mirror of
https://github.com/swc-project/swc.git
synced 2024-12-24 22:22:34 +03:00
bbaf619f63
swc_bundler: - [x] Fix wrapped esms. (denoland/deno#9307) - [x] Make test secure.
89 lines
2.6 KiB
TypeScript
89 lines
2.6 KiB
TypeScript
// Loaded from https://raw.githubusercontent.com/aricart/tweetnacl-deno/import-type-fixes/src/secretbox.ts
|
|
|
|
|
|
import { ByteArray } from './array.ts';
|
|
import { _verify_16 } from './verify.ts';
|
|
import { _stream_xor, _stream } from './salsa20.ts';
|
|
import { poly1305_init, poly1305_update, poly1305_finish } from './poly1305.ts';
|
|
import { checkArrayTypes, checkLengths } from './check.ts';
|
|
|
|
export const enum SecretBoxLength {
|
|
Key = 32, // key bytes
|
|
Nonce = 24, // nonce bytes
|
|
Overhead = 16, // box zero bytes
|
|
Zero = 32, // zero bytes
|
|
}
|
|
|
|
export function secretbox(msg: ByteArray, nonce: ByteArray, key: ByteArray): ByteArray {
|
|
checkArrayTypes(msg, nonce, key);
|
|
checkLengths(key, nonce);
|
|
|
|
const m = ByteArray(SecretBoxLength.Zero + msg.length);
|
|
const c = ByteArray(m.length);
|
|
|
|
for (let i = 0; i < msg.length; i++) m[i + SecretBoxLength.Zero] = msg[i];
|
|
|
|
_secretbox(c, m, m.length, nonce, key);
|
|
|
|
return c.subarray(SecretBoxLength.Overhead);
|
|
}
|
|
|
|
export function secretbox_open(box: ByteArray, nonce: ByteArray, key: ByteArray): ByteArray | undefined {
|
|
checkArrayTypes(box, nonce, key);
|
|
checkLengths(key, nonce);
|
|
|
|
const c = ByteArray(SecretBoxLength.Overhead + box.length);
|
|
const m = ByteArray(c.length);
|
|
|
|
for (let i = 0; i < box.length; i++) c[i + SecretBoxLength.Overhead] = box[i];
|
|
|
|
if (c.length < SecretBoxLength.Zero || _secretbox_open(m, c, c.length, nonce, key) !== 0) return;
|
|
|
|
return m.subarray(SecretBoxLength.Zero);
|
|
}
|
|
|
|
// low level
|
|
function _secretbox(c: ByteArray, m: ByteArray, d: number, n: ByteArray, k: ByteArray): -1 | 0 {
|
|
if (d < 32) return -1;
|
|
|
|
_stream_xor(c, 0, m, 0, d, n, k);
|
|
_onetimeauth(c, 16, c, 32, d - 32, c);
|
|
|
|
for (let i = 0; i < 16; i++) c[i] = 0;
|
|
|
|
return 0;
|
|
}
|
|
|
|
function _secretbox_open(m: ByteArray, c: ByteArray, d: number, n: ByteArray, k: ByteArray): -1 | 0 {
|
|
const x = ByteArray(32);
|
|
|
|
if (d < 32) return -1;
|
|
|
|
_stream(x, 0, 32, n, k);
|
|
|
|
if (_onetimeauth_verify(c, 16, c, 32, d - 32, x) !== 0) return -1;
|
|
|
|
_stream_xor(m, 0, c, 0, d, n, k);
|
|
|
|
for (let i = 0; i < 32; i++) m[i] = 0;
|
|
|
|
return 0;
|
|
}
|
|
|
|
export function _onetimeauth(out: ByteArray, outpos: number, m: ByteArray, mpos: number, n: number, k: ByteArray): 0 {
|
|
const s = poly1305_init(k);
|
|
|
|
poly1305_update(s, m, mpos, n);
|
|
poly1305_finish(s, out, outpos);
|
|
|
|
return 0;
|
|
}
|
|
|
|
function _onetimeauth_verify(h: ByteArray, hpos: number, m: ByteArray, mpos: number, n: number, k: ByteArray): number {
|
|
const x = ByteArray(16);
|
|
|
|
_onetimeauth(x, 0, m, mpos, n, k);
|
|
|
|
return _verify_16(h, hpos, x, 0);
|
|
}
|