'use strict'; // Based on https://github.com/dchest/tweetnacl-js/blob/6dcbcaf5f5cbfd313f2dcfe763db35c828c8ff5b/nacl-fast.js. var sodium = module.exports // Ported in 2014 by Dmitry Chestnykh and Devi Mandiri. // Public domain. // // Implementation derived from TweetNaCl version 20140427. // See for details: http://tweetnacl.cr.yp.to/ // also forwarded at the bottom but randombytes is non-enumerable var randombytes = require('./randombytes').randombytes function crypto_onetimeauth(out, outpos, m, mpos, n, k) { var s = new poly1305(k); s.update(m, mpos, n); s.finish(out, outpos); return 0; } function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) { var x = new Uint8Array(16); crypto_onetimeauth(x,0,m,mpos,n,k); return crypto_verify_16(h,hpos,x,0); } function crypto_box_keypair(pk, sk) { check(pk, crypto_box_PUBLICKEYBYTES) check(sk, crypto_box_SECRETKEYBYTES) randombytes(sk, 32) return crypto_scalarmult_base(pk, sk) } function crypto_box_seal(c, m, pk) { check(c, crypto_box_SEALBYTES + m.length) check(pk, crypto_box_PUBLICKEYBYTES) var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) var esk = new Uint8Array(crypto_box_SECRETKEYBYTES) crypto_box_keypair(epk, esk) var n = new Uint8Array(crypto_box_NONCEBYTES) sodium.crypto_generichash_batch(n, [ epk, pk ]) var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) crypto_scalarmult(s, esk, pk) var k = new Uint8Array(crypto_box_BEFORENMBYTES) var zero = new Uint8Array(16) xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) crypto_secretbox_easy(c.subarray(epk.length), m, n, k) cleanup(esk) } function crypto_box_seal_open(m, c, pk, sk) { check(c, crypto_box_SEALBYTES) check(m, c.length - crypto_box_SEALBYTES) check(pk, crypto_box_PUBLICKEYBYTES) check(sk, crypto_box_SECRETKEYBYTES) var epk = c.subarray(0, crypto_box_PUBLICKEYBYTES) var n = new Uint8Array(crypto_box_NONCEBYTES) sodium.crypto_generichash_batch(n, [ epk, pk ]) var s = new Uint8Array(crypto_box_PUBLICKEYBYTES) crypto_scalarmult(s, sk, epk) var k = new Uint8Array(crypto_box_BEFORENMBYTES) var zero = new Uint8Array(16) xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA) return crypto_secretbox_open_easy(m, c.subarray(epk.length), n, k) } crypto_box_PUBLICKEYBYTES = 32, crypto_box_SECRETKEYBYTES = 32, crypto_box_BEFORENMBYTES = 32, crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES, crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES, crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES, crypto_box_SEALBYTES = 48, crypto_box_BEFORENMBYTES = 32, sodium.memzero = function (len, offset) { for (var i = offset; i < len; i++) arr[i] = 0; } forward(require('./crypto_generichash')) forward(require('./crypto_kdf')) forward(require('./crypto_shorthash')) forward(require('./randombytes')) forward(require('./crypto_stream')) sodium.crypto_box_PUBLICKEYBYTES = crypto_box_PUBLICKEYBYTES sodium.crypto_box_SECRETKEYBYTES = crypto_box_SECRETKEYBYTES sodium.crypto_box_SEALBYTES = crypto_box_SEALBYTES sodium.crypto_box_BEFORENMBYTES = crypto_box_BEFORENMBYTES sodium.crypto_box_keypair = crypto_box_keypair sodium.crypto_box_seal = crypto_box_seal sodium.crypto_box_seal_open = crypto_box_seal_open sodium.sodium_malloc = function (n) { return new Uint8Array(n) } function cleanup(arr) { for (var i = 0; i < arr.length; i++) arr[i] = 0; } forward(require('./crypto_box')) forward(require('./crypto_generichash')) forward(require('./crypto_hash')) forward(require('./crypto_kdf')) forward(require('./crypto_onetimeauth')) forward(require('./crypto_scalarmult')) forward(require('./crypto_secretbox')) forward(require('./crypto_shorthash')) forward(require('./crypto_sign')) forward(require('./crypto_stream')) forward(require('./randombytes')) function forward (submodule) { Object.keys(submodule).forEach(function (prop) { module.exports[prop] = submodule[prop] }) }