap(MESSAGE_TYPE.HANDSHAKE_FINAL, msg3));
     hs.step = 3;
     this.emit(EVENTS.HANDSHAKE_PROGRESS, { peerId, step: 3, role: 'initiator' });
     return this._complete(peerId, hs);
@@ -166,6 +313,13 @@ class HandshakeManager extends EventEmitter {
     });
   }
 
+  _compareKeys(localKey, remoteId) {
+    // Simple string/byte comparison for deterministic tie-breaking
+    const localStr = typeof localKey === 'string' ? localKey : Array.from(localKey).join(',');
+    const remoteStr = typeof remoteId === 'string' ? remoteId : Array.from(remoteId).join(',');
+    return localStr < remoteStr ? -1 : localStr > remoteStr ? 1 : 0;
+  }
+
   _wrap(type, payload) {
     const w = new Uint8Array(1 + payload.length);
     w[0] = type;

package/src/service/MeshService.js

@@ -118,6 +118,14 @@ class MeshService extends EventEmitter {
       return this._textManager.sendBroadcast(content);
     }
     const messageId = this._generateMessageId();
+    // Actually send through the transport
+    if (this._transport) {
+      const payload = new TextEncoder().encode(content);
+      const data = new Uint8Array(1 + payload.length);
+      data[0] = MESSAGE_TYPE.TEXT;
+      data.set(payload, 1);
+      this._transport.broadcast(data);
+    }
     this.emit(EVENTS.BROADCAST_SENT, { messageId, content });
     return messageId;
   }
@@ -233,9 +241,10 @@ class MeshService extends EventEmitter {
   }
 
   async _sendRaw(peerId, data) {
-    if (this._transport) {
-      await this._transport.send(peerId, data);
+    if (this._state === SERVICE_STATE.DESTROYED || !this._transport) {
+      return; // Silently ignore sends after destroy
     }
+    await this._transport.send(peerId, data);
   }
 
   getStatus() {
@@ -266,10 +275,49 @@ class MeshService extends EventEmitter {
   _generateMessageId() { return `msg_${Date.now()}_${++this._messageCounter}`; }
 
   _createKeyManager() {
+    const { createProvider } = require('../crypto/AutoCrypto');
+    let provider;
+    let keyPair;
+
+    try {
+      provider = createProvider('auto');
+      keyPair = provider.generateKeyPair();
+    } catch (e) {
+      // If no crypto provider is available, return a minimal fallback
+      // that generates random keys using basic randomBytes
+      const { randomBytes } = require('../utils/bytes');
+      keyPair = { publicKey: randomBytes(32), secretKey: randomBytes(32) };
+      return {
+        getStaticKeyPair: () => keyPair,
+        getPublicKey: () => keyPair.publicKey,
+        exportIdentity: () => ({ publicKey: Array.from(keyPair.publicKey) }),
+        importIdentity: (id) => {
+          if (id && id.publicKey) {
+            keyPair.publicKey = new Uint8Array(id.publicKey);
+          }
+          if (id && id.secretKey) {
+            keyPair.secretKey = new Uint8Array(id.secretKey);
+          }
+        }
+      };
+    }
+
     return {
-      getStaticKeyPair: () => ({ publicKey: new Uint8Array(32), secretKey: new Uint8Array(32) }),
-      getPublicKey: () => new Uint8Array(32),
-      exportIdentity: () => ({}), importIdentity: () => {}
+      getStaticKeyPair: () => keyPair,
+      getPublicKey: () => keyPair.publicKey,
+      provider,
+      exportIdentity: () => ({
+        publicKey: Array.from(keyPair.publicKey),
+        secretKey: Array.from(keyPair.secretKey)
+      }),
+      importIdentity: (id) => {
+        if (id && id.publicKey) {
+          keyPair.publicKey = new Uint8Array(id.publicKey);
+        }
+        if (id && id.secretKey) {
+          keyPair.secretKey = new Uint8Array(id.secretKey);
+        }
+      }
     };
   }
 
@@ -295,7 +343,25 @@ class MeshService extends EventEmitter {
       if (this._textManager) {
         this._textManager.handleIncomingMessage(peerId, type, payload);
       } else {
-        this._channelManager.handleChannelMessage({ channelId: '', senderId: peerId, content: payload });
+        // Try to parse channel ID from payload
+        let channelId = '';
+        let content = payload;
+        try {
+          const decoded = new TextDecoder().decode(payload);
+          const parsed = JSON.parse(decoded);
+          channelId = parsed.channelId || '';
+          content = parsed.content ? new TextEncoder().encode(parsed.content) : payload;
+        } catch (e) {
+          // If not JSON, try to extract channelId as length-prefixed string
+          if (payload.length > 1) {
+            const channelIdLen = payload[0];
+            if (channelIdLen > 0 && channelIdLen < payload.length) {
+              channelId = new TextDecoder().decode(payload.subarray(1, 1 + channelIdLen));
+              content = payload.subarray(1 + channelIdLen);
+            }
+          }
+        }
+        this._channelManager.handleChannelMessage({ channelId, senderId: peerId, content });
       }
     } else if (type >= MESSAGE_TYPE.VOICE_MESSAGE_START && type <= MESSAGE_TYPE.AUDIO_STREAM_END) {
       if (this._audioManager) {

package/src/service/SessionManager.js

@@ -7,6 +7,9 @@
 
 const { CryptoError } = require('../errors');
 
+const MAX_SESSION_AGE_MS = 24 * 60 * 60 * 1000; // 24 hours
+const MAX_MESSAGE_COUNT = 1000000; // 1 million messages before nonce exhaustion risk
+
 /**
  * Manages Noise Protocol sessions for secure peer communication.
  * @class SessionManager
@@ -39,6 +42,19 @@ class SessionManager {
   encryptFor(peerId, plaintext) {
     const entry = this._sessions.get(peerId);
     if (!entry) { throw CryptoError.encryptionFailed({ reason: 'Session not found', peerId }); }
+
+    // Check session expiry
+    if (Date.now() - entry.createdAt > MAX_SESSION_AGE_MS) {
+      this._sessions.delete(peerId);
+      throw CryptoError.encryptionFailed({ reason: 'Session expired', peerId });
+    }
+
+    // Check nonce exhaustion
+    if (entry.messageCount >= MAX_MESSAGE_COUNT) {
+      this._sessions.delete(peerId);
+      throw CryptoError.encryptionFailed({ reason: 'Session message limit reached, re-handshake required', peerId });
+    }
+
     try {
       const ciphertext = entry.session.encrypt(plaintext);
       entry.lastUsedAt = Date.now();
@@ -60,7 +76,7 @@ class SessionManager {
       }
       return plaintext;
     } catch (error) {
-      return null;
+      throw CryptoError.decryptionFailed({ reason: error.message, peerId });
     }
   }
 
@@ -75,8 +91,67 @@ class SessionManager {
 
   importSession(peerId, state) {
     if (!state || !state.sessionData) { throw new Error('Invalid session state'); }
+
+    const data = state.sessionData;
+
+    // If sessionData already has encrypt/decrypt methods, use it directly
+    if (typeof data.encrypt === 'function' && typeof data.decrypt === 'function') {
+      this._sessions.set(peerId, {
+        session: data,
+        createdAt: state.createdAt || Date.now(),
+        lastUsedAt: state.lastUsedAt || Date.now(),
+        messageCount: state.messageCount || 0
+      });
+      return;
+    }
+
+    // Reconstruct session from exported key material
+    const sendKey = data.sendKey instanceof Uint8Array ? data.sendKey : new Uint8Array(data.sendKey);
+    const recvKey = data.recvKey instanceof Uint8Array ? data.recvKey : new Uint8Array(data.recvKey);
+    let sendNonce = data.sendNonce || 0;
+    let recvNonce = data.recvNonce || 0;
+
+    // Try to get crypto provider for real encrypt/decrypt
+    let provider = null;
+    try {
+      const { createProvider } = require('../crypto/AutoCrypto');
+      provider = createProvider('auto');
+    } catch (e) {
+      // No crypto provider available
+    }
+
+    const session = {
+      encrypt: (plaintext) => {
+        if (provider && typeof provider.encrypt === 'function') {
+          const nonce = new Uint8Array(24);
+          const view = new DataView(nonce.buffer);
+          view.setUint32(nonce.byteLength - 8, 0, true);
+          view.setUint32(nonce.byteLength - 4, sendNonce++, true);
+          return provider.encrypt(sendKey, nonce, plaintext);
+        }
+        return plaintext;
+      },
+      decrypt: (ciphertext) => {
+        if (provider && typeof provider.decrypt === 'function') {
+          const nonce = new Uint8Array(24);
+          const view = new DataView(nonce.buffer);
+          view.setUint32(nonce.byteLength - 8, 0, true);
+          view.setUint32(nonce.byteLength - 4, recvNonce++, true);
+          return provider.decrypt(recvKey, nonce, ciphertext);
+        }
+        return ciphertext;
+      },
+      export: () => ({
+        sendKey: Array.from(sendKey),
+        recvKey: Array.from(recvKey),
+        sendNonce,
+        recvNonce,
+        nonceSize: 24
+      })
+    };
+
     this._sessions.set(peerId, {
-      session: state.sessionData,
+      session,
       createdAt: state.createdAt || Date.now(),
       lastUsedAt: state.lastUsedAt || Date.now(),
       messageCount: state.messageCount || 0

package/src/service/audio/AudioManager.js

@@ -121,9 +121,15 @@ class AudioManager extends EventEmitter {
    * @returns {Promise<void>}
    */
   async destroy() {
-    // End all sessions
+    // End all sessions and wait for completion
+    const endPromises = [];
     for (const [, session] of this._sessions) {
-      await session.end();
+      if (session && typeof session.end === 'function') {
+        endPromises.push(session.end().catch(() => {}));
+      }
+    }
+    if (endPromises.length > 0) {
+      await Promise.all(endPromises);
     }
     this._sessions.clear();
 

package/src/service/file/FileAssembler.js

@@ -0,0 +1,106 @@
+'use strict';
+
+/**
+ * @fileoverview File assembler — reassembles chunks into complete files
+ * @module service/file/FileAssembler
+ */
+
+/**
+ * Reassembles file chunks into a complete file.
+ * @class FileAssembler
+ */
+class FileAssembler {
+  /**
+   * @param {string} transferId - Transfer ID
+   * @param {number} totalChunks - Expected total chunks
+   * @param {number} totalSize - Expected total file size
+   */
+  constructor(transferId, totalChunks, totalSize) {
+    this._transferId = transferId;
+    this._totalChunks = totalChunks;
+    this._totalSize = totalSize;
+    /** @type {Map<number, Uint8Array>} */
+    this._chunks = new Map();
+    this._receivedBytes = 0;
+  }
+
+  /**
+   * Adds a chunk
+   * @param {number} index - Chunk index
+   * @param {Uint8Array} data - Chunk data
+   * @returns {boolean} True if this was a new chunk
+   */
+  addChunk(index, data) {
+    if (index < 0 || index >= this._totalChunks) {
+      return false;
+    }
+    if (this._chunks.has(index)) {
+      return false; // duplicate
+    }
+    this._chunks.set(index, data);
+    this._receivedBytes += data.length;
+    return true;
+  }
+
+  /**
+   * Checks if all chunks have been received
+   * @returns {boolean}
+   */
+  isComplete() {
+    return this._chunks.size === this._totalChunks;
+  }
+
+  /**
+   * Gets progress percentage
+   * @returns {number} 0-100
+   */
+  get progress() {
+    if (this._totalChunks === 0) { return 100; }
+    return Math.round((this._chunks.size / this._totalChunks) * 100);
+  }
+
+  /**
+   * Gets number of received chunks
+   * @returns {number}
+   */
+  get receivedChunks() {
+    return this._chunks.size;
+  }
+
+  /**
+   * Assembles all chunks into a single Uint8Array
+   * @returns {Uint8Array} Complete file data
+   * @throws {Error} If not all chunks received
+   */
+  assemble() {
+    if (!this.isComplete()) {
+      throw new Error(
+        `Cannot assemble: received ${this._chunks.size}/${this._totalChunks} chunks`
+      );
+    }
+
+    const result = new Uint8Array(this._receivedBytes);
+    let offset = 0;
+
+    for (let i = 0; i < this._totalChunks; i++) {
+      const chunk = this._chunks.get(i);
+      result.set(chunk, offset);
+      offset += chunk.length;
+    }
+
+    // Free chunk memory immediately after assembly
+    this._chunks.clear();
+
+    return result;
+  }
+
+  /**
+   * Clears all stored chunks
+   */
+  clear() {
+    this._chunks.clear();
+    this._receivedBytes = 0;
+  }
+}
+
+module.exports = FileAssembler;

package/src/service/file/FileChunker.js

@@ -0,0 +1,79 @@
+'use strict';
+
+/**
+ * @fileoverview File chunker — splits files into mesh-compatible chunks
+ * @module service/file/FileChunker
+ */
+
+const DEFAULT_CHUNK_SIZE = 4096; // 4KB chunks
+const MAX_FILE_SIZE = 10 * 1024 * 1024; // 10MB default max
+
+/**
+ * Splits a file (Uint8Array) into chunks for mesh transfer.
+ * @class FileChunker
+ */
+class FileChunker {
+  /**
+   * @param {Object} [options={}]
+   * @param {number} [options.chunkSize=4096] - Chunk size in bytes
+   * @param {number} [options.maxFileSize=10485760] - Max file size in bytes
+   */
+  constructor(options = {}) {
+    this._chunkSize = options.chunkSize || DEFAULT_CHUNK_SIZE;
+    this._maxFileSize = options.maxFileSize || MAX_FILE_SIZE;
+  }
+
+  /**
+   * Splits data into chunks
+   * @param {Uint8Array} data - File data
+   * @param {string} transferId - Transfer ID
+   * @returns {Object[]} Array of chunk objects
+   * @throws {Error} If data exceeds max file size
+   */
+  chunk(data, transferId) {
+    if (!(data instanceof Uint8Array)) {
+      throw new Error('Data must be a Uint8Array');
+    }
+    if (data.length > this._maxFileSize) {
+      throw new Error(`File size ${data.length} exceeds max ${this._maxFileSize} bytes`);
+    }
+    if (data.length === 0) {
+      return [];
+    }
+
+    const chunks = [];
+    const totalChunks = Math.ceil(data.length / this._chunkSize);
+
+    for (let i = 0; i < totalChunks; i++) {
+      const start = i * this._chunkSize;
+      const end = Math.min(start + this._chunkSize, data.length);
+      chunks.push({
+        transferId,
+        index: i,
+        totalChunks,
+        data: data.slice(start, end)
+      });
+    }
+
+    return chunks;
+  }
+
+  /**
+   * Gets the number of chunks needed for a given data size
+   * @param {number} dataSize - Data size in bytes
+   * @returns {number} Number of chunks
+   */
+  getChunkCount(dataSize) {
+    return Math.ceil(dataSize / this._chunkSize);
+  }
+
+  /**
+   * Gets the chunk size
+   * @returns {number}
+   */
+  get chunkSize() {
+    return this._chunkSize;
+  }
+}
+
+module.exports = FileChunker;