Use node:crypto aes on deno (#5)

kigawas · web-flow · commit 0627f866ee8e · 2025-03-05T09:19:19.000+09:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Release Notes
 
+## 0.2.3
+
+- Use `node:crypto`'s aes implementation on deno
+
 ## 0.2.2
 
 - Add `chacha20-poly1305` support
diff --git a/README.md b/README.md
@@ -2,16 +2,24 @@
 
 [![License](https://img.shields.io/github/license/ecies/js-ciphers.svg)](https://github.com/ecies/js-ciphers)
 [![NPM Package](https://img.shields.io/npm/v/@ecies/ciphers.svg)](https://www.npmjs.com/package/@ecies/ciphers)
-![NPM Downloads](https://img.shields.io/npm/dm/@ecies/ciphers)
+[![NPM Downloads](https://img.shields.io/npm/dm/@ecies/ciphers)](https://npm-stat.link/@ecies/ciphers)
 [![Install size](https://packagephobia.com/badge?p=@ecies/ciphers)](https://packagephobia.com/result?p=@ecies/ciphers)
 [![CI](https://img.shields.io/github/actions/workflow/status/ecies/js-ciphers/ci.yml)](https://github.com/ecies/js-ciphers/actions)
 [![Codecov](https://img.shields.io/codecov/c/github/ecies/js-ciphers.svg)](https://codecov.io/gh/ecies/js-ciphers)
 
 Node/Pure JavaScript symmetric ciphers adapter.
 
-On browsers (or React Native, deno), it'll use [`@noble/ciphers`](https://github.com/paulmillr/noble-ciphers)'s implementation for compatibility.
+If native implementations are available on some platforms (e.g. node, deno, bun), it'll use [`node:crypto`](https://nodejs.org/api/crypto.html#cryptocreatecipherivalgorithm-key-iv-options) for efficiency.
 
-On node (or bun), it'll use [`node:crypto`](https://nodejs.org/api/crypto.html#cryptocreatecipherivalgorithm-key-iv-options)'s implementation for efficiency.
+Otherwise (e.g. browser, react native), it'll use [`@noble/ciphers`](https://github.com/paulmillr/noble-ciphers) for compatibility.
+
+|              | aes              | chacha           |
+| ------------ | ---------------- | ---------------- |
+| Node         | `node:crypto` ⚡ | `node:crypto` ⚡ |
+| Bun          | `node:crypto` ⚡ | `@noble/ciphers` |
+| Deno         | `node:crypto` ⚡ | `@noble/ciphers` |
+| Browser      | `@noble/ciphers` | `@noble/ciphers` |
+| React Native | `@noble/ciphers` | `@noble/ciphers` |
 
 > [!NOTE]
 > You may need to polyfill [`crypto.getRandomValues`](https://github.com/LinusU/react-native-get-random-values) for React Native.
@@ -58,5 +66,5 @@ If key is fixed and nonce is less than 16 bytes, avoid randomly generated nonce.
 ## Known limitations
 
 - `xchacha20-poly1305` is implemented with pure JS [`hchacha20`](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#section-2.2) function and `node:crypto`'s `chacha20-poly1305` on node.
-- Currently (Nov 2024), `node:crypto`'s `chacha20-poly1305` is not supported on deno and [bun](https://github.com/oven-sh/bun/issues/8072), `@noble/ciphers`'s implementation is used on both platforms instead.
-- `deno` does not support **indirect** conditional exports. If you use this library to build another library, client code of your library probably falls back to the `node:crypto` implementation and may not work properly, specifically `aes-256-gcm` (16 bytes nonce) and `chacha20-poly1305`.
+- Currently (Mar 2025), `node:crypto`'s `chacha20-poly1305` is not supported on deno and [bun](https://github.com/oven-sh/bun/issues/8072), `@noble/ciphers`'s implementation is used on both platforms instead.
+- Some old versions of `deno` [do not support](https://github.com/denoland/deno/discussions/17964#discussioncomment-10917259) **indirect** conditional exports. If you use this library to build another library, client code of your library may fall back to the `node:crypto` implementation and not work properly, specifically `aes-256-gcm` (16 bytes nonce) and `chacha20-poly1305`. If you found such a problem, try upgrade deno to the latest version.
diff --git a/example/main.js b/example/main.js
@@ -38,9 +38,7 @@ const ciphers = [
 for (const { keyLength, nonceLength, callback, aad } of ciphers) {
   const key = randomBytes(keyLength);
   const nonce = randomBytes(nonceLength);
+  console.log(`${callback.name} (nonce length ${nonce.length}) decrypted:`);
   const cipher = callback(key, nonce, aad);
-  console.log(
-    `${callback.name} (nonce length ${nonce.length}) decrypted:`,
-    decoder.decode(cipher.decrypt(cipher.encrypt(msg)))
-  );
+  console.log(decoder.decode(cipher.decrypt(cipher.encrypt(msg))));
 }
diff --git a/package.json b/package.json
@@ -37,7 +37,7 @@
       "types": "./dist/aes/node.d.ts",
       "browser": "./dist/aes/noble.js",
       "react-native": "./dist/aes/noble.js",
-      "deno": "./dist/aes/noble.js",
+      "deno": "./dist/aes/node.js",
       "bun": "./dist/aes/node.js",
       "default": "./dist/aes/node.js"
     },
diff --git a/src/_node/compat.ts b/src/_node/compat.ts
@@ -3,6 +3,9 @@ import { CipherGCM, createCipheriv, createDecipheriv, DecipherGCM } from "node:c
 
 const AEAD_TAG_LENGTH = 16;
 
+// @ts-ignore: only necessary for deno
+const IS_DENO = globalThis.Deno !== undefined;
+
 /**
  * make `node:crypto`'s ciphers compatible with `@noble/ciphers`.
  *
@@ -44,6 +47,12 @@ export const _compat = (
       }
       (decipher as DecipherGCM).setAuthTag(tag);
     }
+
+    /* v8 ignore next 3 */
+    if (!isAEAD && IS_DENO) {
+      decipher.setAutoPadding(false); // See: https://github.com/denoland/deno/issues/28381
+    }
+
     const updated = decipher.update(rawCipherText);
     const finalized = decipher.final();
     return concatBytes(updated, finalized);
