Package Health Score

53 / 100

security
No known security issues
popularity
Recognized
maintenance
Inactive
community
Sustainable

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
0.21.2	\|	01/2022	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.20.0	\|	10/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.19.7	\|	08/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.18.0	\|	08/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.17.9	\|	08/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Recognized

Weekly Downloads (20,805)

GitHub Stars: 81
Forks: 60
Contributors: 40

Direct Usage Popularity

The npm package libp2p-crypto receives a total of 20,805 downloads a week. As such, we scored libp2p-crypto popularity level to be Recognized.

Based on project statistics from the GitHub repository for the npm package libp2p-crypto, we found that it has been starred 81 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Sustainable

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 40
Funding: No

With more than 10 contributors for the libp2p-crypto repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like libp2p-crypto is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Inactive

archived

Commit Frequency

Open Issues: 22
Open PR: 6
Last Release: 2 years ago
Last Commit: 10 months ago

Further analysis of the maintenance status of libp2p-crypto based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for libp2p-crypto is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=12.0.0

Age: 8 years
Dependencies: 8 Direct
Versions: 69
Install Size: 328 kB
Dist-tags: 2
# of Files: 38
Maintainers: 5
TS Typings: Yes

libp2p-crypto has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use libp2p-crypto?

To help you get started, we've collected the most common ways that libp2p-crypto is being used within popular public projects.

richardschneider / ipfs-encryption / test / peerid.js View on Github

it('encoded public key with JWT', (done) => {
    const jwk = {
      kty: 'RSA',
      n: 'tkiqPxzBWXgZpdQBd14o868a30F3Sc43jwWQG3caikdTHOo7kR14o-h12D45QJNNQYRdUty5eC8ItHAB4YIH-Oe7DIOeVFsnhinlL9LnILwqQcJUeXENNtItDIM4z1ji1qta7b0mzXAItmRFZ-vkNhHB6N8FL1kbS3is_g2UmX8NjxAwvgxjyT5e3_IO85eemMpppsx_ZYmSza84P6onaJFL-btaXRq3KS7jzXkzg5NHKigfjlG7io_RkoWBAghI2smyQ5fdu-qGpS_YIQbUnhL9tJLoGrU72MufdMBZSZJL8pfpz8SB9BBGDCivV0VpbvV2J6En26IsHL_DN0pbIw',
      e: 'AQAB',
      alg: 'RS256',
      kid: '2011-04-29'
    }
    // console.log('jwk', jwk)
    const rsa = new rsaClass.RsaPublicKey(jwk)
    // console.log('rsa', rsa)
    rsa.hash((err, keyId) => {
      // console.log('err', err)
      // console.log('keyId', keyId)
      // console.log('id decoded', multihash.decode(keyId))
      const kids = multihash.toB58String(keyId)
      // console.log('id', kids)
      expect(kids).to.equal(peer.toB58String())
      done()
    })
  })

View more ways to use libp2p-crypto

js-libp2p-crypto

> Crypto primitives for libp2p in JavaScript

This repo contains the JavaScript implementation of the crypto primitives needed for libp2p. This is based on this go implementation.

Lead Maintainer

Jacob Heun

js-libp2p-crypto

Install

npm install --save libp2p-crypto

Usage

const crypto = require('libp2p-crypto')

// Now available to you:
//
// crypto.aes
// crypto.hmac
// crypto.keys
// etc.
//
// See full API details below...

Web Crypto API

The libp2p-crypto library depends on the Web Crypto API in the browser. Web Crypto is available in all modern browsers, however browsers restrict its usage to Secure Contexts.

This means you will not be able to use some libp2p-crypto functions in the browser when the page is served over HTTP. To enable the Web Crypto API and allow libp2p-crypto to work fully, please serve your page over HTTPS.

API

`crypto.aes`

Exposes an interface to AES encryption (formerly Rijndael), as defined in U.S. Federal Information Processing Standards Publication 197.

This uses CTR mode.

`crypto.aes.create(key, iv)`

key: Uint8Array The key, if length 16 then AES 128 is used. For length 32, AES 256 is used.
iv: Uint8Array Must have length 16.

Returns Promise<{decrypt, encrypt}>

`decrypt(data)`

data: Uint8Array

Returns Promise

`encrypt(data)`

data: Uint8Array

Returns Promise

const crypto = require('libp2p-crypto')

// Setting up Key and IV

// A 16 bytes array, 128 Bits, AES-128 is chosen
const key128 = Uint8Array.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])

// A 16 bytes array, 128 Bits,
const IV = Uint8Array.from([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15])

async function main () {
  const decryptedMessage = 'Hello, world!'

  // Encrypting
  const cipher = await crypto.aes.create(key128, IV)
  const encryptedBuffer = await cipher.encrypt(Uint8Array.from(decryptedMessage))
  console.log(encryptedBuffer)
  // prints: 

  // Decrypting
  const decipher = await crypto.aes.create(key128, IV)
  const decryptedBuffer = await cipher.decrypt(encryptedBuffer)

  console.log(decryptedBuffer)
  // prints: 

  console.log(decryptedBuffer.toString('utf-8'))
  // prints: Hello, world!
}

main()

`crypto.hmac`

Exposes an interface to the Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. An HMAC is a cryptographic hash that uses a key to sign a message. The receiver verifies the hash by recomputing it using the same key.

`crypto.hmac.create(hash, secret)`

hash: String
secret: Uint8Array

Returns Promise<{digest}>

`digest(data)`

data: Uint8Array

Returns Promise

Example:

const crypto = require('libp2p-crypto')

async function main () {
  const hash = 'SHA1' // 'SHA256' || 'SHA512'
  const hmac = await crypto.hmac.create(hash, uint8ArrayFromString('secret'))
  const sig = await hmac.digest(uint8ArrayFromString('hello world'))
  console.log(sig)
}

main()

`crypto.keys`

Supported Key Types

The generateKeyPair, marshalPublicKey, and marshalPrivateKey functions accept a string type argument.

Currently the 'RSA', 'ed25519', and secp256k1 types are supported, although ed25519 and secp256k1 keys support only signing and verification of messages. For encryption / decryption support, RSA keys should be used.

`crypto.keys.generateKeyPair(type, bits)`

type: String, see Supported Key Types above.
bits: Number Minimum of 1024

Returns Promise<{privateKey, publicKey}>

Generates a keypair of the given type and bitsize.

`crypto.keys.generateEphemeralKeyPair(curve)`

curve: String, one of 'P-256', 'P-384', 'P-521' is currently supported

Returns Promise

Generates an ephemeral public key and returns a function that will compute the shared secret key.

Focuses only on ECDH now, but can be made more general in the future.

Resolves to an object of the form:

{
  key: Uint8Array,
  genSharedKey: Function
}

`crypto.keys.keyStretcher(cipherType, hashType, secret)`

cipherType: String, one of 'AES-128', 'AES-256', 'Blowfish'
hashType: String, one of 'SHA1', SHA256, SHA512
secret: Uint8Array

Returns Promise

Generates a set of keys for each party by stretching the shared key.

Resolves to an object of the form:

{
  k1: {
    iv: Uint8Array,
    cipherKey: Uint8Array,
    macKey: Uint8Array
  },
  k2: {
    iv: Uint8Array,
    cipherKey: Uint8Array,
    macKey: Uint8Array
  }
}

`crypto.keys.marshalPublicKey(key, [type])`

key: keys.rsa.RsaPublicKey | keys.ed25519.Ed25519PublicKey | keys.secp256k1.Secp256k1PublicKey
type: String, see Supported Key Types above. Defaults to 'rsa'.

Returns Uint8Array

Converts a public key object into a protobuf serialized public key.

`crypto.keys.unmarshalPublicKey(buf)`

buf: Uint8Array

Returns RsaPublicKey|Ed25519PublicKey|Secp256k1PublicKey

Converts a protobuf serialized public key into its representative object.

`crypto.keys.marshalPrivateKey(key, [type])`

key: keys.rsa.RsaPrivateKey | keys.ed25519.Ed25519PrivateKey | keys.secp256k1.Secp256k1PrivateKey
type: String, see Supported Key Types above.

Returns Uint8Array

Converts a private key object into a protobuf serialized private key.

`crypto.keys.unmarshalPrivateKey(buf)`

buf: Uint8Array

Returns Promise

Converts a protobuf serialized private key into its representative object.

`crypto.keys.import(encryptedKey, password)`

encryptedKey: string
password: string

Returns Promise

Converts an exported private key into its representative object. Supported formats are 'pem' (RSA only) and 'libp2p-key'.

`privateKey.export(password, format)`

password: string
format: string the format to export to: 'pem' (rsa only), 'libp2p-key'

Returns string

Exports the password protected PrivateKey. RSA keys will be exported as password protected PEM by default. Ed25519 and Secp256k1 keys will be exported as password protected AES-GCM base64 encoded strings ('libp2p-key' format).

`crypto.randomBytes(number)`

number: Number

Returns Uint8Array

Generates a Uint8Array with length number populated by random bytes.

`crypto.pbkdf2(password, salt, iterations, keySize, hash)`

password: String
salt: String
iterations: Number
keySize: Number in bytes
hash: String the hashing algorithm ('sha1', 'sha2-512', ...)

Computes the Password Based Key Derivation Function 2; returning a new password.

Contribute

Feel free to join in. All welcome. Open an issue!

This repository falls under the IPFS Code of Conduct.

License

MIT

libp2p-crypto dependencies

@noble/ed25519 @noble/secp256k1 err-code iso-random-stream multiformats node-forge protobufjs uint8arrays

libp2p-crypto development dependencies

@types/mocha aegir benchmark sinon util

FAQs

What is libp2p-crypto?

Crypto primitives for libp2p. Visit Snyk Advisor to see a full health score report for libp2p-crypto, including popularity, security, maintenance & community analysis.

Is libp2p-crypto popular?

The npm package libp2p-crypto receives a total of 20,805 weekly downloads. As such, libp2p-crypto popularity was classified as a recognized. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is libp2p-crypto well maintained?

We found indications that libp2p-crypto is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is libp2p-crypto safe to use?

The npm package libp2p-crypto was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 19 April-2024, at 02:39 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (20,805)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use libp2p-crypto?

js-libp2p-crypto

Lead Maintainer

Table of Contents

Install

Usage

Web Crypto API

API

crypto.aes

crypto.aes.create(key, iv)

decrypt(data)

encrypt(data)

crypto.hmac

crypto.hmac.create(hash, secret)

digest(data)

crypto.keys

crypto.keys.generateKeyPair(type, bits)

crypto.keys.generateEphemeralKeyPair(curve)

crypto.keys.keyStretcher(cipherType, hashType, secret)

crypto.keys.marshalPublicKey(key, [type])

crypto.keys.unmarshalPublicKey(buf)

crypto.keys.marshalPrivateKey(key, [type])

crypto.keys.unmarshalPrivateKey(buf)

crypto.keys.import(encryptedKey, password)

privateKey.export(password, format)

crypto.randomBytes(number)

crypto.pbkdf2(password, salt, iterations, keySize, hash)

Contribute

License

libp2p-crypto dependencies

libp2p-crypto development dependencies

FAQs

What is libp2p-crypto?

Is libp2p-crypto popular?

Is libp2p-crypto well maintained?

Is libp2p-crypto safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues

`crypto.aes`

`crypto.aes.create(key, iv)`

`decrypt(data)`

`encrypt(data)`

`crypto.hmac`

`crypto.hmac.create(hash, secret)`

`digest(data)`

`crypto.keys`

`crypto.keys.generateKeyPair(type, bits)`

`crypto.keys.generateEphemeralKeyPair(curve)`

`crypto.keys.keyStretcher(cipherType, hashType, secret)`

`crypto.keys.marshalPublicKey(key, [type])`

`crypto.keys.unmarshalPublicKey(buf)`

`crypto.keys.marshalPrivateKey(key, [type])`

`crypto.keys.unmarshalPrivateKey(buf)`

`crypto.keys.import(encryptedKey, password)`

`privateKey.export(password, format)`

`crypto.randomBytes(number)`

`crypto.pbkdf2(password, salt, iterations, keySize, hash)`