chore: release version v0.7.7

Dryajov master

package.json

@@ -1,6 +1,6 @@
 {
   "name": "libp2p-crypto",
-  "version": "0.7.5",
+  "version": "0.7.7",
   "description": "Crypto primitives for libp2p",
   "main": "src/index.js",
   "browser": {
@@ -17,10 +17,10 @@
     "test": "npm run test:node && npm run test:no-webcrypto && npm run test:browser",
     "test:node": "aegir-test --env node",
     "test:no-webcrypto": "NO_WEBCRYPTO=true aegir-test --env node",
-    "test:browser": "aegir-test --env browser",
-    "release": "aegir-release",
-    "release-minor": "aegir-release --type minor",
-    "release-major": "aegir-release --type major",
+    "test:browser": "aegir-test --env browser --webworker",
+    "release": "aegir-release --webworker",
+    "release-minor": "aegir-release --type minor --webworker",
+    "release-major": "aegir-release --type major --webworker",
     "coverage": "aegir-coverage",
     "coverage-publish": "aegir-coverage publish"
   },
@@ -33,25 +33,27 @@
   "author": "Friedel Ziegelmayer <dignifiedqurie@gmail.com>",
   "license": "MIT",
   "dependencies": {
-    "asn1.js": "^4.8.1",
-    "async": "^2.1.2",
+    "asn1.js": "^4.9.1",
+    "async": "^2.1.4",
     "browserify-aes": "^1.0.6",
-    "keypair": "^1.0.0",
-    "multihashing-async": "^0.3.0",
+    "keypair": "^1.0.1",
+    "multihashing-async": "^0.4.0",
     "nodeify": "^1.0.0",
     "pem-jwk": "^1.5.1",
     "protocol-buffers": "^3.2.1",
     "rsa-pem-to-jwk": "^1.1.3",
+    "safe-buffer": "^5.0.1",
+    "tweetnacl": "^0.14.5",
     "webcrypto-shim": "github:dignifiedquire/webcrypto-shim#master"
   },
   "devDependencies": {
-    "aegir": "^9.2.1",
-    "benchmark": "^2.1.2",
+    "aegir": "^9.4.0",
+    "benchmark": "^2.1.3",
     "chai": "^3.5.0",
-    "pre-commit": "^1.1.3"
+    "pre-commit": "^1.2.2"
   },
   "optionalDependencies": {
-    "node-webcrypto-ossl": "^1.0.13"
+    "node-webcrypto-ossl": "^1.0.16"
   },
   "pre-commit": [
     "lint",
@@ -73,6 +75,9 @@
     "Friedel Ziegelmayer <dignifiedquire@gmail.com>",
     "Greenkeeper <support@greenkeeper.io>",
     "Richard Littauer <richard.littauer@gmail.com>",
+    "Tom Swindell <t.swindell@rubyx.co.uk>",
+    "Yusef Napora <yusef@napora.org>",
+    "dryajov <dryajov@gmail.com>",
     "nikuda <nikuda@gmail.com>"
   ]
 }

src/crypto.js

@@ -5,3 +5,4 @@ exports.hmac = require('./crypto/hmac')
 exports.ecdh = require('./crypto/ecdh')
 exports.aes = require('./crypto/aes')
 exports.rsa = require('./crypto/rsa')
+exports.ed25519 = require('./crypto/ed25519')

src/crypto.proto.js

@@ -2,6 +2,7 @@
 
 module.exports = `enum KeyType {
   RSA = 0;
+  Ed25519 = 1;
 }
 
 message PublicKey {

src/crypto/ecdh-browser.js

@@ -3,6 +3,7 @@
 const crypto = require('./webcrypto')()
 const nodeify = require('nodeify')
 const BN = require('asn1.js').bignum
+const Buffer = require('safe-buffer').Buffer
 
 const util = require('./util')
 const toBase64 = util.toBase64
@@ -97,7 +98,7 @@ function marshalPublicKey (jwk) {
   const byteLen = curveLengths[jwk.crv]
 
   return Buffer.concat([
-    new Buffer([4]), // uncompressed point
+    Buffer.from([4]), // uncompressed point
     toBn(jwk.x).toArrayLike(Buffer, 'be', byteLen),
     toBn(jwk.y).toArrayLike(Buffer, 'be', byteLen)
   ], 1 + byteLen * 2)
@@ -107,7 +108,7 @@ function marshalPublicKey (jwk) {
 function unmarshalPublicKey (curve, key) {
   const byteLen = curveLengths[curve]
 
-  if (!key.slice(0, 1).equals(new Buffer([4]))) {
+  if (!key.slice(0, 1).equals(Buffer.from([4]))) {
     throw new Error('Invalid key format')
   }
   const x = new BN(key.slice(1, byteLen + 1))

src/crypto/ed25519.js

@@ -0,0 +1,35 @@
+'use strict'
+
+const nacl = require('tweetnacl')
+const setImmediate = require('async/setImmediate')
+const Buffer = require('safe-buffer').Buffer
+
+exports.publicKeyLength = nacl.sign.publicKeyLength
+exports.privateKeyLength = nacl.sign.secretKeyLength
+
+exports.generateKey = function (callback) {
+  const done = (err, res) => setImmediate(() => {
+    callback(err, res)
+  })
+
+  let keys
+  try {
+    keys = nacl.sign.keyPair()
+  } catch (err) {
+    done(err)
+    return
+  }
+  done(null, keys)
+}
+
+exports.hashAndSign = function (key, msg, callback) {
+  setImmediate(() => {
+    callback(null, Buffer.from(nacl.sign.detached(msg, key)))
+  })
+}
+
+exports.hashAndVerify = function (key, sig, msg, callback) {
+  setImmediate(() => {
+    callback(null, nacl.sign.detached.verify(msg, sig, key))
+  })
+}

src/crypto/hmac-browser.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const nodeify = require('nodeify')
+const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('./webcrypto')()
 const lengths = require('./hmac-lengths')

src/crypto/rsa-browser.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const nodeify = require('nodeify')
+const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('./webcrypto')()
 

src/crypto/util.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const BN = require('asn1.js').bignum
+const Buffer = require('safe-buffer').Buffer
 
 // Convert a BN.js instance to a base64 encoded string without padding
 // Adapted from https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41#appendix-C

src/crypto/webcrypto-browser.js

@@ -1,3 +1,5 @@
+/* global self */
+
 'use strict'
 
 module.exports = function getWebCrypto () {
@@ -10,5 +12,13 @@ module.exports = function getWebCrypto () {
     }
   }
 
+  if (typeof self !== 'undefined') {
+    require('webcrypto-shim')(self)
+
+    if (self.crypto) {
+      return self.crypto
+    }
+  }
+
   throw new Error('Please use an environment with crypto support')
 }

src/index.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const protobuf = require('protocol-buffers')
+
 const pbm = protobuf(require('./crypto.proto'))
 const c = require('./crypto')
 
@@ -9,6 +10,8 @@ exports.aes = c.aes
 exports.webcrypto = c.webcrypto
 
 const keys = exports.keys = require('./keys')
+const KEY_TYPES = ['rsa', 'ed25519']
+
 exports.keyStretcher = require('./key-stretcher')
 exports.generateEphemeralKeyPair = require('./ephemeral-keys')
 
@@ -30,6 +33,8 @@ exports.unmarshalPublicKey = (buf) => {
   switch (decoded.Type) {
     case pbm.KeyType.RSA:
       return keys.rsa.unmarshalRsaPublicKey(decoded.Data)
+    case pbm.KeyType.Ed25519:
+      return keys.ed25519.unmarshalEd25519PublicKey(decoded.Data)
     default:
       throw new Error('invalid or unsupported key type')
   }
@@ -38,9 +43,7 @@ exports.unmarshalPublicKey = (buf) => {
 // Converts a public key object into a protobuf serialized public key
 exports.marshalPublicKey = (key, type) => {
   type = (type || 'rsa').toLowerCase()
-
-  // for now only rsa is supported
-  if (type !== 'rsa') {
+  if (KEY_TYPES.indexOf(type) < 0) {
     throw new Error('invalid or unsupported key type')
   }
 
@@ -55,6 +58,8 @@ exports.unmarshalPrivateKey = (buf, callback) => {
   switch (decoded.Type) {
     case pbm.KeyType.RSA:
       return keys.rsa.unmarshalRsaPrivateKey(decoded.Data, callback)
+    case pbm.KeyType.Ed25519:
+      return keys.ed25519.unmarshalEd25519PrivateKey(decoded.Data, callback)
     default:
       callback(new Error('invalid or unsupported key type'))
   }
@@ -63,9 +68,7 @@ exports.unmarshalPrivateKey = (buf, callback) => {
 // Converts a private key object into a protobuf serialized private key
 exports.marshalPrivateKey = (key, type) => {
   type = (type || 'rsa').toLowerCase()
-
-  // for now only rsa is supported
-  if (type !== 'rsa') {
+  if (KEY_TYPES.indexOf(type) < 0) {
     throw new Error('invalid or unsupported key type')
   }
 
@@ -76,7 +79,6 @@ exports.randomBytes = (number) => {
   if (!number || typeof number !== 'number') {
     throw new Error('first argument must be a Number bigger than 0')
   }
-  const buf = new Buffer(number)
-  c.rsa.getRandomValues(buf)
-  return buf
+
+  return c.rsa.getRandomValues(new Uint8Array(number))
 }

src/key-stretcher.js

@@ -2,6 +2,7 @@
 
 const crypto = require('./crypto')
 const whilst = require('async/whilst')
+const Buffer = require('safe-buffer').Buffer
 
 const cipherMap = {
   'AES-128': {

src/keys/ed25519.js

@@ -0,0 +1,142 @@
+'use strict'
+
+const multihashing = require('multihashing-async')
+const protobuf = require('protocol-buffers')
+const Buffer = require('safe-buffer').Buffer
+
+const crypto = require('../crypto').ed25519
+const pbm = protobuf(require('../crypto.proto'))
+
+class Ed25519PublicKey {
+  constructor (key) {
+    this._key = ensureKey(key, crypto.publicKeyLength)
+  }
+
+  verify (data, sig, callback) {
+    ensure(callback)
+    crypto.hashAndVerify(this._key, sig, data, callback)
+  }
+
+  marshal () {
+    return Buffer.from(this._key)
+  }
+
+  get bytes () {
+    return pbm.PublicKey.encode({
+      Type: pbm.KeyType.Ed25519,
+      Data: this.marshal()
+    })
+  }
+
+  equals (key) {
+    return this.bytes.equals(key.bytes)
+  }
+
+  hash (callback) {
+    ensure(callback)
+    multihashing(this.bytes, 'sha2-256', callback)
+  }
+}
+
+class Ed25519PrivateKey {
+  // key       - 64 byte Uint8Array or Buffer containing private key
+  // publicKey - 32 byte Uint8Array or Buffer containing public key
+  constructor (key, publicKey) {
+    this._key = ensureKey(key, crypto.privateKeyLength)
+    this._publicKey = ensureKey(publicKey, crypto.publicKeyLength)
+  }
+
+  sign (message, callback) {
+    ensure(callback)
+    crypto.hashAndSign(this._key, message, callback)
+  }
+
+  get public () {
+    if (!this._publicKey) {
+      throw new Error('public key not provided')
+    }
+
+    return new Ed25519PublicKey(this._publicKey)
+  }
+
+  marshal () {
+    return Buffer.concat([Buffer.from(this._key), Buffer.from(this._publicKey)])
+  }
+
+  get bytes () {
+    return pbm.PrivateKey.encode({
+      Type: pbm.KeyType.Ed25519,
+      Data: this.marshal()
+    })
+  }
+
+  equals (key) {
+    return this.bytes.equals(key.bytes)
+  }
+
+  hash (callback) {
+    ensure(callback)
+    multihashing(this.bytes, 'sha2-256', callback)
+  }
+}
+
+function unmarshalEd25519PrivateKey (bytes, callback) {
+  try {
+    bytes = ensureKey(bytes, crypto.privateKeyLength + crypto.publicKeyLength)
+  } catch (err) {
+    return callback(err)
+  }
+  const privateKeyBytes = bytes.slice(0, crypto.privateKeyLength)
+  const publicKeyBytes = bytes.slice(crypto.privateKeyLength, bytes.length)
+  callback(null, new Ed25519PrivateKey(privateKeyBytes, publicKeyBytes))
+}
+
+function unmarshalEd25519PublicKey (bytes) {
+  bytes = ensureKey(bytes, crypto.publicKeyLength)
+  return new Ed25519PublicKey(bytes)
+}
+
+function generateKeyPair (_bits, cb) {
+  if (cb === undefined && typeof _bits === 'function') {
+    cb = _bits
+  }
+
+  crypto.generateKey((err, keys) => {
+    if (err) {
+      return cb(err)
+    }
+    let privkey
+    try {
+      privkey = new Ed25519PrivateKey(keys.secretKey, keys.publicKey)
+    } catch (err) {
+      cb(err)
+      return
+    }
+
+    cb(null, privkey)
+  })
+}
+
+function ensure (cb) {
+  if (typeof cb !== 'function') {
+    throw new Error('callback is required')
+  }
+}
+
+function ensureKey (key, length) {
+  if (Buffer.isBuffer(key)) {
+    key = new Uint8Array(key)
+  }
+  if (!(key instanceof Uint8Array) || key.length !== length) {
+    throw new Error('Key must be a Uint8Array or Buffer of length ' + length)
+  }
+  return key
+}
+
+module.exports = {
+  Ed25519PublicKey,
+  Ed25519PrivateKey,
+  unmarshalEd25519PrivateKey,
+  unmarshalEd25519PublicKey,
+  generateKeyPair
+}

src/keys/index.js

@@ -1,5 +1,6 @@
 'use strict'
 
 module.exports = {
-  rsa: require('./rsa')
+  rsa: require('./rsa'),
+  ed25519: require('./ed25519')
 }

test/aes.spec.js

@@ -4,6 +4,7 @@
 
 const expect = require('chai').expect
 const series = require('async/series')
+const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('../src')
 const fixtures = require('./fixtures/aes')
@@ -17,10 +18,10 @@ const bytes = {
 describe('AES-CTR', () => {
   Object.keys(bytes).forEach((byte) => {
     it(`${bytes[byte]} - encrypt and decrypt`, (done) => {
-      const key = new Buffer(parseInt(byte, 10))
+      const key = Buffer.alloc(parseInt(byte, 10))
       key.fill(5)
 
-      const iv = new Buffer(16)
+      const iv = Buffer.alloc(16)
       iv.fill(1)
 
       crypto.aes.create(key, iv, (err, cipher) => {
@@ -38,18 +39,18 @@ describe('AES-CTR', () => {
   })
   Object.keys(bytes).forEach((byte) => {
     it(`${bytes[byte]} - fixed - encrypt and decrypt`, (done) => {
-      const key = new Buffer(parseInt(byte, 10))
+      const key = Buffer.alloc(parseInt(byte, 10))
       key.fill(5)
 
-      const iv = new Buffer(16)
+      const iv = Buffer.alloc(16)
       iv.fill(1)
 
       crypto.aes.create(key, iv, (err, cipher) => {
         expect(err).to.not.exist
 
         series(fixtures[byte].inputs.map((rawIn, i) => (cb) => {
-          const input = new Buffer(rawIn)
-          const output = new Buffer(fixtures[byte].outputs[i])
+          const input = Buffer.from(rawIn)
+          const output = Buffer.from(fixtures[byte].outputs[i])
           cipher.encrypt(input, (err, res) => {
             expect(err).to.not.exist
             expect(res).to.have.length(output.length)
@@ -71,18 +72,18 @@ describe('AES-CTR', () => {
     }
 
     it(`${bytes[byte]} - go interop - encrypt and decrypt`, (done) => {
-      const key = new Buffer(parseInt(byte, 10))
+      const key = Buffer.alloc(parseInt(byte, 10))
       key.fill(5)
 
-      const iv = new Buffer(16)
+      const iv = Buffer.alloc(16)
       iv.fill(1)
 
       crypto.aes.create(key, iv, (err, cipher) => {
         expect(err).to.not.exist
 
         series(goFixtures[byte].inputs.map((rawIn, i) => (cb) => {
-          const input = new Buffer(rawIn)
-          const output = new Buffer(goFixtures[byte].outputs[i])
+          const input = Buffer.from(rawIn)
+          const output = Buffer.from(goFixtures[byte].outputs[i])
           cipher.encrypt(input, (err, res) => {
             expect(err).to.not.exist
             expect(res).to.have.length(output.length)
@@ -100,7 +101,7 @@ describe('AES-CTR', () => {
 })
 
 function encryptAndDecrypt (cipher) {
-  const data = new Buffer(100)
+  const data = Buffer.alloc(100)
   data.fill(Math.ceil(Math.random() * 100))
   return (cb) => {
     cipher.encrypt(data, (err, res) => {

test/ed25519.spec.js

@@ -0,0 +1,195 @@
+/* eslint-env mocha */
+'use strict'
+
+const expect = require('chai').expect
+const Buffer = require('safe-buffer').Buffer
+
+const crypto = require('../src')
+const ed25519 = crypto.keys.ed25519
+const fixtures = require('./fixtures/go-key-ed25519')
+
+describe('ed25519', () => {
+  let key
+  before((done) => {
+    crypto.generateKeyPair('Ed25519', 512, (err, _key) => {
+      if (err) return done(err)
+      key = _key
+      done()
+    })
+  })
+
+  it('generates a valid key', (done) => {
+    expect(
+      key
+    ).to.be.an.instanceof(
+      ed25519.Ed25519PrivateKey
+    )
+
+    key.hash((err, digest) => {
+      if (err) {
+        return done(err)
+      }
+
+      expect(digest).to.have.length(34)
+      done()
+    })
+  })
+
+  it('signs', (done) => {
+    const text = crypto.randomBytes(512)
+
+    key.sign(text, (err, sig) => {
+      if (err) {
+        return done(err)
+      }
+
+      key.public.verify(text, sig, (err, res) => {
+        if (err) {
+          return done(err)
+        }
+
+        expect(res).to.be.eql(true)
+        done()
+      })
+    })
+  })
+
+  it('encoding', (done) => {
+    const keyMarshal = key.marshal()
+    ed25519.unmarshalEd25519PrivateKey(keyMarshal, (err, key2) => {
+      if (err) {
+        return done(err)
+      }
+      const keyMarshal2 = key2.marshal()
+
+      expect(
+        keyMarshal
+      ).to.be.eql(
+        keyMarshal2
+      )
+
+      const pk = key.public
+      const pkMarshal = pk.marshal()
+      const pk2 = ed25519.unmarshalEd25519PublicKey(pkMarshal)
+      const pkMarshal2 = pk2.marshal()
+
+      expect(
+        pkMarshal
+      ).to.be.eql(
+        pkMarshal2
+      )
+      done()
+    })
+  })
+
+  describe('key equals', () => {
+    it('equals itself', () => {
+      expect(
+        key.equals(key)
+      ).to.be.eql(
+        true
+      )
+
+      expect(
+        key.public.equals(key.public)
+      ).to.be.eql(
+        true
+      )
+    })
+
+    it('not equals other key', (done) => {
+      crypto.generateKeyPair('Ed25519', 512, (err, key2) => {
+        if (err) return done(err)
+
+        expect(
+          key.equals(key2)
+        ).to.be.eql(
+          false
+        )
+
+        expect(
+          key2.equals(key)
+        ).to.be.eql(
+          false
+        )
+
+        expect(
+          key.public.equals(key2.public)
+        ).to.be.eql(
+          false
+        )
+
+        expect(
+          key2.public.equals(key.public)
+        ).to.be.eql(
+          false
+        )
+        done()
+      })
+    })
+  })
+
+  it('sign and verify', (done) => {
+    const data = Buffer.from('hello world')
+    key.sign(data, (err, sig) => {
+      if (err) {
+        return done(err)
+      }
+
+      key.public.verify(data, sig, (err, valid) => {
+        if (err) {
+          return done(err)
+        }
+        expect(valid).to.be.eql(true)
+        done()
+      })
+    })
+  })
+
+  it('fails to verify for different data', (done) => {
+    const data = Buffer.from('hello world')
+    key.sign(data, (err, sig) => {
+      if (err) {
+        return done(err)
+      }
+
+      key.public.verify(Buffer.from('hello'), sig, (err, valid) => {
+        if (err) {
+          return done(err)
+        }
+        expect(valid).to.be.eql(false)
+        done()
+      })
+    })
+  })
+
+  describe('go interop', () => {
+    let privateKey
+    before((done) => {
+      crypto.unmarshalPrivateKey(fixtures.verify.privateKey, (err, key) => {
+        expect(err).to.not.exist
+        privateKey = key
+        done()
+      })
+    })
+
+    it('verifies with data from go', (done) => {
+      const key = crypto.unmarshalPublicKey(fixtures.verify.publicKey)
+
+      key.verify(fixtures.verify.data, fixtures.verify.signature, (err, ok) => {
+        if (err) throw err
+        expect(err).to.not.exist
+        expect(ok).to.be.eql(true)
+        done()
+      })
+    })
+
+    it('generates the same signature as go', (done) => {
+      privateKey.sign(fixtures.verify.data, (err, sig) => {
+        expect(err).to.not.exist
+        expect(sig).to.deep.equal(fixtures.verify.signature)
+        done()
+      })
+    })
+  })
+})

test/fixtures/go-elliptic-key.js

@@ -1,12 +1,14 @@
 'use strict'
 
+const Buffer = require('safe-buffer').Buffer
+
 module.exports = {
   curve: 'P-256',
   bob: {
-    private: new Buffer([
+    private: Buffer.from([
       181, 217, 162, 151, 225, 36, 53, 253, 107, 66, 27, 27, 232, 72, 0, 0, 103, 167, 84, 62, 203, 91, 97, 137, 131, 193, 230, 126, 98, 242, 216, 170
     ]),
-    public: new Buffer([
+    public: Buffer.from([
       4, 53, 59, 128, 56, 162, 250, 72, 141, 206, 117, 232, 57, 96, 39, 39, 247, 7, 27, 57, 251, 232, 120, 186, 21, 239, 176, 139, 195, 129, 125, 85, 11, 188, 191, 32, 227, 0, 6, 163, 101, 68, 208, 1, 43, 131, 124, 112, 102, 91, 104, 79, 16, 119, 152, 208, 4, 147, 155, 83, 20, 146, 104, 55, 90
     ])
   }

test/fixtures/go-key-ed25519.js

@@ -0,0 +1,30 @@
+'use strict'
+
+const Buffer = require('safe-buffer').Buffer
+
+module.exports = {
+  // These were generated in a gore (https://github.com/motemen/gore) repl session:
+  //
+  // :import github.com/libp2p/go-libp2p-crypto
+  // :import crypto/rand
+  // priv, pub, err := crypto.GenerateEd25519Key(rand.Reader)
+  // pubkeyBytes, err := pub.Bytes()
+  // privkeyBytes, err := priv.Bytes()
+  // data := []byte("hello! and welcome to some awesome crypto primitives")
+  // sig, err := priv.Sign(data)
+  //
+  // :import io/ioutil
+  // ioutil.WriteFile("/tmp/pubkey_go.bin", pubkeyBytes, 0644)
+  // // etc..
+  //
+  // Then loaded into a node repl and dumped to arrays with:
+  //
+  // var pubkey = Array.from(fs.readFileSync('/tmp/pubkey_go.bin'))
+  // console.log(JSON.stringify(pubkey))
+  verify: {
+    privateKey: Buffer.from([8, 1, 18, 96, 201, 208, 1, 110, 176, 16, 230, 37, 66, 184, 149, 252, 78, 56, 206, 136, 2, 38, 118, 152, 226, 197, 117, 200, 54, 189, 156, 218, 184, 7, 118, 57, 233, 49, 221, 97, 164, 158, 241, 129, 73, 166, 225, 255, 193, 118, 22, 84, 55, 15, 249, 168, 225, 180, 198, 191, 14, 75, 187, 243, 150, 91, 232, 37, 233, 49, 221, 97, 164, 158, 241, 129, 73, 166, 225, 255, 193, 118, 22, 84, 55, 15, 249, 168, 225, 180, 198, 191, 14, 75, 187, 243, 150, 91, 232, 37]),
+    publicKey: Buffer.from([8, 1, 18, 32, 233, 49, 221, 97, 164, 158, 241, 129, 73, 166, 225, 255, 193, 118, 22, 84, 55, 15, 249, 168, 225, 180, 198, 191, 14, 75, 187, 243, 150, 91, 232, 37]),
+    data: Buffer.from([104, 101, 108, 108, 111, 33, 32, 97, 110, 100, 32, 119, 101, 108, 99, 111, 109, 101, 32, 116, 111, 32, 115, 111, 109, 101, 32, 97, 119, 101, 115, 111, 109, 101, 32, 99, 114, 121, 112, 116, 111, 32, 112, 114, 105, 109, 105, 116, 105, 118, 101, 115]),
+    signature: Buffer.from([7, 230, 175, 164, 228, 58, 78, 208, 62, 243, 73, 142, 83, 195, 176, 217, 166, 62, 41, 165, 168, 164, 75, 179, 163, 86, 102, 32, 18, 84, 150, 237, 39, 207, 213, 20, 134, 237, 50, 41, 176, 183, 229, 133, 38, 255, 42, 228, 68, 186, 100, 14, 175, 156, 243, 118, 125, 125, 120, 212, 124, 103, 252, 12])
+  }
+}

test/fixtures/go-key-rsa.js

@@ -1,30 +1,32 @@
 'use strict'
 
+const Buffer = require('safe-buffer').Buffer
+
 module.exports = {
   private: {
-    hash: new Buffer([
+    hash: Buffer.from([
       18, 32, 168, 125, 165, 65, 34, 157, 209, 4, 24, 158, 80, 196, 125, 86, 103, 0, 228, 145, 109, 252, 153, 7, 189, 9, 16, 37, 239, 36, 48, 78, 214, 212
     ]),
-    key: new Buffer([
+    key: Buffer.from([
       8, 0, 18, 192, 2, 48, 130, 1, 60, 2, 1, 0, 2, 65, 0, 230, 157, 160, 242, 74, 222, 87, 0, 77, 180, 91, 175, 217, 166, 2, 95, 193, 239, 195, 140, 224, 57, 84, 207, 46, 172, 113, 196, 20, 133, 117, 205, 45, 7, 224, 41, 40, 195, 254, 124, 14, 84, 223, 147, 67, 198, 48, 36, 53, 161, 112, 46, 153, 90, 19, 123, 94, 247, 5, 116, 1, 238, 32, 15, 2, 3, 1, 0, 1, 2, 65, 0, 191, 59, 140, 255, 254, 23, 123, 91, 148, 19, 240, 71, 213, 26, 181, 51, 68, 181, 150, 153, 214, 65, 148, 83, 45, 103, 239, 250, 225, 237, 125, 173, 111, 244, 37, 124, 87, 178, 86, 10, 14, 207, 63, 105, 213, 37, 81, 23, 230, 4, 222, 179, 144, 40, 252, 163, 190, 7, 241, 221, 28, 54, 225, 209, 2, 33, 0, 235, 132, 229, 150, 99, 182, 176, 194, 198, 65, 210, 160, 184, 70, 82, 49, 235, 199, 14, 11, 92, 66, 237, 45, 220, 72, 235, 1, 244, 145, 205, 57, 2, 33, 0, 250, 171, 146, 180, 188, 194, 14, 152, 52, 64, 38, 52, 158, 86, 46, 109, 66, 100, 122, 43, 88, 167, 143, 98, 104, 143, 160, 60, 171, 185, 31, 135, 2, 33, 0, 206, 47, 255, 203, 100, 170, 137, 31, 75, 240, 78, 84, 212, 95, 4, 16, 158, 73, 27, 27, 136, 255, 50, 163, 166, 169, 211, 204, 87, 111, 217, 201, 2, 33, 0, 177, 51, 194, 213, 3, 175, 7, 84, 47, 115, 189, 206, 106, 180, 47, 195, 203, 48, 110, 112, 224, 14, 43, 189, 124, 127, 51, 222, 79, 226, 225, 87, 2, 32, 67, 23, 190, 222, 106, 22, 115, 139, 217, 244, 178, 53, 153, 99, 5, 176, 72, 77, 193, 61, 67, 134, 37, 238, 69, 66, 159, 28, 39, 5, 238, 125
     ])
   },
   public: {
-    hash: new Buffer([
+    hash: Buffer.from([
       18, 32, 112, 151, 163, 167, 204, 243, 175, 123, 208, 162, 90, 84, 199, 174, 202, 110, 0, 119, 27, 202, 7, 149, 161, 251, 215, 168, 163, 54, 93, 54, 195, 20
     ]),
-    key: new Buffer([
+    key: Buffer.from([
       8, 0, 18, 94, 48, 92, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 75, 0, 48, 72, 2, 65, 0, 230, 157, 160, 242, 74, 222, 87, 0, 77, 180, 91, 175, 217, 166, 2, 95, 193, 239, 195, 140, 224, 57, 84, 207, 46, 172, 113, 196, 20, 133, 117, 205, 45, 7, 224, 41, 40, 195, 254, 124, 14, 84, 223, 147, 67, 198, 48, 36, 53, 161, 112, 46, 153, 90, 19, 123, 94, 247, 5, 116, 1, 238, 32, 15, 2, 3, 1, 0, 1
     ])
   },
   verify: {
-    signature: new Buffer([
+    signature: Buffer.from([
       3, 116, 81, 57, 91, 194, 7, 1, 230, 236, 229, 142, 36, 209, 208, 107, 47, 52, 164, 236, 139, 35, 155, 97, 43, 64, 145, 91, 19, 218, 149, 63, 99, 164, 191, 110, 145, 37, 18, 7, 98, 112, 144, 35, 29, 186, 169, 150, 165, 88, 145, 170, 197, 110, 42, 163, 188, 10, 42, 63, 34, 93, 91, 94, 199, 110, 10, 82, 238, 80, 93, 93, 77, 130, 22, 216, 229, 172, 36, 229, 82, 162, 20, 78, 19, 46, 82, 243, 43, 80, 115, 125, 145, 231, 194, 224, 30, 187, 55, 228, 74, 52, 203, 191, 254, 148, 136, 218, 62, 147, 171, 130, 251, 181, 105, 29, 238, 207, 197, 249, 61, 105, 202, 172, 160, 174, 43, 124, 115, 130, 169, 30, 76, 41, 52, 200, 2, 26, 53, 190, 43, 20, 203, 10, 217, 250, 47, 102, 92, 103, 197, 22, 108, 184, 74, 218, 82, 202, 180, 98, 13, 114, 12, 92, 1, 139, 150, 170, 8, 92, 32, 116, 168, 219, 157, 162, 28, 77, 29, 29, 74, 136, 144, 49, 173, 245, 253, 76, 167, 200, 169, 163, 7, 49, 133, 120, 99, 191, 53, 10, 66, 26, 234, 240, 139, 235, 134, 30, 55, 248, 150, 100, 242, 150, 159, 198, 44, 78, 150, 7, 133, 139, 59, 76, 3, 225, 94, 13, 89, 122, 34, 95, 95, 107, 74, 169, 171, 169, 222, 25, 191, 182, 148, 116, 66, 67, 102, 12, 193, 217, 247, 243, 148, 233, 161, 157
     ]),
-    data: new Buffer([
+    data: Buffer.from([
       10, 16, 27, 128, 228, 220, 147, 176, 53, 105, 175, 171, 32, 213, 35, 236, 203, 60, 18, 171, 2, 8, 0, 18, 166, 2, 48, 130, 1, 34, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 130, 1, 15, 0, 48, 130, 1, 10, 2, 130, 1, 1, 0, 181, 113, 138, 108, 208, 103, 166, 102, 37, 36, 204, 250, 228, 165, 44, 64, 176, 210, 205, 141, 241, 55, 200, 110, 98, 68, 85, 199, 254, 19, 86, 204, 63, 250, 167, 38, 59, 249, 146, 228, 73, 171, 63, 18, 96, 104, 191, 137, 186, 244, 255, 90, 16, 119, 195, 52, 177, 213, 254, 187, 174, 84, 174, 173, 12, 236, 53, 234, 3, 209, 82, 37, 78, 111, 214, 135, 76, 195, 9, 242, 134, 188, 153, 84, 139, 231, 51, 146, 177, 60, 12, 25, 158, 91, 215, 152, 7, 0, 84, 35, 36, 230, 227, 67, 198, 72, 50, 110, 37, 209, 98, 193, 65, 93, 173, 199, 4, 198, 102, 99, 148, 144, 224, 217, 114, 53, 144, 245, 251, 114, 211, 20, 82, 163, 123, 75, 16, 192, 106, 213, 128, 2, 11, 200, 203, 84, 41, 199, 224, 155, 171, 217, 64, 109, 116, 188, 151, 183, 173, 52, 205, 164, 93, 13, 251, 65, 182, 160, 154, 185, 239, 33, 184, 84, 159, 105, 101, 173, 194, 251, 123, 84, 92, 66, 61, 180, 45, 104, 162, 224, 214, 233, 64, 220, 165, 2, 104, 116, 150, 2, 234, 203, 112, 21, 124, 23, 48, 66, 30, 63, 30, 36, 246, 135, 203, 218, 115, 22, 189, 39, 39, 125, 205, 65, 222, 220, 77, 18, 84, 121, 161, 153, 125, 25, 139, 137, 170, 239, 150, 106, 119, 168, 216, 140, 113, 121, 26, 53, 118, 110, 53, 192, 244, 252, 145, 85, 2, 3, 1, 0, 1, 26, 17, 80, 45, 50, 53, 54, 44, 80, 45, 51, 56, 52, 44, 80, 45, 53, 50, 49, 34, 24, 65, 69, 83, 45, 50, 53, 54, 44, 65, 69, 83, 45, 49, 50, 56, 44, 66, 108, 111, 119, 102, 105, 115, 104, 42, 13, 83, 72, 65, 50, 53, 54, 44, 83, 72, 65, 53, 49, 50, 10, 16, 220, 83, 240, 105, 6, 203, 78, 83, 210, 115, 6, 106, 98, 82, 1, 161, 18, 171, 2, 8, 0, 18, 166, 2, 48, 130, 1, 34, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 130, 1, 15, 0, 48, 130, 1, 10, 2, 130, 1, 1, 0, 185, 234, 19, 191, 164, 33, 65, 94, 87, 42, 74, 83, 224, 25, 142, 44, 26, 7, 92, 242, 189, 42, 170, 197, 178, 92, 45, 240, 107, 141, 128, 59, 122, 252, 48, 140, 4, 85, 85, 203, 3, 197, 8, 127, 120, 98, 44, 169, 135, 196, 70, 137, 117, 180, 177, 134, 170, 35, 165, 88, 105, 30, 114, 138, 11, 96, 68, 99, 18, 149, 223, 166, 105, 12, 176, 77, 48, 214, 22, 236, 17, 154, 213, 209, 158, 169, 202, 5, 100, 210, 83, 90, 201, 38, 205, 246, 231, 106, 63, 86, 222, 143, 157, 173, 62, 4, 85, 232, 20, 188, 6, 209, 186, 132, 192, 117, 146, 181, 233, 26, 0, 240, 138, 206, 91, 170, 114, 137, 217, 132, 139, 242, 144, 213, 103, 101, 190, 146, 188, 250, 188, 134, 255, 70, 125, 78, 65, 136, 239, 190, 206, 139, 155, 140, 163, 233, 170, 247, 205, 87, 209, 19, 29, 173, 10, 147, 43, 28, 90, 46, 6, 197, 217, 186, 66, 68, 126, 76, 64, 184, 8, 170, 23, 79, 243, 223, 119, 133, 118, 50, 226, 44, 246, 176, 10, 161, 219, 83, 54, 68, 248, 5, 14, 177, 114, 54, 63, 11, 71, 136, 142, 56, 151, 123, 230, 61, 80, 15, 180, 42, 49, 220, 148, 99, 231, 20, 230, 220, 85, 207, 187, 37, 210, 137, 171, 125, 71, 14, 53, 100, 91, 83, 209, 50, 132, 165, 253, 25, 161, 5, 97, 164, 163, 83, 95, 53, 2, 3, 1, 0, 1, 26, 17, 80, 45, 50, 53, 54, 44, 80, 45, 51, 56, 52, 44, 80, 45, 53, 50, 49, 34, 15, 65, 69, 83, 45, 50, 53, 54, 44, 65, 69, 83, 45, 49, 50, 56, 42, 13, 83, 72, 65, 50, 53, 54, 44, 83, 72, 65, 53, 49, 50, 4, 97, 54, 203, 112, 136, 34, 231, 162, 19, 154, 131, 27, 105, 26, 121, 238, 120, 25, 203, 66, 232, 53, 198, 20, 19, 96, 119, 218, 90, 64, 170, 3, 132, 116, 1, 87, 116, 232, 165, 161, 198, 117, 167, 60, 145, 1, 253, 108, 50, 150, 117, 8, 140, 133, 48, 30, 236, 36, 84, 186, 22, 144, 87, 101
     ]),
-    publicKey: new Buffer([
+    publicKey: Buffer.from([
       8, 0, 18, 166, 2, 48, 130, 1, 34, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1, 5, 0, 3, 130, 1, 15, 0, 48, 130, 1, 10, 2, 130, 1, 1, 0, 181, 113, 138, 108, 208, 103, 166, 102, 37, 36, 204, 250, 228, 165, 44, 64, 176, 210, 205, 141, 241, 55, 200, 110, 98, 68, 85, 199, 254, 19, 86, 204, 63, 250, 167, 38, 59, 249, 146, 228, 73, 171, 63, 18, 96, 104, 191, 137, 186, 244, 255, 90, 16, 119, 195, 52, 177, 213, 254, 187, 174, 84, 174, 173, 12, 236, 53, 234, 3, 209, 82, 37, 78, 111, 214, 135, 76, 195, 9, 242, 134, 188, 153, 84, 139, 231, 51, 146, 177, 60, 12, 25, 158, 91, 215, 152, 7, 0, 84, 35, 36, 230, 227, 67, 198, 72, 50, 110, 37, 209, 98, 193, 65, 93, 173, 199, 4, 198, 102, 99, 148, 144, 224, 217, 114, 53, 144, 245, 251, 114, 211, 20, 82, 163, 123, 75, 16, 192, 106, 213, 128, 2, 11, 200, 203, 84, 41, 199, 224, 155, 171, 217, 64, 109, 116, 188, 151, 183, 173, 52, 205, 164, 93, 13, 251, 65, 182, 160, 154, 185, 239, 33, 184, 84, 159, 105, 101, 173, 194, 251, 123, 84, 92, 66, 61, 180, 45, 104, 162, 224, 214, 233, 64, 220, 165, 2, 104, 116, 150, 2, 234, 203, 112, 21, 124, 23, 48, 66, 30, 63, 30, 36, 246, 135, 203, 218, 115, 22, 189, 39, 39, 125, 205, 65, 222, 220, 77, 18, 84, 121, 161, 153, 125, 25, 139, 137, 170, 239, 150, 106, 119, 168, 216, 140, 113, 121, 26, 53, 118, 110, 53, 192, 244, 252, 145, 85, 2, 3, 1, 0, 1
     ])
   }

test/fixtures/go-stretch-key.js

@@ -1,30 +1,32 @@
 'use strict'
 
+const Buffer = require('safe-buffer').Buffer
+
 module.exports = [{
   cipher: 'AES-256',
   hash: 'SHA256',
-  secret: new Buffer([
+  secret: Buffer.from([
     195, 191, 209, 165, 209, 201, 127, 122, 136, 111, 31, 66, 111, 68, 38, 155, 216, 204, 46, 181, 200, 188, 170, 204, 104, 74, 239, 251, 173, 114, 222, 234
   ]),
   k1: {
-    iv: new Buffer([
+    iv: Buffer.from([
       208, 132, 203, 169, 253, 52, 40, 83, 161, 91, 17, 71, 33, 136, 67, 96
     ]),
-    cipherKey: new Buffer([
+    cipherKey: Buffer.from([
       156, 48, 241, 157, 92, 248, 153, 186, 114, 127, 195, 114, 106, 104, 215, 133, 35, 11, 131, 137, 123, 70, 74, 26, 15, 60, 189, 32, 67, 221, 115, 137
     ]),
-    macKey: new Buffer([
+    macKey: Buffer.from([
       6, 179, 91, 245, 224, 56, 153, 120, 77, 140, 29, 5, 15, 213, 187, 65, 137, 230, 202, 120
     ])
   },
   k2: {
-    iv: new Buffer([
+    iv: Buffer.from([
       236, 17, 34, 141, 90, 106, 197, 56, 197, 184, 157, 135, 91, 88, 112, 19
     ]),
-    cipherKey: new Buffer([
+    cipherKey: Buffer.from([
       151, 145, 195, 219, 76, 195, 102, 109, 187, 231, 100, 150, 132, 245, 251, 130, 254, 37, 178, 55, 227, 34, 114, 39, 238, 34, 2, 193, 107, 130, 32, 87
     ]),
-    macKey: new Buffer([
+    macKey: Buffer.from([
       3, 229, 77, 212, 241, 217, 23, 113, 220, 126, 38, 255, 18, 117, 108, 205, 198, 89, 1, 236
     ])
   }

test/hmac.spec.js

@@ -2,7 +2,9 @@
 /* eslint-env mocha */
 'use strict'
 
+const Buffer = require('safe-buffer').Buffer
 const expect = require('chai').expect
+
 const crypto = require('../src')
 
 const hashes = ['SHA1', 'SHA256', 'SHA512']
@@ -10,10 +12,10 @@ const hashes = ['SHA1', 'SHA256', 'SHA512']
 describe('HMAC', () => {
   hashes.forEach((hash) => {
     it(`${hash} - sign and verify`, (done) => {
-      crypto.hmac.create(hash, new Buffer('secret'), (err, hmac) => {
+      crypto.hmac.create(hash, Buffer.from('secret'), (err, hmac) => {
         expect(err).to.not.exist
 
-        hmac.digest(new Buffer('hello world'), (err, sig) => {
+        hmac.digest(Buffer.from('hello world'), (err, sig) => {
           expect(err).to.not.exist
           expect(sig).to.have.length(hmac.length)
           done()

test/index.spec.js

@@ -97,14 +97,16 @@ describe('libp2p-crypto', () => {
         true
       )
     })
+  })
 
-    it('randomBytes throws with no number passed', () => {
+  describe('randomBytes', () => {
+    it('throws with no number passed', () => {
       expect(() => {
         crypto.randomBytes()
       }).to.throw
     })
 
-    it('randomBytes', () => {
+    it('generates different random things', () => {
       const buf1 = crypto.randomBytes(10)
       expect(buf1.length).to.equal(10)
       const buf2 = crypto.randomBytes(10)

test/rsa.spec.js

@@ -2,6 +2,7 @@
 'use strict'
 
 const expect = require('chai').expect
+const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('../src')
 const rsa = crypto.keys.rsa
@@ -129,7 +130,7 @@ describe('RSA', () => {
   })
 
   it('sign and verify', (done) => {
-    const data = new Buffer('hello world')
+    const data = Buffer.from('hello world')
     key.sign(data, (err, sig) => {
       if (err) {
         return done(err)
@@ -146,13 +147,13 @@ describe('RSA', () => {
   })
 
   it('fails to verify for different data', (done) => {
-    const data = new Buffer('hello world')
+    const data = Buffer.from('hello world')
     key.sign(data, (err, sig) => {
       if (err) {
         return done(err)
       }
 
-      key.public.verify(new Buffer('hello'), sig, (err, valid) => {
+      key.public.verify(Buffer.from('hello'), sig, (err, valid) => {
         if (err) {
           return done(err)
         }