chore: release version v0.10.1

rm unsafe-eval

.eslintignore

@@ -0,0 +1 @@
+src/keys/keys.proto.js

.gitignore

@@ -1,6 +1,10 @@
+package-lock.json
+yarn.lock
+
 **/node_modules/
 **/*.log
 test/repo-tests*
+**/bundle.js
 
 # Logs
 logs
@@ -31,4 +35,12 @@ build
 # https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git
 node_modules
 
+lib
 dist
+test/test-data/go-ipfs-repo/LOCK
+test/test-data/go-ipfs-repo/LOG
+test/test-data/go-ipfs-repo/LOG.old
+
+# while testing npm5
+package-lock.json
+yarn.lock

.travis.yml

@@ -3,21 +3,18 @@ language: node_js
 
 matrix:
   include:
-  - node_js: 4
-    env: CXX=g++-4.8
   - node_js: 6
     env: CXX=g++-4.8
-  - node_js: stable
+  - node_js: 8
     env: CXX=g++-4.8
-
-# Make sure we have new NPM.
-before_install:
-  - npm install -g npm@4
+    #  - node_js: stable
+    #    env: CXX=g++-4.8
 
 script:
   - npm run lint
-  - npm test
+  - npm run test
   - npm run coverage
+  - make test
 
 before_script:
   - export DISPLAY=:99.0

CHANGELOG.md

@@ -1,3 +1,49 @@
+<a name="0.10.1"></a>
+## [0.10.1](https://github.com/libp2p/js-libp2p-crypto/compare/v0.10.0...v0.10.1) (2017-09-05)
+
+
+### Bug Fixes
+
+* switch to protobufjs ([#107](https://github.com/libp2p/js-libp2p-crypto/issues/107)) ([dc2793f](https://github.com/libp2p/js-libp2p-crypto/commit/dc2793f))
+
+
+
+<a name="0.10.0"></a>
+# [0.10.0](https://github.com/libp2p/js-libp2p-crypto/compare/v0.9.4...v0.10.0) (2017-09-03)
+
+
+### Features
+
+* p2p addrs situation ([#106](https://github.com/libp2p/js-libp2p-crypto/issues/106)) ([9e977c7](https://github.com/libp2p/js-libp2p-crypto/commit/9e977c7))
+* skip nextTick in nodeify ([#103](https://github.com/libp2p/js-libp2p-crypto/issues/103)) ([f20267b](https://github.com/libp2p/js-libp2p-crypto/commit/f20267b))
+
+
+
+<a name="0.9.4"></a>
+## [0.9.4](https://github.com/libp2p/js-libp2p-crypto/compare/v0.9.3...v0.9.4) (2017-07-22)
+
+
+### Bug Fixes
+
+* circular circular dep -> DI ([bc554d1](https://github.com/libp2p/js-libp2p-crypto/commit/bc554d1))
+
+
+
+<a name="0.9.3"></a>
+## [0.9.3](https://github.com/libp2p/js-libp2p-crypto/compare/v0.9.2...v0.9.3) (2017-07-22)
+
+
+
+<a name="0.9.2"></a>
+## [0.9.2](https://github.com/libp2p/js-libp2p-crypto/compare/v0.9.1...v0.9.2) (2017-07-22)
+
+
+
+<a name="0.9.1"></a>
+## [0.9.1](https://github.com/libp2p/js-libp2p-crypto/compare/v0.9.0...v0.9.1) (2017-07-22)
+
+
+
 <a name="0.9.0"></a>
 # [0.9.0](https://github.com/libp2p/js-libp2p-crypto/compare/v0.8.8...v0.9.0) (2017-07-22)
 

README.md

@@ -10,7 +10,7 @@
 [![Dependency Status](https://david-dm.org/libp2p/js-libp2p-crypto.svg?style=flat-square)](https://david-dm.org/libp2p/js-libp2p-crypto)
 [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](https://github.com/feross/standard)
 ![](https://img.shields.io/badge/npm-%3E%3D3.0.0-orange.svg?style=flat-square)
-![](https://img.shields.io/badge/Node.js-%3E%3D4.0.0-orange.svg?style=flat-square)
+![](https://img.shields.io/badge/Node.js-%3E%3D6.0.0-orange.svg?style=flat-square)
 
 > Crypto primitives for libp2p in JavaScript
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "libp2p-crypto",
-  "version": "0.9.0",
+  "version": "0.10.1",
   "description": "Crypto primitives for libp2p",
   "main": "src/index.js",
   "browser": {
@@ -12,6 +12,7 @@
   "scripts": {
     "lint": "aegir-lint",
     "build": "aegir-build",
+    "build-proto": "pbjs --wrap commonjs --target static-module src/keys/keys.proto > src/keys/keys.proto.js",
     "test": "aegir-test",
     "test:node": "aegir-test --env node",
     "test:browser": "aegir-test --env browser",
@@ -34,20 +35,19 @@
     "async": "^2.5.0",
     "browserify-aes": "^1.0.6",
     "keypair": "^1.0.1",
-    "libp2p-crypto-secp256k1": "^0.1.4",
-    "nodeify": "^1.0.1",
+    "libp2p-crypto-secp256k1": "~0.2.2",
+    "multihashing-async": "~0.4.6",
     "pem-jwk": "^1.5.1",
-    "protocol-buffers": "^3.2.1",
+    "protobufjs": "^6.8.0",
     "rsa-pem-to-jwk": "^1.1.3",
     "safe-buffer": "^5.1.1",
     "tweetnacl": "^1.0.0",
-    "webcrypto-shim": "github:dignifiedquire/webcrypto-shim#master",
-    "multihashing-async": "~0.4.5"
+    "webcrypto-shim": "github:dignifiedquire/webcrypto-shim#master"
   },
   "devDependencies": {
     "aegir": "^11.0.2",
     "benchmark": "^2.1.4",
-    "chai": "^4.1.0",
+    "chai": "^4.1.2",
     "dirty-chai": "^2.0.1",
     "pre-commit": "^1.2.2"
   },
@@ -56,7 +56,7 @@
     "test"
   ],
   "engines": {
-    "node": ">=4.0.0",
+    "node": ">=6.0.0",
     "npm": ">=3.0.0"
   },
   "repository": {

src/aes/index-browser.js

@@ -0,0 +1,55 @@
+'use strict'
+
+const asm = require('asmcrypto.js')
+const setImmediate = require('async/setImmediate')
+
+exports.create = function (key, iv, callback) {
+  const done = (err, res) => setImmediate(() => callback(err, res))
+
+  if (key.length !== 16 && key.length !== 32) {
+    return done(new Error('Invalid key length'))
+  }
+
+  const enc = new asm.AES_CTR.Encrypt({
+    key: key,
+    nonce: iv
+  })
+  const dec = new asm.AES_CTR.Decrypt({
+    key: key,
+    nonce: iv
+  })
+
+  const res = {
+    encrypt (data, cb) {
+      const done = (err, res) => setImmediate(() => cb(err, res))
+
+      let res
+      try {
+        res = Buffer.from(
+          enc.process(data).result
+        )
+      } catch (err) {
+        return done(err)
+      }
+
+      done(null, res)
+    },
+
+    decrypt (data, cb) {
+      const done = (err, res) => setImmediate(() => cb(err, res))
+
+      let res
+      try {
+        res = Buffer.from(
+          dec.process(data).result
+        )
+      } catch (err) {
+        return done(err)
+      }
+
+      done(null, res)
+    }
+  }
+
+  done(null, res)
+}

src/hmac/index-browser.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const nodeify = require('nodeify')
+const nodeify = require('../nodeify')
 const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('../webcrypto.js')()
@@ -12,6 +12,11 @@ const hashTypes = {
   SHA512: 'SHA-512'
 }
 
+const sign = (key, data, cb) => {
+  nodeify(crypto.subtle.sign({name: 'HMAC'}, key, data)
+    .then((raw) => Buffer.from(raw)), cb)
+}
+
 exports.create = function (hashType, secret, callback) {
   const hash = hashTypes[hashType]
 
@@ -27,8 +32,7 @@ exports.create = function (hashType, secret, callback) {
   ).then((key) => {
     return {
       digest (data, cb) {
-        nodeify(crypto.subtle.sign({name: 'HMAC'}, key, data)
-          .then((raw) => Buffer.from(raw)), cb)
+        sign(key, data, cb)
       },
       length: lengths[hashType]
     }

src/index.js

@@ -3,18 +3,10 @@
 const hmac = require('./hmac')
 const aes = require('./aes')
 const keys = require('./keys')
-const rsa = require('./keys/rsa')
 
 exports = module.exports
 
 exports.aes = aes
 exports.hmac = hmac
 exports.keys = keys
-
-exports.randomBytes = (number) => {
-  if (!number || typeof number !== 'number') {
-    throw new Error('first argument must be a Number bigger than 0')
-  }
-
-  return rsa.getRandomValues(new Uint8Array(number))
-}
+exports.randomBytes = require('./random-bytes')

src/keys/ecdh-browser.js

@@ -1,7 +1,7 @@
 'use strict'
 
 const webcrypto = require('../webcrypto.js')()
-const nodeify = require('nodeify')
+const nodeify = require('../nodeify')
 const BN = require('asn1.js').bignum
 const Buffer = require('safe-buffer').Buffer
 

src/keys/ed25519-class.js

@@ -1,11 +1,10 @@
 'use strict'
 
 const multihashing = require('multihashing-async')
-const protobuf = require('protocol-buffers')
 const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('./ed25519')
-const pbm = protobuf(require('./keys.proto'))
+const pbm = require('./keys.proto.js')
 
 class Ed25519PublicKey {
   constructor (key) {
@@ -22,10 +21,11 @@ class Ed25519PublicKey {
   }
 
   get bytes () {
-    return pbm.PublicKey.encode({
+    const msg = pbm.PublicKey.create({
       Type: pbm.KeyType.Ed25519,
       Data: this.marshal()
     })
+    return Buffer.from(pbm.PublicKey.encode(msg).finish())
   }
 
   equals (key) {
@@ -64,10 +64,12 @@ class Ed25519PrivateKey {
   }
 
   get bytes () {
-    return pbm.PrivateKey.encode({
+    const msg = pbm.PrivateKey.create({
       Type: pbm.KeyType.Ed25519,
       Data: this.marshal()
     })
+
+    return Buffer.from(pbm.PrivateKey.encode(msg).finish())
   }
 
   equals (key) {

src/keys/index.js

@@ -1,16 +1,20 @@
 'use strict'
 
-const protobuf = require('protocol-buffers')
-const pbm = protobuf(require('./keys.proto'))
-
-const keys = exports.keys = require('./keys')
+const keysPBM = require('./keys.proto.js')
 
 exports = module.exports
 
-exports.pbm = pbm
+const supportedKeys = {
+  rsa: require('./rsa-class'),
+  ed25519: require('./ed25519-class'),
+  secp256k1: require('libp2p-crypto-secp256k1')(keysPBM, require('../random-bytes'))
+}
+
+exports.supportedKeys = supportedKeys
+exports.keysPBM = keysPBM
 
 function isValidKeyType (keyType) {
-  const key = keys[keyType.toLowerCase()]
+  const key = supportedKeys[keyType.toLowerCase()]
   return key !== undefined
 }
 
@@ -19,7 +23,7 @@ exports.generateEphemeralKeyPair = require('./ephemeral-keys')
 
 // Generates a keypair of the given type and bitsize
 exports.generateKeyPair = (type, bits, cb) => {
-  let key = keys[type.toLowerCase()]
+  let key = supportedKeys[type.toLowerCase()]
 
   if (!key) {
     return cb(new Error('invalid or unsupported key type'))
@@ -31,7 +35,7 @@ exports.generateKeyPair = (type, bits, cb) => {
 // Generates a keypair of the given type and bitsize
 // seed is a 32 byte uint8array
 exports.generateKeyPairFromSeed = (type, seed, bits, cb) => {
-  let key = keys[type.toLowerCase()]
+  let key = supportedKeys[type.toLowerCase()]
   if (!key) {
     return cb(new Error('invalid or unsupported key type'))
   }
@@ -44,16 +48,17 @@ exports.generateKeyPairFromSeed = (type, seed, bits, cb) => {
 // Converts a protobuf serialized public key into its
 // representative object
 exports.unmarshalPublicKey = (buf) => {
-  const decoded = pbm.PublicKey.decode(buf)
+  const decoded = keysPBM.PublicKey.decode(buf)
+  const data = Buffer.from(decoded.Data)
 
   switch (decoded.Type) {
-    case pbm.KeyType.RSA:
-      return keys.rsa.unmarshalRsaPublicKey(decoded.Data)
-    case pbm.KeyType.Ed25519:
-      return keys.ed25519.unmarshalEd25519PublicKey(decoded.Data)
-    case pbm.KeyType.Secp256k1:
-      if (keys.secp256k1) {
-        return keys.secp256k1.unmarshalSecp256k1PublicKey(decoded.Data)
+    case keysPBM.KeyType.RSA:
+      return supportedKeys.rsa.unmarshalRsaPublicKey(data)
+    case keysPBM.KeyType.Ed25519:
+      return supportedKeys.ed25519.unmarshalEd25519PublicKey(data)
+    case keysPBM.KeyType.Secp256k1:
+      if (supportedKeys.secp256k1) {
+        return supportedKeys.secp256k1.unmarshalSecp256k1PublicKey(data)
       } else {
         throw new Error('secp256k1 support requires libp2p-crypto-secp256k1 package')
       }
@@ -75,16 +80,17 @@ exports.marshalPublicKey = (key, type) => {
 // Converts a protobuf serialized private key into its
 // representative object
 exports.unmarshalPrivateKey = (buf, callback) => {
-  const decoded = pbm.PrivateKey.decode(buf)
+  const decoded = keysPBM.PrivateKey.decode(buf)
+  const data = Buffer.from(decoded.Data)
 
   switch (decoded.Type) {
-    case pbm.KeyType.RSA:
-      return keys.rsa.unmarshalRsaPrivateKey(decoded.Data, callback)
-    case pbm.KeyType.Ed25519:
-      return keys.ed25519.unmarshalEd25519PrivateKey(decoded.Data, callback)
-    case pbm.KeyType.Secp256k1:
-      if (keys.secp256k1) {
-        return keys.secp256k1.unmarshalSecp256k1PrivateKey(decoded.Data, callback)
+    case keysPBM.KeyType.RSA:
+      return supportedKeys.rsa.unmarshalRsaPrivateKey(data, callback)
+    case keysPBM.KeyType.Ed25519:
+      return supportedKeys.ed25519.unmarshalEd25519PrivateKey(data, callback)
+    case keysPBM.KeyType.Secp256k1:
+      if (supportedKeys.secp256k1) {
+        return supportedKeys.secp256k1.unmarshalSecp256k1PrivateKey(data, callback)
       } else {
         return callback(new Error('secp256k1 support requires libp2p-crypto-secp256k1 package'))
       }

src/keys/keys.js

@@ -1,7 +0,0 @@
-'use strict'
-
-module.exports = {
-  rsa: require('./rsa-class'),
-  ed25519: require('./ed25519-class'),
-  secp256k1: require('libp2p-crypto-secp256k1')
-}

src/keys/keys.proto

@@ -0,0 +1,15 @@
+enum KeyType {
+  RSA = 0;
+  Ed25519 = 1;
+  Secp256k1 = 2;
+}
+
+message PublicKey {
+  required KeyType Type = 1;
+  required bytes Data = 2;
+}
+
+message PrivateKey {
+  required KeyType Type = 1;
+  required bytes Data = 2;
+}

src/keys/keys.proto.js

@@ -1,17 +1,488 @@
-'use strict'
+/*eslint-disable block-scoped-var, no-redeclare, no-control-regex, no-prototype-builtins*/
+"use strict";
 
-module.exports = `enum KeyType {
-  RSA = 0;
-  Ed25519 = 1;
-  Secp256k1 = 2;
-}
+var $protobuf = require("protobufjs/minimal");
 
-message PublicKey {
-  required KeyType Type = 1;
-  required bytes Data = 2;
-}
+// Common aliases
+var $Reader = $protobuf.Reader, $Writer = $protobuf.Writer, $util = $protobuf.util;
 
-message PrivateKey {
-  required KeyType Type = 1;
-  required bytes Data = 2;
-}`
+// Exported root namespace
+var $root = $protobuf.roots["default"] || ($protobuf.roots["default"] = {});
+
+/**
+ * KeyType enum.
+ * @exports KeyType
+ * @enum {string}
+ * @property {number} RSA=0 RSA value
+ * @property {number} Ed25519=1 Ed25519 value
+ * @property {number} Secp256k1=2 Secp256k1 value
+ */
+$root.KeyType = (function() {
+    var valuesById = {}, values = Object.create(valuesById);
+    values[valuesById[0] = "RSA"] = 0;
+    values[valuesById[1] = "Ed25519"] = 1;
+    values[valuesById[2] = "Secp256k1"] = 2;
+    return values;
+})();
+
+$root.PublicKey = (function() {
+
+    /**
+     * Properties of a PublicKey.
+     * @exports IPublicKey
+     * @interface IPublicKey
+     * @property {KeyType} Type PublicKey Type
+     * @property {Uint8Array} Data PublicKey Data
+     */
+
+    /**
+     * Constructs a new PublicKey.
+     * @exports PublicKey
+     * @classdesc Represents a PublicKey.
+     * @constructor
+     * @param {IPublicKey=} [properties] Properties to set
+     */
+    function PublicKey(properties) {
+        if (properties)
+            for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
+                if (properties[keys[i]] != null)
+                    this[keys[i]] = properties[keys[i]];
+    }
+
+    /**
+     * PublicKey Type.
+     * @member {KeyType}Type
+     * @memberof PublicKey
+     * @instance
+     */
+    PublicKey.prototype.Type = 0;
+
+    /**
+     * PublicKey Data.
+     * @member {Uint8Array}Data
+     * @memberof PublicKey
+     * @instance
+     */
+    PublicKey.prototype.Data = $util.newBuffer([]);
+
+    /**
+     * Creates a new PublicKey instance using the specified properties.
+     * @function create
+     * @memberof PublicKey
+     * @static
+     * @param {IPublicKey=} [properties] Properties to set
+     * @returns {PublicKey} PublicKey instance
+     */
+    PublicKey.create = function create(properties) {
+        return new PublicKey(properties);
+    };
+
+    /**
+     * Encodes the specified PublicKey message. Does not implicitly {@link PublicKey.verify|verify} messages.
+     * @function encode
+     * @memberof PublicKey
+     * @static
+     * @param {IPublicKey} message PublicKey message or plain object to encode
+     * @param {$protobuf.Writer} [writer] Writer to encode to
+     * @returns {$protobuf.Writer} Writer
+     */
+    PublicKey.encode = function encode(message, writer) {
+        if (!writer)
+            writer = $Writer.create();
+        writer.uint32(/* id 1, wireType 0 =*/8).int32(message.Type);
+        writer.uint32(/* id 2, wireType 2 =*/18).bytes(message.Data);
+        return writer;
+    };
+
+    /**
+     * Encodes the specified PublicKey message, length delimited. Does not implicitly {@link PublicKey.verify|verify} messages.
+     * @function encodeDelimited
+     * @memberof PublicKey
+     * @static
+     * @param {IPublicKey} message PublicKey message or plain object to encode
+     * @param {$protobuf.Writer} [writer] Writer to encode to
+     * @returns {$protobuf.Writer} Writer
+     */
+    PublicKey.encodeDelimited = function encodeDelimited(message, writer) {
+        return this.encode(message, writer).ldelim();
+    };
+
+    /**
+     * Decodes a PublicKey message from the specified reader or buffer.
+     * @function decode
+     * @memberof PublicKey
+     * @static
+     * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+     * @param {number} [length] Message length if known beforehand
+     * @returns {PublicKey} PublicKey
+     * @throws {Error} If the payload is not a reader or valid buffer
+     * @throws {$protobuf.util.ProtocolError} If required fields are missing
+     */
+    PublicKey.decode = function decode(reader, length) {
+        if (!(reader instanceof $Reader))
+            reader = $Reader.create(reader);
+        var end = length === undefined ? reader.len : reader.pos + length, message = new $root.PublicKey();
+        while (reader.pos < end) {
+            var tag = reader.uint32();
+            switch (tag >>> 3) {
+            case 1:
+                message.Type = reader.int32();
+                break;
+            case 2:
+                message.Data = reader.bytes();
+                break;
+            default:
+                reader.skipType(tag & 7);
+                break;
+            }
+        }
+        if (!message.hasOwnProperty("Type"))
+            throw $util.ProtocolError("missing required 'Type'", { instance: message });
+        if (!message.hasOwnProperty("Data"))
+            throw $util.ProtocolError("missing required 'Data'", { instance: message });
+        return message;
+    };
+
+    /**
+     * Decodes a PublicKey message from the specified reader or buffer, length delimited.
+     * @function decodeDelimited
+     * @memberof PublicKey
+     * @static
+     * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+     * @returns {PublicKey} PublicKey
+     * @throws {Error} If the payload is not a reader or valid buffer
+     * @throws {$protobuf.util.ProtocolError} If required fields are missing
+     */
+    PublicKey.decodeDelimited = function decodeDelimited(reader) {
+        if (!(reader instanceof $Reader))
+            reader = new $Reader(reader);
+        return this.decode(reader, reader.uint32());
+    };
+
+    /**
+     * Verifies a PublicKey message.
+     * @function verify
+     * @memberof PublicKey
+     * @static
+     * @param {Object.<string,*>} message Plain object to verify
+     * @returns {string|null} `null` if valid, otherwise the reason why it is not
+     */
+    PublicKey.verify = function verify(message) {
+        if (typeof message !== "object" || message === null)
+            return "object expected";
+        switch (message.Type) {
+        default:
+            return "Type: enum value expected";
+        case 0:
+        case 1:
+        case 2:
+            break;
+        }
+        if (!(message.Data && typeof message.Data.length === "number" || $util.isString(message.Data)))
+            return "Data: buffer expected";
+        return null;
+    };
+
+    /**
+     * Creates a PublicKey message from a plain object. Also converts values to their respective internal types.
+     * @function fromObject
+     * @memberof PublicKey
+     * @static
+     * @param {Object.<string,*>} object Plain object
+     * @returns {PublicKey} PublicKey
+     */
+    PublicKey.fromObject = function fromObject(object) {
+        if (object instanceof $root.PublicKey)
+            return object;
+        var message = new $root.PublicKey();
+        switch (object.Type) {
+        case "RSA":
+        case 0:
+            message.Type = 0;
+            break;
+        case "Ed25519":
+        case 1:
+            message.Type = 1;
+            break;
+        case "Secp256k1":
+        case 2:
+            message.Type = 2;
+            break;
+        }
+        if (object.Data != null)
+            if (typeof object.Data === "string")
+                $util.base64.decode(object.Data, message.Data = $util.newBuffer($util.base64.length(object.Data)), 0);
+            else if (object.Data.length)
+                message.Data = object.Data;
+        return message;
+    };
+
+    /**
+     * Creates a plain object from a PublicKey message. Also converts values to other types if specified.
+     * @function toObject
+     * @memberof PublicKey
+     * @static
+     * @param {PublicKey} message PublicKey
+     * @param {$protobuf.IConversionOptions} [options] Conversion options
+     * @returns {Object.<string,*>} Plain object
+     */
+    PublicKey.toObject = function toObject(message, options) {
+        if (!options)
+            options = {};
+        var object = {};
+        if (options.defaults) {
+            object.Type = options.enums === String ? "RSA" : 0;
+            object.Data = options.bytes === String ? "" : [];
+        }
+        if (message.Type != null && message.hasOwnProperty("Type"))
+            object.Type = options.enums === String ? $root.KeyType[message.Type] : message.Type;
+        if (message.Data != null && message.hasOwnProperty("Data"))
+            object.Data = options.bytes === String ? $util.base64.encode(message.Data, 0, message.Data.length) : options.bytes === Array ? Array.prototype.slice.call(message.Data) : message.Data;
+        return object;
+    };
+
+    /**
+     * Converts this PublicKey to JSON.
+     * @function toJSON
+     * @memberof PublicKey
+     * @instance
+     * @returns {Object.<string,*>} JSON object
+     */
+    PublicKey.prototype.toJSON = function toJSON() {
+        return this.constructor.toObject(this, $protobuf.util.toJSONOptions);
+    };
+
+    return PublicKey;
+})();
+
+$root.PrivateKey = (function() {
+
+    /**
+     * Properties of a PrivateKey.
+     * @exports IPrivateKey
+     * @interface IPrivateKey
+     * @property {KeyType} Type PrivateKey Type
+     * @property {Uint8Array} Data PrivateKey Data
+     */
+
+    /**
+     * Constructs a new PrivateKey.
+     * @exports PrivateKey
+     * @classdesc Represents a PrivateKey.
+     * @constructor
+     * @param {IPrivateKey=} [properties] Properties to set
+     */
+    function PrivateKey(properties) {
+        if (properties)
+            for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
+                if (properties[keys[i]] != null)
+                    this[keys[i]] = properties[keys[i]];
+    }
+
+    /**
+     * PrivateKey Type.
+     * @member {KeyType}Type
+     * @memberof PrivateKey
+     * @instance
+     */
+    PrivateKey.prototype.Type = 0;
+
+    /**
+     * PrivateKey Data.
+     * @member {Uint8Array}Data
+     * @memberof PrivateKey
+     * @instance
+     */
+    PrivateKey.prototype.Data = $util.newBuffer([]);
+
+    /**
+     * Creates a new PrivateKey instance using the specified properties.
+     * @function create
+     * @memberof PrivateKey
+     * @static
+     * @param {IPrivateKey=} [properties] Properties to set
+     * @returns {PrivateKey} PrivateKey instance
+     */
+    PrivateKey.create = function create(properties) {
+        return new PrivateKey(properties);
+    };
+
+    /**
+     * Encodes the specified PrivateKey message. Does not implicitly {@link PrivateKey.verify|verify} messages.
+     * @function encode
+     * @memberof PrivateKey
+     * @static
+     * @param {IPrivateKey} message PrivateKey message or plain object to encode
+     * @param {$protobuf.Writer} [writer] Writer to encode to
+     * @returns {$protobuf.Writer} Writer
+     */
+    PrivateKey.encode = function encode(message, writer) {
+        if (!writer)
+            writer = $Writer.create();
+        writer.uint32(/* id 1, wireType 0 =*/8).int32(message.Type);
+        writer.uint32(/* id 2, wireType 2 =*/18).bytes(message.Data);
+        return writer;
+    };
+
+    /**
+     * Encodes the specified PrivateKey message, length delimited. Does not implicitly {@link PrivateKey.verify|verify} messages.
+     * @function encodeDelimited
+     * @memberof PrivateKey
+     * @static
+     * @param {IPrivateKey} message PrivateKey message or plain object to encode
+     * @param {$protobuf.Writer} [writer] Writer to encode to
+     * @returns {$protobuf.Writer} Writer
+     */
+    PrivateKey.encodeDelimited = function encodeDelimited(message, writer) {
+        return this.encode(message, writer).ldelim();
+    };
+
+    /**
+     * Decodes a PrivateKey message from the specified reader or buffer.
+     * @function decode
+     * @memberof PrivateKey
+     * @static
+     * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+     * @param {number} [length] Message length if known beforehand
+     * @returns {PrivateKey} PrivateKey
+     * @throws {Error} If the payload is not a reader or valid buffer
+     * @throws {$protobuf.util.ProtocolError} If required fields are missing
+     */
+    PrivateKey.decode = function decode(reader, length) {
+        if (!(reader instanceof $Reader))
+            reader = $Reader.create(reader);
+        var end = length === undefined ? reader.len : reader.pos + length, message = new $root.PrivateKey();
+        while (reader.pos < end) {
+            var tag = reader.uint32();
+            switch (tag >>> 3) {
+            case 1:
+                message.Type = reader.int32();
+                break;
+            case 2:
+                message.Data = reader.bytes();
+                break;
+            default:
+                reader.skipType(tag & 7);
+                break;
+            }
+        }
+        if (!message.hasOwnProperty("Type"))
+            throw $util.ProtocolError("missing required 'Type'", { instance: message });
+        if (!message.hasOwnProperty("Data"))
+            throw $util.ProtocolError("missing required 'Data'", { instance: message });
+        return message;
+    };
+
+    /**
+     * Decodes a PrivateKey message from the specified reader or buffer, length delimited.
+     * @function decodeDelimited
+     * @memberof PrivateKey
+     * @static
+     * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+     * @returns {PrivateKey} PrivateKey
+     * @throws {Error} If the payload is not a reader or valid buffer
+     * @throws {$protobuf.util.ProtocolError} If required fields are missing
+     */
+    PrivateKey.decodeDelimited = function decodeDelimited(reader) {
+        if (!(reader instanceof $Reader))
+            reader = new $Reader(reader);
+        return this.decode(reader, reader.uint32());
+    };
+
+    /**
+     * Verifies a PrivateKey message.
+     * @function verify
+     * @memberof PrivateKey
+     * @static
+     * @param {Object.<string,*>} message Plain object to verify
+     * @returns {string|null} `null` if valid, otherwise the reason why it is not
+     */
+    PrivateKey.verify = function verify(message) {
+        if (typeof message !== "object" || message === null)
+            return "object expected";
+        switch (message.Type) {
+        default:
+            return "Type: enum value expected";
+        case 0:
+        case 1:
+        case 2:
+            break;
+        }
+        if (!(message.Data && typeof message.Data.length === "number" || $util.isString(message.Data)))
+            return "Data: buffer expected";
+        return null;
+    };
+
+    /**
+     * Creates a PrivateKey message from a plain object. Also converts values to their respective internal types.
+     * @function fromObject
+     * @memberof PrivateKey
+     * @static
+     * @param {Object.<string,*>} object Plain object
+     * @returns {PrivateKey} PrivateKey
+     */
+    PrivateKey.fromObject = function fromObject(object) {
+        if (object instanceof $root.PrivateKey)
+            return object;
+        var message = new $root.PrivateKey();
+        switch (object.Type) {
+        case "RSA":
+        case 0:
+            message.Type = 0;
+            break;
+        case "Ed25519":
+        case 1:
+            message.Type = 1;
+            break;
+        case "Secp256k1":
+        case 2:
+            message.Type = 2;
+            break;
+        }
+        if (object.Data != null)
+            if (typeof object.Data === "string")
+                $util.base64.decode(object.Data, message.Data = $util.newBuffer($util.base64.length(object.Data)), 0);
+            else if (object.Data.length)
+                message.Data = object.Data;
+        return message;
+    };
+
+    /**
+     * Creates a plain object from a PrivateKey message. Also converts values to other types if specified.
+     * @function toObject
+     * @memberof PrivateKey
+     * @static
+     * @param {PrivateKey} message PrivateKey
+     * @param {$protobuf.IConversionOptions} [options] Conversion options
+     * @returns {Object.<string,*>} Plain object
+     */
+    PrivateKey.toObject = function toObject(message, options) {
+        if (!options)
+            options = {};
+        var object = {};
+        if (options.defaults) {
+            object.Type = options.enums === String ? "RSA" : 0;
+            object.Data = options.bytes === String ? "" : [];
+        }
+        if (message.Type != null && message.hasOwnProperty("Type"))
+            object.Type = options.enums === String ? $root.KeyType[message.Type] : message.Type;
+        if (message.Data != null && message.hasOwnProperty("Data"))
+            object.Data = options.bytes === String ? $util.base64.encode(message.Data, 0, message.Data.length) : options.bytes === Array ? Array.prototype.slice.call(message.Data) : message.Data;
+        return object;
+    };
+
+    /**
+     * Converts this PrivateKey to JSON.
+     * @function toJSON
+     * @memberof PrivateKey
+     * @instance
+     * @returns {Object.<string,*>} JSON object
+     */
+    PrivateKey.prototype.toJSON = function toJSON() {
+        return this.constructor.toObject(this, $protobuf.util.toJSONOptions);
+    };
+
+    return PrivateKey;
+})();
+
+module.exports = $root;

src/keys/rsa-browser.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const nodeify = require('nodeify')
+const nodeify = require('../nodeify')
 const Buffer = require('safe-buffer').Buffer
 
 const webcrypto = require('../webcrypto.js')()

src/keys/rsa-class.js

@@ -1,10 +1,9 @@
 'use strict'
 
 const multihashing = require('multihashing-async')
-const protobuf = require('protocol-buffers')
 
 const crypto = require('./rsa')
-const pbm = protobuf(require('./keys.proto'))
+const pbm = require('./keys.proto.js')
 
 class RsaPublicKey {
   constructor (key) {
@@ -21,10 +20,11 @@ class RsaPublicKey {
   }
 
   get bytes () {
-    return pbm.PublicKey.encode({
+    const msg = pbm.PublicKey.create({
       Type: pbm.KeyType.RSA,
       Data: this.marshal()
     })
+    return Buffer.from(pbm.PublicKey.encode(msg).finish())
   }
 
   encrypt (bytes) {
@@ -75,10 +75,11 @@ class RsaPrivateKey {
   }
 
   get bytes () {
-    return pbm.PrivateKey.encode({
+    const msg = pbm.PrivateKey.create({
       Type: pbm.KeyType.RSA,
       Data: this.marshal()
     })
+    return Buffer.from(pbm.PrivateKey.encode(msg).finish())
   }
 
   equals (key) {

src/nodeify.js

@@ -0,0 +1,11 @@
+'use strict'
+
+// Based on npmjs.com/nodeify but without additional `nextTick` calls
+// to keep the overhead low
+module.exports = function nodeify (promise, cb) {
+  return promise.then((res) => {
+    cb(null, res)
+  }, (err) => {
+    cb(err)
+  })
+}

src/random-bytes.js

@@ -0,0 +1,13 @@
+'use strict'
+
+const rsa = require('./keys/rsa')
+
+function randomBytes (number) {
+  if (!number || typeof number !== 'number') {
+    throw new Error('first argument must be a Number bigger than 0')
+  }
+
+  return rsa.getRandomValues(new Uint8Array(number))
+}
+
+module.exports = randomBytes

test/keys/ed25519.spec.js

@@ -8,7 +8,7 @@ chai.use(dirtyChai)
 const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('../../src')
-const ed25519 = crypto.keys.keys.ed25519
+const ed25519 = crypto.keys.supportedKeys.ed25519
 const fixtures = require('../fixtures/go-key-ed25519')
 
 describe('ed25519', () => {

test/keys/rsa.spec.js

@@ -8,7 +8,7 @@ chai.use(dirtyChai)
 const Buffer = require('safe-buffer').Buffer
 
 const crypto = require('../../src')
-const rsa = crypto.keys.keys.rsa
+const rsa = crypto.keys.supportedKeys.rsa
 const fixtures = require('../fixtures/go-key-rsa')
 
 describe('RSA', () => {

test/keys/secp256k1.spec.js

@@ -32,7 +32,7 @@ const mockSecp256k1Module = {
 }
 
 describe('without libp2p-crypto-secp256k1 module present', () => {
-  crypto.keys.keys['secp256k1'] = undefined
+  crypto.keys.supportedKeys['secp256k1'] = undefined
 
   it('fails to generate a secp256k1 key', (done) => {
     crypto.keys.generateKeyPair('secp256k1', 256, (err, key) => {
@@ -61,7 +61,7 @@ describe('with libp2p-crypto-secp256k1 module present', () => {
   let key
 
   before((done) => {
-    crypto.keys.keys['secp256k1'] = mockSecp256k1Module
+    crypto.keys.supportedKeys['secp256k1'] = mockSecp256k1Module
     crypto.keys.generateKeyPair('secp256k1', 256, (err, _key) => {
       if (err) return done(err)
       key = _key