feat: use nodejs crypto for noise

ChainSafe · Aug 22, 2023 · 4628944 · 4628944
1 parent 7ee07da
commit 4628944
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 15 deletions.
diff --git a/packages/beacon-node/package.json b/packages/beacon-node/package.json
@@ -95,7 +95,6 @@
     "check-readme": "typescript-docs-verifier"
   },
   "dependencies": {
-    "@chainsafe/as-chacha20poly1305": "^0.1.0",
     "@chainsafe/as-sha256": "^0.3.1",
     "@chainsafe/bls": "7.1.1",
     "@chainsafe/blst": "^0.2.9",

diff --git a/packages/beacon-node/src/network/libp2p/noise.ts b/packages/beacon-node/src/network/libp2p/noise.ts
@@ -1,33 +1,54 @@
+import crypto from "node:crypto";
 import type {ConnectionEncrypter} from "@libp2p/interface/connection-encrypter";
-import {newInstance, ChaCha20Poly1305} from "@chainsafe/as-chacha20poly1305";
 import {ICryptoInterface, noise, pureJsCrypto} from "@chainsafe/libp2p-noise";
-import {digest} from "@chainsafe/as-sha256";
 
 type Bytes = Uint8Array;
 type Bytes32 = Uint8Array;
 
-const ctx = newInstance();
-const asImpl = new ChaCha20Poly1305(ctx);
+const CHACHA_POLY1305 = "chacha20-poly1305";
 
-// same to stablelib but we use as-chacha20poly1305 and as-sha256
+// same as default, but we use node crypto chacha20poly1305 and sha256
 const lodestarCrypto: ICryptoInterface = {
   ...pureJsCrypto,
   hashSHA256(data: Uint8Array): Uint8Array {
-    return digest(data);
+    return crypto.createHash("sha256").update(data).digest();
   },
 
   chaCha20Poly1305Encrypt(plaintext: Uint8Array, nonce: Uint8Array, ad: Uint8Array, k: Bytes32): Bytes {
-    return asImpl.seal(k, nonce, plaintext, ad);
+    const cipher = crypto.createCipheriv(CHACHA_POLY1305, k, nonce, {
+      authTagLength: 16,
+    });
+    cipher.setAAD(ad, {plaintextLength: plaintext.byteLength});
+    const updated = cipher.update(plaintext);
+    const final = cipher.final();
+    const tag = cipher.getAuthTag();
+
+    const encrypted = Buffer.concat([updated, tag, final]);
+    return encrypted;
   },
 
   chaCha20Poly1305Decrypt(
     ciphertext: Uint8Array,
     nonce: Uint8Array,
     ad: Uint8Array,
     k: Bytes32,
-    dst?: Uint8Array
+    _dst?: Uint8Array
   ): Bytes | null {
-    return asImpl.open(k, nonce, ciphertext, ad, dst);
+    const authTag = ciphertext.slice(ciphertext.length - 16);
+    const text = ciphertext.slice(0, ciphertext.length - 16);
+    const decipher = crypto.createDecipheriv(CHACHA_POLY1305, k, nonce, {
+      authTagLength: 16,
+    });
+    decipher.setAAD(ad, {
+      plaintextLength: text.byteLength,
+    });
+    decipher.setAuthTag(authTag);
+    const updated = decipher.update(text);
+    const final = decipher.final();
+    if (final.byteLength > 0) {
+      return Buffer.concat([updated, final]);
+    }
+    return updated;
   },
 };
 

diff --git a/yarn.lock b/yarn.lock
@@ -436,11 +436,6 @@
   resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
   integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
 
-"@chainsafe/as-chacha20poly1305@^0.1.0":
-  version "0.1.0"
-  resolved "https://registry.yarnpkg.com/@chainsafe/as-chacha20poly1305/-/as-chacha20poly1305-0.1.0.tgz#7da6f8796f9b42dac6e830a086d964f1f9189e09"
-  integrity sha512-BpNcL8/lji/GM3+vZ/bgRWqJ1q5kwvTFmGPk7pxm/QQZDbaMI98waOHjEymTjq2JmdD/INdNBFOVSyJofXg7ew==
-
 "@chainsafe/as-sha256@^0.3.1":
   version "0.3.1"
   resolved "https://registry.npmjs.org/@chainsafe/as-sha256/-/as-sha256-0.3.1.tgz"