Browse Source

use secure buffers

ameba23 3 years ago
parent
commit
5fdeab2cfb
No known key found for this signature in database
1 changed files with 6 additions and 7 deletions
  1. 6
    7
      index.js

+ 6
- 7
index.js View File

@@ -1,7 +1,6 @@
1 1
 const sodium = require('sodium-native')
2 2
 const crypto = require('hypercore-crypto')
3 3
 const assert = require('assert')
4
-const bufferAlloc = require('buffer-alloc-unsafe')
5 4
 
6 5
 module.exports = () => new Crypto()
7 6
 
@@ -13,9 +12,9 @@ class Crypto {
13 12
   }
14 13
 
15 14
   keyPair (masterKey, id, ctxt = 'cobox') {
16
-    const context = bufferAlloc(sodium.crypto_hash_sha256_BYTES)
15
+    const context = sodium.sodium_malloc(sodium.crypto_hash_sha256_BYTES)
17 16
     sodium.crypto_hash_sha256(context, Buffer.from(ctxt))
18
-    const seed = bufferAlloc(sodium.crypto_kdf_KEYBYTES)
17
+    const seed = sodium.sodium_malloc(sodium.crypto_kdf_KEYBYTES)
19 18
     sodium.crypto_kdf_derive_from_key(seed, id, context, masterKey)
20 19
     return crypto.keyPair(seed)
21 20
   }
@@ -24,7 +23,7 @@ class Crypto {
24 23
     var publicKey = this.randomBytes(sodium.crypto_secretbox_KEYBYTES)
25 24
     var symmetricKey = this.symmetricKey()
26 25
     var accessKey = this.pack(publicKey, symmetricKey)
27
-    const encryptionKey = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
26
+    const encryptionKey = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES)
28 27
     sodium.crypto_hash_sha256(encryptionKey, accessKey)
29 28
     return { publicKey, symmetricKey, encryptionKey }
30 29
   }
@@ -34,7 +33,7 @@ class Crypto {
34 33
   }
35 34
 
36 35
   symmetricKey () {
37
-    var key = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
36
+    var key = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES)
38 37
     sodium.randombytes_buf(key)
39 38
     return key
40 39
   }
@@ -46,7 +45,7 @@ class Crypto {
46 45
   pack (pubKey, symKey) {
47 46
     pubKey = this.toBuf(pubKey, sodium.crypto_sign_PUBLICKEYBYTES)
48 47
     symKey = this.toBuf(symKey, sodium.crypto_secretbox_KEYBYTES)
49
-    const accessKey = bufferAlloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
48
+    const accessKey = sodium.sodium_malloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
50 49
     pubKey.copy(accessKey)
51 50
     symKey.copy(accessKey, sodium.crypto_secretbox_KEYBYTES)
52 51
     return accessKey
@@ -57,7 +56,7 @@ class Crypto {
57 56
     if (key.length === sodium.crypto_sign_PUBLICKEYBYTES) return { publicKey: key }
58 57
     const publicKey = key.slice(0, sodium.crypto_sign_PUBLICKEYBYTES)
59 58
     const symmetricKey = key.slice(sodium.crypto_secretbox_KEYBYTES)
60
-    const encryptionKey = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
59
+    const encryptionKey = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES)
61 60
     sodium.crypto_hash_sha256(encryptionKey, key)
62 61
     return { publicKey, symmetricKey, encryptionKey }
63 62
   }