Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
private completePairing(pin: string): Promise {
this.srp = srp.Client(
srp.params['3072'],
this.deviceSalt,
Buffer.from('Pair-Setup'),
Buffer.from(pin),
this.key
);
this.srp.setB(this.devicePublicKey);
this.publicKey = this.srp.computeA();
this.proof = this.srp.computeM1();
// console.log("DEBUG: Client Public Key=" + this.publicKey.toString('hex') + "\nProof=" + this.proof.toString('hex'));
let that = this;
let tlvData = tlv.encode(
tlv.Tag.Sequence, 0x03,
tlv.Tag.PublicKey, that.publicKey,
getM3Request() {
const identity = Buffer.from('Pair-Setup');
const password = Buffer.from(this._pin); // Accessory pin
this._srp = new srp.Client(this._params, this._salt, identity, password, this._key);
this._srp.setB(this._accessoryPublicKey);
this._rangerPublicKey = this._srp.computeA();
this._rangerProof = this._srp.computeM1();
const tlv = {};
tlv[TLVType.State] = Buffer.from([this._state]);
tlv[TLVType.PublicKey] = this._rangerPublicKey;
tlv[TLVType.Proof] = this._rangerProof;
const payload = {};
payload[TlvKeys.Value] = TLV8Encoder.encode(tlv);
payload[TlvKeys.ReturnResponse] = new Buffer([1]);
return {
address: this._address,
public async finishPairing (pin: string) {
// Stage 1 response
const { pk: serverPk
, salt: serverSalt } = await this.pairSetupPin1();
// SRP params must 2048-bit SHA1
const srpParams = srp6a.params[2048];
srpParams.hash = "sha1";
// Create SRP client
const srpClient = new srp6a.Client(
srpParams // Params
, serverSalt // Receiver salt
, Buffer.from(this.credentials.clientId) // Username
, Buffer.from(pin) // Password (receiver pin)
, Buffer.from(this.credentials.clientSk)); // Client secret key
// Add receiver's public key
srpClient.setB(serverPk);
// Stage 2 response
await this.pairSetupPin2(
srpClient.computeA() // SRP public key
, srpClient.computeM1()); // SRP proof
// Stage 3 response
await this.pairSetupPin3(srpClient.computeK());