js-libp2p/src/pnet/crypto.js

'use strict'

const pull = require('pull-stream')
const debug = require('debug')
const Errors = require('./errors')
const xsalsa20 = require('xsalsa20')
const KEY_LENGTH = require('./key-generator').KEY_LENGTH

const log = debug('libp2p:pnet')
log.trace = debug('libp2p:pnet:trace')
log.err = debug('libp2p:pnet:err')

/**
 * Creates a pull stream to encrypt messages in a private network
 *
 * @param {Buffer} nonce The nonce to use in encryption
 * @param {Buffer} psk The private shared key to use in encryption
 * @returns {PullStream} a through stream
 */
module.exports.createBoxStream = (nonce, psk) => {
  const xor = xsalsa20(nonce, psk)
  return pull(
    ensureBuffer(),
    pull.map((chunk) => {
      return xor.update(chunk, chunk)
    })
  )
}

/**
 * Creates a pull stream to decrypt messages in a private network
 *
 * @param {Object} remote Holds the nonce of the peer
 * @param {Buffer} psk The private shared key to use in decryption
 * @returns {PullStream} a through stream
 */
module.exports.createUnboxStream = (remote, psk) => {
  let xor
  return pull(
    ensureBuffer(),
    pull.map((chunk) => {
      if (!xor) {
        xor = xsalsa20(remote.nonce, psk)
        log.trace('Decryption enabled')
      }

      return xor.update(chunk, chunk)
    })
  )
}

/**
 * Decode the version 1 psk from the given Buffer
 *
 * @param {Buffer} pskBuffer
 * @throws {INVALID_PSK}
 * @returns {Object} The PSK metadata (tag, codecName, psk)
 */
module.exports.decodeV1PSK = (pskBuffer) => {
  try {
    // This should pull from multibase/multicodec to allow for
    // more encoding flexibility. Ideally we'd consume the codecs
    // from the buffer line by line to evaluate the next line
    // programatically instead of making assumptions about the
    // encodings of each line.
    const metadata = pskBuffer.toString().split(/(?:\r\n|\r|\n)/g)
    const pskTag = metadata.shift()
    const codec = metadata.shift()
    const psk = Buffer.from(metadata.shift(), 'hex')

    if (psk.byteLength !== KEY_LENGTH) {
      throw new Error(Errors.INVALID_PSK)
    }

    return {
      tag: pskTag,
      codecName: codec,
      psk: psk
    }
  } catch (err) {
    throw new Error(Errors.INVALID_PSK)
  }
}

/**
 * Returns a through pull-stream that ensures the passed chunks
 * are buffers instead of strings
 * @returns {PullStream} a through stream
 */
function ensureBuffer () {
  return pull.map((chunk) => {
    if (typeof chunk === 'string') {
      return Buffer.from(chunk, 'utf-8')
    }

    return chunk
  })
}
refactor: add core modules to libp2p (#400) * refactor: add js-libp2p-connection-manager to repo Co-authored-by: David Dias <daviddias.p@gmail.com> Co-authored-by: Jacob Heun <jacobheun@gmail.com> Co-authored-by: Pedro Teixeira <i@pgte.me> Co-authored-by: Vasco Santos <vasco.santos@ua.pt> * test(conn-mgr): only run in node * refactor: add js-libp2p-identify to repo Co-authored-by: David Dias <daviddias.p@gmail.com> Co-authored-by: Friedel Ziegelmayer <dignifiedquire@gmail.com> Co-authored-by: Hugo Dias <hugomrdias@gmail.com> Co-authored-by: Jacob Heun <jacobheun@gmail.com> Co-authored-by: Maciej Krüger <mkg20001@gmail.com> Co-authored-by: Richard Littauer <richard.littauer@gmail.com> Co-authored-by: Vasco Santos <vasco.santos@moxy.studio> Co-authored-by: Yusef Napora <yusef@protocol.ai> Co-authored-by: ᴠɪᴄᴛᴏʀ ʙᴊᴇʟᴋʜᴏʟᴍ <victorbjelkholm@gmail.com> * refactor: add libp2p-pnet to repo Co-authored-by: Jacob Heun <jacobheun@gmail.com> Co-authored-by: Vasco Santos <vasco.santos@moxy.studio> * refactor: add libp2p-ping to repo Co-authored-by: David Dias <daviddias.p@gmail.com> Co-authored-by: Francisco Baio Dias <xicombd@gmail.com> Co-authored-by: Friedel Ziegelmayer <dignifiedquire@gmail.com> Co-authored-by: Hugo Dias <mail@hugodias.me> Co-authored-by: Jacob Heun <jacobheun@gmail.com> Co-authored-by: João Antunes <j.goncalo.antunes@gmail.com> Co-authored-by: Richard Littauer <richard.littauer@gmail.com> Co-authored-by: Vasco Santos <vasco.santos@moxy.studio> Co-authored-by: Vasco Santos <vasco.santos@ua.pt> Co-authored-by: ᴠɪᴄᴛᴏʀ ʙᴊᴇʟᴋʜᴏʟᴍ <victorbjelkholm@gmail.com> * refactor: add libp2p-circuit to repo Co-authored-by: David Dias <daviddias.p@gmail.com> Co-authored-by: Dmitriy Ryajov <dryajov@gmail.com> Co-authored-by: Friedel Ziegelmayer <dignifiedquire@gmail.com> Co-authored-by: Hugo Dias <mail@hugodias.me> Co-authored-by: Jacob Heun <jacobheun@gmail.com> Co-authored-by: Maciej Krüger <mkg20001@gmail.com> Co-authored-by: Oli Evans <oli@tableflip.io> Co-authored-by: Pedro Teixeira <i@pgte.me> Co-authored-by: Vasco Santos <vasco.santos@ua.pt> Co-authored-by: Victor Bjelkholm <victorbjelkholm@gmail.com> Co-authored-by: Yusef Napora <yusef@napora.org> Co-authored-by: dirkmc <dirk@mccormick.cx> * test(switch): avoid using instanceof * chore(switch): update bignumber dep * refactor(circuit): clean up tests * refactor(switch): consolidate get peer utils * test(identify): do deep checks of addresses * test(identify): bump timeout for identify test * test(switch): tidy up limit dialer test * refactor(switch): remove redundant circuit tests * chore: add coverage script * refactor(circuit): consolidate get peer info * docs: reference original repositories in each sub readme * docs: fix comment * refactor: clean up sub package.json files and readmes 2019-08-16 17:30:03 +02:00			`'use strict'`

			`const pull = require('pull-stream')`
			`const debug = require('debug')`
			`const Errors = require('./errors')`
			`const xsalsa20 = require('xsalsa20')`
			`const KEY_LENGTH = require('./key-generator').KEY_LENGTH`

			`const log = debug('libp2p:pnet')`
			`log.trace = debug('libp2p:pnet:trace')`
			`log.err = debug('libp2p:pnet:err')`

			`/**`
			`* Creates a pull stream to encrypt messages in a private network`
			`*`
			`* @param {Buffer} nonce The nonce to use in encryption`
			`* @param {Buffer} psk The private shared key to use in encryption`
			`* @returns {PullStream} a through stream`
			`*/`
			`module.exports.createBoxStream = (nonce, psk) => {`
			`const xor = xsalsa20(nonce, psk)`
			`return pull(`
			`ensureBuffer(),`
			`pull.map((chunk) => {`
			`return xor.update(chunk, chunk)`
			`})`
			`)`
			`}`

			`/**`
			`* Creates a pull stream to decrypt messages in a private network`
			`*`
			`* @param {Object} remote Holds the nonce of the peer`
			`* @param {Buffer} psk The private shared key to use in decryption`
			`* @returns {PullStream} a through stream`
			`*/`
			`module.exports.createUnboxStream = (remote, psk) => {`
			`let xor`
			`return pull(`
			`ensureBuffer(),`
			`pull.map((chunk) => {`
			`if (!xor) {`
			`xor = xsalsa20(remote.nonce, psk)`
			`log.trace('Decryption enabled')`
			`}`

			`return xor.update(chunk, chunk)`
			`})`
			`)`
			`}`

			`/**`
			`* Decode the version 1 psk from the given Buffer`
			`*`
			`* @param {Buffer} pskBuffer`
			`* @throws {INVALID_PSK}`
			`* @returns {Object} The PSK metadata (tag, codecName, psk)`
			`*/`
			`module.exports.decodeV1PSK = (pskBuffer) => {`
			`try {`
			`// This should pull from multibase/multicodec to allow for`
			`// more encoding flexibility. Ideally we'd consume the codecs`
			`// from the buffer line by line to evaluate the next line`
			`// programatically instead of making assumptions about the`
			`// encodings of each line.`
			`const metadata = pskBuffer.toString().split(/(?:\r\n\|\r\|\n)/g)`
			`const pskTag = metadata.shift()`
			`const codec = metadata.shift()`
			`const psk = Buffer.from(metadata.shift(), 'hex')`

			`if (psk.byteLength !== KEY_LENGTH) {`
			`throw new Error(Errors.INVALID_PSK)`
			`}`

			`return {`
			`tag: pskTag,`
			`codecName: codec,`
			`psk: psk`
			`}`
			`} catch (err) {`
			`throw new Error(Errors.INVALID_PSK)`
			`}`
			`}`

			`/**`
			`* Returns a through pull-stream that ensures the passed chunks`
			`* are buffers instead of strings`
			`* @returns {PullStream} a through stream`
			`*/`
			`function ensureBuffer () {`
			`return pull.map((chunk) => {`
			`if (typeof chunk === 'string') {`
			`return Buffer.from(chunk, 'utf-8')`
			`}`

			`return chunk`
			`})`
			`}`