Changeset - 51344a25b55d
[Not reviewed]
default
0 3 0
Laman - 5 years ago 2019-06-30 16:33:14

array padding refactored into util
3 files changed with 8 insertions and 12 deletions:
0 comments (0 inline, 0 general)
src/blake.js
Show inline comments
 
// https://tools.ietf.org/html/rfc7693
 
import {MASK,int32s2bytes,bytes2int32s} from "./util.js";
 
import {MASK,int32s2bytes,bytes2int32s,zeroPad} from "./util.js";
 

	
 
const BLOCK_LEN=64;
 

	
 
const IV=[0x6A09E667,0xBB67AE85,0x3C6EF372,0xA54FF53A,0x510E527F,0x9B05688C,0x1F83D9AB,0x5BE0CD19];
 

	
 
function padEnd(arr,length,val=0){
 
	return arr.concat((new Array(length-arr.length)).fill(0));
 
}
 

	
 
function rrot(x,shift){
 
	return ((x>>>shift)|(x<<(32-shift)))&MASK;
 
}
 

	
 
export function BLAKE2S(outputLen=32,key=[]){
 
	this._buffer=[];
 
	this._dataLen=[0,0]; // low, high
 
	this._outputLen=outputLen;
 
	
 
	this._state=IV.slice();
 
	this._state[0]^=0x01010000^(key.length<<8)^this._outputLen;
 
	
 
	if(key.length>0){this.update(padEnd(key,BLOCK_LEN,0));}
 
	if(key.length>0){this.update(zeroPad(key,BLOCK_LEN));}
 
}
 

	
 
BLAKE2S.prototype.update=function(data){
 
	for(let i=0;i<data.length;i++){
 
		if(this._buffer.length==BLOCK_LEN){
 
			this._compress(false);
 
			this._buffer=[];
 
		}
 
		this._buffer.push(data[i]);
 
		this._dataLen[0]=(this._dataLen[0]+1)&MASK;
 
		if(this._dataLen[0]<this._buffer.length){this._dataLen[1]++;}
 
	}
 
};
 

	
 
BLAKE2S.prototype.digest=function(){
 
	this._buffer=padEnd(this._buffer,BLOCK_LEN,0);
 
	this._buffer=zeroPad(this._buffer,BLOCK_LEN);
 
	this._compress(true);
 
	return int32s2bytes(this._state).slice(0,this._outputLen);
 
};
 

	
 
BLAKE2S.prototype._compress=function(last){
 
	const SIGMA=[
 
		[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15],
 
		[14,10,4,8,9,15,13,6,1,12,0,2,11,7,5,3],
 
		[11,8,12,0,5,2,15,13,10,14,3,6,7,1,9,4],
 
		[7,9,3,1,13,12,11,14,2,6,5,10,4,0,15,8],
 
		[9,0,5,7,2,4,10,15,14,1,11,12,6,8,3,13],
 
		[2,12,6,10,0,11,8,3,4,13,7,5,15,14,1,9],
src/chacha.js
Show inline comments
 
// https://tools.ietf.org/html/rfc7539
 
import {MASK,int32s2bytes,bytes2int32s} from "./util.js";
 
import {MASK,int32s2bytes,bytes2int32s,zeroPad} from "./util.js";
 

	
 
function lrot(x,shift){
 
	return (x<<shift|x>>>(32-shift))&MASK;
 
}
 

	
 
function createNonce(){
 
	let nonce=new Uint8Array(12);
 
	window.crypto.getRandomValues(nonce);
 
	return nonce;
 
}
 

	
 
function zeroPad(arr,length){
 
	return arr.concat((new Array(length)).fill(0)).slice(0,length);
 
}
 

	
 
/**
 
 * A Chacha20 cipher class.
 
 * @param {Array} key Array of bytes (integers: 0<=x<256). Short keys are padded to 32B, long keys are silently truncated.
 
 * @param {Array} nonce optional. If present, it must be an Array of bytes (integers: 0<=x<256). Short nonces are padded to 12B, long nonces are silently truncated.
 
 */
 
export function Chacha20(key,nonce){
 
	if(nonce===undefined){
 
		nonce=createNonce();
 
	}
 
	this._nonce=zeroPad(nonce,12);
 
	nonce=bytes2int32s(this._nonce);
 
	key=bytes2int32s(zeroPad(key,32));
src/util.js
Show inline comments
 
export const MASK=0xffffffff;
 

	
 
export function zeroPad(arr,length){
 
	return arr.concat((new Array(length)).fill(0)).slice(0,length);
 
}
 

	
 
export function bytes2int32(arr){
 
	return arr.reduce((acc,b,i)=>acc|b<<(i*8));
 
}
 

	
 
export function bytes2int32s(arr){
 
	let res=[];
 
	for(let i=0;i<arr.length;i+=4){
 
		res.push(bytes2int32(arr.slice(i,i+4)));
 
	}
 
	return res;
 
}
 

	
0 comments (0 inline, 0 general)