Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Pure-JS Crypto #959

Closed
wants to merge 4 commits into from
Closed

Adding Pure-JS Crypto #959

wants to merge 4 commits into from

Conversation

Apollon77
Copy link
Collaborator

@Apollon77 Apollon77 commented Jun 17, 2024
edited
Loading

To experiment around with it better and also for react-native here is an intermediate Pure-JS Crypto. It bases on crypto-browserify with a patched aes-ccm lib based on browserify/browserify-aes#57

It is done as an own packge because is uses several deprecated packages which generate several warnings and we might not need to "Infec"T the main matter.js package with that. It can be used here if needed.

@lauckhart tests work with CJS and ESM already, just web has issues and tell about "global not found" ... where can I tweak that in?

Still TODOs:

  • Readme and other "content" files needs to be adjusted
  • Get testing to run
  • Is own package and such good approach? Naming?

Apollon77 added 3 commits June 17, 2024 23:47
@Apollon77
Add pure JS crypto (intermediate)
94f0548 
This uses crypto-browserify with a patched browserify-aes library that supports aes-ccm as we need using npm override. The tests are copied from CryptoNode and validate it basically working.

I decided for an own package for now because crypto-browserify is using a lot of outdated dependencies, so these messages should not infect matter.js main package for now and can be used when needed.
@Apollon77
Add pure JS crypto (intermediate) package.jsons
28f1c02
@Apollon77
Adjust web test building
9edf889 
This adds some more libraries and a bt of handling to web tests. ...
@Apollon77 Apollon77 requested a review from lauckhart June 17, 2024 21:53
@Apollon77
Copy link
Collaborator Author

When I get the error in https://github.com/project-chip/matter.js/actions/runs/9555385608/job/26338682930#step:5:309 right then it refers to https://github.com/browserify/randombytes/blob/b4eb4126fccc503e375853ca7b3e96aaa34af9e6/browser.js#L15 ... is then globalThis not defined?

@lauckhart
Copy link
Collaborator

The version of randombytes in NPM does not appear to use globalThis, it uses an undefined variable called "global", presumably expecting a bundler to define it for the browser.

There are a few ways to fix:

  • If you're editing the library anyway you could remove the randombytes dependency and instead use crypto.getRandomValues which is available everywhere in modern JS
  • If you're bundling as a library in web.ts you can instruct esbuild to define "global" as globalThis when bundling
  • You could add globalThis.global = globalThis somewhere in the web bootstrap code
  • If you build off of CryptoSubtle.ts in my crypto-js branch it has everything except for encrypt/decrypt. You could implement those using browserify-aes directly and drop the rest of crypto-browserify
  • You could build off CryptoSubtle.ts and just port over a CCM mode implementation like the one in the unmerged browserify-aes PR

@lauckhart
Copy link
Collaborator

I just remembered you guys were targeting react native... I checked and it looks like react-native-quick-crypto supports AES-CCM. That might be worth exploring. Then sticking with the Node API could be an advantage as I'm not sure if they've even implemented enough of CryptoSubtle for that to be viable.

@Apollon77 Apollon77 closed this Jun 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lauckhart lauckhart Awaiting requested review from lauckhart

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Apollon77 @lauckhart