Socket
Socket
Sign inDemoInstall

sodium-javascript

Package Overview
Dependencies
Maintainers
3
Versions
23
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

sodium-javascript - npm Package Compare versions

Comparing version 0.6.3 to 0.7.0

crypto_auth.js

102

crypto_box.js

@@ -6,3 +6,9 @@ /* eslint-disable camelcase */

const { crypto_generichash_batch } = require('./crypto_generichash')
const { crypto_secretbox_open_easy, crypto_secretbox_easy } = require('./crypto_secretbox')
const { crypto_stream_xsalsa20_MESSAGEBYTES_MAX } = require('./crypto_stream')
const {
crypto_secretbox_open_easy,
crypto_secretbox_easy,
crypto_secretbox_detached,
crypto_secretbox_open_detached
} = require('./crypto_secretbox')
const xsalsa20 = require('xsalsa20')

@@ -19,4 +25,13 @@ const assert = require('nanoassert')

const crypto_box_BEFORENMBYTES = 32
const crypto_box_MACBYTES = 16
const crypto_box_curve25519xsalsa20poly1305_MACBYTES = 16
const crypto_box_MESSAGEBYTES_MAX =
crypto_stream_xsalsa20_MESSAGEBYTES_MAX -
crypto_box_curve25519xsalsa20poly1305_MACBYTES
module.exports = {
crypto_box_easy,
crypto_box_open_easy,
crypto_box_keypair,

@@ -33,3 +48,4 @@ crypto_box_seed_keypair,

crypto_box_SEEDBYTES,
crypto_box_BEFORENMBYTES
crypto_box_BEFORENMBYTES,
crypto_box_MACBYTES
}

@@ -43,3 +59,2 @@

}
function crypto_box_seed_keypair (pk, sk, seed) {

@@ -102,2 +117,83 @@ assert(pk.byteLength === crypto_box_PUBLICKEYBYTES, "pk should be 'crypto_box_PUBLICKEYBYTES' bytes")

function crypto_box_beforenm (k, pk, sk) {
const zero = new Uint8Array(16)
const s = new Uint8Array(32)
assert(crypto_scalarmult(s, sk, pk) === 0)
xsalsa20.core_hsalsa20(k, zero, s, xsalsa20.SIGMA)
return true
}
function crypto_box_detached_afternm (c, mac, m, n, k) {
return crypto_secretbox_detached(c, mac, m, n, k)
}
function crypto_box_detached (c, mac, m, n, pk, sk) {
check(mac, crypto_box_MACBYTES)
check(n, crypto_box_NONCEBYTES)
check(pk, crypto_box_PUBLICKEYBYTES)
check(sk, crypto_box_SECRETKEYBYTES)
const k = new Uint8Array(crypto_box_BEFORENMBYTES)
assert(crypto_box_beforenm(k, pk, sk))
const ret = crypto_box_detached_afternm(c, mac, m, n, k)
cleanup(k)
return ret
}
function crypto_box_easy (c, m, n, pk, sk) {
assert(
c.length >= m.length + crypto_box_MACBYTES,
"c should be at least 'm.length + crypto_box_MACBYTES' bytes"
)
assert(
m.length <= crypto_box_MESSAGEBYTES_MAX,
"m should be at most 'crypto_box_MESSAGEBYTES_MAX' bytes"
)
return crypto_box_detached(
c.subarray(crypto_box_MACBYTES, m.length + crypto_box_MACBYTES),
c.subarray(0, crypto_box_MACBYTES),
m,
n,
pk,
sk
)
}
function crypto_box_open_detached_afternm (m, c, mac, n, k) {
return crypto_secretbox_open_detached(m, c, mac, n, k)
}
function crypto_box_open_detached (m, c, mac, n, pk, sk) {
const k = new Uint8Array(crypto_box_BEFORENMBYTES)
assert(crypto_box_beforenm(k, pk, sk))
const ret = crypto_box_open_detached_afternm(m, c, mac, n, k)
cleanup(k)
return ret
}
function crypto_box_open_easy (m, c, n, pk, sk) {
assert(
c.length >= m.length + crypto_box_MACBYTES,
"c should be at least 'm.length + crypto_box_MACBYTES' bytes"
)
return crypto_box_open_detached(
m,
c.subarray(crypto_box_MACBYTES, m.length + crypto_box_MACBYTES),
c.subarray(0, crypto_box_MACBYTES),
n,
pk,
sk
)
}
function check (buf, len) {

@@ -104,0 +200,0 @@ if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : ''))

8

crypto_secretbox.js

@@ -71,4 +71,4 @@ /* eslint-disable camelcase */

crypto_secretbox_easy(tmp, msg, n, k)
o.set(tmp.subarray(0, msg.byteLength))
mac.set(tmp.subarray(msg.byteLength))
mac.set(tmp.subarray(0, mac.byteLength))
o.set(tmp.subarray(mac.byteLength))
return true

@@ -84,4 +84,4 @@ }

const tmp = new Uint8Array(o.byteLength + mac.byteLength)
tmp.set(o)
tmp.set(mac, msg.byteLength)
tmp.set(mac)
tmp.set(o, mac.byteLength)
return crypto_secretbox_open_easy(msg, tmp, n, k)

@@ -88,0 +88,0 @@ }

189

crypto_sign.js

@@ -11,8 +11,16 @@ /* eslint-disable camelcase, one-var */

const { randombytes } = require('./randombytes')
const { crypto_scalarmult_BYTES } = require('./crypto_scalarmult.js')
const { crypto_hash_sha512_BYTES } = require('./crypto_hash.js')
const assert = require('nanoassert')
const crypto_sign_BYTES = 64
const crypto_sign_PUBLICKEYBYTES = 32
const crypto_sign_SECRETKEYBYTES = 64
const crypto_sign_SEEDBYTES = 32
const crypto_sign_ed25519_PUBLICKEYBYTES = 32
const crypto_sign_ed25519_SECRETKEYBYTES = 64
const crypto_sign_ed25519_SEEDBYTES = 32
const crypto_sign_ed25519_BYTES = 64
const crypto_sign_BYTES = crypto_sign_ed25519_BYTES
const crypto_sign_PUBLICKEYBYTES = crypto_sign_ed25519_PUBLICKEYBYTES
const crypto_sign_SECRETKEYBYTES = crypto_sign_ed25519_SECRETKEYBYTES
const crypto_sign_SEEDBYTES = crypto_sign_ed25519_SEEDBYTES
module.exports = {

@@ -28,3 +36,11 @@ crypto_sign_keypair,

crypto_sign_SECRETKEYBYTES,
crypto_sign_SEEDBYTES
crypto_sign_SEEDBYTES,
crypto_sign_ed25519_PUBLICKEYBYTES,
crypto_sign_ed25519_SECRETKEYBYTES,
crypto_sign_ed25519_SEEDBYTES,
crypto_sign_ed25519_BYTES,
crypto_sign_ed25519_pk_to_curve25519,
crypto_sign_ed25519_sk_to_curve25519,
unpackneg,
pack
}

@@ -90,2 +106,4 @@

function scalarmult (p, q, s) {
// don't mutate q
var h = [gf(q[0]), gf(q[1]), gf(q[2]), gf(q[3])]
var b, i

@@ -98,6 +116,6 @@ set25519(p[0], gf0)

b = (s[(i / 8) | 0] >> (i & 7)) & 1
cswap(p, q, b)
add(q, p)
cswap(p, h, b)
add(h, p)
add(p, p)
cswap(p, q, b)
cswap(p, h, b)
}

@@ -133,3 +151,2 @@ }

for (i = 0; i < 32; i++) sk[i + 32] = pk[i]
return 0
}

@@ -224,2 +241,20 @@

function is_zero25519 (f) {
var s = new Uint8Array(32)
pack25519(s, f)
return sodium_is_zero(s, 32)
function sodium_is_zero (n) {
let i
let d = 0
for (let i = 0; i < n.length; i++) {
d |= n[i]
}
return 1 & ((d - 1) >> 8)
}
}
function unpackneg (r, p) {

@@ -257,3 +292,5 @@ var t = gf(), chk = gf(), num = gf(),

if (par25519(r[0]) === (p[31] >> 7)) Z(r[0], gf0, r[0])
if (par25519(r[0]) === (p[31] >> 7)) {
Z(r[0], gf(), r[0])
}

@@ -327,4 +364,132 @@ M(r[3], r[0], r[1])

function check (buf, len) {
if (!buf || (len && buf.length < len)) throw new Error('Argument must be a buffer' + (len ? ' of length ' + len : ''))
function ed25519_mul_l (p, q) {
scalarmult(p, q, L)
}
function ed25519_is_on_main_subgroup (p) {
var pl = [gf(), gf(), gf(), gf()]
ed25519_mul_l(pl, p)
var zero = 0
for (let i = 0; i < 16; i++) {
zero |= (pl[0][i] & 0xffff)
}
return zero === 0
}
function crypto_sign_ed25519_pk_to_curve25519 (x25519_pk, ed25519_pk) {
check(x25519_pk, crypto_sign_PUBLICKEYBYTES)
check(ed25519_pk, crypto_sign_ed25519_PUBLICKEYBYTES)
var a = [gf(), gf(), gf(), gf()]
var x = gf([1])
var one_minus_y = gf([1])
assert(
isSmallOrder(ed25519_pk) &&
unpackneg(a, ed25519_pk) &&
ed25519_is_on_main_subgroup(a), 'Cannot convert key: bad point')
for (let i = 0; i < a.length; i++) {
pack25519(x25519_pk, a[i]);
}
Z(one_minus_y, one_minus_y, a[1])
A(x, x, a[1])
inv25519(one_minus_y, one_minus_y)
M(x, x, one_minus_y)
pack25519(x25519_pk, x)
return 0
}
function isSmallOrder (s) {
Uint8Array.from([])
var bad_points = [
// 0 (order 4)
Uint8Array.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]),
// 1 (order 1)
Uint8Array.from([0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]),
// 2707385501144840649318225287225658788936804267575313519463743609750303402022(order 8)
Uint8Array.from([0x26, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, 0x45, 0xc3,
0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, 0xd5, 0xdf, 0xac, 0x05, 0xd3,
0xc6, 0x33, 0x39, 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x05]),
// 55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8)
Uint8Array.from([0xc7, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, 0xba, 0x3c,
0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, 0x2a, 0x20, 0x53, 0xfa, 0x2c,
0x39, 0xcc, 0xc6, 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0x7a]),
// p-1 (order 2)
Uint8Array.from([0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f]),
// p (=0 order 4)
Uint8Array.from([0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f]),
// p + 1 (=1 order 1)
Uint8Array.from([0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f])
]
var c = new Uint8Array(7)
var j
check (bad_points, 7)
for (let i = 0; i < bad_points.length; i++) {
for (j = 0; j < 31; j++) {
c[i] |= s[j] ^ bad_points[i][j]
}
}
for (let i = 0; i < bad_points.length; i++) {
c[i] |= (s[j] & 0x7f) ^ bad_points[i][j]
}
var k = 0
for (let i = 0; i < bad_points.length; i++) {
k |= (c[i] - 1)
}
return ((k >> 8) & 1) === 0
}
function crypto_sign_ed25519_sk_to_pk (pk, sk) {
check(pk, crypto_sign_ed25519_PUBLICKEYBYTES)
pk.set(sk.subarray(crypto_sign_ed25519_SEEDBYTES))
return pk
}
function crypto_sign_ed25519_sk_to_curve25519 (curveSk, edSk) {
assert(curveSk && curveSk.byteLength === crypto_scalarmult_BYTES, "curveSk must be 'crypto_sign_SECRETKEYBYTES' long")
assert(edSk && edSk.byteLength === crypto_sign_ed25519_SECRETKEYBYTES, "edSk must be 'crypto_sign_ed25519_SECRETKEYBYTES' long")
var h = Buffer.alloc(crypto_hash_sha512_BYTES);
crypto_hash(h, edSk, 32)
h[0] &= 248;
h[31] &= 127;
h[31] |= 64;
curveSk.set(h.subarray(0, crypto_scalarmult_BYTES))
h.fill(0)
return curveSk
}
function check (buf, len, arg = 'Argument') {
if (!buf || (len && buf.length < len)) throw new Error(arg + ' must be a buffer' + (len ? ' of length ' + len : ''))
}

1

crypto_stream.js

@@ -9,2 +9,3 @@ /* eslint-disable camelcase */

exports.crypto_stream_PRIMITIVE = 'xsalsa20'
exports.crypto_stream_xsalsa20_MESSAGEBYTES_MAX = Number.MAX_SAFE_INTEGER

@@ -11,0 +12,0 @@ exports.crypto_stream = function (c, nonce, key) {

1

index.js

@@ -15,2 +15,3 @@ 'use strict'

forward(require('./crypto_verify'))
forward(require('./crypto_auth'))
forward(require('./crypto_box'))

@@ -17,0 +18,0 @@ forward(require('./crypto_generichash'))

8

package.json
{
"name": "sodium-javascript",
"version": "0.6.3",
"version": "0.7.0",
"description": "WIP - a pure javascript version of sodium-native",

@@ -10,4 +10,4 @@ "main": "index.js",

"nanoassert": "^2.0.0",
"sha256-universal": "^1.0.1",
"sha512-universal": "^1.0.1",
"sha256-universal": "^1.1.0",
"sha512-universal": "^1.1.0",
"siphash24": "^1.0.1",

@@ -18,3 +18,3 @@ "xsalsa20": "^1.0.0"

"browserify": "^16.5.1",
"sodium-test": "^0.9.0",
"sodium-test": "^0.10.0",
"standard": "^14.3.4",

@@ -21,0 +21,0 @@ "tape-run": "^7.0.0"

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc