Make linter happy

crypto_aead.js

@@ -1,6 +1,7 @@
+/* eslint-disable camelcase */
 const { crypto_stream_chacha20_ietf, crypto_stream_chacha20_ietf_xor_ic } = require('./crypto_stream_chacha20')
 const { crypto_verify_16 } = require('./crypto_verify')
-const Poly1305 = require('./poly1305.js')
+const Poly1305 = require('./internal/poly1305')
 const assert = require('nanoassert')
 
 const crypto_aead_chacha20poly1305_ietf_KEYBYTES = 32

crypto_box.js

@@ -1,3 +1,4 @@
+/* eslint-disable camelcase */
 const { crypto_hash_sha512 } = require('./crypto_hash')
 const { crypto_scalarmult, crypto_scalarmult_base } = require('./crypto_scalarmult')
 const { randombytes } = require('./randombytes')
@@ -6,15 +7,14 @@ const { crypto_secretbox_open_easy, crypto_secretbox_easy } = require('./crypto_
 const xsalsa20 = require('xsalsa20')
 const assert = require('nanoassert')
 
-var crypto_box_PUBLICKEYBYTES = 32,
+const crypto_box_PUBLICKEYBYTES = 32
-    crypto_box_SECRETKEYBYTES = 32,
+const crypto_box_SECRETKEYBYTES = 32
-    crypto_box_BEFORENMBYTES = 32,
+const crypto_box_NONCEBYTES = 24
-    crypto_box_NONCEBYTES = 24,
+const crypto_box_ZEROBYTES = 32
-    crypto_box_ZEROBYTES = 32,
+const crypto_box_BOXZEROBYTES = 16
-    crypto_box_BOXZEROBYTES = 16,
+const crypto_box_SEALBYTES = 48
-    crypto_box_SEALBYTES = 48,
+const crypto_box_SEEDBYTES = 32
-    crypto_box_SEEDBYTES = 32,
+const crypto_box_BEFORENMBYTES = 32
-    crypto_box_BEFORENMBYTES = 32
 
 module.exports = {
   crypto_box_keypair,
@@ -23,7 +23,6 @@ module.exports = {
   crypto_box_seal_open,
   crypto_box_PUBLICKEYBYTES,
   crypto_box_SECRETKEYBYTES,
-  crypto_box_BEFORENMBYTES,
   crypto_box_NONCEBYTES,
   crypto_box_ZEROBYTES,
   crypto_box_BOXZEROBYTES,
@@ -32,14 +31,14 @@ module.exports = {
   crypto_box_BEFORENMBYTES
 }
 
-function crypto_box_keypair(pk, sk) {
+function crypto_box_keypair (pk, sk) {
   check(pk, crypto_box_PUBLICKEYBYTES)
   check(sk, crypto_box_SECRETKEYBYTES)
   randombytes(sk, 32)
   return crypto_scalarmult_base(pk, sk)
 }
 
-function crypto_box_seed_keypair(pk, sk, seed) {
+function crypto_box_seed_keypair (pk, sk, seed) {
   assert(pk.byteLength === crypto_box_PUBLICKEYBYTES, "pk should be 'crypto_box_PUBLICKEYBYTES' bytes")
   assert(sk.byteLength === crypto_box_SECRETKEYBYTES, "sk should be 'crypto_box_SECRETKEYBYTES' bytes")
   assert(sk.byteLength === crypto_box_SEEDBYTES, "sk should be 'crypto_box_SEEDBYTES' bytes")
@@ -52,7 +51,7 @@ function crypto_box_seed_keypair(pk, sk, seed) {
   return crypto_scalarmult_base(pk, sk)
 }
 
-function crypto_box_seal(c, m, pk) {
+function crypto_box_seal (c, m, pk) {
   check(c, crypto_box_SEALBYTES + m.length)
   check(pk, crypto_box_PUBLICKEYBYTES)
 
@@ -61,7 +60,7 @@ function crypto_box_seal(c, m, pk) {
   crypto_box_keypair(epk, esk)
 
   var n = new Uint8Array(crypto_box_NONCEBYTES)
-  crypto_generichash_batch(n, [ epk, pk ])
+  crypto_generichash_batch(n, [epk, pk])
 
   var s = new Uint8Array(crypto_box_PUBLICKEYBYTES)
   crypto_scalarmult(s, esk, pk)
@@ -75,7 +74,7 @@ function crypto_box_seal(c, m, pk) {
   cleanup(esk)
 }
 
-function crypto_box_seal_open(m, c, pk, sk) {
+function crypto_box_seal_open (m, c, pk, sk) {
   check(c, crypto_box_SEALBYTES)
   check(m, c.length - crypto_box_SEALBYTES)
   check(pk, crypto_box_PUBLICKEYBYTES)
@@ -84,7 +83,7 @@ function crypto_box_seal_open(m, c, pk, sk) {
   var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES)
 
   var n = new Uint8Array(crypto_box_NONCEBYTES)
-  crypto_generichash_batch(n, [ epk, pk ])
+  crypto_generichash_batch(n, [epk, pk])
 
   var s = new Uint8Array(crypto_box_PUBLICKEYBYTES)
   crypto_scalarmult(s, sk, epk)
@@ -100,6 +99,6 @@ function check (buf, len) {
   if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : ''))
 }
 
-function cleanup(arr) {
+function cleanup (arr) {
-  for (var i = 0; i < arr.length; i++) arr[i] = 0;
+  for (let i = 0; i < arr.length; i++) arr[i] = 0
 }

crypto_generichash.js

@@ -31,6 +31,6 @@ module.exports.crypto_generichash_instance = function (key, outlen) {
   return blake2b(outlen, key)
 }
 
-blake2b.ready(function (err) {
+blake2b.ready(function (_) {
   module.exports.crypto_generichash_WASM_LOADED = blake2b.WASM_LOADED
 })

crypto_hash.js

@@ -1,10 +1,11 @@
+/* eslint-disable camelcase */
 const sha512 = require('sha512-wasm')
 const assert = require('nanoassert')
 
 if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.')
 
-var crypto_hash_sha512_BYTES = 64
+const crypto_hash_sha512_BYTES = 64
-var crypto_hash_BYTES = crypto_hash_sha512_BYTES
+const crypto_hash_BYTES = crypto_hash_sha512_BYTES
 
 function crypto_hash_sha512 (out, m, n) {
   assert(out.byteLength === crypto_hash_sha512_BYTES, "out must be 'crypto_hash_sha512_BYTES' bytes long")

crypto_hash_sha256.js

@@ -1,9 +1,10 @@
+/* eslint-disable camelcase */
 const sha256 = require('sha256-wasm')
 const assert = require('nanoassert')
 
 if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.')
 
-var crypto_hash_sha256_BYTES = 32
+const crypto_hash_sha256_BYTES = 32
 
 function crypto_hash_sha256 (out, m, n) {
   assert(out.byteLength === crypto_hash_sha256_BYTES, "out must be 'crypto_hash_sha256_BYTES' bytes long")

crypto_kdf.js

@@ -1,6 +1,7 @@
-var assert = require('nanoassert')
+/* eslint-disable camelcase */
-var randombytes_buf = require('./randombytes').randombytes_buf
+const assert = require('nanoassert')
-var blake2b = require('blake2b')
+const randombytes_buf = require('./randombytes').randombytes_buf
+const blake2b = require('blake2b')
 
 module.exports.crypto_kdf_PRIMITIVE = 'blake2b'
 module.exports.crypto_kdf_BYTES_MIN = 16
@@ -8,7 +9,7 @@ module.exports.crypto_kdf_BYTES_MAX = 64
 module.exports.crypto_kdf_CONTEXTBYTES = 8
 module.exports.crypto_kdf_KEYBYTES = 32
 
-function STORE64_LE(dest, int) {
+function STORE64_LE (dest, int) {
   var mul = 1
   var i = 0
   dest[0] = int & 0xFF

crypto_kx.js

@@ -1,11 +1,12 @@
+/* eslint-disable camelcase */
 const { crypto_scalarmult_base } = require('./crypto_scalarmult')
 const { crypto_generichash } = require('./crypto_generichash')
 const { randombytes_buf } = require('./randombytes')
 const assert = require('nanoassert')
 
-var crypto_kx_SEEDBYTES = 32
+const crypto_kx_SEEDBYTES = 32
-var crypto_kx_PUBLICKEYBYTES = 32
+const crypto_kx_PUBLICKEYBYTES = 32
-var crypto_kx_SECRETKEYBYTES = 32
+const crypto_kx_SECRETKEYBYTES = 32
 
 function crypto_kx_keypair (pk, sk) {
   assert(pk.byteLength === crypto_kx_PUBLICKEYBYTES, "pk must be 'crypto_kx_PUBLICKEYBYTES' bytes")

crypto_onetimeauth.js

@@ -1,4 +1,5 @@
-const poly1305 = require('./poly1305')
+/* eslint-disable camelcase */
+const Poly1305 = require('./internal/poly1305')
 const { crypto_verify_16 } = require('./crypto_verify')
 
 module.exports = {
@@ -6,15 +7,15 @@ module.exports = {
   crypto_onetimeauth_verify
 }
 
-function crypto_onetimeauth(out, outpos, m, mpos, n, k) {
+function crypto_onetimeauth (out, outpos, m, mpos, n, k) {
-  var s = new poly1305(k);
+  var s = new Poly1305(k)
-  s.update(m, mpos, n);
+  s.update(m, mpos, n)
-  s.finish(out, outpos);
+  s.finish(out, outpos)
-  return 0;
+  return 0
 }
 
-function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {
+function crypto_onetimeauth_verify (h, hpos, m, mpos, n, k) {
-  var x = new Uint8Array(16);
+  var x = new Uint8Array(16)
-  crypto_onetimeauth(x,0,m,mpos,n,k);
+  crypto_onetimeauth(x, 0, m, mpos, n, k)
-  return crypto_verify_16(h,hpos,x,0);
+  return crypto_verify_16(h, hpos, x, 0)
 }

crypto_scalarmult.js

@@ -1,9 +1,8 @@
-const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./ed25519.js')
+/* eslint-disable camelcase, one-var */
+const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./internal/ed25519')
 
-var crypto_scalarmult_BYTES = 32
+const crypto_scalarmult_BYTES = 32
-var crypto_scalarmult_SCALARBYTES = 32
+const crypto_scalarmult_SCALARBYTES = 32
-var crypto_scalarmult_BYTES = 32
-var crypto_scalarmult_SCALARBYTES = 32
 
 module.exports = {
   crypto_scalarmult,
@@ -19,7 +18,7 @@ function crypto_scalarmult (q, n, p) {
   var z = new Uint8Array(32)
   var x = new Float64Array(80), r, i
   var a = gf(), b = gf(), c = gf(),
-      d = gf(), e = gf(), f = gf()
+    d = gf(), e = gf(), f = gf()
   for (i = 0; i < 31; i++) z[i] = n[i]
   z[31] = (n[31] & 127) | 64
   z[0] &= 248

crypto_secretbox.js

@@ -1,11 +1,12 @@
-var { crypto_stream, crypto_stream_xor } = require('./crypto_stream')
+/* eslint-disable camelcase */
-var { crypto_onetimeauth, crypto_onetimeauth_verify } = require('./crypto_onetimeauth')
+const { crypto_stream, crypto_stream_xor } = require('./crypto_stream')
+const { crypto_onetimeauth, crypto_onetimeauth_verify } = require('./crypto_onetimeauth')
 
-var crypto_secretbox_KEYBYTES = 32,
+const crypto_secretbox_KEYBYTES = 32
-    crypto_secretbox_NONCEBYTES = 24,
+const crypto_secretbox_NONCEBYTES = 24
-    crypto_secretbox_ZEROBYTES = 32,
+const crypto_secretbox_ZEROBYTES = 32
-    crypto_secretbox_BOXZEROBYTES = 16,
+const crypto_secretbox_BOXZEROBYTES = 16
-    crypto_secretbox_MACBYTES = 16
+const crypto_secretbox_MACBYTES = 1
 
 module.exports = {
   crypto_secretbox,
@@ -57,7 +58,7 @@ function crypto_secretbox_open_detached (msg, o, mac, n, k) {
   return crypto_secretbox_open_easy(msg, tmp, n, k)
 }
 
-function crypto_secretbox_easy(o, msg, n, k) {
+function crypto_secretbox_easy (o, msg, n, k) {
   check(msg, 0)
   check(o, msg.length + crypto_secretbox_MACBYTES)
   check(n, crypto_secretbox_NONCEBYTES)
@@ -71,7 +72,7 @@ function crypto_secretbox_easy(o, msg, n, k) {
   for (i = crypto_secretbox_BOXZEROBYTES; i < c.length; i++) o[i - crypto_secretbox_BOXZEROBYTES] = c[i]
 }
 
-function crypto_secretbox_open_easy(msg, box, n, k) {
+function crypto_secretbox_open_easy (msg, box, n, k) {
   check(box, crypto_secretbox_MACBYTES)
   check(msg, box.length - crypto_secretbox_MACBYTES)
   check(n, crypto_secretbox_NONCEBYTES)

crypto_sign.js

@@ -1,3 +1,4 @@
+/* eslint-disable camelcase, one-var */
 const { crypto_verify_32 } = require('./crypto_verify')
 const { crypto_hash } = require('./crypto_hash')
 const {
@@ -5,13 +6,13 @@ const {
   X, Y, I, A, Z, M, S,
   sel25519, pack25519,
   inv25519, unpack25519
-} = require('./ed25519')
+} = require('./internal/ed25519')
 const { randombytes } = require('./randombytes')
 
-const crypto_sign_BYTES = 64,
+const crypto_sign_BYTES = 64
-    crypto_sign_PUBLICKEYBYTES = 32,
+const crypto_sign_PUBLICKEYBYTES = 32
-    crypto_sign_SECRETKEYBYTES = 64,
+const crypto_sign_SECRETKEYBYTES = 64
-    crypto_sign_SEEDBYTES = 32
+const crypto_sign_SEEDBYTES = 32
 
 module.exports = {
   crypto_sign_keypair,
@@ -26,107 +27,106 @@ module.exports = {
   crypto_sign_SEEDBYTES
 }
 
-function set25519(r, a) {
+function set25519 (r, a) {
-  var i;
+  for (let i = 0; i < 16; i++) r[i] = a[i] | 0
-  for (i = 0; i < 16; i++) r[i] = a[i]|0;
 }
 
-function pow2523(o, i) {
+function pow2523 (o, i) {
-  var c = gf();
+  var c = gf()
-  var a;
+  var a
-  for (a = 0; a < 16; a++) c[a] = i[a];
+  for (a = 0; a < 16; a++) c[a] = i[a]
   for (a = 250; a >= 0; a--) {
-      S(c, c);
+    S(c, c)
-      if(a !== 1) M(c, c, i);
+    if (a !== 1) M(c, c, i)
   }
-  for (a = 0; a < 16; a++) o[a] = c[a];
+  for (a = 0; a < 16; a++) o[a] = c[a]
 }
 
-function add(p, q) {
+function add (p, q) {
   var a = gf(), b = gf(), c = gf(),
-      d = gf(), e = gf(), f = gf(),
+    d = gf(), e = gf(), f = gf(),
-      g = gf(), h = gf(), t = gf();
+    g = gf(), h = gf(), t = gf()
 
-  Z(a, p[1], p[0]);
+  Z(a, p[1], p[0])
-  Z(t, q[1], q[0]);
+  Z(t, q[1], q[0])
-  M(a, a, t);
+  M(a, a, t)
-  A(b, p[0], p[1]);
+  A(b, p[0], p[1])
-  A(t, q[0], q[1]);
+  A(t, q[0], q[1])
-  M(b, b, t);
+  M(b, b, t)
-  M(c, p[3], q[3]);
+  M(c, p[3], q[3])
-  M(c, c, D2);
+  M(c, c, D2)
-  M(d, p[2], q[2]);
+  M(d, p[2], q[2])
-  A(d, d, d);
+  A(d, d, d)
-  Z(e, b, a);
+  Z(e, b, a)
-  Z(f, d, c);
+  Z(f, d, c)
-  A(g, d, c);
+  A(g, d, c)
-  A(h, b, a);
+  A(h, b, a)
 
-  M(p[0], e, f);
+  M(p[0], e, f)
-  M(p[1], h, g);
+  M(p[1], h, g)
-  M(p[2], g, f);
+  M(p[2], g, f)
-  M(p[3], e, h);
+  M(p[3], e, h)
 }
 
-function cswap(p, q, b) {
+function cswap (p, q, b) {
-  var i;
+  var i
   for (i = 0; i < 4; i++) {
-    sel25519(p[i], q[i], b);
+    sel25519(p[i], q[i], b)
   }
 }
 
-function pack(r, p) {
+function pack (r, p) {
-  var tx = gf(), ty = gf(), zi = gf();
+  var tx = gf(), ty = gf(), zi = gf()
-  inv25519(zi, p[2]);
+  inv25519(zi, p[2])
-  M(tx, p[0], zi);
+  M(tx, p[0], zi)
-  M(ty, p[1], zi);
+  M(ty, p[1], zi)
-  pack25519(r, ty);
+  pack25519(r, ty)
-  r[31] ^= par25519(tx) << 7;
+  r[31] ^= par25519(tx) << 7
 }
 
-function scalarmult(p, q, s) {
+function scalarmult (p, q, s) {
-  var b, i;
+  var b, i
-  set25519(p[0], gf0);
+  set25519(p[0], gf0)
-  set25519(p[1], gf1);
+  set25519(p[1], gf1)
-  set25519(p[2], gf1);
+  set25519(p[2], gf1)
-  set25519(p[3], gf0);
+  set25519(p[3], gf0)
   for (i = 255; i >= 0; --i) {
-    b = (s[(i/8)|0] >> (i&7)) & 1;
+    b = (s[(i / 8) | 0] >> (i & 7)) & 1
-    cswap(p, q, b);
+    cswap(p, q, b)
-    add(q, p);
+    add(q, p)
-    add(p, p);
+    add(p, p)
-    cswap(p, q, b);
+    cswap(p, q, b)
   }
 }
 
-function scalarbase(p, s) {
+function scalarbase (p, s) {
-  var q = [gf(), gf(), gf(), gf()];
+  var q = [gf(), gf(), gf(), gf()]
-  set25519(q[0], X);
+  set25519(q[0], X)
-  set25519(q[1], Y);
+  set25519(q[1], Y)
-  set25519(q[2], gf1);
+  set25519(q[2], gf1)
-  M(q[3], X, Y);
+  M(q[3], X, Y)
-  scalarmult(p, q, s);
+  scalarmult(p, q, s)
 }
 
-function crypto_sign_keypair(pk, sk, seeded) {
+function crypto_sign_keypair (pk, sk, seeded) {
   check(pk, crypto_sign_PUBLICKEYBYTES)
   check(sk, crypto_sign_SECRETKEYBYTES)
 
-  var d = new Uint8Array(64);
+  var d = new Uint8Array(64)
-  var p = [gf(), gf(), gf(), gf()];
+  var p = [gf(), gf(), gf(), gf()]
-  var i;
+  var i
 
-  if (!seeded) randombytes(sk, 32);
+  if (!seeded) randombytes(sk, 32)
-  crypto_hash(d, sk, 32);
+  crypto_hash(d, sk, 32)
-  d[0] &= 248;
+  d[0] &= 248
-  d[31] &= 127;
+  d[31] &= 127
-  d[31] |= 64;
+  d[31] |= 64
 
-  scalarbase(p, d);
+  scalarbase(p, d)
-  pack(pk, p);
+  pack(pk, p)
 
-  for (i = 0; i < 32; i++) sk[i+32] = pk[i];
+  for (i = 0; i < 32; i++) sk[i + 32] = pk[i]
-  return 0;
+  return 0
 }
 
 function crypto_sign_seed_keypair (pk, sk, seed) {
@@ -135,161 +135,161 @@ function crypto_sign_seed_keypair (pk, sk, seed) {
   return crypto_sign_keypair(pk, sk, true)
 }
 
-var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);
+var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10])
 
-function modL(r, x) {
+function modL (r, x) {
-  var carry, i, j, k;
+  var carry, i, j, k
   for (i = 63; i >= 32; --i) {
-    carry = 0;
+    carry = 0
     for (j = i - 32, k = i - 12; j < k; ++j) {
-      x[j] += carry - 16 * x[i] * L[j - (i - 32)];
+      x[j] += carry - 16 * x[i] * L[j - (i - 32)]
-      carry = (x[j] + 128) >> 8;
+      carry = (x[j] + 128) >> 8
-      x[j] -= carry * 256;
+      x[j] -= carry * 256
     }
-    x[j] += carry;
+    x[j] += carry
-    x[i] = 0;
+    x[i] = 0
   }
-  carry = 0;
+  carry = 0
   for (j = 0; j < 32; j++) {
-    x[j] += carry - (x[31] >> 4) * L[j];
+    x[j] += carry - (x[31] >> 4) * L[j]
-    carry = x[j] >> 8;
+    carry = x[j] >> 8
-    x[j] &= 255;
+    x[j] &= 255
   }
-  for (j = 0; j < 32; j++) x[j] -= carry * L[j];
+  for (j = 0; j < 32; j++) x[j] -= carry * L[j]
   for (i = 0; i < 32; i++) {
-    x[i+1] += x[i] >> 8;
+    x[i + 1] += x[i] >> 8
-    r[i] = x[i] & 255;
+    r[i] = x[i] & 255
   }
 }
 
-function reduce(r) {
+function reduce (r) {
-  var x = new Float64Array(64), i;
+  var x = new Float64Array(64)
-  for (i = 0; i < 64; i++) x[i] = r[i];
+  for (let i = 0; i < 64; i++) x[i] = r[i]
-  for (i = 0; i < 64; i++) r[i] = 0;
+  for (let i = 0; i < 64; i++) r[i] = 0
-  modL(r, x);
+  modL(r, x)
 }
 
 // Note: difference from C - smlen returned, not passed as argument.
-function crypto_sign(sm, m, sk) {
+function crypto_sign (sm, m, sk) {
   check(sm, crypto_sign_BYTES + m.length)
   check(m, 0)
   check(sk, crypto_sign_SECRETKEYBYTES)
   var n = m.length
 
-  var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);
+  var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64)
-  var i, j, x = new Float64Array(64);
+  var i, j, x = new Float64Array(64)
-  var p = [gf(), gf(), gf(), gf()];
+  var p = [gf(), gf(), gf(), gf()]
 
-  crypto_hash(d, sk, 32);
+  crypto_hash(d, sk, 32)
-  d[0] &= 248;
+  d[0] &= 248
-  d[31] &= 127;
+  d[31] &= 127
-  d[31] |= 64;
+  d[31] |= 64
 
-  var smlen = n + 64;
+  var smlen = n + 64
-  for (i = 0; i < n; i++) sm[64 + i] = m[i];
+  for (i = 0; i < n; i++) sm[64 + i] = m[i]
-  for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];
+  for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i]
 
-  crypto_hash(r, sm.subarray(32), n+32);
+  crypto_hash(r, sm.subarray(32), n + 32)
-  reduce(r);
+  reduce(r)
-  scalarbase(p, r);
+  scalarbase(p, r)
-  pack(sm, p);
+  pack(sm, p)
 
-  for (i = 32; i < 64; i++) sm[i] = sk[i];
+  for (i = 32; i < 64; i++) sm[i] = sk[i]
-  crypto_hash(h, sm, n + 64);
+  crypto_hash(h, sm, n + 64)
-  reduce(h);
+  reduce(h)
 
-  for (i = 0; i < 64; i++) x[i] = 0;
+  for (i = 0; i < 64; i++) x[i] = 0
-  for (i = 0; i < 32; i++) x[i] = r[i];
+  for (i = 0; i < 32; i++) x[i] = r[i]
   for (i = 0; i < 32; i++) {
     for (j = 0; j < 32; j++) {
-      x[i+j] += h[i] * d[j];
+      x[i + j] += h[i] * d[j]
     }
   }
 
-  modL(sm.subarray(32), x);
+  modL(sm.subarray(32), x)
   return smlen
 }
 
-function crypto_sign_detached(sig, m, sk) {
+function crypto_sign_detached (sig, m, sk) {
   var sm = new Uint8Array(m.length + crypto_sign_BYTES)
   crypto_sign(sm, m, sk)
-  for (var i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i]
+  for (let i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i]
 }
 
-function unpackneg(r, p) {
+function unpackneg (r, p) {
   var t = gf(), chk = gf(), num = gf(),
-      den = gf(), den2 = gf(), den4 = gf(),
+    den = gf(), den2 = gf(), den4 = gf(),
-      den6 = gf();
+    den6 = gf()
 
-  set25519(r[2], gf1);
+  set25519(r[2], gf1)
-  unpack25519(r[1], p);
+  unpack25519(r[1], p)
-  S(num, r[1]);
+  S(num, r[1])
-  M(den, num, D);
+  M(den, num, D)
-  Z(num, num, r[2]);
+  Z(num, num, r[2])
-  A(den, r[2], den);
+  A(den, r[2], den)
 
-  S(den2, den);
+  S(den2, den)
-  S(den4, den2);
+  S(den4, den2)
-  M(den6, den4, den2);
+  M(den6, den4, den2)
-  M(t, den6, num);
+  M(t, den6, num)
-  M(t, t, den);
+  M(t, t, den)
 
-  pow2523(t, t);
+  pow2523(t, t)
-  M(t, t, num);
+  M(t, t, num)
-  M(t, t, den);
+  M(t, t, den)
-  M(t, t, den);
+  M(t, t, den)
-  M(r[0], t, den);
+  M(r[0], t, den)
 
-  S(chk, r[0]);
+  S(chk, r[0])
-  M(chk, chk, den);
+  M(chk, chk, den)
-  if (neq25519(chk, num)) M(r[0], r[0], I);
+  if (neq25519(chk, num)) M(r[0], r[0], I)
 
-  S(chk, r[0]);
+  S(chk, r[0])
-  M(chk, chk, den);
+  M(chk, chk, den)
-  if (neq25519(chk, num)) return -1;
+  if (neq25519(chk, num)) return -1
 
-  if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);
+  if (par25519(r[0]) === (p[31] >> 7)) Z(r[0], gf0, r[0])
 
-  M(r[3], r[0], r[1]);
+  M(r[3], r[0], r[1])
-  return 0;
+  return 0
 }
 
-function crypto_sign_open(msg, sm, pk) {
+function crypto_sign_open (msg, sm, pk) {
   check(msg, sm.length - crypto_sign_BYTES)
   check(sm, crypto_sign_BYTES)
   check(pk, crypto_sign_PUBLICKEYBYTES)
   var n = sm.length
   var m = new Uint8Array(sm.length)
 
-  var i, mlen;
+  var i, mlen
-  var t = new Uint8Array(32), h = new Uint8Array(64);
+  var t = new Uint8Array(32), h = new Uint8Array(64)
   var p = [gf(), gf(), gf(), gf()],
-      q = [gf(), gf(), gf(), gf()];
+    q = [gf(), gf(), gf(), gf()]
 
-  mlen = -1;
+  mlen = -1
-  if (n < 64) return false;
+  if (n < 64) return false
 
-  if (unpackneg(q, pk)) return false;
+  if (unpackneg(q, pk)) return false
 
-  for (i = 0; i < n; i++) m[i] = sm[i];
+  for (i = 0; i < n; i++) m[i] = sm[i]
-  for (i = 0; i < 32; i++) m[i+32] = pk[i];
+  for (i = 0; i < 32; i++) m[i + 32] = pk[i]
-  crypto_hash(h, m, n);
+  crypto_hash(h, m, n)
-  reduce(h);
+  reduce(h)
-  scalarmult(p, q, h);
+  scalarmult(p, q, h)
 
-  scalarbase(q, sm.subarray(32));
+  scalarbase(q, sm.subarray(32))
-  add(p, q);
+  add(p, q)
-  pack(t, p);
+  pack(t, p)
 
-  n -= 64;
+  n -= 64
   if (crypto_verify_32(sm, 0, t, 0)) {
-    for (i = 0; i < n; i++) m[i] = 0;
+    for (i = 0; i < n; i++) m[i] = 0
-    return false;
+    throw new Error('crypto_sign_open failed')
   }
 
-  for (i = 0; i < n; i++) msg[i] = sm[i + 64];
+  for (i = 0; i < n; i++) msg[i] = sm[i + 64]
-  mlen = n;
+  mlen = n
-  return true;
+  return mlen
 }
 
 function crypto_sign_verify_detached (sig, m, pk) {
@@ -301,17 +301,17 @@ function crypto_sign_verify_detached (sig, m, pk) {
   return crypto_sign_open(m, sm, pk)
 }
 
-function par25519(a) {
+function par25519 (a) {
-  var d = new Uint8Array(32);
+  var d = new Uint8Array(32)
-  pack25519(d, a);
+  pack25519(d, a)
-  return d[0] & 1;
+  return d[0] & 1
 }
 
-function neq25519(a, b) {
+function neq25519 (a, b) {
-  var c = new Uint8Array(32), d = new Uint8Array(32);
+  var c = new Uint8Array(32), d = new Uint8Array(32)
-  pack25519(c, a);
+  pack25519(c, a)
-  pack25519(d, b);
+  pack25519(d, b)
-  return crypto_verify_32(c, 0, d, 0);
+  return crypto_verify_32(c, 0, d, 0)
 }
 
 function check (buf, len) {

crypto_stream.js

@@ -1,4 +1,5 @@
-var xsalsa20 = require('xsalsa20')
+/* eslint-disable camelcase */
+const xsalsa20 = require('xsalsa20')
 
 if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.')
 
@@ -12,7 +13,7 @@ exports.crypto_stream = function (c, nonce, key) {
 }
 
 exports.crypto_stream_xor = function (c, m, nonce, key) {
-  var xor = xsalsa20(nonce, key)
+  const xor = xsalsa20(nonce, key)
 
   xor.update(m, c)
   xor.final()

crypto_verify.js

@@ -1,3 +1,4 @@
+/* eslint-disable camelcase */
 const assert = require('nanoassert')
 
 module.exports = {
@@ -8,16 +9,16 @@ module.exports = {
 }
 
 function vn (x, xi, y, yi, n) {
-  var i, d = 0
+  var d = 0
-  for (i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]
+  for (let i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]
   return (1 & ((d - 1) >>> 8)) - 1
 }
 
-function crypto_verify_16(x, xi, y, yi) {
+function crypto_verify_16 (x, xi, y, yi) {
   return vn(x, xi, y, yi, 16)
 }
 
-function crypto_verify_32(x, xi, y, yi) {
+function crypto_verify_32 (x, xi, y, yi) {
   return vn(x, xi, y, yi, 32)
 }
 

example.js

@@ -1,19 +1,19 @@
 var sodium = require('./')
 
-var key = new Buffer(sodium.crypto_secretbox_KEYBYTES)
+var key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES)
-var nonce = new Buffer(sodium.crypto_secretbox_NONCEBYTES)
+var nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)
 
 sodium.randombytes_buf(key)
 sodium.randombytes_buf(nonce)
 
-var message = new Buffer('Hello, World!')
+var message = Buffer.from('Hello, World!')
-var cipher = new Buffer(message.length + sodium.crypto_secretbox_MACBYTES)
+var cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES)
 
 sodium.crypto_secretbox_easy(cipher, message, nonce, key)
 
 console.log('Encrypted:', cipher)
 
-var plainText = new Buffer(cipher.length - sodium.crypto_secretbox_MACBYTES)
+var plainText = Buffer.alloc(cipher.length - sodium.crypto_secretbox_MACBYTES)
 
 sodium.crypto_secretbox_open_easy(plainText, cipher, nonce, key)
 

package.json

@@ -15,7 +15,13 @@
   "devDependencies": {
     "browser-run": "^4.0.2",
     "browserify": "^14.1.0",
-    "sodium-test": "^0.9.0"
+    "sodium-test": "^0.9.0",
+    "standard": "^14.3.4"
+  },
+  "standard": {
+    "ignore": [
+      "/internal/**/*.js"
+    ]
   },
   "browser": {
     "crypto": false
@@ -26,6 +32,7 @@
   "scripts": {
     "browser": "browserify test.js | browser-run",
     "browser-manual": "browserify test.js | browser-run -p 1234",
+    "lint": "standard",
     "test": "node test.js"
   },
   "repository": {

randombytes.js

@@ -5,7 +5,7 @@ var randombytes = (function () {
   var crypto = global.crypto || global.msCrypto
 
   function browserBytes (out, n) {
-    for (var i = 0; i < n; i += QUOTA) {
+    for (let i = 0; i < n; i += QUOTA) {
       crypto.getRandomValues(out.subarray(i, i + Math.min(n - i, QUOTA)))
     }
   }