This repository has been archived by the owner on Jul 21, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 52
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Changes `webcrypto.js` to check for native web crypto availability and falls back to using `window.__crypto` if not available. If the user wants to bring their own Web Crypto API compatible implementation then they simply need to assign it to `window.__crypto` before they start using IPFS. Checks are done in the functions that require web crypto to give the user the flexibility to assign to `window.__crypto` before OR after they import `libp2p-crypto`. It also means that users have the ability to use other exported functions that do not require web crypto without having to worry about sorting their own implementation. We use `window.__crypto` because `window.crypto` is a readonly property in secure context and always readonly in workers. If `window.crypto` and `window.__cypto` are unavailable then an appropriate error message is reported to the user with a `ERR_MISSING_WEB_CRYPTO` code. I've also added documentation to the README. This is a backwards compatible change. closes #149 resolves #105 resolves ipfs/js-ipfs#2017 resolves ipfs/js-ipfs#2153 License: MIT Signed-off-by: Alan Shaw <alan.shaw@protocol.ai>
- Loading branch information
Alan Shaw
committed
Jul 9, 2019
1 parent
5cd0e8c
commit 357593f
Showing
7 changed files
with
180 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
exports.ERR_MISSING_WEB_CRYPTO = () => Object.assign( | ||
new Error( | ||
'Missing Web Crypto API. ' + | ||
'The most likely cause of this error is that this page is being accessed ' + | ||
'from an insecure context (i.e. not HTTPS). For more information and ' + | ||
'possible resolutions see ' + | ||
'https://github.com/libp2p/js-libp2p-crypto/blob/master/README.md#web-crypto-api' | ||
), | ||
{ code: 'ERR_MISSING_WEB_CRYPTO' } | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,11 @@ | ||
/* global self */ | ||
/* eslint-env browser */ | ||
|
||
'use strict' | ||
|
||
module.exports = self.crypto || self.msCrypto | ||
// Check native crypto exists and is enabled (In insecure context `self.crypto` | ||
// exists but `self.crypto.subtle` does not). Fallback to custom Web Crypto API | ||
// compatible implementation at `self.__crypto` if no native. | ||
exports.get = (win = self) => { | ||
const nativeCrypto = win.crypto || win.msCrypto | ||
return nativeCrypto && nativeCrypto.subtle ? nativeCrypto : win.__crypto | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
/* eslint-env mocha */ | ||
'use strict' | ||
|
||
const chai = require('chai') | ||
const dirtyChai = require('dirty-chai') | ||
const expect = chai.expect | ||
chai.use(dirtyChai) | ||
const crypto = require('../') | ||
const webcrypto = require('../src/webcrypto') | ||
|
||
describe('Missing web crypto', () => { | ||
let webcryptoGet | ||
let rsaPrivateKey | ||
|
||
before(done => { | ||
crypto.keys.generateKeyPair('RSA', 512, (err, key) => { | ||
if (err) return done(err) | ||
rsaPrivateKey = key | ||
done() | ||
}) | ||
}) | ||
|
||
before(() => { | ||
webcryptoGet = webcrypto.get | ||
webcrypto.get = () => null | ||
}) | ||
|
||
after(() => { | ||
webcrypto.get = webcryptoGet | ||
}) | ||
|
||
it('should error for hmac create when web crypto is missing', done => { | ||
crypto.hmac.create('SHA256', Buffer.from('secret'), err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
|
||
it('should error for generate ephemeral key pair when web crypto is missing', done => { | ||
crypto.keys.generateEphemeralKeyPair('P-256', err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
|
||
it('should error for generate rsa key pair when web crypto is missing', done => { | ||
crypto.keys.generateKeyPair('rsa', 256, err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
|
||
it('should error for unmarshal RSA private key when web crypto is missing', done => { | ||
crypto.keys.unmarshalPrivateKey(crypto.keys.marshalPrivateKey(rsaPrivateKey), err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
|
||
it('should error for sign RSA private key when web crypto is missing', done => { | ||
rsaPrivateKey.sign(Buffer.from('test'), err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
|
||
it('should error for verify RSA public key when web crypto is missing', done => { | ||
rsaPrivateKey.public.verify(Buffer.from('test'), Buffer.from('test'), err => { | ||
expect(err).to.exist() | ||
expect(err.code).to.equal('ERR_MISSING_WEB_CRYPTO') | ||
done() | ||
}) | ||
}) | ||
}) | ||
|
||
describe('BYO web crypto', () => { | ||
it('should fallback to self.__crypto if self.crypto is missing', () => { | ||
const customCrypto = {} | ||
expect(webcrypto.get({ __crypto: customCrypto })).to.equal(customCrypto) | ||
}) | ||
}) |