rm 'cryptography' as dependency; use new pycryptodomex version

pycryptodomex 3.7 implemented chacha20_poly1305 and chacha20, and it is already used (although optionally) to speed up AES, so we can remove cryptography and make pycryptodomex mandatory for LN
6 years ago · 093e90653d
3 changed files with 26 additions and 15 deletions
--- a/contrib/requirements/requirements.txt
+++ b/contrib/requirements/requirements.txt
@ -10,4 +10,3 @@ aiohttp>=3.3.0
 aiohttp_socks
 certifi
 bitstring
-cryptography
--- a/electrum/lnonion.py
+++ b/electrum/lnonion.py
@ -23,12 +23,17 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.

+import sys
 import hashlib
 from typing import Sequence, List, Tuple, NamedTuple, TYPE_CHECKING
 from enum import IntEnum, IntFlag

-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
-from cryptography.hazmat.backends import default_backend
+try:
+    from Cryptodome.Cipher import ChaCha20
+except Exception as e:
+    print(e)
+    print("Error: pycryptodomex >= 3.7 not available.")
+    sys.exit(1)

 from . import ecc
 from .crypto import sha256, hmac_oneshot
@ -227,10 +232,8 @@ def generate_filler(key_type: bytes, num_hops: int, hop_size: int,


 def generate_cipher_stream(stream_key: bytes, num_bytes: int) -> bytes:
-    algo = algorithms.ChaCha20(stream_key, nonce=bytes(16))
-    cipher = Cipher(algo, mode=None, backend=default_backend())
-    encryptor = cipher.encryptor()
-    return encryptor.update(bytes(num_bytes))
+    cipher = ChaCha20.new(key=stream_key, nonce=bytes(8))
+    return cipher.encrypt(bytes(num_bytes))


 ProcessedOnionPacket = NamedTuple("ProcessedOnionPacket", [("are_we_final", bool),
--- a/electrum/lntransport.py
+++ b/electrum/lntransport.py
@ -5,10 +5,16 @@

 # Derived from https://gist.github.com/AdamISZ/046d05c156aaeb56cc897f85eecb3eb8

+import sys
 import hashlib
 from asyncio import StreamReader, StreamWriter

-import cryptography.hazmat.primitives.ciphers.aead as AEAD
+try:
+    from Cryptodome.Cipher import ChaCha20_Poly1305
+except Exception as e:
+    print(e)
+    print("Error: pycryptodomex >= 3.7 not available.")
+    sys.exit(1)

 from .crypto import sha256, hmac_oneshot
 from .lnutil import (get_ecdh, privkey_to_pubkey, LightningPeerConnectionClosed,
@ -38,16 +44,19 @@ def get_nonce_bytes(n):
    """
    return b"\x00"*4 + n.to_bytes(8, 'little')

-def aead_encrypt(k, nonce, associated_data, data):
+def aead_encrypt(key: bytes, nonce: int, associated_data: bytes, data: bytes) -> bytes:
    nonce_bytes = get_nonce_bytes(nonce)
-    a = AEAD.ChaCha20Poly1305(k)
-    return a.encrypt(nonce_bytes, data, associated_data)
+    cipher = ChaCha20_Poly1305.new(key=key, nonce=nonce_bytes)
+    cipher.update(associated_data)
+    ciphertext, mac = cipher.encrypt_and_digest(plaintext=data)
+    return ciphertext + mac

-def aead_decrypt(k, nonce, associated_data, data):
+def aead_decrypt(key: bytes, nonce: int, associated_data: bytes, data: bytes) -> bytes:
    nonce_bytes = get_nonce_bytes(nonce)
-    a = AEAD.ChaCha20Poly1305(k)
-    #raises InvalidTag exception if it's not valid
-    return a.decrypt(nonce_bytes, data, associated_data)
+    cipher = ChaCha20_Poly1305.new(key=key, nonce=nonce_bytes)
+    cipher.update(associated_data)
+    # raises ValueError if not valid (e.g. incorrect MAC)
+    return cipher.decrypt_and_verify(ciphertext=data[:-16], received_mac_tag=data[-16:])

 def get_bolt8_hkdf(salt, ikm):
    """RFC5869 HKDF instantiated in the specific form