Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

sodium-javascript

Package Overview
Dependencies
Maintainers
2
Versions
23
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

sodium-javascript - npm Package Compare versions

Comparing version 0.6.0 to 0.6.1

.travis.yml
internal/ed25519.js
internal/poly1305.js
memory.js

3

crypto_aead.js

@@ -0,4 +1,5 @@

/* eslint-disable camelcase */
const { crypto_stream_chacha20_ietf, crypto_stream_chacha20_ietf_xor_ic } = require('./crypto_stream_chacha20')
const { crypto_verify_16 } = require('./crypto_verify')
const Poly1305 = require('./poly1305.js')
const Poly1305 = require('./internal/poly1305')
const assert = require('nanoassert')

@@ -5,0 +6,0 @@

35

crypto_box.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase */
const { crypto_hash_sha512 } = require('./crypto_hash')

@@ -9,11 +10,10 @@ const { crypto_scalarmult, crypto_scalarmult_base } = require('./crypto_scalarmult')

var crypto_box_PUBLICKEYBYTES = 32,
crypto_box_SECRETKEYBYTES = 32,
crypto_box_BEFORENMBYTES = 32,
crypto_box_NONCEBYTES = 24,
crypto_box_ZEROBYTES = 32,
crypto_box_BOXZEROBYTES = 16,
crypto_box_SEALBYTES = 48,
crypto_box_SEEDBYTES = 32,
crypto_box_BEFORENMBYTES = 32
const crypto_box_PUBLICKEYBYTES = 32
const crypto_box_SECRETKEYBYTES = 32
const crypto_box_NONCEBYTES = 24
const crypto_box_ZEROBYTES = 32
const crypto_box_BOXZEROBYTES = 16
const crypto_box_SEALBYTES = 48
const crypto_box_SEEDBYTES = 32
const crypto_box_BEFORENMBYTES = 32

@@ -27,3 +27,2 @@ module.exports = {

crypto_box_SECRETKEYBYTES,
crypto_box_BEFORENMBYTES,
crypto_box_NONCEBYTES,

@@ -37,3 +36,3 @@ crypto_box_ZEROBYTES,

function crypto_box_keypair(pk, sk) {
function crypto_box_keypair (pk, sk) {
check(pk, crypto_box_PUBLICKEYBYTES)

@@ -45,3 +44,3 @@ check(sk, crypto_box_SECRETKEYBYTES)

function crypto_box_seed_keypair(pk, sk, seed) {
function crypto_box_seed_keypair (pk, sk, seed) {
assert(pk.byteLength === crypto_box_PUBLICKEYBYTES, "pk should be 'crypto_box_PUBLICKEYBYTES' bytes")

@@ -59,3 +58,3 @@ assert(sk.byteLength === crypto_box_SECRETKEYBYTES, "sk should be 'crypto_box_SECRETKEYBYTES' bytes")

function crypto_box_seal(c, m, pk) {
function crypto_box_seal (c, m, pk) {
check(c, crypto_box_SEALBYTES + m.length)

@@ -69,3 +68,3 @@ check(pk, crypto_box_PUBLICKEYBYTES)

var n = new Uint8Array(crypto_box_NONCEBYTES)
crypto_generichash_batch(n, [ epk, pk ])
crypto_generichash_batch(n, [epk, pk])

@@ -84,3 +83,3 @@ var s = new Uint8Array(crypto_box_PUBLICKEYBYTES)

function crypto_box_seal_open(m, c, pk, sk) {
function crypto_box_seal_open (m, c, pk, sk) {
check(c, crypto_box_SEALBYTES)

@@ -94,3 +93,3 @@ check(m, c.length - crypto_box_SEALBYTES)

var n = new Uint8Array(crypto_box_NONCEBYTES)
crypto_generichash_batch(n, [ epk, pk ])
crypto_generichash_batch(n, [epk, pk])

@@ -111,4 +110,4 @@ var s = new Uint8Array(crypto_box_PUBLICKEYBYTES)

function cleanup(arr) {
for (var i = 0; i < arr.length; i++) arr[i] = 0;
function cleanup (arr) {
for (let i = 0; i < arr.length; i++) arr[i] = 0
}

2

crypto_generichash.js

@@ -34,4 +34,4 @@ var blake2b = require('blake2b')

blake2b.ready(function (err) {
blake2b.ready(function (_) {
module.exports.crypto_generichash_WASM_LOADED = blake2b.WASM_LOADED
})

3

crypto_hash_sha256.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase */
const sha256 = require('sha256-wasm')

@@ -6,3 +7,3 @@ const assert = require('nanoassert')

var crypto_hash_sha256_BYTES = 32
const crypto_hash_sha256_BYTES = 32

@@ -9,0 +10,0 @@ function crypto_hash_sha256 (out, m, n) {

5

crypto_hash.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase */
const sha512 = require('sha512-wasm')

@@ -6,4 +7,4 @@ const assert = require('nanoassert')

var crypto_hash_sha512_BYTES = 64
var crypto_hash_BYTES = crypto_hash_sha512_BYTES
const crypto_hash_sha512_BYTES = 64
const crypto_hash_BYTES = crypto_hash_sha512_BYTES

@@ -10,0 +11,0 @@ function crypto_hash_sha512 (out, m, n) {

9

crypto_kdf.js

@@ -1,4 +0,5 @@

var assert = require('nanoassert')
var randombytes_buf = require('./randombytes').randombytes_buf
var blake2b = require('blake2b')
/* eslint-disable camelcase */
const assert = require('nanoassert')
const randombytes_buf = require('./randombytes').randombytes_buf
const blake2b = require('blake2b')

@@ -11,3 +12,3 @@ module.exports.crypto_kdf_PRIMITIVE = 'blake2b'

function STORE64_LE(dest, int) {
function STORE64_LE (dest, int) {
var mul = 1

@@ -14,0 +15,0 @@ var i = 0

7

crypto_kx.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase */
const { crypto_scalarmult_base } = require('./crypto_scalarmult')

@@ -6,5 +7,5 @@ const { crypto_generichash } = require('./crypto_generichash')

var crypto_kx_SEEDBYTES = 32
var crypto_kx_PUBLICKEYBYTES = 32
var crypto_kx_SECRETKEYBYTES = 32
const crypto_kx_SEEDBYTES = 32
const crypto_kx_PUBLICKEYBYTES = 32
const crypto_kx_SECRETKEYBYTES = 32

@@ -11,0 +12,0 @@ function crypto_kx_keypair (pk, sk) {

39

crypto_onetimeauth.js

@@ -1,20 +0,37 @@

const poly1305 = require('./poly1305')
/* eslint-disable camelcase */
const assert = require('nanoassert')
const Poly1305 = require('./internal/poly1305')
const { crypto_verify_16 } = require('./crypto_verify')
const crypto_onetimeauth_BYTES = 16
const crypto_onetimeauth_KEYBYTES = 32
const crypto_onetimeauth_PRIMITIVE = 'poly1305'
module.exports = {
crypto_onetimeauth,
crypto_onetimeauth_verify
crypto_onetimeauth_verify,
crypto_onetimeauth_BYTES,
crypto_onetimeauth_KEYBYTES,
crypto_onetimeauth_PRIMITIVE
}
function crypto_onetimeauth(out, outpos, m, mpos, n, k) {
var s = new poly1305(k);
s.update(m, mpos, n);
s.finish(out, outpos);
return 0;
function crypto_onetimeauth (mac, msg, key) {
assert(mac.byteLength === crypto_onetimeauth_BYTES, "mac must be 'crypto_onetimeauth_BYTES' bytes")
assert(msg.byteLength != null, 'msg must be buffer')
assert(key.byteLength === crypto_onetimeauth_KEYBYTES, "key must be 'crypto_onetimeauth_KEYBYTES' bytes")
var s = new Poly1305(key)
s.update(msg, 0, msg.byteLength)
s.finish(mac, 0)
return true
}
function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {
var x = new Uint8Array(16);
crypto_onetimeauth(x,0,m,mpos,n,k);
return crypto_verify_16(h,hpos,x,0);
function crypto_onetimeauth_verify (mac, msg, key) {
assert(mac.byteLength === crypto_onetimeauth_BYTES, "mac must be 'crypto_onetimeauth_BYTES' bytes")
assert(msg.byteLength != null, 'msg must be buffer')
assert(key.byteLength === crypto_onetimeauth_KEYBYTES, "key must be 'crypto_onetimeauth_KEYBYTES' bytes")
var tmp = new Uint8Array(16)
crypto_onetimeauth(tmp, msg, key)
return crypto_verify_16(mac, 0, tmp, 0) === 0
}

11

crypto_scalarmult.js

@@ -1,7 +0,6 @@

const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./ed25519.js')
/* eslint-disable camelcase, one-var */
const { _9, _121665, gf, inv25519, pack25519, unpack25519, sel25519, A, M, Z, S } = require('./internal/ed25519')
var crypto_scalarmult_BYTES = 32
var crypto_scalarmult_SCALARBYTES = 32
var crypto_scalarmult_BYTES = 32
var crypto_scalarmult_SCALARBYTES = 32
const crypto_scalarmult_BYTES = 32
const crypto_scalarmult_SCALARBYTES = 32

@@ -22,3 +21,3 @@ module.exports = {

var a = gf(), b = gf(), c = gf(),
d = gf(), e = gf(), f = gf()
d = gf(), e = gf(), f = gf()
for (i = 0; i < 31; i++) z[i] = n[i]

@@ -25,0 +24,0 @@ z[31] = (n[31] & 127) | 64

128

crypto_secretbox.js

@@ -1,9 +0,11 @@

var { crypto_stream, crypto_stream_xor } = require('./crypto_stream')
var { crypto_onetimeauth, crypto_onetimeauth_verify } = require('./crypto_onetimeauth')
/* eslint-disable camelcase */
const assert = require('nanoassert')
const { crypto_stream, crypto_stream_xor } = require('./crypto_stream')
const { crypto_onetimeauth, crypto_onetimeauth_verify, crypto_onetimeauth_BYTES, crypto_onetimeauth_KEYBYTES } = require('./crypto_onetimeauth')
var crypto_secretbox_KEYBYTES = 32,
crypto_secretbox_NONCEBYTES = 24,
crypto_secretbox_ZEROBYTES = 32,
crypto_secretbox_BOXZEROBYTES = 16,
crypto_secretbox_MACBYTES = 16
const crypto_secretbox_KEYBYTES = 32
const crypto_secretbox_NONCEBYTES = 24
const crypto_secretbox_ZEROBYTES = 32
const crypto_secretbox_BOXZEROBYTES = 16
const crypto_secretbox_MACBYTES = 16

@@ -24,71 +26,89 @@ module.exports = {

function crypto_secretbox (c, m, d, n, k) {
var i
if (d < 32) return -1
function crypto_secretbox (c, m, n, k) {
assert(c.byteLength === m.byteLength, "c must be 'm.byteLength' bytes")
const mlen = m.byteLength
assert(mlen >= crypto_secretbox_ZEROBYTES, "mlen must be at least 'crypto_secretbox_ZEROBYTES'")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
crypto_stream_xor(c, m, n, k)
crypto_onetimeauth(c, 16, c, 32, d - 32, c)
for (i = 0; i < 16; i++) c[i] = 0
crypto_onetimeauth(
c.subarray(crypto_secretbox_BOXZEROBYTES, crypto_secretbox_BOXZEROBYTES + crypto_onetimeauth_BYTES),
c.subarray(crypto_secretbox_BOXZEROBYTES + crypto_onetimeauth_BYTES, c.byteLength),
c.subarray(0, crypto_onetimeauth_KEYBYTES)
)
c.fill(0, 0, crypto_secretbox_BOXZEROBYTES)
return 0
}
function crypto_secretbox_open (m, c, d, n, k) {
var i
var x = new Uint8Array(32)
if (d < 32) return -1
function crypto_secretbox_open (m, c, n, k) {
assert(c.byteLength === m.byteLength, "c must be 'm.byteLength' bytes")
const mlen = m.byteLength
assert(mlen >= crypto_secretbox_ZEROBYTES, "mlen must be at least 'crypto_secretbox_ZEROBYTES'")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
const x = new Uint8Array(crypto_onetimeauth_KEYBYTES)
crypto_stream(x, n, k)
if (crypto_onetimeauth_verify(c, 16, c, 32, d - 32, x) !== 0) return -1
const validMac = crypto_onetimeauth_verify(
c.subarray(crypto_secretbox_BOXZEROBYTES, crypto_secretbox_BOXZEROBYTES + crypto_onetimeauth_BYTES),
c.subarray(crypto_secretbox_BOXZEROBYTES + crypto_onetimeauth_BYTES, c.byteLength),
x
)
if (validMac === false) return false
crypto_stream_xor(m, c, n, k)
for (i = 0; i < 32; i++) m[i] = 0
return 0
m.fill(0, 0, 32)
return true
}
function crypto_secretbox_detached (o, mac, msg, n, k) {
check(mac, crypto_secretbox_MACBYTES)
var tmp = new Uint8Array(msg.length + mac.length)
assert(o.byteLength === msg.byteLength, "o must be 'msg.byteLength' bytes")
assert(mac.byteLength === crypto_secretbox_MACBYTES, "mac must be 'crypto_secretbox_MACBYTES' bytes")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
const tmp = new Uint8Array(msg.byteLength + mac.byteLength)
crypto_secretbox_easy(tmp, msg, n, k)
o.set(tmp.subarray(0, msg.length))
mac.set(tmp.subarray(msg.length))
o.set(tmp.subarray(0, msg.byteLength))
mac.set(tmp.subarray(msg.byteLength))
return true
}
function crypto_secretbox_open_detached (msg, o, mac, n, k) {
check(mac, crypto_secretbox_MACBYTES)
var tmp = new Uint8Array(o.length + mac.length)
assert(o.byteLength === msg.byteLength, "o must be 'msg.byteLength' bytes")
assert(mac.byteLength === crypto_secretbox_MACBYTES, "mac must be 'crypto_secretbox_MACBYTES' bytes")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
const tmp = new Uint8Array(o.byteLength + mac.byteLength)
tmp.set(o)
tmp.set(mac, msg.length)
tmp.set(mac, msg.byteLength)
return crypto_secretbox_open_easy(msg, tmp, n, k)
}
function crypto_secretbox_easy(o, msg, n, k) {
check(msg, 0)
check(o, msg.length + crypto_secretbox_MACBYTES)
check(n, crypto_secretbox_NONCEBYTES)
check(k, crypto_secretbox_KEYBYTES)
function crypto_secretbox_easy (o, msg, n, k) {
assert(o.byteLength === msg.byteLength + crypto_secretbox_MACBYTES, "o must be 'msg.byteLength + crypto_secretbox_MACBYTES' bytes")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
var i
var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length)
var c = new Uint8Array(m.length)
for (i = 0; i < msg.length; i++) m[i + crypto_secretbox_ZEROBYTES] = msg[i]
crypto_secretbox(c, m, m.length, n, k)
for (i = crypto_secretbox_BOXZEROBYTES; i < c.length; i++) o[i - crypto_secretbox_BOXZEROBYTES] = c[i]
const m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.byteLength)
const c = new Uint8Array(m.byteLength)
m.set(msg, crypto_secretbox_ZEROBYTES)
if (crypto_secretbox(c, m, n, k) === false) return false
o.set(c.subarray(crypto_secretbox_BOXZEROBYTES))
return true
}
function crypto_secretbox_open_easy(msg, box, n, k) {
check(box, crypto_secretbox_MACBYTES)
check(msg, box.length - crypto_secretbox_MACBYTES)
check(n, crypto_secretbox_NONCEBYTES)
check(k, crypto_secretbox_KEYBYTES)
function crypto_secretbox_open_easy (msg, box, n, k) {
assert(box.byteLength === msg.byteLength + crypto_secretbox_MACBYTES, "box must be 'msg.byteLength + crypto_secretbox_MACBYTES' bytes")
assert(n.byteLength === crypto_secretbox_NONCEBYTES, "n must be 'crypto_secretbox_NONCEBYTES' bytes")
assert(k.byteLength === crypto_secretbox_KEYBYTES, "k must be 'crypto_secretbox_KEYBYTES' bytes")
var i
var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length)
var m = new Uint8Array(c.length)
for (i = 0; i < box.length; i++) c[i + crypto_secretbox_BOXZEROBYTES] = box[i]
if (c.length < 32) return false
if (crypto_secretbox_open(m, c, c.length, n, k) !== 0) return false
for (i = crypto_secretbox_ZEROBYTES; i < m.length; i++) msg[i - crypto_secretbox_ZEROBYTES] = m[i]
const c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.byteLength)
const m = new Uint8Array(c.byteLength)
c.set(box, crypto_secretbox_BOXZEROBYTES)
if (crypto_secretbox_open(m, c, n, k) === false) return false
msg.set(m.subarray(crypto_secretbox_ZEROBYTES))
return true
}
function check (buf, len) {
if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : ''))
}

363

crypto_sign.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase, one-var */
const { crypto_verify_32 } = require('./crypto_verify')

@@ -8,9 +9,9 @@ const { crypto_hash } = require('./crypto_hash')

inv25519, unpack25519
} = require('./ed25519')
} = require('./internal/ed25519')
const { randombytes } = require('./randombytes')
const crypto_sign_BYTES = 64,
crypto_sign_PUBLICKEYBYTES = 32,
crypto_sign_SECRETKEYBYTES = 64,
crypto_sign_SEEDBYTES = 32
const crypto_sign_BYTES = 64
const crypto_sign_PUBLICKEYBYTES = 32
const crypto_sign_SECRETKEYBYTES = 64
const crypto_sign_SEEDBYTES = 32

@@ -30,103 +31,102 @@ module.exports = {

function set25519(r, a) {
var i;
for (i = 0; i < 16; i++) r[i] = a[i]|0;
function set25519 (r, a) {
for (let i = 0; i < 16; i++) r[i] = a[i] | 0
}
function pow2523(o, i) {
var c = gf();
var a;
for (a = 0; a < 16; a++) c[a] = i[a];
function pow2523 (o, i) {
var c = gf()
var a
for (a = 0; a < 16; a++) c[a] = i[a]
for (a = 250; a >= 0; a--) {
S(c, c);
if(a !== 1) M(c, c, i);
S(c, c)
if (a !== 1) M(c, c, i)
}
for (a = 0; a < 16; a++) o[a] = c[a];
for (a = 0; a < 16; a++) o[a] = c[a]
}
function add(p, q) {
function add (p, q) {
var a = gf(), b = gf(), c = gf(),
d = gf(), e = gf(), f = gf(),
g = gf(), h = gf(), t = gf();
d = gf(), e = gf(), f = gf(),
g = gf(), h = gf(), t = gf()
Z(a, p[1], p[0]);
Z(t, q[1], q[0]);
M(a, a, t);
A(b, p[0], p[1]);
A(t, q[0], q[1]);
M(b, b, t);
M(c, p[3], q[3]);
M(c, c, D2);
M(d, p[2], q[2]);
A(d, d, d);
Z(e, b, a);
Z(f, d, c);
A(g, d, c);
A(h, b, a);
Z(a, p[1], p[0])
Z(t, q[1], q[0])
M(a, a, t)
A(b, p[0], p[1])
A(t, q[0], q[1])
M(b, b, t)
M(c, p[3], q[3])
M(c, c, D2)
M(d, p[2], q[2])
A(d, d, d)
Z(e, b, a)
Z(f, d, c)
A(g, d, c)
A(h, b, a)
M(p[0], e, f);
M(p[1], h, g);
M(p[2], g, f);
M(p[3], e, h);
M(p[0], e, f)
M(p[1], h, g)
M(p[2], g, f)
M(p[3], e, h)
}
function cswap(p, q, b) {
var i;
function cswap (p, q, b) {
var i
for (i = 0; i < 4; i++) {
sel25519(p[i], q[i], b);
sel25519(p[i], q[i], b)
}
}
function pack(r, p) {
var tx = gf(), ty = gf(), zi = gf();
inv25519(zi, p[2]);
M(tx, p[0], zi);
M(ty, p[1], zi);
pack25519(r, ty);
r[31] ^= par25519(tx) << 7;
function pack (r, p) {
var tx = gf(), ty = gf(), zi = gf()
inv25519(zi, p[2])
M(tx, p[0], zi)
M(ty, p[1], zi)
pack25519(r, ty)
r[31] ^= par25519(tx) << 7
}
function scalarmult(p, q, s) {
var b, i;
set25519(p[0], gf0);
set25519(p[1], gf1);
set25519(p[2], gf1);
set25519(p[3], gf0);
function scalarmult (p, q, s) {
var b, i
set25519(p[0], gf0)
set25519(p[1], gf1)
set25519(p[2], gf1)
set25519(p[3], gf0)
for (i = 255; i >= 0; --i) {
b = (s[(i/8)|0] >> (i&7)) & 1;
cswap(p, q, b);
add(q, p);
add(p, p);
cswap(p, q, b);
b = (s[(i / 8) | 0] >> (i & 7)) & 1
cswap(p, q, b)
add(q, p)
add(p, p)
cswap(p, q, b)
}
}
function scalarbase(p, s) {
var q = [gf(), gf(), gf(), gf()];
set25519(q[0], X);
set25519(q[1], Y);
set25519(q[2], gf1);
M(q[3], X, Y);
scalarmult(p, q, s);
function scalarbase (p, s) {
var q = [gf(), gf(), gf(), gf()]
set25519(q[0], X)
set25519(q[1], Y)
set25519(q[2], gf1)
M(q[3], X, Y)
scalarmult(p, q, s)
}
function crypto_sign_keypair(pk, sk, seeded) {
function crypto_sign_keypair (pk, sk, seeded) {
check(pk, crypto_sign_PUBLICKEYBYTES)
check(sk, crypto_sign_SECRETKEYBYTES)
var d = new Uint8Array(64);
var p = [gf(), gf(), gf(), gf()];
var i;
var d = new Uint8Array(64)
var p = [gf(), gf(), gf(), gf()]
var i
if (!seeded) randombytes(sk, 32);
crypto_hash(d, sk, 32);
d[0] &= 248;
d[31] &= 127;
d[31] |= 64;
if (!seeded) randombytes(sk, 32)
crypto_hash(d, sk, 32)
d[0] &= 248
d[31] &= 127
d[31] |= 64
scalarbase(p, d);
pack(pk, p);
scalarbase(p, d)
pack(pk, p)
for (i = 0; i < 32; i++) sk[i+32] = pk[i];
return 0;
for (i = 0; i < 32; i++) sk[i + 32] = pk[i]
return 0
}

@@ -140,38 +140,38 @@

var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);
var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10])
function modL(r, x) {
var carry, i, j, k;
function modL (r, x) {
var carry, i, j, k
for (i = 63; i >= 32; --i) {
carry = 0;
carry = 0
for (j = i - 32, k = i - 12; j < k; ++j) {
x[j] += carry - 16 * x[i] * L[j - (i - 32)];
carry = (x[j] + 128) >> 8;
x[j] -= carry * 256;
x[j] += carry - 16 * x[i] * L[j - (i - 32)]
carry = (x[j] + 128) >> 8
x[j] -= carry * 256
}
x[j] += carry;
x[i] = 0;
x[j] += carry
x[i] = 0
}
carry = 0;
carry = 0
for (j = 0; j < 32; j++) {
x[j] += carry - (x[31] >> 4) * L[j];
carry = x[j] >> 8;
x[j] &= 255;
x[j] += carry - (x[31] >> 4) * L[j]
carry = x[j] >> 8
x[j] &= 255
}
for (j = 0; j < 32; j++) x[j] -= carry * L[j];
for (j = 0; j < 32; j++) x[j] -= carry * L[j]
for (i = 0; i < 32; i++) {
x[i+1] += x[i] >> 8;
r[i] = x[i] & 255;
x[i + 1] += x[i] >> 8
r[i] = x[i] & 255
}
}
function reduce(r) {
var x = new Float64Array(64), i;
for (i = 0; i < 64; i++) x[i] = r[i];
for (i = 0; i < 64; i++) r[i] = 0;
modL(r, x);
function reduce (r) {
var x = new Float64Array(64)
for (let i = 0; i < 64; i++) x[i] = r[i]
for (let i = 0; i < 64; i++) r[i] = 0
modL(r, x)
}
// Note: difference from C - smlen returned, not passed as argument.
function crypto_sign(sm, m, sk) {
function crypto_sign (sm, m, sk) {
check(sm, crypto_sign_BYTES + m.length)

@@ -182,81 +182,82 @@ check(m, 0)

var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);
var i, j, x = new Float64Array(64);
var p = [gf(), gf(), gf(), gf()];
var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64)
var i, j, x = new Float64Array(64)
var p = [gf(), gf(), gf(), gf()]
crypto_hash(d, sk, 32);
d[0] &= 248;
d[31] &= 127;
d[31] |= 64;
crypto_hash(d, sk, 32)
d[0] &= 248
d[31] &= 127
d[31] |= 64
var smlen = n + 64;
for (i = 0; i < n; i++) sm[64 + i] = m[i];
for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];
var smlen = n + 64
for (i = 0; i < n; i++) sm[64 + i] = m[i]
for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i]
crypto_hash(r, sm.subarray(32), n+32);
reduce(r);
scalarbase(p, r);
pack(sm, p);
crypto_hash(r, sm.subarray(32), n + 32)
reduce(r)
scalarbase(p, r)
pack(sm, p)
for (i = 32; i < 64; i++) sm[i] = sk[i];
crypto_hash(h, sm, n + 64);
reduce(h);
for (i = 32; i < 64; i++) sm[i] = sk[i]
crypto_hash(h, sm, n + 64)
reduce(h)
for (i = 0; i < 64; i++) x[i] = 0;
for (i = 0; i < 32; i++) x[i] = r[i];
for (i = 0; i < 64; i++) x[i] = 0
for (i = 0; i < 32; i++) x[i] = r[i]
for (i = 0; i < 32; i++) {
for (j = 0; j < 32; j++) {
x[i+j] += h[i] * d[j];
x[i + j] += h[i] * d[j]
}
}
modL(sm.subarray(32), x);
modL(sm.subarray(32), x)
return smlen
}
function crypto_sign_detached(sig, m, sk) {
function crypto_sign_detached (sig, m, sk) {
var sm = new Uint8Array(m.length + crypto_sign_BYTES)
crypto_sign(sm, m, sk)
for (var i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i]
for (let i = 0; i < crypto_sign_BYTES; i++) sig[i] = sm[i]
}
function unpackneg(r, p) {
function unpackneg (r, p) {
var t = gf(), chk = gf(), num = gf(),
den = gf(), den2 = gf(), den4 = gf(),
den6 = gf();
den = gf(), den2 = gf(), den4 = gf(),
den6 = gf()
set25519(r[2], gf1);
unpack25519(r[1], p);
S(num, r[1]);
M(den, num, D);
Z(num, num, r[2]);
A(den, r[2], den);
set25519(r[2], gf1)
unpack25519(r[1], p)
S(num, r[1])
M(den, num, D)
Z(num, num, r[2])
A(den, r[2], den)
S(den2, den);
S(den4, den2);
M(den6, den4, den2);
M(t, den6, num);
M(t, t, den);
S(den2, den)
S(den4, den2)
M(den6, den4, den2)
M(t, den6, num)
M(t, t, den)
pow2523(t, t);
M(t, t, num);
M(t, t, den);
M(t, t, den);
M(r[0], t, den);
pow2523(t, t)
M(t, t, num)
M(t, t, den)
M(t, t, den)
M(r[0], t, den)
S(chk, r[0]);
M(chk, chk, den);
if (neq25519(chk, num)) M(r[0], r[0], I);
S(chk, r[0])
M(chk, chk, den)
if (neq25519(chk, num)) M(r[0], r[0], I)
S(chk, r[0]);
M(chk, chk, den);
if (neq25519(chk, num)) return -1;
S(chk, r[0])
M(chk, chk, den)
if (neq25519(chk, num)) return -1
if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);
if (par25519(r[0]) === (p[31] >> 7)) Z(r[0], gf0, r[0])
M(r[3], r[0], r[1]);
return 0;
M(r[3], r[0], r[1])
return 0
}
function crypto_sign_open(msg, sm, pk) {
/* eslint-disable no-unused-vars */
function crypto_sign_open (msg, sm, pk) {
check(msg, sm.length - crypto_sign_BYTES)

@@ -268,32 +269,34 @@ check(sm, crypto_sign_BYTES)

var i, mlen;
var t = new Uint8Array(32), h = new Uint8Array(64);
var i, mlen
var t = new Uint8Array(32), h = new Uint8Array(64)
var p = [gf(), gf(), gf(), gf()],
q = [gf(), gf(), gf(), gf()];
q = [gf(), gf(), gf(), gf()]
mlen = -1;
if (n < 64) return false;
mlen = -1
if (n < 64) return false
if (unpackneg(q, pk)) return false;
if (unpackneg(q, pk)) return false
for (i = 0; i < n; i++) m[i] = sm[i];
for (i = 0; i < 32; i++) m[i+32] = pk[i];
crypto_hash(h, m, n);
reduce(h);
scalarmult(p, q, h);
for (i = 0; i < n; i++) m[i] = sm[i]
for (i = 0; i < 32; i++) m[i + 32] = pk[i]
crypto_hash(h, m, n)
reduce(h)
scalarmult(p, q, h)
scalarbase(q, sm.subarray(32));
add(p, q);
pack(t, p);
scalarbase(q, sm.subarray(32))
add(p, q)
pack(t, p)
n -= 64;
n -= 64
if (crypto_verify_32(sm, 0, t, 0)) {
for (i = 0; i < n; i++) m[i] = 0;
return false;
for (i = 0; i < n; i++) m[i] = 0
return false
// throw new Error('crypto_sign_open failed')
}
for (i = 0; i < n; i++) msg[i] = sm[i + 64];
mlen = n;
return true;
for (i = 0; i < n; i++) msg[i] = sm[i + 64]
mlen = n
return true
}
/* eslint-enable no-unused-vars */

@@ -309,13 +312,13 @@ function crypto_sign_verify_detached (sig, m, pk) {

function par25519(a) {
var d = new Uint8Array(32);
pack25519(d, a);
return d[0] & 1;
function par25519 (a) {
var d = new Uint8Array(32)
pack25519(d, a)
return d[0] & 1
}
function neq25519(a, b) {
var c = new Uint8Array(32), d = new Uint8Array(32);
pack25519(c, a);
pack25519(d, b);
return crypto_verify_32(c, 0, d, 0);
function neq25519 (a, b) {
var c = new Uint8Array(32), d = new Uint8Array(32)
pack25519(c, a)
pack25519(d, b)
return crypto_verify_32(c, 0, d, 0)
}

@@ -322,0 +325,0 @@

5

crypto_stream.js

@@ -1,2 +0,3 @@

var xsalsa20 = require('xsalsa20')
/* eslint-disable camelcase */
const xsalsa20 = require('xsalsa20')

@@ -15,3 +16,3 @@ if (new Uint16Array([1])[0] !== 1) throw new Error('Big endian architecture is not supported.')

exports.crypto_stream_xor = function (c, m, nonce, key) {
var xor = xsalsa20(nonce, key)
const xor = xsalsa20(nonce, key)

@@ -18,0 +19,0 @@ xor.update(m, c)

9

crypto_verify.js

@@ -0,1 +1,2 @@

/* eslint-disable camelcase */
const assert = require('nanoassert')

@@ -11,12 +12,12 @@

function vn (x, xi, y, yi, n) {
var i, d = 0
for (i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]
var d = 0
for (let i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]
return (1 & ((d - 1) >>> 8)) - 1
}
function crypto_verify_16(x, xi, y, yi) {
function crypto_verify_16 (x, xi, y, yi) {
return vn(x, xi, y, yi, 16)
}
function crypto_verify_32(x, xi, y, yi) {
function crypto_verify_32 (x, xi, y, yi) {
return vn(x, xi, y, yi, 32)

@@ -23,0 +24,0 @@ }

12

example.js

@@ -1,5 +0,5 @@

var sodium = require('./')
const sodium = require('./')
var key = new Buffer(sodium.crypto_secretbox_KEYBYTES)
var nonce = new Buffer(sodium.crypto_secretbox_NONCEBYTES)
const key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES)
const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)

@@ -9,4 +9,4 @@ sodium.randombytes_buf(key)

var message = new Buffer('Hello, World!')
var cipher = new Buffer(message.length + sodium.crypto_secretbox_MACBYTES)
const message = Buffer.from('Hello, World!')
const cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES)

@@ -17,3 +17,3 @@ sodium.crypto_secretbox_easy(cipher, message, nonce, key)

var plainText = new Buffer(cipher.length - sodium.crypto_secretbox_MACBYTES)
const plainText = Buffer.alloc(cipher.length - sodium.crypto_secretbox_MACBYTES)

@@ -20,0 +20,0 @@ sodium.crypto_secretbox_open_easy(plainText, cipher, nonce, key)

13

index.js

@@ -5,4 +5,2 @@ 'use strict'

var sodium = module.exports
// Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.

@@ -14,12 +12,3 @@ // Public domain.

// also forwarded at the bottom but randombytes is non-enumerable
sodium.sodium_memzero = function (arr) {
arr.fill(0)
}
sodium.sodium_malloc = function (n) {
return new Uint8Array(n)
}
forward(require('./memory'))
forward(require('./crypto_box'))

@@ -26,0 +15,0 @@ forward(require('./crypto_generichash'))

32

package.json
{
"name": "sodium-javascript",
"version": "0.6.0",
"version": "0.6.1",
"description": "WIP - a pure javascript version of sodium-native",

@@ -9,3 +9,3 @@ "main": "index.js",

"chacha20-universal": "^1.0.4",
"nanoassert": "^1.0.0",
"nanoassert": "^2.0.0",
"sha256-wasm": "^1.3.0",

@@ -17,6 +17,13 @@ "sha512-wasm": "^1.2.0",

"devDependencies": {
"browser-run": "^4.0.2",
"browserify": "^14.1.0",
"sodium-test": "^0.9.0"
"browser-run": "^7.0.2",
"browserify": "^16.5.1",
"sodium-test": "^0.9.0",
"standard": "^14.3.4",
"tape-run": "^7.0.0"
},
"standard": {
"ignore": [
"/internal/**/*.js"
]
},
"browser": {

@@ -30,3 +37,4 @@ "crypto": false

"browser": "browserify test.js | browser-run",
"browser-manual": "browserify test.js | browser-run -p 1234",
"browser-manual": "browserify test.js | tape-run",
"pretest": "standard",
"test": "node test.js"

@@ -36,10 +44,14 @@ },

"type": "git",
"url": "https://github.com/mafintosh/sodium-javascript.git"
"url": "git+https://github.com/sodium-friends/sodium-javascript.git"
},
"author": "Mathias Buus (@mafintosh)",
"contributors": [
"Christophe Diederichs <chm-diederichs@hyperdivision.dk>",
"Emil Bay <github@tixz.dk> (http://bayes.dk)",
"Mathias Buus <mathiasbuus@gmail.com> (https://mafinto.sh)"
],
"license": "MIT",
"bugs": {
"url": "https://github.com/mafintosh/sodium-javascript/issues"
"url": "https://github.com/sodium-friends/sodium-javascript/issues"
},
"homepage": "https://github.com/mafintosh/sodium-javascript"
"homepage": "https://github.com/sodium-friends/sodium-javascript#readme"
}

26

randombytes.js
var assert = require('nanoassert')
var randombytes = (function () {
var QUOTA = 65536 // limit for QuotaExceededException
var crypto = typeof global !== 'undefined' ? crypto = (global.crypto || global.msCrypto) : null
var crypto = global.crypto || global.msCrypto
function browserBytes (out, n) {
for (var i = 0; i < n; i += QUOTA) {
crypto.getRandomValues(out.subarray(i, i + Math.min(n - i, QUOTA)))
for (let i = 0; i < n; i += QUOTA) {
crypto.getRandomValues(new Uint8Array(out.buffer, i + out.byteOffset, Math.min(n - i, QUOTA)))
}

@@ -13,3 +14,3 @@ }

function nodeBytes (out, n) {
out.set(crypto.randomBytes(n))
new Uint8Array(out.buffer, out.byteOffset, n).set(crypto.randomBytes(n))
}

@@ -21,10 +22,8 @@

if (crypto && crypto.getRandomValues) {
return browserBytes
} else if (typeof require !== 'undefined') {
// Node.js.
crypto = require('crypto')
if (crypto && crypto.randomBytes) {
return nodeBytes
}
if (crypto && crypto.getRandomValues) return browserBytes
if (require != null) {
// Node.js. Bust Browserify
crypto = require('cry' + 'pto')
if (crypto && crypto.randomBytes) return nodeBytes
}

@@ -35,2 +34,3 @@

// Make non enumerable as this is an internal function
Object.defineProperty(module.exports, 'randombytes', {

@@ -42,3 +42,3 @@ value: randombytes

assert(out, 'out must be given')
randombytes(out, out.length)
randombytes(out, out.byteLength)
}

37

README.md

@@ -1,17 +0,15 @@

# sodium-javascript
# `sodium-javascript`
WIP - a pure javascript version of [sodium-native](https://github.com/mafintosh/sodium-native).
[![Build Status](https://travis-ci.org/sodium-friends/sodium-javascript.svg?branch=master)](https://travis-ci.org/sodium-friends/sodium-javascript)
> WIP - a pure javascript version of [sodium-native](https://github.com/sodium-friends/sodium-native).
Based on tweetnacl
```
npm install sodium-javascript
```
## Usage
``` js
var sodium = require('sodium-javascript')
const sodium = require('sodium-javascript')
var key = new Buffer(sodium.crypto_secretbox_KEYBYTES)
var nonce = new Buffer(sodium.crypto_secretbox_NONCEBYTES)
const key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES)
const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)

@@ -21,4 +19,4 @@ sodium.randombytes_buf(key)

var message = new Buffer('Hello, World!')
var cipher = new Buffer(message.length + sodium.crypto_secretbox_MACBYTES)
const message = Buffer.from('Hello, World!')
const cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES)

@@ -29,3 +27,3 @@ sodium.crypto_secretbox_easy(cipher, message, nonce, key)

var plainText = new Buffer(cipher.length - sodium.crypto_secretbox_MACBYTES)
const plainText = Buffer.alloc(cipher.length - sodium.crypto_secretbox_MACBYTES)

@@ -39,7 +37,18 @@ sodium.crypto_secretbox_open_easy(plainText, cipher, nonce, key)

See [sodium-native](https://github.com/mafintosh/sodium-native).
See [sodium-native](https://github.com/sodium-friends/sodium-native).
This is a work in progress so all functions are not implemented yet.
This module is organised into individual submodules which can be required
independently for smaller bundles in the browser. To leverage automatic
switching between `sodium-javascript` and `sodium-native`, see
[`sodium-universal`](https://github.com/sodium-friends/sodium-universal).
## Install
```
npm install sodium-javascript
```
## License
MIT
[MIT](LICENSE)
ed25519.js
poly1305.js
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc