Use randombytes instead of node's crypto

package.json

@@ -46,7 +46,8 @@
   },
   "dependencies": {
     "@chainsafe/bls-keygen": "^0.3.0",
-    "bls-eth-wasm": "^0.4.4"
+    "bls-eth-wasm": "^0.4.4",
+    "randombytes": "^2.1.0"
   },
   "devDependencies": {
     "@babel/cli": "^7.8.4",
@@ -62,6 +63,7 @@
     "@chainsafe/lodestar-spec-test-util": "^0.11.0",
     "@types/chai": "^4.2.9",
     "@types/mocha": "^8.0.4",
+    "@types/randombytes": "^2.0.0",
     "@typescript-eslint/eslint-plugin": "^2.20.0",
     "@typescript-eslint/parser": "^2.20.0",
     "chai": "^4.2.0",

src/blst/privateKey.ts

@@ -1,6 +1,6 @@
-import crypto from "crypto";
 import * as blst from "@chainsafe/blst";
-import {bytesToHex, hexToBytes} from "../helpers/utils";
+import {bytesToHex, hexToBytes, randomBytes} from "../helpers/utils";
+import {SECRET_KEY_LENGTH} from "../constants";
 import {IPrivateKey} from "../interface";
 import {PublicKey} from "./publicKey";
 import {Signature} from "./signature";
@@ -22,7 +22,7 @@ export class PrivateKey implements IPrivateKey {
   }
 
   static fromKeygen(entropy?: Uint8Array): PrivateKey {
-    const sk = blst.SecretKey.fromKeygen(entropy || crypto.randomBytes(32));
+    const sk = blst.SecretKey.fromKeygen(entropy || randomBytes(SECRET_KEY_LENGTH));
     return new PrivateKey(sk);
   }
 

src/helpers/utils.ts

@@ -1,3 +1,8 @@
+import randomBytes from "randombytes";
+
+// Single import to ease changing this lib if necessary
+export {randomBytes};
+
 export function assert(condition: unknown, message = "Assertion failed"): asserts condition {
   if (!condition) {
     throw new Error(message);

test/benchmark/index.ts

@@ -1,7 +1,7 @@
-import crypto from "crypto";
 import {runBenchmark} from "./runner";
 import {runForAllImplementations} from "../switch";
 import {IPublicKey, ISignature} from "../../src/interface";
+import {randomBytes} from "../../src/helpers";
 
 runForAllImplementations(async (bls, implementation) => {
   await bls.init();
@@ -98,5 +98,5 @@ function range(n: number): number[] {
 }
 
 function randomMsg(): Uint8Array {
-  return Uint8Array.from(crypto.randomBytes(32));
+  return Uint8Array.from(randomBytes(32));
 }

test/util.ts

@@ -1,4 +1,4 @@
-import crypto from "crypto";
+import {randomBytes} from "../src/helpers";
 
 export function fromHexString(hex: string): Uint8Array {
   return Uint8Array.from(Buffer.from(hex.replace("0x", ""), "hex"));
@@ -9,7 +9,7 @@ export function toHexString(bytes: Buffer | Uint8Array): string {
 }
 
 export function randomMessage(): Uint8Array {
-  return crypto.randomBytes(32);
+  return randomBytes(32);
 }
 
 export function getN<T>(n: number, getter: () => T): T[] {

yarn.lock

@@ -914,11 +914,23 @@
   resolved "https://registry.yarnpkg.com/@types/mocha/-/mocha-8.0.4.tgz#b840c2dce46bacf286e237bfb59a29e843399148"
   integrity sha512-M4BwiTJjHmLq6kjON7ZoI2JMlBvpY3BYSdiP6s/qCT3jb1s9/DeJF0JELpAxiVSIxXDzfNKe+r7yedMIoLbknQ==
 
+"@types/node@*":
+  version "14.14.10"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.10.tgz#5958a82e41863cfc71f2307b3748e3491ba03785"
+  integrity sha512-J32dgx2hw8vXrSbu4ZlVhn1Nm3GbeCFNw2FWL8S5QKucHGY0cyNwjdQdO+KMBZ4wpmC7KhLCiNsdk1RFRIYUQQ==
+
 "@types/node@11.11.6":
   version "11.11.6"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-11.11.6.tgz#df929d1bb2eee5afdda598a41930fe50b43eaa6a"
   integrity sha512-Exw4yUWMBXM3X+8oqzJNRqZSwUAaS4+7NdvHqQuFi/d+synz++xmX3QIf+BFqneW8N31R8Ky+sikfZUXq07ggQ==
 
+"@types/randombytes@^2.0.0":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@types/randombytes/-/randombytes-2.0.0.tgz#0087ff5e60ae68023b9bc4398b406fea7ad18304"
+  integrity sha512-bz8PhAVlwN72vqefzxa14DKNT8jK/mV66CSjwdVQM/k3Th3EPKfUtdMniwZgMedQTFuywAsfjnZsg+pEnltaMA==
+  dependencies:
+    "@types/node" "*"
+
 "@typescript-eslint/eslint-plugin@^2.20.0":
   version "2.20.0"
   resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-2.20.0.tgz#a522d0e1e4898f7c9c6a8e1ed3579b60867693fa"