diff --git a/crypto_aead.js b/crypto_aead.js index 60e8679..42f863f 100644 --- a/crypto_aead.js +++ b/crypto_aead.js @@ -1,6 +1,7 @@ +/* eslint-disable camelcase */ const { crypto_stream_chacha20_ietf, crypto_stream_chacha20_ietf_xor_ic } = require('./crypto_stream_chacha20') const { crypto_verify_16 } = require('./crypto_verify') -const Poly1305 = require('./poly1305.js') +const Poly1305 = require('./internal/poly1305') const assert = require('nanoassert') const crypto_aead_chacha20poly1305_ietf_KEYBYTES = 32 diff --git a/crypto_box.js b/crypto_box.js index 2eb8d44..6479e10 100644 --- a/crypto_box.js +++ b/crypto_box.js @@ -1,3 +1,4 @@ +/* eslint-disable camelcase */ const { crypto_hash_sha512 } = require('./crypto_hash') const { crypto_scalarmult, crypto_scalarmult_base } = require('./crypto_scalarmult') const { randombytes } = require('./randombytes') @@ -6,15 +7,14 @@ const { crypto_secretbox_open_easy, crypto_secretbox_easy } = require('./crypto_ const xsalsa20 = require('xsalsa20') const assert = require('nanoassert') -var crypto_box_PUBLICKEYBYTES = 32, - crypto_box_SECRETKEYBYTES = 32, - crypto_box_BEFORENMBYTES = 32, - crypto_box_NONCEBYTES = 24, - crypto_box_ZEROBYTES = 32, - crypto_box_BOXZEROBYTES = 16, - crypto_box_SEALBYTES = 48, - crypto_box_SEEDBYTES = 32, - crypto_box_BEFORENMBYTES = 32 +const crypto_box_PUBLICKEYBYTES = 32 +const crypto_box_SECRETKEYBYTES = 32 +const crypto_box_NONCEBYTES = 24 +const crypto_box_ZEROBYTES = 32 +const crypto_box_BOXZEROBYTES = 16 +const crypto_box_SEALBYTES = 48 +const crypto_box_SEEDBYTES = 32 +const crypto_box_BEFORENMBYTES = 32 module.exports = { crypto_box_keypair, @@ -23,7 +23,6 @@ module.exports = { crypto_box_seal_open, crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES, - crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES, crypto_box_ZEROBYTES, crypto_box_BOXZEROBYTES, @@ -32,14 +31,14 @@ module.exports = { crypto_box_BEFORENMBYTES } -function crypto_box_keypair(pk, sk) { +function crypto_box_keypair (pk, sk) { check(pk, crypto_box_PUBLICKEYBYTES) check(sk, crypto_box_SECRETKEYBYTES) randombytes(sk, 32) return crypto_scalarmult_base(pk, sk) } -function crypto_box_seed_keypair(pk, sk, seed) { +function crypto_box_seed_keypair (pk, sk, seed) { assert(pk.byteLength === crypto_box_PUBLICKEYBYTES, "pk should be 'crypto_box_PUBLICKEYBYTES' bytes") assert(sk.byteLength === crypto_box_SECRETKEYBYTES, "sk should be 'crypto_box_SECRETKEYBYTES' bytes") assert(sk.byteLength === crypto_box_SEEDBYTES, "sk should be 'crypto_box_SEEDBYTES' bytes") @@ -52,7 +51,7 @@ function crypto_box_seed_keypair(pk, sk, seed) { return crypto_scalarmult_base(pk, sk) } -function crypto_box_seal(c, m, pk) { +function crypto_box_seal (c, m, pk) { check(c, crypto_box_SEALBYTES + m.length) check(pk, crypto_box_PUBLICKEYBYTES) @@ -61,7 +60,7 @@ function crypto_box_seal(c, m, pk) { crypto_box_keypair(epk, esk) var n = new Uint8Array(crypto_box_NONCEBYTES) - crypto_generichash_batch(n, [ epk, pk ]) + crypto_generichash_batch(n, [epk, pk]) var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) crypto_scalarmult(s, esk, pk) @@ -75,7 +74,7 @@ function crypto_box_seal(c, m, pk) { cleanup(esk) } -function crypto_box_seal_open(m, c, pk, sk) { +function crypto_box_seal_open (m, c, pk, sk) { check(c, crypto_box_SEALBYTES) check(m, c.length - crypto_box_SEALBYTES) check(pk, crypto_box_PUBLICKEYBYTES) @@ -84,7 +83,7 @@ function crypto_box_seal_open(m, c, pk, sk) { var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) var n = new Uint8Array(crypto_box_NONCEBYTES) - crypto_generichash_batch(n, [ epk, pk ]) + crypto_generichash_batch(n, [epk, pk]) var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) crypto_scalarmult(s, sk, epk) @@ -100,6 +99,6 @@ function check (buf, len) { if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : '')) } -function cleanup(arr) { - for (var i = 0; i < arr.length; i++) arr[i] = 0; +function cleanup (arr) { + for (let i = 0; i < arr.length; i++) arr[i] = 0 } diff --git a/crypto_generichash.js b/crypto_generichash.js index 2d7a3a7..6f0eb1c 100644 --- a/crypto_generichash.js +++ b/crypto_generichash.js @@ -31,6 +31,6 @@ module.exports.crypto_generichash_instance = function (key, outlen) { return blake2b(outlen, key) } -blake2b.ready(function (err) { +blake2b.ready(function (_) { module.exports.crypto_generichash_WASM_LOADED = blake2b.WASM_LOADED }) diff --git a/crypto_hash.js b/crypto_hash.js index 07e9196..344324d 100644 --- a/crypto_hash.js +++ b/crypto_hash.js @@ -1,10 +1,11 @@ +/* eslint-disable camelcase */ const sha512 = require('sha512-wasm') const assert = require('nanoassert') if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.') -var crypto_hash_sha512_BYTES = 64 -var crypto_hash_BYTES = crypto_hash_sha512_BYTES +const crypto_hash_sha512_BYTES = 64 +const crypto_hash_BYTES = crypto_hash_sha512_BYTES function crypto_hash_sha512 (out, m, n) { assert(out.byteLength === crypto_hash_sha512_BYTES, "out must be 'crypto_hash_sha512_BYTES' bytes long") diff --git a/crypto_hash_sha256.js b/crypto_hash_sha256.js index cbe0543..e4c916f 100644 --- a/crypto_hash_sha256.js +++ b/crypto_hash_sha256.js @@ -1,9 +1,10 @@ +/* eslint-disable camelcase */ const sha256 = require('sha256-wasm') const assert = require('nanoassert') if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.') -var crypto_hash_sha256_BYTES = 32 +const crypto_hash_sha256_BYTES = 32 function crypto_hash_sha256 (out, m, n) { assert(out.byteLength === crypto_hash_sha256_BYTES, "out must be 'crypto_hash_sha256_BYTES' bytes long") diff --git a/crypto_kdf.js b/crypto_kdf.js index aad5183..d94d312 100644 --- a/crypto_kdf.js +++ b/crypto_kdf.js @@ -1,6 +1,7 @@ -var assert = require('nanoassert') -var randombytes_buf = require('./randombytes').randombytes_buf -var blake2b = require('blake2b') +/* eslint-disable camelcase */ +const assert = require('nanoassert') +const randombytes_buf = require('./randombytes').randombytes_buf +const blake2b = require('blake2b') module.exports.crypto_kdf_PRIMITIVE = 'blake2b' module.exports.crypto_kdf_BYTES_MIN = 16 @@ -8,7 +9,7 @@ module.exports.crypto_kdf_BYTES_MAX = 64 module.exports.crypto_kdf_CONTEXTBYTES = 8 module.exports.crypto_kdf_KEYBYTES = 32 -function STORE64_LE(dest, int) { +function STORE64_LE (dest, int) { var mul = 1 var i = 0 dest[0] = int & 0xFF diff --git a/crypto_kx.js b/crypto_kx.js index 3477c16..d9d7e63 100644 --- a/crypto_kx.js +++ b/crypto_kx.js @@ -1,11 +1,12 @@ +/* eslint-disable camelcase */ const { crypto_scalarmult_base } = require('./crypto_scalarmult') const { crypto_generichash } = require('./crypto_generichash') const { randombytes_buf } = require('./randombytes') const assert = require('nanoassert') -var crypto_kx_SEEDBYTES = 32 -var crypto_kx_PUBLICKEYBYTES = 32 -var crypto_kx_SECRETKEYBYTES = 32 +const crypto_kx_SEEDBYTES = 32 +const crypto_kx_PUBLICKEYBYTES = 32 +const crypto_kx_SECRETKEYBYTES = 32 function crypto_kx_keypair (pk, sk) { assert(pk.byteLength === crypto_kx_PUBLICKEYBYTES, "pk must be 'crypto_kx_PUBLICKEYBYTES' bytes") diff --git a/crypto_onetimeauth.js b/crypto_onetimeauth.js index a7b4d60..0e3622d 100644 --- a/crypto_onetimeauth.js +++ b/crypto_onetimeauth.js @@ -1,4 +1,5 @@ -const poly1305 = require('./poly1305') +/* eslint-disable camelcase */ +const Poly1305 = require('./internal/poly1305') const { crypto_verify_16 } = require('./crypto_verify') module.exports = { @@ -6,15 +7,15 @@ module.exports = { crypto_onetimeauth_verify } -function crypto_onetimeauth(out, outpos, m, mpos, n, k) { - var s = new poly1305(k); - s.update(m, mpos, n); - s.finish(out, outpos); - return 0; +function crypto_onetimeauth (out, outpos, m, mpos, n, k) { + var s = new Poly1305(k) + s.update(m, mpos, n) + s.finish(out, outpos) + return 0 } -function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) { - var x = new Uint8Array(16); - crypto_onetimeauth(x,0,m,mpos,n,k); - return crypto_verify_16(h,hpos,x,0); +function crypto_onetimeauth_verify (h, hpos, m, mpos, n, k) { + var x = new Uint8Array(16) + crypto_onetimeauth(x, 0, m, mpos, n, k) + return crypto_verify_16(h, hpos, x, 0) } diff --git a/crypto_scalarmult.js b/crypto_scalarmult.js index f7f41b6..d591e05 100644 --- a/crypto_scalarmult.js +++ b/crypto_scalarmult.js @@ -1,9 +1,8 @@ -const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./ed25519.js') +/* eslint-disable camelcase, one-var */ +const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./internal/ed25519') -var crypto_scalarmult_BYTES = 32 -var crypto_scalarmult_SCALARBYTES = 32 -var crypto_scalarmult_BYTES = 32 -var crypto_scalarmult_SCALARBYTES = 32 +const crypto_scalarmult_BYTES = 32 +const crypto_scalarmult_SCALARBYTES = 32 module.exports = { crypto_scalarmult, @@ -19,7 +18,7 @@ function crypto_scalarmult (q, n, p) { var z = new Uint8Array(32) var x = new Float64Array(80), r, i var a = gf(), b = gf(), c = gf(), - d = gf(), e = gf(), f = gf() + d = gf(), e = gf(), f = gf() for (i = 0; i < 31; i++) z[i] = n[i] z[31] = (n[31] & 127) | 64 z[0] &= 248 diff --git a/crypto_secretbox.js b/crypto_secretbox.js index 1dcd2d3..f3c67b4 100644 --- a/crypto_secretbox.js +++ b/crypto_secretbox.js @@ -1,11 +1,12 @@ -var { crypto_stream, crypto_stream_xor } = require('./crypto_stream') -var { crypto_onetimeauth, crypto_onetimeauth_verify } = require('./crypto_onetimeauth') +/* eslint-disable camelcase */ +const { crypto_stream, crypto_stream_xor } = require('./crypto_stream') +const { crypto_onetimeauth, crypto_onetimeauth_verify } = require('./crypto_onetimeauth') -var crypto_secretbox_KEYBYTES = 32, - crypto_secretbox_NONCEBYTES = 24, - crypto_secretbox_ZEROBYTES = 32, - crypto_secretbox_BOXZEROBYTES = 16, - crypto_secretbox_MACBYTES = 16 +const crypto_secretbox_KEYBYTES = 32 +const crypto_secretbox_NONCEBYTES = 24 +const crypto_secretbox_ZEROBYTES = 32 +const crypto_secretbox_BOXZEROBYTES = 16 +const crypto_secretbox_MACBYTES = 1 module.exports = { crypto_secretbox, @@ -57,7 +58,7 @@ function crypto_secretbox_open_detached (msg, o, mac, n, k) { return crypto_secretbox_open_easy(msg, tmp, n, k) } -function crypto_secretbox_easy(o, msg, n, k) { +function crypto_secretbox_easy (o, msg, n, k) { check(msg, 0) check(o, msg.length + crypto_secretbox_MACBYTES) check(n, crypto_secretbox_NONCEBYTES) @@ -71,7 +72,7 @@ function crypto_secretbox_easy(o, msg, n, k) { for (i = crypto_secretbox_BOXZEROBYTES; i < c.length; i++) o[i - crypto_secretbox_BOXZEROBYTES] = c[i] } -function crypto_secretbox_open_easy(msg, box, n, k) { +function crypto_secretbox_open_easy (msg, box, n, k) { check(box, crypto_secretbox_MACBYTES) check(msg, box.length - crypto_secretbox_MACBYTES) check(n, crypto_secretbox_NONCEBYTES) diff --git a/crypto_sign.js b/crypto_sign.js index 63a62d4..c434135 100644 --- a/crypto_sign.js +++ b/crypto_sign.js @@ -1,3 +1,4 @@ +/* eslint-disable camelcase, one-var */ const { crypto_verify_32 } = require('./crypto_verify') const { crypto_hash } = require('./crypto_hash') const { @@ -5,13 +6,13 @@ const { X, Y, I, A, Z, M, S, sel25519, pack25519, inv25519, unpack25519 -} = require('./ed25519') +} = require('./internal/ed25519') const { randombytes } = require('./randombytes') -const crypto_sign_BYTES = 64, - crypto_sign_PUBLICKEYBYTES = 32, - crypto_sign_SECRETKEYBYTES = 64, - crypto_sign_SEEDBYTES = 32 +const crypto_sign_BYTES = 64 +const crypto_sign_PUBLICKEYBYTES = 32 +const crypto_sign_SECRETKEYBYTES = 64 +const crypto_sign_SEEDBYTES = 32 module.exports = { crypto_sign_keypair, @@ -26,107 +27,106 @@ module.exports = { crypto_sign_SEEDBYTES } -function set25519(r, a) { - var i; - for (i = 0; i < 16; i++) r[i] = a[i]|0; +function set25519 (r, a) { + for (let i = 0; i < 16; i++) r[i] = a[i] | 0 } -function pow2523(o, i) { - var c = gf(); - var a; - for (a = 0; a < 16; a++) c[a] = i[a]; +function pow2523 (o, i) { + var c = gf() + var a + for (a = 0; a < 16; a++) c[a] = i[a] for (a = 250; a >= 0; a--) { - S(c, c); - if(a !== 1) M(c, c, i); + S(c, c) + if (a !== 1) M(c, c, i) } - for (a = 0; a < 16; a++) o[a] = c[a]; + for (a = 0; a < 16; a++) o[a] = c[a] } -function add(p, q) { +function add (p, q) { var a = gf(), b = gf(), c = gf(), - d = gf(), e = gf(), f = gf(), - g = gf(), h = gf(), t = gf(); + d = gf(), e = gf(), f = gf(), + g = gf(), h = gf(), t = gf() - Z(a, p[1], p[0]); - Z(t, q[1], q[0]); - M(a, a, t); - A(b, p[0], p[1]); - A(t, q[0], q[1]); - M(b, b, t); - M(c, p[3], q[3]); - M(c, c, D2); - M(d, p[2], q[2]); - A(d, d, d); - Z(e, b, a); - Z(f, d, c); - A(g, d, c); - A(h, b, a); + Z(a, p[1], p[0]) + Z(t, q[1], q[0]) + M(a, a, t) + A(b, p[0], p[1]) + A(t, q[0], q[1]) + M(b, b, t) + M(c, p[3], q[3]) + M(c, c, D2) + M(d, p[2], q[2]) + A(d, d, d) + Z(e, b, a) + Z(f, d, c) + A(g, d, c) + A(h, b, a) - M(p[0], e, f); - M(p[1], h, g); - M(p[2], g, f); - M(p[3], e, h); + M(p[0], e, f) + M(p[1], h, g) + M(p[2], g, f) + M(p[3], e, h) } -function cswap(p, q, b) { - var i; +function cswap (p, q, b) { + var i for (i = 0; i < 4; i++) { - sel25519(p[i], q[i], b); + sel25519(p[i], q[i], b) } } -function pack(r, p) { - var tx = gf(), ty = gf(), zi = gf(); - inv25519(zi, p[2]); - M(tx, p[0], zi); - M(ty, p[1], zi); - pack25519(r, ty); - r[31] ^= par25519(tx) << 7; +function pack (r, p) { + var tx = gf(), ty = gf(), zi = gf() + inv25519(zi, p[2]) + M(tx, p[0], zi) + M(ty, p[1], zi) + pack25519(r, ty) + r[31] ^= par25519(tx) << 7 } -function scalarmult(p, q, s) { - var b, i; - set25519(p[0], gf0); - set25519(p[1], gf1); - set25519(p[2], gf1); - set25519(p[3], gf0); +function scalarmult (p, q, s) { + var b, i + set25519(p[0], gf0) + set25519(p[1], gf1) + set25519(p[2], gf1) + set25519(p[3], gf0) for (i = 255; i >= 0; --i) { - b = (s[(i/8)|0] >> (i&7)) & 1; - cswap(p, q, b); - add(q, p); - add(p, p); - cswap(p, q, b); + b = (s[(i / 8) | 0] >> (i & 7)) & 1 + cswap(p, q, b) + add(q, p) + add(p, p) + cswap(p, q, b) } } -function scalarbase(p, s) { - var q = [gf(), gf(), gf(), gf()]; - set25519(q[0], X); - set25519(q[1], Y); - set25519(q[2], gf1); - M(q[3], X, Y); - scalarmult(p, q, s); +function scalarbase (p, s) { + var q = [gf(), gf(), gf(), gf()] + set25519(q[0], X) + set25519(q[1], Y) + set25519(q[2], gf1) + M(q[3], X, Y) + scalarmult(p, q, s) } -function crypto_sign_keypair(pk, sk, seeded) { +function crypto_sign_keypair (pk, sk, seeded) { check(pk, crypto_sign_PUBLICKEYBYTES) check(sk, crypto_sign_SECRETKEYBYTES) - var d = new Uint8Array(64); - var p = [gf(), gf(), gf(), gf()]; - var i; + var d = new Uint8Array(64) + var p = [gf(), gf(), gf(), gf()] + var i - if (!seeded) randombytes(sk, 32); - crypto_hash(d, sk, 32); - d[0] &= 248; - d[31] &= 127; - d[31] |= 64; + if (!seeded) randombytes(sk, 32) + crypto_hash(d, sk, 32) + d[0] &= 248 + d[31] &= 127 + d[31] |= 64 - scalarbase(p, d); - pack(pk, p); + scalarbase(p, d) + pack(pk, p) - for (i = 0; i < 32; i++) sk[i+32] = pk[i]; - return 0; + for (i = 0; i < 32; i++) sk[i + 32] = pk[i] + return 0 } function crypto_sign_seed_keypair (pk, sk, seed) { @@ -135,161 +135,161 @@ function crypto_sign_seed_keypair (pk, sk, seed) { return crypto_sign_keypair(pk, sk, true) } -var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]); +var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]) -function modL(r, x) { - var carry, i, j, k; +function modL (r, x) { + var carry, i, j, k for (i = 63; i >= 32; --i) { - carry = 0; + carry = 0 for (j = i - 32, k = i - 12; j < k; ++j) { - x[j] += carry - 16 * x[i] * L[j - (i - 32)]; - carry = (x[j] + 128) >> 8; - x[j] -= carry * 256; + x[j] += carry - 16 * x[i] * L[j - (i - 32)] + carry = (x[j] + 128) >> 8 + x[j] -= carry * 256 } - x[j] += carry; - x[i] = 0; + x[j] += carry + x[i] = 0 } - carry = 0; + carry = 0 for (j = 0; j < 32; j++) { - x[j] += carry - (x[31] >> 4) * L[j]; - carry = x[j] >> 8; - x[j] &= 255; + x[j] += carry - (x[31] >> 4) * L[j] + carry = x[j] >> 8 + x[j] &= 255 } - for (j = 0; j < 32; j++) x[j] -= carry * L[j]; + for (j = 0; j < 32; j++) x[j] -= carry * L[j] for (i = 0; i < 32; i++) { - x[i+1] += x[i] >> 8; - r[i] = x[i] & 255; + x[i + 1] += x[i] >> 8 + r[i] = x[i] & 255 } } -function reduce(r) { - var x = new Float64Array(64), i; - for (i = 0; i < 64; i++) x[i] = r[i]; - for (i = 0; i < 64; i++) r[i] = 0; - modL(r, x); +function reduce (r) { + var x = new Float64Array(64) + for (let i = 0; i < 64; i++) x[i] = r[i] + for (let i = 0; i < 64; i++) r[i] = 0 + modL(r, x) } // Note: difference from C - smlen returned, not passed as argument. -function crypto_sign(sm, m, sk) { +function crypto_sign (sm, m, sk) { check(sm, crypto_sign_BYTES + m.length) check(m, 0) check(sk, crypto_sign_SECRETKEYBYTES) var n = m.length - var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64); - var i, j, x = new Float64Array(64); - var p = [gf(), gf(), gf(), gf()]; + var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64) + var i, j, x = new Float64Array(64) + var p = [gf(), gf(), gf(), gf()] - crypto_hash(d, sk, 32); - d[0] &= 248; - d[31] &= 127; - d[31] |= 64; + crypto_hash(d, sk, 32) + d[0] &= 248 + d[31] &= 127 + d[31] |= 64 - var smlen = n + 64; - for (i = 0; i < n; i++) sm[64 + i] = m[i]; - for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i]; + var smlen = n + 64 + for (i = 0; i < n; i++) sm[64 + i] = m[i] + for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i] - crypto_hash(r, sm.subarray(32), n+32); - reduce(r); - scalarbase(p, r); - pack(sm, p); + crypto_hash(r, sm.subarray(32), n + 32) + reduce(r) + scalarbase(p, r) + pack(sm, p) - for (i = 32; i < 64; i++) sm[i] = sk[i]; - crypto_hash(h, sm, n + 64); - reduce(h); + for (i = 32; i < 64; i++) sm[i] = sk[i] + crypto_hash(h, sm, n + 64) + reduce(h) - for (i = 0; i < 64; i++) x[i] = 0; - for (i = 0; i < 32; i++) x[i] = r[i]; + for (i = 0; i < 64; i++) x[i] = 0 + for (i = 0; i < 32; i++) x[i] = r[i] for (i = 0; i < 32; i++) { for (j = 0; j < 32; j++) { - x[i+j] += h[i] * d[j]; + x[i + j] += h[i] * d[j] } } - modL(sm.subarray(32), x); + modL(sm.subarray(32), x) return smlen } -function crypto_sign_detached(sig, m, sk) { +function crypto_sign_detached (sig, m, sk) { var sm = new Uint8Array(m.length + crypto_sign_BYTES) crypto_sign(sm, m, sk) - for (var i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i] + for (let i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i] } -function unpackneg(r, p) { +function unpackneg (r, p) { var t = gf(), chk = gf(), num = gf(), - den = gf(), den2 = gf(), den4 = gf(), - den6 = gf(); + den = gf(), den2 = gf(), den4 = gf(), + den6 = gf() - set25519(r[2], gf1); - unpack25519(r[1], p); - S(num, r[1]); - M(den, num, D); - Z(num, num, r[2]); - A(den, r[2], den); + set25519(r[2], gf1) + unpack25519(r[1], p) + S(num, r[1]) + M(den, num, D) + Z(num, num, r[2]) + A(den, r[2], den) - S(den2, den); - S(den4, den2); - M(den6, den4, den2); - M(t, den6, num); - M(t, t, den); + S(den2, den) + S(den4, den2) + M(den6, den4, den2) + M(t, den6, num) + M(t, t, den) - pow2523(t, t); - M(t, t, num); - M(t, t, den); - M(t, t, den); - M(r[0], t, den); + pow2523(t, t) + M(t, t, num) + M(t, t, den) + M(t, t, den) + M(r[0], t, den) - S(chk, r[0]); - M(chk, chk, den); - if (neq25519(chk, num)) M(r[0], r[0], I); + S(chk, r[0]) + M(chk, chk, den) + if (neq25519(chk, num)) M(r[0], r[0], I) - S(chk, r[0]); - M(chk, chk, den); - if (neq25519(chk, num)) return -1; + S(chk, r[0]) + M(chk, chk, den) + if (neq25519(chk, num)) return -1 - if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]); + if (par25519(r[0]) === (p[31] >> 7)) Z(r[0], gf0, r[0]) - M(r[3], r[0], r[1]); - return 0; + M(r[3], r[0], r[1]) + return 0 } -function crypto_sign_open(msg, sm, pk) { +function crypto_sign_open (msg, sm, pk) { check(msg, sm.length - crypto_sign_BYTES) check(sm, crypto_sign_BYTES) check(pk, crypto_sign_PUBLICKEYBYTES) var n = sm.length var m = new Uint8Array(sm.length) - var i, mlen; - var t = new Uint8Array(32), h = new Uint8Array(64); + var i, mlen + var t = new Uint8Array(32), h = new Uint8Array(64) var p = [gf(), gf(), gf(), gf()], - q = [gf(), gf(), gf(), gf()]; + q = [gf(), gf(), gf(), gf()] - mlen = -1; - if (n < 64) return false; + mlen = -1 + if (n < 64) return false - if (unpackneg(q, pk)) return false; + if (unpackneg(q, pk)) return false - for (i = 0; i < n; i++) m[i] = sm[i]; - for (i = 0; i < 32; i++) m[i+32] = pk[i]; - crypto_hash(h, m, n); - reduce(h); - scalarmult(p, q, h); + for (i = 0; i < n; i++) m[i] = sm[i] + for (i = 0; i < 32; i++) m[i + 32] = pk[i] + crypto_hash(h, m, n) + reduce(h) + scalarmult(p, q, h) - scalarbase(q, sm.subarray(32)); - add(p, q); - pack(t, p); + scalarbase(q, sm.subarray(32)) + add(p, q) + pack(t, p) - n -= 64; + n -= 64 if (crypto_verify_32(sm, 0, t, 0)) { - for (i = 0; i < n; i++) m[i] = 0; - return false; + for (i = 0; i < n; i++) m[i] = 0 + throw new Error('crypto_sign_open failed') } - for (i = 0; i < n; i++) msg[i] = sm[i + 64]; - mlen = n; - return true; + for (i = 0; i < n; i++) msg[i] = sm[i + 64] + mlen = n + return mlen } function crypto_sign_verify_detached (sig, m, pk) { @@ -301,17 +301,17 @@ function crypto_sign_verify_detached (sig, m, pk) { return crypto_sign_open(m, sm, pk) } -function par25519(a) { - var d = new Uint8Array(32); - pack25519(d, a); - return d[0] & 1; +function par25519 (a) { + var d = new Uint8Array(32) + pack25519(d, a) + return d[0] & 1 } -function neq25519(a, b) { - var c = new Uint8Array(32), d = new Uint8Array(32); - pack25519(c, a); - pack25519(d, b); - return crypto_verify_32(c, 0, d, 0); +function neq25519 (a, b) { + var c = new Uint8Array(32), d = new Uint8Array(32) + pack25519(c, a) + pack25519(d, b) + return crypto_verify_32(c, 0, d, 0) } function check (buf, len) { diff --git a/crypto_stream.js b/crypto_stream.js index a106a72..4bdc8b5 100644 --- a/crypto_stream.js +++ b/crypto_stream.js @@ -1,4 +1,5 @@ -var xsalsa20 = require('xsalsa20') +/* eslint-disable camelcase */ +const xsalsa20 = require('xsalsa20') if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.') @@ -12,7 +13,7 @@ exports.crypto_stream = function (c, nonce, key) { } exports.crypto_stream_xor = function (c, m, nonce, key) { - var xor = xsalsa20(nonce, key) + const xor = xsalsa20(nonce, key) xor.update(m, c) xor.final() diff --git a/crypto_verify.js b/crypto_verify.js index 8dbd105..1dfe154 100644 --- a/crypto_verify.js +++ b/crypto_verify.js @@ -1,3 +1,4 @@ +/* eslint-disable camelcase */ const assert = require('nanoassert') module.exports = { @@ -8,16 +9,16 @@ module.exports = { } function vn (x, xi, y, yi, n) { - var i, d = 0 - for (i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i] + var d = 0 + for (let i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i] return (1 & ((d - 1) >>> 8)) - 1 } -function crypto_verify_16(x, xi, y, yi) { +function crypto_verify_16 (x, xi, y, yi) { return vn(x, xi, y, yi, 16) } -function crypto_verify_32(x, xi, y, yi) { +function crypto_verify_32 (x, xi, y, yi) { return vn(x, xi, y, yi, 32) } diff --git a/example.js b/example.js index a542a45..b3c8b29 100644 --- a/example.js +++ b/example.js @@ -1,19 +1,19 @@ var sodium = require('./') -var key = new Buffer(sodium.crypto_secretbox_KEYBYTES) -var nonce = new Buffer(sodium.crypto_secretbox_NONCEBYTES) +var key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES) +var nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES) sodium.randombytes_buf(key) sodium.randombytes_buf(nonce) -var message = new Buffer('Hello, World!') -var cipher = new Buffer(message.length + sodium.crypto_secretbox_MACBYTES) +var message = Buffer.from('Hello, World!') +var cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES) sodium.crypto_secretbox_easy(cipher, message, nonce, key) console.log('Encrypted:', cipher) -var plainText = new Buffer(cipher.length - sodium.crypto_secretbox_MACBYTES) +var plainText = Buffer.alloc(cipher.length - sodium.crypto_secretbox_MACBYTES) sodium.crypto_secretbox_open_easy(plainText, cipher, nonce, key) diff --git a/package.json b/package.json index d98908b..122e71c 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,13 @@ "devDependencies": { "browser-run": "^4.0.2", "browserify": "^14.1.0", - "sodium-test": "^0.9.0" + "sodium-test": "^0.9.0", + "standard": "^14.3.4" + }, + "standard": { + "ignore": [ + "/internal/**/*.js" + ] }, "browser": { "crypto": false @@ -26,6 +32,7 @@ "scripts": { "browser": "browserify test.js | browser-run", "browser-manual": "browserify test.js | browser-run -p 1234", + "lint": "standard", "test": "node test.js" }, "repository": { diff --git a/randombytes.js b/randombytes.js index 3d5ed20..d4dcc75 100644 --- a/randombytes.js +++ b/randombytes.js @@ -5,7 +5,7 @@ var randombytes = (function () { var crypto = global.crypto || global.msCrypto function browserBytes (out, n) { - for (var i = 0; i < n; i += QUOTA) { + for (let i = 0; i < n; i += QUOTA) { crypto.getRandomValues(out.subarray(i, i + Math.min(n - i, QUOTA))) } }