Replace bcrypto with standalone libraries

2025-04-25 11:52:23 +00:00 · 2020-04-06 17:33:52 +02:00 · 2020-04-06 17:33:52 +02:00 · bdc39e3ba5
commit bdc39e3ba5
parent 9bf6c2e85d
4 changed files with 25 additions and 17 deletions
--- a/package.json
+++ b/package.json
@ -64,10 +64,12 @@
  },
  "dependencies": {
    "@types/bn.js": "^4.11.6",
-    "bcrypto": "5.0.3",
+    "aead-js": "^0.1.0",
    "bn.js": "^5.0.0",
    "buffer": "^5.4.3",
    "debug": "^4.1.1",
    "futoin-hkdf": "^1.3.2",
    "hash.js": "^1.1.7",
    "it-buffer": "^0.1.1",
    "it-length-prefixed": "^3.0.0",
    "it-pair": "^1.0.0",
@ -75,6 +77,7 @@
    "it-pipe": "^1.1.0",
    "libp2p-crypto": "^0.17.1",
    "peer-id": "^0.13.5",
-    "protobufjs": "6.8.8"
+    "protobufjs": "6.8.8",
    "tweetnacl": "^1.0.3"
  }
 }
--- a/src/handshakes/abstract-handshake.ts
+++ b/src/handshakes/abstract-handshake.ts
@ -1,5 +1,7 @@
 import {Buffer} from "buffer";
-import { AEAD, x25519, SHA256 } from 'bcrypto';
+import hash from 'hash.js';
 import {box} from 'tweetnacl';
 import {AEAD} from 'aead-js';
 import {bytes, bytes32, uint32} from "../@types/basic";
 import {CipherState, MessageBuffer, SymmetricState} from "../@types/handshake";
@ -104,10 +106,7 @@ export abstract class AbstractHandshake {
  protected dh(privateKey: bytes32, publicKey: bytes32): bytes32 {
    try {
-      const derived = x25519.derive(publicKey, privateKey);
+      return Buffer.from(box.before(publicKey, privateKey))
      const result = Buffer.alloc(32);
      derived.copy(result);
      return result;
    } catch (e) {
      logger(e.message);
      return Buffer.alloc(32);
@ -119,7 +118,9 @@ export abstract class AbstractHandshake {
  }
  protected getHash(a: bytes, b: bytes): bytes32 {
-    return SHA256.digest(Buffer.from([...a, ...b]));
+    return Buffer.from(
      hash.sha256().update(Buffer.from([...a, ...b])).digest('hex')
    )
  }
  protected mixKey(ss: SymmetricState, ikm: bytes32): void {
--- a/src/noise.ts
+++ b/src/noise.ts
@ -1,4 +1,4 @@
-import {x25519} from 'bcrypto';
+import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import Wrap from 'it-pb-rpc';
 import DuplexPair from 'it-pair/duplex';
@ -49,7 +49,7 @@ export class Noise implements INoiseConnection {
    this.useNoisePipes = false;
    if (staticNoiseKey) {
-      const publicKey = x25519.publicKeyCreate(staticNoiseKey);
+      const publicKey = Buffer.from(box.keyPair.fromSecretKey(staticNoiseKey)['publicKey']);
      this.staticKeys = {
        privateKey: staticNoiseKey,
        publicKey,
--- a/src/utils.ts
+++ b/src/utils.ts
@ -1,4 +1,5 @@
-import {HKDF, SHA256, x25519} from 'bcrypto';
+import hkdf from 'futoin-hkdf';
 import {box} from 'tweetnacl';
 import {Buffer} from "buffer";
 import PeerId from "peer-id";
 import * as crypto from 'libp2p-crypto';
@ -10,8 +11,9 @@ import {pb} from "./proto/payload";
 const NoiseHandshakePayloadProto = pb.NoiseHandshakePayload;
 export function generateKeypair(): KeyPair {
-  const privateKey = x25519.privateKeyGenerate();
+  const keyPair = box.keyPair()
-  const publicKey = x25519.publicKeyCreate(privateKey);
+  const publicKey = Buffer.from(keyPair['publicKey'])
  const privateKey = Buffer.from(keyPair['secretKey'])
  return {
    publicKey,
@ -99,9 +101,7 @@ export async function verifySignedPayload(
 }
 export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
-  const info = Buffer.alloc(0);
+  const okm = hkdf(ikm, 96, {salt: ck, hash: 'SHA-256'})
  const prk = HKDF.extract(SHA256, ikm, ck);
  const okm = HKDF.expand(SHA256, prk, info, 96);
  const k1 = okm.slice(0, 32);
  const k2 = okm.slice(32, 64);
@ -111,5 +111,9 @@ export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
 }
 export function isValidPublicKey(pk: bytes): boolean {
-  return x25519.publicKeyVerify(pk.slice(0, 32));
+  if(pk.length !== 32 || pk.compare(Buffer.alloc(32))){
    return false;
  }
  return true;
 }