From 6a9696c86fb7c1d30b381c1973a43a127d6e7730 Mon Sep 17 00:00:00 2001 From: Christophe Diederichs Date: Mon, 4 May 2020 21:12:44 +0200 Subject: [PATCH] module: crypto_box --- crypto_box.js | 77 +++++++++++++++++++++++++++++++++++++++++++++++++++ index.js | 70 ---------------------------------------------- 2 files changed, 77 insertions(+), 70 deletions(-) create mode 100644 crypto_box.js diff --git a/crypto_box.js b/crypto_box.js new file mode 100644 index 0000000..134c1b6 --- /dev/null +++ b/crypto_box.js @@ -0,0 +1,77 @@ +module.exports = { + crypto_box_keypair, + crypto_box_seal, + crypto_box_seal_open, + crypto_box_PUBLICKEYBYTES, + crypto_box_SECRETKEYBYTES, + crypto_box_BEFORENMBYTES, + crypto_box_NONCEBYTES, + crypto_box_ZEROBYTES, + crypto_box_BOXZEROBYTES, + crypto_box_SEALBYTES, + crypto_box_BEFORENMBYTES +} + +function crypto_box_keypair(pk, sk) { + check(pk, crypto_box_PUBLICKEYBYTES) + check(sk, crypto_box_SECRETKEYBYTES) + randombytes(sk, 32) + return crypto_scalarmult_base(pk, sk) +} + +function crypto_box_seal(c, m, pk) { + check(c, crypto_box_SEALBYTES + m.length) + check(pk, crypto_box_PUBLICKEYBYTES) + + var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) + var esk = new Uint8Array(crypto_box_SECRETKEYBYTES) + crypto_box_keypair(epk, esk) + + var n = new Uint8Array(crypto_box_NONCEBYTES) + sodium.crypto_generichash_batch(n, [ epk, pk ]) + + var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) + crypto_scalarmult(s, esk, pk) + + var k = new Uint8Array(crypto_box_BEFORENMBYTES) + var zero = new Uint8Array(16) + xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) + + crypto_secretbox_easy(c.subarray(epk.length), m, n, k) + + cleanup(esk) +} + +function crypto_box_seal_open(m, c, pk, sk) { + check(c, crypto_box_SEALBYTES) + check(m, c.length - crypto_box_SEALBYTES) + check(pk, crypto_box_PUBLICKEYBYTES) + check(sk, crypto_box_SECRETKEYBYTES) + + var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) + + var n = new Uint8Array(crypto_box_NONCEBYTES) + sodium.crypto_generichash_batch(n, [ epk, pk ]) + + var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) + crypto_scalarmult(s, sk, epk) + + var k = new Uint8Array(crypto_box_BEFORENMBYTES) + var zero = new Uint8Array(16) + xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) + + return crypto_secretbox_open_easy(m, c.subarray(epk.length), n, k) +} + +function check (buf, len) { + if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : '')) +} + +var crypto_box_PUBLICKEYBYTES = 32, + crypto_box_SECRETKEYBYTES = 32, + crypto_box_BEFORENMBYTES = 32, + crypto_box_NONCEBYTES = 24, + crypto_box_ZEROBYTES = 32, + crypto_box_BOXZEROBYTES = 16, + crypto_box_SEALBYTES = 48, + crypto_box_BEFORENMBYTES = 32 diff --git a/index.js b/index.js index a0e7524..618bf43 100644 --- a/index.js +++ b/index.js @@ -13,68 +13,6 @@ var sodium = module.exports // also forwarded at the bottom but randombytes is non-enumerable var randombytes = require('./randombytes').randombytes - - - -function crypto_box_keypair(pk, sk) { - check(pk, crypto_box_PUBLICKEYBYTES) - check(sk, crypto_box_SECRETKEYBYTES) - randombytes(sk, 32) - return crypto_scalarmult_base(pk, sk) -} - -function crypto_box_seal(c, m, pk) { - check(c, crypto_box_SEALBYTES + m.length) - check(pk, crypto_box_PUBLICKEYBYTES) - - var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) - var esk = new Uint8Array(crypto_box_SECRETKEYBYTES) - crypto_box_keypair(epk, esk) - - var n = new Uint8Array(crypto_box_NONCEBYTES) - sodium.crypto_generichash_batch(n, [ epk, pk ]) - - var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) - crypto_scalarmult(s, esk, pk) - - var k = new Uint8Array(crypto_box_BEFORENMBYTES) - var zero = new Uint8Array(16) - xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) - - crypto_secretbox_easy(c.subarray(epk.length), m, n, k) - - cleanup(esk) -} - -function crypto_box_seal_open(m, c, pk, sk) { - check(c, crypto_box_SEALBYTES) - check(m, c.length - crypto_box_SEALBYTES) - check(pk, crypto_box_PUBLICKEYBYTES) - check(sk, crypto_box_SECRETKEYBYTES) - - var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) - - var n = new Uint8Array(crypto_box_NONCEBYTES) - sodium.crypto_generichash_batch(n, [ epk, pk ]) - - var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) - crypto_scalarmult(s, sk, epk) - - var k = new Uint8Array(crypto_box_BEFORENMBYTES) - var zero = new Uint8Array(16) - xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) - - return crypto_secretbox_open_easy(m, c.subarray(epk.length), n, k) -} - - crypto_box_PUBLICKEYBYTES = 32, - crypto_box_SECRETKEYBYTES = 32, - crypto_box_BEFORENMBYTES = 32, - crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES, - crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES, - crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES, - crypto_box_SEALBYTES = 48, - crypto_box_BEFORENMBYTES = 32, sodium.memzero = function (len, offset) { for (var i = offset; i < len; i++) arr[i] = 0; } @@ -88,14 +26,6 @@ forward(require('./crypto_stream')) -sodium.crypto_box_PUBLICKEYBYTES = crypto_box_PUBLICKEYBYTES -sodium.crypto_box_SECRETKEYBYTES = crypto_box_SECRETKEYBYTES -sodium.crypto_box_SEALBYTES = crypto_box_SEALBYTES -sodium.crypto_box_BEFORENMBYTES = crypto_box_BEFORENMBYTES -sodium.crypto_box_keypair = crypto_box_keypair -sodium.crypto_box_seal = crypto_box_seal -sodium.crypto_box_seal_open = crypto_box_seal_open - sodium.sodium_malloc = function (n) { return new Uint8Array(n) }