Browse Source

Merge branch 'buffer-alloc-unsafe' of CoBox/cobox-crypto into master

kyphae 3 years ago
parent
commit
f210b2b423
2 changed files with 18 additions and 13 deletions
  1. 16
    12
      index.js
  2. 2
    1
      package.json

+ 16
- 12
index.js View File

@@ -2,6 +2,10 @@ const sodium = require('sodium-native')
2 2
 const crypto = require('hypercore-crypto')
3 3
 const assert = require('assert')
4 4
 
5
+// TODO: discussion around whether to use sodium.sodium_malloc() or bufferAlloc()
6
+// Research needs to be done about secure buffers
7
+const bufferAlloc = require('buffer-alloc-unsafe')
8
+
5 9
 module.exports = () => new Crypto()
6 10
 
7 11
 class Crypto {
@@ -10,20 +14,20 @@ class Crypto {
10 14
   }
11 15
 
12 16
   keySet () {
13
-    var accKey = this.accessKey()
14
-    var keys = this.unpack(accKey)
15
-    var encKey = sodium.sodium_malloc(sodium.crypto_secret_box_KEYBYTES)
16
-    sodium.crypto_hash_sha256(encKey, accKey)
17
-    keys.encKey = encKey
18
-    return keys
17
+    var publicKey = this.keyPair().publicKey
18
+    var symmetricKey = this.symmetricKey()
19
+    var accessKey = this.pack(publicKey, symmetricKey)
20
+    const encryptionKey = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
21
+    sodium.crypto_hash_sha256(encryptionKey, accessKey)
22
+    return { publicKey, symmetricKey, encryptionKey }
19 23
   }
20 24
 
21
-  randomBytes(length) {
25
+  randomBytes (length) {
22 26
     return crypto.randomBytes(length)
23 27
   }
24 28
 
25 29
   symmetricKey () {
26
-    var key = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES)
30
+    var key = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
27 31
     sodium.randombytes_buf(key)
28 32
     return key
29 33
   }
@@ -35,7 +39,7 @@ class Crypto {
35 39
   pack (pubKey, symKey) {
36 40
     pubKey = this.toBuf(pubKey, sodium.crypto_sign_PUBLICKEYBYTES)
37 41
     symKey = this.toBuf(symKey, sodium.crypto_secretbox_KEYBYTES)
38
-    const accessKey = sodium.sodium_malloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
42
+    const accessKey = bufferAlloc(sodium.crypto_sign_PUBLICKEYBYTES + sodium.crypto_secretbox_KEYBYTES)
39 43
     pubKey.copy(accessKey)
40 44
     symKey.copy(accessKey, sodium.crypto_secretbox_KEYBYTES)
41 45
     return accessKey
@@ -46,7 +50,7 @@ class Crypto {
46 50
     if (key.length === sodium.crypto_sign_PUBLICKEYBYTES) return { publicKey: key }
47 51
     const publicKey = key.slice(0, sodium.crypto_sign_PUBLICKEYBYTES)
48 52
     const symmetricKey = key.slice(sodium.crypto_secretbox_KEYBYTES)
49
-    const encryptionKey = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES)
53
+    const encryptionKey = bufferAlloc(sodium.crypto_secretbox_KEYBYTES)
50 54
     sodium.crypto_hash_sha256(encryptionKey, key)
51 55
     return { publicKey, symmetricKey, encryptionKey }
52 56
   }
@@ -61,9 +65,9 @@ class Crypto {
61 65
   toBuf (stringOrBuffer, lengths) {
62 66
     if (typeof lengths === 'number') lengths = [lengths]
63 67
     if ((Buffer.isBuffer(stringOrBuffer)) && (lengths.indexOf(stringOrBuffer.length) > -1)) return stringOrBuffer
64
-    assert((typeof stringOrBuffer === 'string'), 'Key is incorrect type')
68
+    assert(typeof stringOrBuffer === 'string', 'Key is incorrect type')
65 69
     const res = Buffer.from(stringOrBuffer, 'hex')
66
-    assert((lengths.indexOf(res.length) > -1), 'Invalid key')
70
+    assert(lengths.indexOf(res.length) > -1, 'Invalid key')
67 71
     return res
68 72
   }
69 73
 

+ 2
- 1
package.json View File

@@ -12,11 +12,12 @@
12 12
   },
13 13
   "dependencies": {
14 14
     "assert": "^2.0.0",
15
-    "debug": "^4.1.1",
15
+    "buffer-alloc-unsafe": "^1.1.0",
16 16
     "hypercore-crypto": "^1.0.0",
17 17
     "sodium-native": "^2.4.2"
18 18
   },
19 19
   "devDependencies": {
20
+    "debug": "^4.1.1",
20 21
     "hypercore": "^7.5.0",
21 22
     "mkdirp": "^0.5.1",
22 23
     "nyc": "^14.1.1",