chore: release version v0.28.10

chore: update contributors
fix: allow certain keychain operations without a password (#726 )
2025-07-29 23:41:56 +00:00 · 2020-08-05 19:07:08 +02:00 · 2020-08-05 19:07:07 +02:00 · 2020-08-05 19:03:11 +02:00 · 2020-08-05 18:26:50 +02:00 · 2020-08-05 18:19:10 +02:00
7 changed files with 180 additions and 50 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,19 @@
+<a name="0.28.10"></a>
+## [0.28.10](https://github.com/libp2p/js-libp2p/compare/v0.28.9...v0.28.10) (2020-08-05)
+
+
+### Bug Fixes
+
+* allow certain keychain operations without a password ([#726](https://github.com/libp2p/js-libp2p/issues/726)) ([8c56ec0](https://github.com/libp2p/js-libp2p/commit/8c56ec0))
+* **identify:** make agentversion dynamic and add it to the peerstore ([#724](https://github.com/libp2p/js-libp2p/issues/724)) ([726a746](https://github.com/libp2p/js-libp2p/commit/726a746))
+
+
+### Features
+
+* **keychain:** add support for ed25519 and secp keys ([#725](https://github.com/libp2p/js-libp2p/issues/725)) ([51d7ca4](https://github.com/libp2p/js-libp2p/commit/51d7ca4))
+
+
+
 <a name="0.28.9"></a>
 ## [0.28.9](https://github.com/libp2p/js-libp2p/compare/v0.28.8...v0.28.9) (2020-07-27)

--- a/README.md
+++ b/README.md
@@ -23,8 +23,8 @@
  <a href="https://david-dm.org/libp2p/js-libp2p"><img src="https://david-dm.org/libp2p/js-libp2p.svg?style=flat-square" /></a>
  <a href="https://github.com/feross/standard"><img src="https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square"></a>
  <a href="https://github.com/RichardLitt/standard-readme"><img src="https://img.shields.io/badge/standard--readme-OK-green.svg?style=flat-square" /></a>
-  <a href=""><img src="https://img.shields.io/badge/npm-%3E%3D3.0.0-orange.svg?style=flat-square" /></a>
-  <a href=""><img src="https://img.shields.io/badge/Node.js-%3E%3D6.0.0-orange.svg?style=flat-square" /></a>
+  <a href=""><img src="https://img.shields.io/badge/npm-%3E%3D6.0.0-orange.svg?style=flat-square" /></a>
+  <a href=""><img src="https://img.shields.io/badge/Node.js-%3E%3D10.0.0-orange.svg?style=flat-square" /></a>
  <br>
 </p>

--- a/doc/API.md
+++ b/doc/API.md
@@ -1454,7 +1454,7 @@ Create a key in the keychain.
 |------|------|-------------|
 | name | `string` | The local key name. It cannot already exist. |
 | type | `string` | One of the key types; 'rsa' |
-| size | `number` | The key size in bits. |
+| [size] | `number` | The key size in bits. Must be provided for rsa keys. |

 #### Returns

--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "libp2p",
-  "version": "0.28.9",
+  "version": "0.28.10",
  "description": "JavaScript implementation of libp2p, a modular peer to peer network stack",
  "leadMaintainer": "Jacob Heun <jacobheun@gmail.com>",
  "main": "src/index.js",
@@ -58,7 +58,7 @@
    "it-length-prefixed": "^3.0.1",
    "it-pipe": "^1.1.0",
    "it-protocol-buffers": "^0.2.0",
-    "libp2p-crypto": "^0.17.8",
+    "libp2p-crypto": "^0.17.9",
    "libp2p-interfaces": "^0.3.1",
    "libp2p-utils": "^0.1.2",
    "mafmt": "^7.0.0",
@@ -126,43 +126,44 @@
    "Vasco Santos <vasco.santos@moxy.studio>",
    "Alan Shaw <alan@tableflip.io>",
    "Cayman <caymannava@gmail.com>",
+    "Alex Potsides <alex@achingbrain.net>",
    "Pedro Teixeira <i@pgte.me>",
    "Friedel Ziegelmayer <dignifiedquire@gmail.com>",
-    "Alex Potsides <alex@achingbrain.net>",
    "Maciej Krüger <mkg20001@gmail.com>",
    "Hugo Dias <mail@hugodias.me>",
-    "Volker Mische <volker.mische@gmail.com>",
    "dirkmc <dirkmdev@gmail.com>",
+    "Volker Mische <volker.mische@gmail.com>",
    "Richard Littauer <richard.littauer@gmail.com>",
-    "Thomas Eizinger <thomas@eizinger.io>",
-    "Ryan Bell <ryan@piing.net>",
-    "Giovanni T. Parra <fiatjaf@gmail.com>",
-    "Andrew Nesbitt <andrewnez@gmail.com>",
    "ᴠɪᴄᴛᴏʀ ʙᴊᴇʟᴋʜᴏʟᴍ <victorbjelkholm@gmail.com>",
+    "Andrew Nesbitt <andrewnez@gmail.com>",
    "Elven <mon.samuel@qq.com>",
-    "Didrik Nordström <didrik.nordstrom@gmail.com>",
-    "Tiago Alves <alvesjtiago@gmail.com>",
-    "Yusef Napora <yusef@napora.org>",
-    "Zane Starr <zcstarr@gmail.com>",
-    "ebinks <elizabethjbinks@gmail.com>",
-    "isan_rivkin <isanrivkin@gmail.com>",
-    "robertkiel <robert.kiel@validitylabs.org>",
-    "RasmusErik Voel Jensen <github@solsort.com>",
-    "Bernd Strehl <bernd.strehl@gmail.com>",
-    "Chris Bratlien <chrisbratlien@gmail.com>",
-    "Daijiro Wachi <daijiro.wachi@gmail.com>",
-    "Diogo Silva <fsdiogo@gmail.com>",
-    "Dmitriy Ryajov <dryajov@gmail.com>",
-    "Fei Liu <liu.feiwood@gmail.com>",
-    "Florian-Merle <florian.david.merle@gmail.com>",
+    "Giovanni T. Parra <fiatjaf@gmail.com>",
+    "Ryan Bell <ryan@piing.net>",
+    "Thomas Eizinger <thomas@eizinger.io>",
+    "Didrik Nordström <didrik@betamos.se>",
    "Francis Gulotta <wizard@roborooter.com>",
-    "Henrique Dias <hacdias@gmail.com>",
-    "Irakli Gozalishvili <rfobic@gmail.com>",
+    "Florian-Merle <florian.david.merle@gmail.com>",
    "Joel Gustafson <joelg@mit.edu>",
    "Julien Bouquillon <contact@revolunet.com>",
    "Kevin Kwok <antimatter15@gmail.com>",
+    "Felipe Martins <felipebrasil93@gmail.com>",
    "Nuno Nogueira <nunofmn@gmail.com>",
+    "Fei Liu <liu.feiwood@gmail.com>",
+    "RasmusErik Voel Jensen <github@solsort.com>",
+    "Dmitriy Ryajov <dryajov@gmail.com>",
    "Soeren <nikorpoulsen@gmail.com>",
-    "Sönke Hahn <soenkehahn@gmail.com>"
+    "Sönke Hahn <soenkehahn@gmail.com>",
+    "Tiago Alves <alvesjtiago@gmail.com>",
+    "Diogo Silva <fsdiogo@gmail.com>",
+    "Yusef Napora <yusef@napora.org>",
+    "Zane Starr <zcstarr@gmail.com>",
+    "Daijiro Wachi <daijiro.wachi@gmail.com>",
+    "Chris Bratlien <chrisbratlien@gmail.com>",
+    "ebinks <elizabethjbinks@gmail.com>",
+    "Bernd Strehl <bernd.strehl@gmail.com>",
+    "isan_rivkin <isanrivkin@gmail.com>",
+    "Henrique Dias <hacdias@gmail.com>",
+    "robertkiel <robert.kiel@validitylabs.org>",
+    "Irakli Gozalishvili <rfobic@gmail.com>"
  ]
 }
--- a/src/index.js
+++ b/src/index.js
@@ -82,7 +82,7 @@ class Libp2p extends EventEmitter {
    }

    // Create keychain
-    if (this._options.keychain && this._options.keychain.pass && this._options.keychain.datastore) {
+    if (this._options.keychain && this._options.keychain.datastore) {
      log('creating keychain')

      const keychainOpts = Keychain.generateOptions()
--- a/src/keychain/index.js
+++ b/src/keychain/index.js
@@ -7,6 +7,9 @@ const crypto = require('libp2p-crypto')
 const DS = require('interface-datastore')
 const CMS = require('./cms')
 const errcode = require('err-code')
+const { Number } = require('ipfs-utils/src/globalthis')
+
+require('node-forge/lib/sha512')

 const keyPrefix = '/pkcs8/'
 const infoPrefix = '/info/'
@@ -107,7 +110,7 @@ class Keychain {
    this.opts = mergeOptions(defaultOptions, options)

    // Enforce NIST SP 800-132
-    if (!this.opts.passPhrase || this.opts.passPhrase.length < 20) {
+    if (this.opts.passPhrase && this.opts.passPhrase.length < 20) {
      throw new Error('passPhrase must be least 20 characters')
    }
    if (this.opts.dek.keyLength < NIST.minKeyLength) {
@@ -120,13 +123,13 @@ class Keychain {
      throw new Error(`dek.iterationCount must be least ${NIST.minIterationCount}`)
    }

-    // Create the derived encrypting key
-    const dek = crypto.pbkdf2(
+    const dek = this.opts.passPhrase ? crypto.pbkdf2(
      this.opts.passPhrase,
      this.opts.dek.salt,
      this.opts.dek.iterationCount,
      this.opts.dek.keyLength,
-      this.opts.dek.hash)
+      this.opts.dek.hash) : ''
+
    Object.defineProperty(this, '_', { value: () => dek })
  }

@@ -171,7 +174,7 @@ class Keychain {
   *
   * @param {string} name - The local key name; cannot already exist.
   * @param {string} type - One of the key types; 'rsa'.
-   * @param {int} size - The key size in bits.
+   * @param {int} [size] - The key size in bits. Used for rsa keys only.
   * @returns {KeyInfo}
   */
  async createKey (name, type, size) {
@@ -185,17 +188,13 @@ class Keychain {
      return throwDelayed(errcode(new Error(`Invalid key type '${type}'`), 'ERR_INVALID_KEY_TYPE'))
    }

-    if (!Number.isSafeInteger(size)) {
-      return throwDelayed(errcode(new Error(`Invalid key size '${size}'`), 'ERR_INVALID_KEY_SIZE'))
-    }
-
    const dsname = DsName(name)
    const exists = await self.store.has(dsname)
    if (exists) return throwDelayed(errcode(new Error(`Key '${name}' already exists`), 'ERR_KEY_ALREADY_EXISTS'))

    switch (type.toLowerCase()) {
      case 'rsa':
-        if (size < 2048) {
+        if (!Number.isSafeInteger(size) || size < 2048) {
          return throwDelayed(errcode(new Error(`Invalid RSA key size ${size}`), 'ERR_INVALID_KEY_SIZE'))
        }
        break
--- a/test/keychain/keychain.spec.js
+++ b/test/keychain/keychain.spec.js
@@ -2,10 +2,8 @@
 /* eslint-env mocha */
 'use strict'

-const chai = require('chai')
-const { expect } = chai
+const { chai, expect } = require('aegir/utils/chai')
 const fail = expect.fail
-chai.use(require('dirty-chai'))
 chai.use(require('chai-string'))

 const peerUtils = require('../utils/creators/peer')
@@ -40,8 +38,8 @@ describe('keychain', () => {
    emptyKeystore = new Keychain(datastore1, { passPhrase: passPhrase })
  })

-  it('needs a pass phrase to encrypt a key', () => {
-    expect(() => new Keychain(datastore2)).to.throw()
+  it('can start without a password', () => {
+    expect(() => new Keychain(datastore2)).to.not.throw()
  })

  it('needs a NIST SP 800-132 non-weak pass phrase', () => {
@@ -56,12 +54,48 @@ describe('keychain', () => {
    expect(Keychain.options).to.exist()
  })

-  it('needs a supported hashing alorithm', () => {
+  it('supports supported hashing alorithms', () => {
    const ok = new Keychain(datastore2, { passPhrase: passPhrase, dek: { hash: 'sha2-256' } })
    expect(ok).to.exist()
+  })
+
+  it('does not support unsupported hashing alorithms', () => {
    expect(() => new Keychain(datastore2, { passPhrase: passPhrase, dek: { hash: 'my-hash' } })).to.throw()
  })

+  it('can list keys without a password', async () => {
+    const keychain = new Keychain(datastore2)
+
+    expect(await keychain.listKeys()).to.have.lengthOf(0)
+  })
+
+  it('can find a key without a password', async () => {
+    const keychain = new Keychain(datastore2)
+    const keychainWithPassword = new Keychain(datastore2, { passPhrase: `hello-${Date.now()}-${Date.now()}` })
+    const id = `key-${Math.random()}`
+
+    await keychainWithPassword.createKey(id, 'rsa', 2048)
+
+    await expect(keychain.findKeyById(id)).to.eventually.be.ok()
+  })
+
+  it('can remove a key without a password', async () => {
+    const keychainWithoutPassword = new Keychain(datastore2)
+    const keychainWithPassword = new Keychain(datastore2, { passPhrase: `hello-${Date.now()}-${Date.now()}` })
+    const name = `key-${Math.random()}`
+
+    expect(await keychainWithPassword.createKey(name, 'rsa', 2048)).to.have.property('name', name)
+    expect(await keychainWithoutPassword.findKeyByName(name)).to.have.property('name', name)
+    await keychainWithoutPassword.removeKey(name)
+    await expect(keychainWithoutPassword.findKeyByName(name)).to.be.rejectedWith(/does not exist/)
+  })
+
+  it('requires a key to create a password', async () => {
+    const keychain = new Keychain(datastore2)
+
+    await expect(keychain.createKey('derp')).to.be.rejected()
+  })
+
  it('can generate options', () => {
    const options = Keychain.generateOptions()
    options.passPhrase = passPhrase
@@ -149,6 +183,70 @@ describe('keychain', () => {
    })
  })

+  describe('ed25519 keys', () => {
+    const keyName = 'my custom key'
+    it('can be an ed25519 key', async () => {
+      const keyInfo = await ks.createKey(keyName, 'ed25519')
+      expect(keyInfo).to.exist()
+      expect(keyInfo).to.have.property('name', keyName)
+      expect(keyInfo).to.have.property('id')
+    })
+
+    it('does not overwrite existing key', async () => {
+      const err = await ks.createKey(keyName, 'ed25519').then(fail, err => err)
+      expect(err).to.have.property('code', 'ERR_KEY_ALREADY_EXISTS')
+    })
+
+    it('can export/import a key', async () => {
+      const keyName = 'a new key'
+      const password = 'my sneaky password'
+      const keyInfo = await ks.createKey(keyName, 'ed25519')
+      const exportedKey = await ks.exportKey(keyName, password)
+      // remove it so we can import it
+      await ks.removeKey(keyName)
+      const importedKey = await ks.importKey(keyName, exportedKey, password)
+      expect(importedKey.id).to.eql(keyInfo.id)
+    })
+
+    it('cannot create the "self" key', async () => {
+      const err = await ks.createKey('self', 'ed25519').then(fail, err => err)
+      expect(err).to.exist()
+      expect(err).to.have.property('code', 'ERR_INVALID_KEY_NAME')
+    })
+  })
+
+  describe('secp256k1 keys', () => {
+    const keyName = 'my secp256k1 key'
+    it('can be an secp256k1 key', async () => {
+      const keyInfo = await ks.createKey(keyName, 'secp256k1')
+      expect(keyInfo).to.exist()
+      expect(keyInfo).to.have.property('name', keyName)
+      expect(keyInfo).to.have.property('id')
+    })
+
+    it('does not overwrite existing key', async () => {
+      const err = await ks.createKey(keyName, 'secp256k1').then(fail, err => err)
+      expect(err).to.have.property('code', 'ERR_KEY_ALREADY_EXISTS')
+    })
+
+    it('can export/import a key', async () => {
+      const keyName = 'a new secp256k1 key'
+      const password = 'my sneaky password'
+      const keyInfo = await ks.createKey(keyName, 'secp256k1')
+      const exportedKey = await ks.exportKey(keyName, password)
+      // remove it so we can import it
+      await ks.removeKey(keyName)
+      const importedKey = await ks.importKey(keyName, exportedKey, password)
+      expect(importedKey.id).to.eql(keyInfo.id)
+    })
+
+    it('cannot create the "self" key', async () => {
+      const err = await ks.createKey('self', 'secp256k1').then(fail, err => err)
+      expect(err).to.exist()
+      expect(err).to.have.property('code', 'ERR_INVALID_KEY_NAME')
+    })
+  })
+
  describe('query', () => {
    it('finds all existing keys', async () => {
      const keys = await ks.listKeys()
@@ -411,7 +509,7 @@ describe('libp2p.keychain', () => {
    throw new Error('should throw an error using the keychain if no passphrase provided')
  })

-  it('can be used if a passphrase is provided', async () => {
+  it('can be used when a passphrase is provided', async () => {
    const [libp2p] = await peerUtils.createPeer({
      started: false,
      config: {
@@ -428,6 +526,22 @@ describe('libp2p.keychain', () => {
    expect(kInfo).to.exist()
  })

+  it('does not require a keychain passphrase', async () => {
+    const [libp2p] = await peerUtils.createPeer({
+      started: false,
+      config: {
+        keychain: {
+          datastore: new MemoryDatastore()
+        }
+      }
+    })
+
+    await libp2p.loadKeychain()
+
+    const kInfo = await libp2p.keychain.createKey('keyName', 'ed25519')
+    expect(kInfo).to.exist()
+  })
+
  it('can reload keys', async () => {
    const datastore = new MemoryDatastore()
    const [libp2p] = await peerUtils.createPeer({
Author	SHA1	Message	Date
Jacob Heun	0e18735b8c	chore: release version v0.28.10	2020-08-05 19:07:08 +02:00
Jacob Heun	f68ff35625	chore: update contributors	2020-08-05 19:07:07 +02:00
Alex Potsides	8c56ec0d23	fix: allow certain keychain operations without a password (#726 ) * fix: allow certain keychain operations without a password Listing, removing, renaming etc keys do not require a password so the user should not be required to provide one. This means we don't have to prompt the user to create a password when they aren't going to do any operations that require a password. * fix: make keychain pass optional * fix: support libp2p creation without keychain pass Co-authored-by: Jacob Heun <jacobheun@gmail.com>	2020-08-05 19:03:11 +02:00
Vasco Santos	fa5ee873e3	chore: update node and npm badges (#727 )	2020-08-05 18:26:50 +02:00
Jacob Heun	51d7ca44c1	feat(keychain): add support for ed25519 and secp keys (#725 ) * feat(keychain): add support for ed25519 and secp keys * chore: bump crypto * refactor: cleanup keychain usage	2020-08-05 18:19:10 +02:00