Merge pull request #133 from web3-storage/dynamic-backend

feat: Make crypto implementation pluggable.

Author: mpetrunic

README.md

@@ -50,6 +50,11 @@ This module exposes a crypto interface, as defined in the repository [js-interfa
 
 [» API Docs](https://github.com/libp2p/js-libp2p-interfaces/tree/master/packages/libp2p-interfaces/src/crypto#api)
 
+## Bring your own crypto
+
+You can provide a custom crypto implementation (instead of the default, based on [stablelib](https://www.stablelib.com/)) by passing a third argument to the `Noise` constructor.
+
+The implementation must conform to the `ICryptoInterface`, defined in https://github.com/ChainSafe/js-libp2p-noise/blob/master/src/crypto.ts
 
 ## Contribute
 

src/@types/handshake-interface.ts

@@ -1,6 +1,6 @@
+import type { PeerId } from '@libp2p/interfaces/peer-id'
 import type { bytes } from './basic.js'
 import type { NoiseSession } from './handshake.js'
-import type { PeerId } from '@libp2p/interfaces/peer-id'
 
 export interface IHandshake {
   session: NoiseSession

src/@types/libp2p.ts

@@ -1,5 +1,5 @@
-import type { bytes, bytes32 } from './basic.js'
 import type { ConnectionEncrypter } from '@libp2p/interfaces/connection-encrypter'
+import type { bytes, bytes32 } from './basic.js'
 
 export interface KeyPair {
   publicKey: bytes32

src/crypto.ts

@@ -1,40 +1,16 @@
-import type { Transform } from 'it-stream-types'
-import type { IHandshake } from './@types/handshake-interface.js'
-import { NOISE_MSG_MAX_LENGTH_BYTES, NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG } from './constants.js'
+import type { bytes32, bytes } from './@types/basic.js'
+import type { Hkdf } from './@types/handshake.js'
+import type { KeyPair } from './@types/libp2p.js'
 
-// Returns generator that encrypts payload from the user
-export function encryptStream (handshake: IHandshake): Transform<Uint8Array> {
-  return async function * (source) {
-    for await (const chunk of source) {
-      for (let i = 0; i < chunk.length; i += NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG) {
-        let end = i + NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG
-        if (end > chunk.length) {
-          end = chunk.length
-        }
+export interface ICryptoInterface {
+  hashSHA256: (data: Uint8Array) => Uint8Array
 
-        const data = handshake.encrypt(chunk.slice(i, end), handshake.session)
-        yield data
-      }
-    }
-  }
-}
+  getHKDF: (ck: bytes32, ikm: Uint8Array) => Hkdf
 
-// Decrypt received payload to the user
-export function decryptStream (handshake: IHandshake): Transform<Uint8Array> {
-  return async function * (source) {
-    for await (const chunk of source) {
-      for (let i = 0; i < chunk.length; i += NOISE_MSG_MAX_LENGTH_BYTES) {
-        let end = i + NOISE_MSG_MAX_LENGTH_BYTES
-        if (end > chunk.length) {
-          end = chunk.length
-        }
+  generateX25519KeyPair: () => KeyPair
+  generateX25519KeyPairFromSeed: (seed: Uint8Array) => KeyPair
+  generateX25519SharedKey: (privateKey: Uint8Array, publicKey: Uint8Array) => Uint8Array
 
-        const { plaintext: decrypted, valid } = await handshake.decrypt(chunk.slice(i, end), handshake.session)
-        if (!valid) {
-          throw new Error('Failed to validate decrypted chunk')
-        }
-        yield decrypted
-      }
-    }
-  }
+  chaCha20Poly1305Encrypt: (plaintext: Uint8Array, nonce: Uint8Array, ad: Uint8Array, k: bytes32) => bytes
+  chaCha20Poly1305Decrypt: (ciphertext: Uint8Array, nonce: Uint8Array, ad: Uint8Array, k: bytes32) => bytes | null
 }

src/crypto/stablelib.ts

@@ -0,0 +1,60 @@
+import { HKDF } from '@stablelib/hkdf'
+import * as x25519 from '@stablelib/x25519'
+import { SHA256, hash } from '@stablelib/sha256'
+import { ChaCha20Poly1305 } from '@stablelib/chacha20poly1305'
+import type { bytes32, bytes } from '../@types/basic.js'
+import type { Hkdf } from '../@types/handshake.js'
+import type { KeyPair } from '../@types/libp2p.js'
+import type { ICryptoInterface } from '../crypto.js'
+
+export const stablelib: ICryptoInterface = {
+  hashSHA256 (data: Uint8Array): Uint8Array {
+    return hash(data)
+  },
+
+  getHKDF (ck: bytes32, ikm: Uint8Array): Hkdf {
+    const hkdf = new HKDF(SHA256, ikm, ck)
+    const okmU8Array = hkdf.expand(96)
+    const okm = okmU8Array
+
+    const k1 = okm.slice(0, 32)
+    const k2 = okm.slice(32, 64)
+    const k3 = okm.slice(64, 96)
+
+    return [k1, k2, k3]
+  },
+
+  generateX25519KeyPair (): KeyPair {
+    const keypair = x25519.generateKeyPair()
+
+    return {
+      publicKey: keypair.publicKey,
+      privateKey: keypair.secretKey
+    }
+  },
+
+  generateX25519KeyPairFromSeed (seed: Uint8Array): KeyPair {
+    const keypair = x25519.generateKeyPairFromSeed(seed)
+
+    return {
+      publicKey: keypair.publicKey,
+      privateKey: keypair.secretKey
+    }
+  },
+
+  generateX25519SharedKey (privateKey: Uint8Array, publicKey: Uint8Array): Uint8Array {
+    return x25519.sharedKey(privateKey, publicKey)
+  },
+
+  chaCha20Poly1305Encrypt (plaintext: Uint8Array, nonce: Uint8Array, ad: Uint8Array, k: bytes32): bytes {
+    const ctx = new ChaCha20Poly1305(k)
+
+    return ctx.seal(nonce, plaintext, ad)
+  },
+
+  chaCha20Poly1305Decrypt (ciphertext: Uint8Array, nonce: Uint8Array, ad: Uint8Array, k: bytes32): bytes | null {
+    const ctx = new ChaCha20Poly1305(k)
+
+    return ctx.open(nonce, ciphertext, ad)
+  }
+}

src/crypto/streaming.ts

@@ -0,0 +1,40 @@
+import type { Transform } from 'it-stream-types'
+import type { IHandshake } from '../@types/handshake-interface.js'
+import { NOISE_MSG_MAX_LENGTH_BYTES, NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG } from '../constants.js'
+
+// Returns generator that encrypts payload from the user
+export function encryptStream (handshake: IHandshake): Transform<Uint8Array> {
+  return async function * (source) {
+    for await (const chunk of source) {
+      for (let i = 0; i < chunk.length; i += NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG) {
+        let end = i + NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG
+        if (end > chunk.length) {
+          end = chunk.length
+        }
+
+        const data = handshake.encrypt(chunk.slice(i, end), handshake.session)
+        yield data
+      }
+    }
+  }
+}
+
+// Decrypt received payload to the user
+export function decryptStream (handshake: IHandshake): Transform<Uint8Array> {
+  return async function * (source) {
+    for await (const chunk of source) {
+      for (let i = 0; i < chunk.length; i += NOISE_MSG_MAX_LENGTH_BYTES) {
+        let end = i + NOISE_MSG_MAX_LENGTH_BYTES
+        if (end > chunk.length) {
+          end = chunk.length
+        }
+
+        const { plaintext: decrypted, valid } = await handshake.decrypt(chunk.slice(i, end), handshake.session)
+        if (!valid) {
+          throw new Error('Failed to validate decrypted chunk')
+        }
+        yield decrypted
+      }
+    }
+  }
+}

src/encoder.ts

@@ -1,7 +1,7 @@
+import { concat as uint8ArrayConcat } from 'uint8arrays/concat'
+import type { Uint8ArrayList } from 'uint8arraylist'
 import type { bytes } from './@types/basic.js'
 import type { MessageBuffer } from './@types/handshake.js'
-import type { Uint8ArrayList } from 'uint8arraylist'
-import { concat as uint8ArrayConcat } from 'uint8arrays/concat'
 
 const allocUnsafe = (len: number): Uint8Array => {
   if (globalThis.Buffer) {

src/handshake-ik.ts

@@ -1,11 +1,12 @@
+import type { PeerId } from '@libp2p/interfaces/peer-id'
 import type { ProtobufStream } from 'it-pb-stream'
-import { IK } from './handshakes/ik.js'
 import type { CipherState, NoiseSession } from './@types/handshake.js'
 import type { bytes, bytes32 } from './@types/basic.js'
 import type { KeyPair } from './@types/libp2p.js'
 import type { IHandshake } from './@types/handshake-interface.js'
+import type { ICryptoInterface } from './crypto.js'
+import { IK } from './handshakes/ik.js'
 import { decode0, decode1, encode0, encode1 } from './encoder.js'
-import { decodePayload, getPeerIdFromPayload, verifySignedPayload } from './utils.js'
 import { FailedIKError } from './errors.js'
 import {
   logger,
@@ -15,7 +16,7 @@ import {
   logRemoteEphemeralKey,
   logCipherState
 } from './logger.js'
-import type { PeerId } from '@libp2p/interfaces/peer-id'
+import { decodePayload, getPeerIdFromPayload, verifySignedPayload } from './utils.js'
 
 export class IKHandshake implements IHandshake {
   public isInitiator: boolean
@@ -33,6 +34,7 @@ export class IKHandshake implements IHandshake {
     isInitiator: boolean,
     payload: bytes,
     prologue: bytes32,
+    crypto: ICryptoInterface,
     staticKeypair: KeyPair,
     connection: ProtobufStream,
     remoteStaticKey: bytes,
@@ -47,7 +49,7 @@ export class IKHandshake implements IHandshake {
     if (remotePeer) {
       this.remotePeer = remotePeer
     }
-    this.ik = handshake ?? new IK()
+    this.ik = handshake ?? new IK(crypto)
     this.session = this.ik.initSession(this.isInitiator, this.prologue, this.staticKeypair, remoteStaticKey)
     this.remoteEarlyData = new Uint8Array()
   }

src/handshake-xx-fallback.ts

@@ -1,12 +1,13 @@
+import type { PeerId } from '@libp2p/interfaces/peer-id'
+import type { ProtobufStream } from 'it-pb-stream'
+import type { bytes, bytes32 } from './@types/basic.js'
+import type { KeyPair } from './@types/libp2p.js'
 import { XXHandshake } from './handshake-xx.js'
 import type { XX } from './handshakes/xx.js'
-import type { KeyPair } from './@types/libp2p.js'
-import type { bytes, bytes32 } from './@types/basic.js'
-import { decodePayload, getPeerIdFromPayload, verifySignedPayload } from './utils.js'
-import { logger, logLocalEphemeralKeys, logRemoteEphemeralKey, logRemoteStaticKey } from './logger.js'
-import type { ProtobufStream } from 'it-pb-stream'
+import type { ICryptoInterface } from './crypto.js'
 import { decode0, decode1 } from './encoder.js'
-import type { PeerId } from '@libp2p/interfaces/peer-id'
+import { logger, logLocalEphemeralKeys, logRemoteEphemeralKey, logRemoteStaticKey } from './logger.js'
+import { decodePayload, getPeerIdFromPayload, verifySignedPayload } from './utils.js'
 
 export class XXFallbackHandshake extends XXHandshake {
   private readonly ephemeralKeys?: KeyPair
@@ -16,14 +17,15 @@ export class XXFallbackHandshake extends XXHandshake {
     isInitiator: boolean,
     payload: bytes,
     prologue: bytes32,
+    crypto: ICryptoInterface,
     staticKeypair: KeyPair,
     connection: ProtobufStream,
     initialMsg: bytes,
     remotePeer?: PeerId,
     ephemeralKeys?: KeyPair,
     handshake?: XX
   ) {
-    super(isInitiator, payload, prologue, staticKeypair, connection, remotePeer, handshake)
+    super(isInitiator, payload, prologue, crypto, staticKeypair, connection, remotePeer, handshake)
     if (ephemeralKeys) {
       this.ephemeralKeys = ephemeralKeys
     }

src/handshake-xx.ts

@@ -1,13 +1,12 @@
-import { XX } from './handshakes/xx.js'
-import type { KeyPair } from './@types/libp2p.js'
+import type { PeerId } from '@libp2p/interfaces/peer-id'
+import type { ProtobufStream } from 'it-pb-stream'
 import type { bytes, bytes32 } from './@types/basic.js'
 import type { CipherState, NoiseSession } from './@types/handshake.js'
+import type { KeyPair } from './@types/libp2p.js'
 import type { IHandshake } from './@types/handshake-interface.js'
-import {
-  decodePayload,
-  getPeerIdFromPayload,
-  verifySignedPayload
-} from './utils.js'
+import type { ICryptoInterface } from './crypto.js'
+import { decode0, decode1, decode2, encode0, encode1, encode2 } from './encoder.js'
+import { XX } from './handshakes/xx.js'
 import {
   logger,
   logLocalStaticKeys,
@@ -16,9 +15,11 @@ import {
   logRemoteStaticKey,
   logCipherState
 } from './logger.js'
-import { decode0, decode1, decode2, encode0, encode1, encode2 } from './encoder.js'
-import type { ProtobufStream } from 'it-pb-stream'
-import type { PeerId } from '@libp2p/interfaces/peer-id'
+import {
+  decodePayload,
+  getPeerIdFromPayload,
+  verifySignedPayload
+} from './utils.js'
 
 export class XXHandshake implements IHandshake {
   public isInitiator: boolean
@@ -37,6 +38,7 @@ export class XXHandshake implements IHandshake {
     isInitiator: boolean,
     payload: bytes,
     prologue: bytes32,
+    crypto: ICryptoInterface,
     staticKeypair: KeyPair,
     connection: ProtobufStream,
     remotePeer?: PeerId,
@@ -50,7 +52,7 @@ export class XXHandshake implements IHandshake {
     if (remotePeer) {
       this.remotePeer = remotePeer
     }
-    this.xx = handshake ?? new XX()
+    this.xx = handshake ?? new XX(crypto)
     this.session = this.xx.initSession(this.isInitiator, this.prologue, this.staticKeypair)
     this.remoteEarlyData = new Uint8Array(0)
   }