Replace bcrypto with standalone libraries

2025-06-24 01:31:52 +00:00 · 2020-04-06 17:33:52 +02:00
parent 9bf6c2e85d
commit bdc39e3ba5
4 changed files with 25 additions and 17 deletions
--- a/src/handshakes/abstract-handshake.ts
+++ b/src/handshakes/abstract-handshake.ts
@ -1,5 +1,7 @@
 import {Buffer} from "buffer";
-import { AEAD, x25519, SHA256 } from 'bcrypto';
+import hash from 'hash.js';
+import {box} from 'tweetnacl';
+import {AEAD} from 'aead-js';

 import {bytes, bytes32, uint32} from "../@types/basic";
 import {CipherState, MessageBuffer, SymmetricState} from "../@types/handshake";
@ -104,10 +106,7 @@ export abstract class AbstractHandshake {

  protected dh(privateKey: bytes32, publicKey: bytes32): bytes32 {
    try {
-      const derived = x25519.derive(publicKey, privateKey);
-      const result = Buffer.alloc(32);
-      derived.copy(result);
-      return result;
+      return Buffer.from(box.before(publicKey, privateKey))
    } catch (e) {
      logger(e.message);
      return Buffer.alloc(32);
@ -119,7 +118,9 @@ export abstract class AbstractHandshake {
  }

  protected getHash(a: bytes, b: bytes): bytes32 {
-    return SHA256.digest(Buffer.from([...a, ...b]));
+    return Buffer.from(
+      hash.sha256().update(Buffer.from([...a, ...b])).digest('hex')
+    )
  }

  protected mixKey(ss: SymmetricState, ikm: bytes32): void {
--- a/src/noise.ts
+++ b/src/noise.ts
@ -1,4 +1,4 @@
-import {x25519} from 'bcrypto';
+import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import Wrap from 'it-pb-rpc';
 import DuplexPair from 'it-pair/duplex';
@ -49,7 +49,7 @@ export class Noise implements INoiseConnection {
    this.useNoisePipes = false;

    if (staticNoiseKey) {
-      const publicKey = x25519.publicKeyCreate(staticNoiseKey);
+      const publicKey = Buffer.from(box.keyPair.fromSecretKey(staticNoiseKey)['publicKey']);
      this.staticKeys = {
        privateKey: staticNoiseKey,
        publicKey,
--- a/src/utils.ts
+++ b/src/utils.ts
@ -1,4 +1,5 @@
-import {HKDF, SHA256, x25519} from 'bcrypto';
+import hkdf from 'futoin-hkdf';
+import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import PeerId from "peer-id";
 import * as crypto from 'libp2p-crypto';
@ -10,8 +11,9 @@ import {pb} from "./proto/payload";
 const NoiseHandshakePayloadProto = pb.NoiseHandshakePayload;

 export function generateKeypair(): KeyPair {
-  const privateKey = x25519.privateKeyGenerate();
-  const publicKey = x25519.publicKeyCreate(privateKey);
+  const keyPair = box.keyPair()
+  const publicKey = Buffer.from(keyPair['publicKey'])
+  const privateKey = Buffer.from(keyPair['secretKey'])

  return {
    publicKey,
@ -99,9 +101,7 @@ export async function verifySignedPayload(
 }

 export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
-  const info = Buffer.alloc(0);
-  const prk = HKDF.extract(SHA256, ikm, ck);
-  const okm = HKDF.expand(SHA256, prk, info, 96);
+  const okm = hkdf(ikm, 96, {salt: ck, hash: 'SHA-256'})

  const k1 = okm.slice(0, 32);
  const k2 = okm.slice(32, 64);
@ -111,5 +111,9 @@ export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
 }

 export function isValidPublicKey(pk: bytes): boolean {
-  return x25519.publicKeyVerify(pk.slice(0, 32));
+  if(pk.length !== 32 || pk.compare(Buffer.alloc(32))){
+    return false;
+  }
+
+  return true;
 }