The libp2p crypto primitives, for Node.js and the Browser!
Installations
npm install libp2p-crypto
Developer Guide
Typescript
Yes
Module System
CommonJS, UMD
Min. Node Version
>=12.0.0
Node Version
16.13.0
NPM Version
7.24.2
Score
58.8
Supply Chain
99.6
Quality
80.2
Maintenance
100
Vulnerability
97
License
Releases
Contributors
Unable to fetch Contributors
Languages
TypeScript (90.57%)
JavaScript (9.43%)
Developer
Download Statistics
Total Downloads
12,537,707
Last Day
2,355
Last Week
28,995
Last Month
130,216
Last Year
1,460,406
GitHub Statistics
81 Stars
473 Commits
52 Forks
23 Watching
14 Branches
63 Contributors
Package Meta Information
Latest Version
0.21.2
Package Id
libp2p-crypto@0.21.2
Unpacked Size
320.46 kB
Size
92.08 kB
File Count
38
NPM Version
7.24.2
Node Version
16.13.0
Total Downloads
Cumulative downloads
Total Downloads
12,537,707
Last day
-58.2%
2,355
Compared to previous day
Last week
-6.1%
28,995
Compared to previous week
Last month
19.7%
130,216
Compared to previous month
Last year
-36%
1,460,406
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
js-libp2p-crypto
Crypto primitives for libp2p in JavaScript
This repo contains the JavaScript implementation of the crypto primitives needed for libp2p. This is based on this go implementation.
Lead Maintainer
Table of Contents
- js-libp2p-crypto
- Lead Maintainer
- Table of Contents
- Install
- Usage
- API
crypto.aes
crypto.hmac
crypto.keys
crypto.keys.generateKeyPair(type, bits)
crypto.keys.generateEphemeralKeyPair(curve)
crypto.keys.keyStretcher(cipherType, hashType, secret)
crypto.keys.marshalPublicKey(key, [type])
crypto.keys.unmarshalPublicKey(buf)
crypto.keys.marshalPrivateKey(key, [type])
crypto.keys.unmarshalPrivateKey(buf)
crypto.keys.import(encryptedKey, password)
privateKey.export(password, format)
crypto.randomBytes(number)
crypto.pbkdf2(password, salt, iterations, keySize, hash)
- Contribute
- License
Install
1npm install --save libp2p-crypto
Usage
1const crypto = require('libp2p-crypto') 2 3// Now available to you: 4// 5// crypto.aes 6// crypto.hmac 7// crypto.keys 8// etc. 9// 10// See full API details below...
Web Crypto API
The libp2p-crypto
library depends on the Web Crypto API in the browser. Web Crypto is available in all modern browsers, however browsers restrict its usage to Secure Contexts.
This means you will not be able to use some libp2p-crypto
functions in the browser when the page is served over HTTP. To enable the Web Crypto API and allow libp2p-crypto
to work fully, please serve your page over HTTPS.
API
crypto.aes
Exposes an interface to AES encryption (formerly Rijndael), as defined in U.S. Federal Information Processing Standards Publication 197.
This uses CTR
mode.
crypto.aes.create(key, iv)
key: Uint8Array
The key, if length16
thenAES 128
is used. For length32
,AES 256
is used.iv: Uint8Array
Must have length16
.
Returns Promise<{decrypt<Function>, encrypt<Function>}>
decrypt(data)
data: Uint8Array
Returns Promise<Uint8Array>
encrypt(data)
data: Uint8Array
Returns Promise<Uint8Array>
1const crypto = require('libp2p-crypto') 2 3// Setting up Key and IV 4 5// A 16 bytes array, 128 Bits, AES-128 is chosen 6const key128 = Uint8Array.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]) 7 8// A 16 bytes array, 128 Bits, 9const IV = Uint8Array.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]) 10 11async function main () { 12 const decryptedMessage = 'Hello, world!' 13 14 // Encrypting 15 const cipher = await crypto.aes.create(key128, IV) 16 const encryptedBuffer = await cipher.encrypt(Uint8Array.from(decryptedMessage)) 17 console.log(encryptedBuffer) 18 // prints: <Uint8Array 42 f1 67 d9 2e 42 d0 32 9e b1 f8 3c> 19 20 // Decrypting 21 const decipher = await crypto.aes.create(key128, IV) 22 const decryptedBuffer = await cipher.decrypt(encryptedBuffer) 23 24 console.log(decryptedBuffer) 25 // prints: <Uint8Array 42 f1 67 d9 2e 42 d0 32 9e b1 f8 3c> 26 27 console.log(decryptedBuffer.toString('utf-8')) 28 // prints: Hello, world! 29} 30 31main()
crypto.hmac
Exposes an interface to the Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. An HMAC is a cryptographic hash that uses a key to sign a message. The receiver verifies the hash by recomputing it using the same key.
crypto.hmac.create(hash, secret)
hash: String
secret: Uint8Array
Returns Promise<{digest<Function>}>
digest(data)
data: Uint8Array
Returns Promise<Uint8Array>
Example:
1const crypto = require('libp2p-crypto') 2 3async function main () { 4 const hash = 'SHA1' // 'SHA256' || 'SHA512' 5 const hmac = await crypto.hmac.create(hash, uint8ArrayFromString('secret')) 6 const sig = await hmac.digest(uint8ArrayFromString('hello world')) 7 console.log(sig) 8} 9 10main()
crypto.keys
Supported Key Types
The generateKeyPair
, marshalPublicKey
, and marshalPrivateKey
functions accept a string type
argument.
Currently the 'RSA'
, 'ed25519'
, and secp256k1
types are supported, although ed25519 and secp256k1 keys support only signing and verification of messages. For encryption / decryption support, RSA keys should be used.
crypto.keys.generateKeyPair(type, bits)
type: String
, see Supported Key Types above.bits: Number
Minimum of 1024
Returns Promise<{privateKey<Uint8Array>, publicKey<Uint8Array>}>
Generates a keypair of the given type and bitsize.
crypto.keys.generateEphemeralKeyPair(curve)
curve: String
, one of'P-256'
,'P-384'
,'P-521'
is currently supported
Returns Promise
Generates an ephemeral public key and returns a function that will compute the shared secret key.
Focuses only on ECDH now, but can be made more general in the future.
Resolves to an object of the form:
1{ 2 key: Uint8Array, 3 genSharedKey: Function 4}
crypto.keys.keyStretcher(cipherType, hashType, secret)
cipherType: String
, one of'AES-128'
,'AES-256'
,'Blowfish'
hashType: String
, one of'SHA1'
,SHA256
,SHA512
secret: Uint8Array
Returns Promise
Generates a set of keys for each party by stretching the shared key.
Resolves to an object of the form:
1{ 2 k1: { 3 iv: Uint8Array, 4 cipherKey: Uint8Array, 5 macKey: Uint8Array 6 }, 7 k2: { 8 iv: Uint8Array, 9 cipherKey: Uint8Array, 10 macKey: Uint8Array 11 } 12}
crypto.keys.marshalPublicKey(key, [type])
key: keys.rsa.RsaPublicKey | keys.ed25519.Ed25519PublicKey | keys.secp256k1.Secp256k1PublicKey
type: String
, see Supported Key Types above. Defaults to 'rsa'.
Returns Uint8Array
Converts a public key object into a protobuf serialized public key.
crypto.keys.unmarshalPublicKey(buf)
buf: Uint8Array
Returns RsaPublicKey|Ed25519PublicKey|Secp256k1PublicKey
Converts a protobuf serialized public key into its representative object.
crypto.keys.marshalPrivateKey(key, [type])
key: keys.rsa.RsaPrivateKey | keys.ed25519.Ed25519PrivateKey | keys.secp256k1.Secp256k1PrivateKey
type: String
, see Supported Key Types above.
Returns Uint8Array
Converts a private key object into a protobuf serialized private key.
crypto.keys.unmarshalPrivateKey(buf)
buf: Uint8Array
Returns Promise<RsaPrivateKey|Ed25519PrivateKey|Secp256k1PrivateKey>
Converts a protobuf serialized private key into its representative object.
crypto.keys.import(encryptedKey, password)
encryptedKey: string
password: string
Returns Promise<PrivateKey>
Converts an exported private key into its representative object. Supported formats are 'pem' (RSA only) and 'libp2p-key'.
privateKey.export(password, format)
password: string
format: string
the format to export to: 'pem' (rsa only), 'libp2p-key'
Returns string
Exports the password protected PrivateKey
. RSA keys will be exported as password protected PEM by default. Ed25519 and Secp256k1 keys will be exported as password protected AES-GCM base64 encoded strings ('libp2p-key' format).
crypto.randomBytes(number)
number: Number
Returns Uint8Array
Generates a Uint8Array with length number
populated by random bytes.
crypto.pbkdf2(password, salt, iterations, keySize, hash)
password: String
salt: String
iterations: Number
keySize: Number
in byteshash: String
the hashing algorithm ('sha1', 'sha2-512', ...)
Computes the Password Based Key Derivation Function 2; returning a new password.
Contribute
Feel free to join in. All welcome. Open an issue!
This repository falls under the IPFS Code of Conduct.
License
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/js-test-and-release.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p-crypto/js-test-and-release.yml/master?enable=pin
- Info: 0 out of 22 GitHub-owned GitHubAction dependencies pinned
- Info: 9 out of 21 third-party GitHubAction dependencies pinned
Reason
Found 8/27 approved changesets -- score normalized to 2
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/automerge.yml:1
- Warn: no topLevel permission defined: .github/workflows/js-test-and-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/semantic-pull-request.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 13 are checked with a SAST tool
Score
3.8
/10
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More