add crypto_auth_hmac methods

This commit is contained in:
Christophe Diederichs 2020-09-03 12:49:05 +02:00
parent a546f3e51d
commit 0fba70b6fa
4 changed files with 79 additions and 2 deletions

72
crypto_auth.js Normal file
View File

@ -0,0 +1,72 @@
/* eslint-disable camelcase */
const { crypto_verify_32, crypto_verify_64 } = require('./crypto_verify')
const Sha256 = require('sha256-universal')
const Sha512 = require('sha512-universal')
const assert = require('nanoassert')
const crypto_auth_hmacsha256_BYTES = 32
const crypto_auth_hmacsha256_KEYBYTES = 32
const crypto_auth_hmacsha512_BYTES = 64
const crypto_auth_hmacsha512_KEYBYTES = 32
const crypto_auth_hmacsha512256_BYTES = 32
const crypto_auth_hmacsha512256_KEYBYTES = 32
function crypto_auth_hmacsha256 (out, input, k) {
assert(out.byteLength === crypto_auth_hmacsha256_BYTES, "out should be 'crypto_auth_hmacsha256_BYTES' in length")
const hmac = Sha256.HMAC(key)
hmac.update(input)
return hmac.digest(out)
}
function crypto_auth_hmacsha256_verify (h, input, k) {
const correct = Sha256.HMAC(k).update(input).digest()
return crypto_verify_32(h, 0, correct, 0) | sodium_memcmp(correct, h, 32)
}
function crypto_auth_hmacsha512 (out, input, k) {
assert(out.byteLength === crypto_auth_hmacsha512_BYTES, "out should be 'crypto_auth_hmacsha512_BYTES' in length")
const hmac = Sha512.HMAC(key)
hmac.update(input)
return hmac.digest(out)
}
function crypto_auth_hmacsha512_verify (h, input, k) {
const correct = Sha512.HMAC(k).update(input).digest()
return crypto_verify_64(h, 0, correct, 0) | sodium_memcmp(correct, h, 64)
}
function crypto_auth_hmacsha512256 (out, input, k) {
assert(out.byteLength === crypto_auth_hmacsha512_BYTES, "out should be 'crypto_auth_hmacsha512256_BYTES' in length")
const out0 = Buffer.alloc(64)
const hmac = Sha512.HMAC(key)
hmac.update(input)
hmac.digest(out)
out.set(out0.subarray(0, 32))
}
function crypto_auth_hmacsha512256_verify (h, input, k) {
const correct = Sha512.HMAC(k).update(input).digest()
return crypto_verify_32(h, 0, correct, 0) | sodium_memcmp(correct, h, 32)
}
module.exports = {
crypto_auth_hmacsha256_BYTES,
crypto_auth_hmacsha256_KEYBYTES,
crypto_auth_hmacsha512_BYTES,
crypto_auth_hmacsha512_KEYBYTES,
crypto_auth_hmacsha512256_BYTES,
crypto_auth_hmacsha512256_KEYBYTES,
crypto_auth_hmacsha256,
crypto_auth_hmacsha256_verify,
crypto_auth_hmacsha512,
crypto_auth_hmacsha512_verify,
crypto_auth_hmacsha512256,
crypto_auth_hmacsha512256_verify
}

View File

@ -22,3 +22,7 @@ function crypto_verify_16 (x, xi, y, yi) {
function crypto_verify_32 (x, xi, y, yi) { function crypto_verify_32 (x, xi, y, yi) {
return vn(x, xi, y, yi, 32) return vn(x, xi, y, yi, 32)
} }
function crypto_verify_64 (x, xi, y, yi) {
return vn(x, xi, y, yi, 64)
}

View File

@ -12,6 +12,7 @@ forward(require('./randombytes'))
forward(require('./memory')) forward(require('./memory'))
forward(require('./helpers')) forward(require('./helpers'))
forward(require('./crypto_verify')) forward(require('./crypto_verify'))
forward(require('./crypto_auth'))
forward(require('./crypto_box')) forward(require('./crypto_box'))
forward(require('./crypto_generichash')) forward(require('./crypto_generichash'))
forward(require('./crypto_hash')) forward(require('./crypto_hash'))

View File

@ -7,8 +7,8 @@
"blake2b": "^2.1.1", "blake2b": "^2.1.1",
"chacha20-universal": "^1.0.4", "chacha20-universal": "^1.0.4",
"nanoassert": "^2.0.0", "nanoassert": "^2.0.0",
"sha256-universal": "^1.0.1", "sha256-universal": "^1.1.0",
"sha512-universal": "^1.0.1", "sha512-universal": "^1.1.0",
"siphash24": "^1.0.1", "siphash24": "^1.0.1",
"xsalsa20": "^1.0.0" "xsalsa20": "^1.0.0"
}, },