Skip to content

Commit fa0f94d

Browse files
jkoenig134jkoenig134
authored
libsodium-wrappers increases the bundle size (#854)
* fix: do not use libsodium-wrappers * fix: do not use libsodium-wrappers
1 parent ae2f6d9 commit fa0f94d

3 files changed

Lines changed: 11 additions & 37 deletions

File tree

package-lock.json

Lines changed: 0 additions & 20 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/consumption/package.json

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,6 @@
7373
"@nmshd/transport": "*",
7474
"@noble/ciphers": "^2.0.1",
7575
"jose": "^6.1.1",
76-
"libsodium-wrappers": "^0.7.15",
7776
"lodash": "^4.17.21",
7877
"sjcl": "^1.0.8",
7978
"ts-simple-nameof": "^1.3.3",
@@ -84,7 +83,6 @@
8483
"@js-soft/docdb-access-mongo": "1.3.1",
8584
"@js-soft/node-logger": "1.2.1",
8685
"@nmshd/crypto": "2.1.3",
87-
"@types/libsodium-wrappers": "^0.7.14",
8886
"@types/lodash": "^4.17.20",
8987
"@types/sjcl": "^1.0.34",
9088
"ts-mockito": "^2.6.1"

packages/consumption/src/modules/openid4vc/local/EnmeshedHolderKeyManagmentService.ts

Lines changed: 11 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
import { AgentContext, Kms } from "@credo-ts/core";
22
import { ec as EC } from "elliptic";
3-
import _sodium from "libsodium-wrappers";
3+
4+
import { SodiumWrapper } from "@nmshd/crypto";
45
import sjcl from "sjcl";
56
import { KeyStorage } from "./KeyStorage";
67

@@ -15,8 +16,8 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
1516

1617
public readonly backend = EnmshedHolderKeyManagmentService.backend;
1718

18-
private readonly b64url = (bytes: Uint8Array) => _sodium.to_base64(bytes, _sodium.base64_variants.URLSAFE_NO_PADDING);
19-
private readonly b64urlDecode = (b64url: string) => _sodium.from_base64(b64url, _sodium.base64_variants.URLSAFE_NO_PADDING);
19+
private readonly b64url = (bytes: Uint8Array) => SodiumWrapper.sodium.to_base64(bytes, (SodiumWrapper.sodium as any).base64_variants.URLSAFE_NO_PADDING);
20+
private readonly b64urlDecode = (b64url: string) => SodiumWrapper.sodium.from_base64(b64url, (SodiumWrapper.sodium as any).base64_variants.URLSAFE_NO_PADDING);
2021

2122
// please note: we cannot use buffer here - because it is not available in the browser
2223
// and yes it could be pollyfilled but that extends the bundle size for no good reason
@@ -75,7 +76,7 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
7576
public async createKey<Type extends Kms.KmsCreateKeyType>(agentContext: AgentContext, options: Kms.KmsCreateKeyOptions<Type>): Promise<Kms.KmsCreateKeyReturn<Type>> {
7677
options.keyId ??= "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function (c) {
7778
// Use libsodium's randombytes_uniform for secure random number generation
78-
const r = _sodium.randombytes_uniform(16);
79+
const r = SodiumWrapper.sodium.randombytes_uniform(16);
7980
const v = c === "x" ? r : (r & 0x3) | 0x8;
8081
return v.toString(16);
8182
});
@@ -114,12 +115,9 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
114115
return { keyId: options.keyId, publicJwk: publicJwk as Kms.KmsJwkPublic } as Kms.KmsCreateKeyReturn<Type>;
115116
}
116117

117-
await _sodium.ready;
118-
const sodium = _sodium;
119-
120-
const { keyType, publicKey, privateKey } = sodium.crypto_sign_keypair();
118+
const { keyType, publicKey, privateKey } = SodiumWrapper.sodium.crypto_sign_keypair();
121119
agentContext.config.logger.debug(`EKM: Created OKP key pair with id ${options.keyId} and keyType ${keyType}`);
122-
const seed = privateKey.slice(0, sodium.crypto_sign_SEEDBYTES);
120+
const seed = privateKey.slice(0, (SodiumWrapper.sodium as any).crypto_sign_SEEDBYTES);
123121

124122
// Public JWK
125123
const publicJwk = {
@@ -192,10 +190,8 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
192190
} as Kms.KmsSignReturn);
193191
}
194192

195-
await _sodium.ready;
196-
const sodium = _sodium;
197-
const decode = (bytes: string) => sodium.from_base64(bytes, sodium.base64_variants.URLSAFE_NO_PADDING);
198-
// get the priavte key bytes
193+
const decode = (bytes: string) => SodiumWrapper.sodium.from_base64(bytes, (SodiumWrapper.sodium as any).base64_variants.URLSAFE_NO_PADDING);
194+
// get the private key bytes
199195
if (privateKey.d === undefined) {
200196
throw new Error("Private key does not contain 'd' parameter");
201197
}
@@ -213,7 +209,7 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
213209
fullPrivateKeyBytes.set(publicKeyBytes, privateKeyBytes.length);
214210

215211
// and use it to sign the data
216-
const signature = sodium.crypto_sign_detached(options.data, fullPrivateKeyBytes);
212+
const signature = SodiumWrapper.sodium.crypto_sign_detached(options.data, fullPrivateKeyBytes);
217213

218214
return {
219215
signature: signature as Uint8Array<ArrayBuffer> // I hope this cast doesn't paper over something
@@ -396,6 +392,6 @@ export class EnmshedHolderKeyManagmentService implements Kms.KeyManagementServic
396392
}
397393
public randomBytes(agentContext: AgentContext, options: Kms.KmsRandomBytesOptions): Kms.KmsRandomBytesReturn {
398394
agentContext.config.logger.debug(`EKM: Generating ${options.length} random bytes`);
399-
return _sodium.randombytes_buf(options.length); // Uint8Array
395+
return SodiumWrapper.sodium.randombytes_buf(options.length); // Uint8Array
400396
}
401397
}

0 commit comments

Comments
 (0)