Replace bcrypto with standalone libraries

package.json

@@ -64,10 +64,12 @@
   },
   "dependencies": {
     "@types/bn.js": "^4.11.6",
-    "bcrypto": "5.0.3",
+    "aead-js": "^0.1.0",
     "bn.js": "^5.0.0",
     "buffer": "^5.4.3",
     "debug": "^4.1.1",
+    "futoin-hkdf": "^1.3.2",
+    "hash.js": "^1.1.7",
     "it-buffer": "^0.1.1",
     "it-length-prefixed": "^3.0.0",
     "it-pair": "^1.0.0",
@@ -75,6 +77,7 @@
     "it-pipe": "^1.1.0",
     "libp2p-crypto": "^0.17.1",
     "peer-id": "^0.13.5",
-    "protobufjs": "6.8.8"
+    "protobufjs": "6.8.8",
+    "tweetnacl": "^1.0.3"
   }
 }

src/handshakes/abstract-handshake.ts

@@ -1,5 +1,7 @@
 import {Buffer} from "buffer";
-import { AEAD, x25519, SHA256 } from 'bcrypto';
+import hash from 'hash.js';
+import {box} from 'tweetnacl';
+import {AEAD} from 'aead-js';
 
 import {bytes, bytes32, uint32} from "../@types/basic";
 import {CipherState, MessageBuffer, SymmetricState} from "../@types/handshake";
@@ -104,10 +106,7 @@ export abstract class AbstractHandshake {
 
   protected dh(privateKey: bytes32, publicKey: bytes32): bytes32 {
     try {
-      const derived = x25519.derive(publicKey, privateKey);
-      const result = Buffer.alloc(32);
-      derived.copy(result);
-      return result;
+      return Buffer.from(box.before(publicKey, privateKey))
     } catch (e) {
       logger(e.message);
       return Buffer.alloc(32);
@@ -119,7 +118,9 @@ export abstract class AbstractHandshake {
   }
 
   protected getHash(a: bytes, b: bytes): bytes32 {
-    return SHA256.digest(Buffer.from([...a, ...b]));
+    return Buffer.from(
+      hash.sha256().update(Buffer.from([...a, ...b])).digest('hex')
+    )
   }
 
   protected mixKey(ss: SymmetricState, ikm: bytes32): void {

src/noise.ts

@@ -1,4 +1,4 @@
-import {x25519} from 'bcrypto';
+import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import Wrap from 'it-pb-rpc';
 import DuplexPair from 'it-pair/duplex';
@@ -49,7 +49,7 @@ export class Noise implements INoiseConnection {
     this.useNoisePipes = false;
 
     if (staticNoiseKey) {
-      const publicKey = x25519.publicKeyCreate(staticNoiseKey);
+      const publicKey = Buffer.from(box.keyPair.fromSecretKey(staticNoiseKey)['publicKey']);
       this.staticKeys = {
         privateKey: staticNoiseKey,
         publicKey,

src/utils.ts

@@ -1,4 +1,5 @@
-import {HKDF, SHA256, x25519} from 'bcrypto';
+import hkdf from 'futoin-hkdf';
+import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import PeerId from "peer-id";
 import * as crypto from 'libp2p-crypto';
@@ -10,8 +11,9 @@ import {pb} from "./proto/payload";
 const NoiseHandshakePayloadProto = pb.NoiseHandshakePayload;
 
 export function generateKeypair(): KeyPair {
-  const privateKey = x25519.privateKeyGenerate();
-  const publicKey = x25519.publicKeyCreate(privateKey);
+  const keyPair = box.keyPair()
+  const publicKey = Buffer.from(keyPair['publicKey'])
+  const privateKey = Buffer.from(keyPair['secretKey'])
 
   return {
     publicKey,
@@ -99,9 +101,7 @@ export async function verifySignedPayload(
 }
 
 export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
-  const info = Buffer.alloc(0);
-  const prk = HKDF.extract(SHA256, ikm, ck);
-  const okm = HKDF.expand(SHA256, prk, info, 96);
+  const okm = hkdf(ikm, 96, {salt: ck, hash: 'SHA-256'})
 
   const k1 = okm.slice(0, 32);
   const k2 = okm.slice(32, 64);
@@ -111,5 +111,9 @@ export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
 }
 
 export function isValidPublicKey(pk: bytes): boolean {
-  return x25519.publicKeyVerify(pk.slice(0, 32));
+  if(pk.length !== 32 || pk.compare(Buffer.alloc(32))){
+    return false;
+  }
+
+  return true;
 }