Remove extra API for Sodium-Native parity

This API has some extra functions that aren't exported by Sodium-Native, so we probably don't want to expose them in Sodium-JavaScript. This removes all methods that aren't available in Sodium-Native, which simplifies `crypto_auth.js` and makes it much shorter (with much higher test coverage).
2020-09-08 09:02:48 -07:00 · 2020-09-08 09:02:48 -07:00 · a8bdb1d060
commit a8bdb1d060
parent c0889e45e7
1 changed files with 8 additions and 65 deletions
--- a/crypto_auth.js
+++ b/crypto_auth.js
@ -1,50 +1,13 @@
 /* eslint-disable camelcase */
-const { crypto_verify_32, crypto_verify_64 } = require('./crypto_verify')
-const { sodium_memcmp } = require('./helpers')
-const Sha256 = require('sha256-universal')
+const { crypto_verify_32 } = require('./crypto_verify')
 const Sha512 = require('sha512-universal')
 const assert = require('nanoassert')

-const crypto_auth_hmacsha256_BYTES = 32
-const crypto_auth_hmacsha256_KEYBYTES = 32
-const crypto_auth_hmacsha512_BYTES = 64
-const crypto_auth_hmacsha512_KEYBYTES = 32
-const crypto_auth_hmacsha512256_BYTES = 32
-const crypto_auth_hmacsha512256_KEYBYTES = 32
+const crypto_auth_BYTES = 32
+const crypto_auth_KEYBYTES = 32

-const crypto_auth_BYTES = crypto_auth_hmacsha512256_BYTES
-const crypto_auth_KEYBYTES = crypto_auth_hmacsha512256_KEYBYTES
-
-function crypto_auth_hmacsha256 (out, input, k) {
-  assert(out.byteLength === crypto_auth_hmacsha256_BYTES, "out should be 'crypto_auth_hmacsha256_BYTES' in length")
-
-  const hmac = Sha256.HMAC(k)
-  hmac.update(input)
-  return hmac.digest(out)
-}
-
-function crypto_auth_hmacsha256_verify (h, input, k) {
-  const correct = Sha256.HMAC(k).update(input).digest()
-
-  return crypto_verify_32(h, 0, correct, 0) && sodium_memcmp(correct, h)
-}
-
-function crypto_auth_hmacsha512 (out, input, k) {
-  assert(out.byteLength === crypto_auth_hmacsha512_BYTES, "out should be 'crypto_auth_hmacsha512_BYTES' in length")
-
-  const hmac = Sha512.HMAC(k)
-  hmac.update(input)
-  return hmac.digest(out)
-}
-
-function crypto_auth_hmacsha512_verify (h, input, k) {
-  const correct = Sha512.HMAC(k).update(input).digest()
-
-  return crypto_verify_64(h, 0, correct, 0) && sodium_memcmp(correct, h)
-}
-
-function crypto_auth_hmacsha512256 (out, input, k) {
-  assert(out.byteLength === crypto_auth_hmacsha512256_BYTES, "out should be 'crypto_auth_hmacsha512256_BYTES' in length")
+function crypto_auth (out, input, k) {
+  assert(out.byteLength === crypto_auth_BYTES, "out should be 'crypto_auth_BYTES' in length")

  const out0 = new Uint8Array(64)
  const hmac = Sha512.HMAC(k)
@ -54,35 +17,15 @@ function crypto_auth_hmacsha512256 (out, input, k) {
  out.set(out0.subarray(0, 32))
 }

-function crypto_auth_hmacsha512256_verify (h, input, k) {
+function crypto_auth_verify (h, input, k) {
  const correct = Sha512.HMAC(k).update(input).digest()

-  return crypto_verify_32(h, 0, correct, 0) && sodium_memcmp(correct.subarray(0, 32), h)
-}
-
-function crypto_auth (out, input, k) {
-  return crypto_auth_hmacsha512256(out, input, k)
-}
-
-function crypto_auth_verify (h, input, k) {
-  return crypto_auth_hmacsha512256_verify(h, input, k)
+  return crypto_verify_32(h, 0, correct, 0)
 }

 module.exports = {
  crypto_auth_BYTES,
  crypto_auth_KEYBYTES,
-  crypto_auth_hmacsha256_BYTES,
-  crypto_auth_hmacsha256_KEYBYTES,
-  crypto_auth_hmacsha512_BYTES,
-  crypto_auth_hmacsha512_KEYBYTES,
-  crypto_auth_hmacsha512256_BYTES,
-  crypto_auth_hmacsha512256_KEYBYTES,
  crypto_auth,
-  crypto_auth_verify,
-  crypto_auth_hmacsha256,
-  crypto_auth_hmacsha256_verify,
-  crypto_auth_hmacsha512,
-  crypto_auth_hmacsha512256,
-  crypto_auth_hmacsha512256_verify,
-  crypto_auth_hmacsha512_verify
+  crypto_auth_verify
 }