@bitgo-beta/blake2b 3.2.1-alpha.53 → 3.2.1-alpha.54

package/README.md

@@ -7,10 +7,10 @@
 This module is based on @dcposch
 [implementation of BLAKE2b](https://github.com/dcposch/blakejs), with some changes:
 
-* This module requires you to pass in a `out` buffer, saving an allocation
-* This module allows you to set the `salt` and `personal` parameters
-* This module exports constants for the parameters in libsodium style
-* Uses a WASM version (where it is supported) for massive performance boosts
+- This module requires you to pass in a `out` buffer, saving an allocation
+- This module allows you to set the `salt` and `personal` parameters
+- This module exports constants for the parameters in libsodium style
+- Uses a WASM version (where it is supported) for massive performance boosts
 
 All credit goes to @dcposch for doing the hard work of porting the
 implementation from C to JavaScript.
@@ -18,12 +18,12 @@ implementation from C to JavaScript.
 ## Usage
 
 ```js
-var blake2b = require('@bitgo/blake2b')
+var blake2b = require('@bitgo/blake2b');
 
-var output = new Uint8Array(64)
-var input = Buffer.from('hello world')
+var output = new Uint8Array(64);
+var input = Buffer.from('hello world');
 
-console.log('hash:', blake2b(output.length).update(input).digest('hex'))
+console.log('hash:', blake2b(output.length).update(input).digest('hex'));
 ```
 
 ## API
@@ -37,14 +37,14 @@ All parameters must be `Uint8Array`, `Buffer` or another object with a compatibl
 API. All parameters must also fulfill the following constraints, or an
 `AssertionError` will be thrown (unless `noAssert = true`):
 
-* `outLength` must within the byte ranges defined by the constants below.
-* `key` is optional, but must within the byte ranges defined by the constants
-   below, if given. This value must be kept secret, and can be used to create
-   prefix-MACs.
-* `salt` is optional, but must be exactly `SALTBYTES`, if given. You can use
+- `outLength` must within the byte ranges defined by the constants below.
+- `key` is optional, but must within the byte ranges defined by the constants
+  below, if given. This value must be kept secret, and can be used to create
+  prefix-MACs.
+- `salt` is optional, but must be exactly `SALTBYTES`, if given. You can use
   this parameter as a kind of per user id, or local versioning scheme. This
   value is not required to be secret.
-* `personal` is optional, but must be exactly `PERSONALBYTES`, if given. You can
+- `personal` is optional, but must be exactly `PERSONALBYTES`, if given. You can
   use this parameter as a kind of app id, or global versioning scheme. This
   value is not required to be secret.
 
@@ -63,14 +63,14 @@ to have the hash return a new Uint8Array with the hash.
 
 ### Constants
 
-* `blake2b.BYTES_MIN` Minimum length of `out`
-* `blake2b.BYTES_MAX` Maximum length of `out`
-* `blake2b.BYTES` Recommended default length of `out`
-* `blake2b.KEYBYTES_MIN` Minimum length of `key`
-* `blake2b.KEYBYTES_MAX` Maximum length of `key`
-* `blake2b.KEYBYTES` Recommended default length of `key`
-* `blake2b.SALTBYTES` Required length of `salt`
-* `blake2b.PERSONALBYTES` Required length of `personal`
+- `blake2b.BYTES_MIN` Minimum length of `out`
+- `blake2b.BYTES_MAX` Maximum length of `out`
+- `blake2b.BYTES` Recommended default length of `out`
+- `blake2b.KEYBYTES_MIN` Minimum length of `key`
+- `blake2b.KEYBYTES_MAX` Maximum length of `key`
+- `blake2b.KEYBYTES` Recommended default length of `key`
+- `blake2b.SALTBYTES` Required length of `salt`
+- `blake2b.PERSONALBYTES` Required length of `personal`
 
 ## Install
 
@@ -84,9 +84,9 @@ This repository includes test vectors with
 `{outlen, out, input, key, salt, personal}` objects for testing conformance
 against the spec and other implementations:
 
-* Lines [2 - 257](test-vectors.json#L2-L257) are tests for hashing with no key, taken from [BLAKE2 test vectors](https://github.com/BLAKE2/BLAKE2/blob/5cbb39c9ef8007f0b63723e3aea06cd0887e36ad/testvectors/blake2-kat.json)
-* Lines [258 - 513](test-vectors.json#L258-L513) are tests for hashing with keys, taken from [BLAKE2 test vectors](https://github.com/BLAKE2/BLAKE2/blob/5cbb39c9ef8007f0b63723e3aea06cd0887e36ad/testvectors/blake2-kat.json)
-* Lines [514- 577](test-vectors.json#L514-L577) are tests for hashing with key, salt and personalisation, derived from the [libsodium tests](https://github.com/jedisct1/libsodium/blob/3a9c4c38f7dbe671d91dcfa267c919734b4923df/test/default/generichash3.c)
+- Lines [2 - 257](test-vectors.json#L2-L257) are tests for hashing with no key, taken from [BLAKE2 test vectors](https://github.com/BLAKE2/BLAKE2/blob/5cbb39c9ef8007f0b63723e3aea06cd0887e36ad/testvectors/blake2-kat.json)
+- Lines [258 - 513](test-vectors.json#L258-L513) are tests for hashing with keys, taken from [BLAKE2 test vectors](https://github.com/BLAKE2/BLAKE2/blob/5cbb39c9ef8007f0b63723e3aea06cd0887e36ad/testvectors/blake2-kat.json)
+- Lines [514- 577](test-vectors.json#L514-L577) are tests for hashing with key, salt and personalisation, derived from the [libsodium tests](https://github.com/jedisct1/libsodium/blob/3a9c4c38f7dbe671d91dcfa267c919734b4923df/test/default/generichash3.c)
 
 ## License
 

package/example.js

@@ -1,11 +1,11 @@
-var blake2b = require('./index.js')
+var blake2b = require('./index.js');
 
-var output = new Uint8Array(32)
-var input = Buffer.alloc(2048)
+var output = new Uint8Array(32);
+var input = Buffer.alloc(2048);
 
-console.log('hash:', blake2b(output.length).update(input).digest('hex'))
+console.log('hash:', blake2b(output.length).update(input).digest('hex'));
 
 blake2b.ready(function () {
-  console.log('has wasm?', blake2b.WASM_LOADED)
-  console.log('hash again:', blake2b(output.length).update(input).digest('hex'))
-})
+  console.log('has wasm?', blake2b.WASM_LOADED);
+  console.log('hash again:', blake2b(output.length).update(input).digest('hex'));
+});

package/index.js

@@ -1,323 +1,370 @@
-var assert = require('nanoassert')
-var b2wasm = require('@bitgo-beta/blake2b-wasm')
+var assert = require('nanoassert');
+var b2wasm = require('@bitgo-beta/blake2b-wasm');
 
 // 64-bit unsigned addition
 // Sets v[a,a+1] += v[b,b+1]
 // v should be a Uint32Array
-function ADD64AA (v, a, b) {
-  var o0 = v[a] + v[b]
-  var o1 = v[a + 1] + v[b + 1]
+function ADD64AA(v, a, b) {
+  var o0 = v[a] + v[b];
+  var o1 = v[a + 1] + v[b + 1];
   if (o0 >= 0x100000000) {
-    o1++
+    o1++;
   }
-  v[a] = o0
-  v[a + 1] = o1
+  v[a] = o0;
+  v[a + 1] = o1;
 }
 
 // 64-bit unsigned addition
 // Sets v[a,a+1] += b
 // b0 is the low 32 bits of b, b1 represents the high 32 bits
-function ADD64AC (v, a, b0, b1) {
-  var o0 = v[a] + b0
+function ADD64AC(v, a, b0, b1) {
+  var o0 = v[a] + b0;
   if (b0 < 0) {
-    o0 += 0x100000000
+    o0 += 0x100000000;
   }
-  var o1 = v[a + 1] + b1
+  var o1 = v[a + 1] + b1;
   if (o0 >= 0x100000000) {
-    o1++
+    o1++;
   }
-  v[a] = o0
-  v[a + 1] = o1
+  v[a] = o0;
+  v[a + 1] = o1;
 }
 
 // Little-endian byte access
-function B2B_GET32 (arr, i) {
-  return (arr[i] ^
-  (arr[i + 1] << 8) ^
-  (arr[i + 2] << 16) ^
-  (arr[i + 3] << 24))
+function B2B_GET32(arr, i) {
+  return arr[i] ^ (arr[i + 1] << 8) ^ (arr[i + 2] << 16) ^ (arr[i + 3] << 24);
 }
 
 // G Mixing function
 // The ROTRs are inlined for speed
-function B2B_G (a, b, c, d, ix, iy) {
-  var x0 = m[ix]
-  var x1 = m[ix + 1]
-  var y0 = m[iy]
-  var y1 = m[iy + 1]
+function B2B_G(a, b, c, d, ix, iy) {
+  var x0 = m[ix];
+  var x1 = m[ix + 1];
+  var y0 = m[iy];
+  var y1 = m[iy + 1];
 
-  ADD64AA(v, a, b) // v[a,a+1] += v[b,b+1] ... in JS we must store a uint64 as two uint32s
-  ADD64AC(v, a, x0, x1) // v[a, a+1] += x ... x0 is the low 32 bits of x, x1 is the high 32 bits
+  ADD64AA(v, a, b); // v[a,a+1] += v[b,b+1] ... in JS we must store a uint64 as two uint32s
+  ADD64AC(v, a, x0, x1); // v[a, a+1] += x ... x0 is the low 32 bits of x, x1 is the high 32 bits
 
   // v[d,d+1] = (v[d,d+1] xor v[a,a+1]) rotated to the right by 32 bits
-  var xor0 = v[d] ^ v[a]
-  var xor1 = v[d + 1] ^ v[a + 1]
-  v[d] = xor1
-  v[d + 1] = xor0
+  var xor0 = v[d] ^ v[a];
+  var xor1 = v[d + 1] ^ v[a + 1];
+  v[d] = xor1;
+  v[d + 1] = xor0;
 
-  ADD64AA(v, c, d)
+  ADD64AA(v, c, d);
 
   // v[b,b+1] = (v[b,b+1] xor v[c,c+1]) rotated right by 24 bits
-  xor0 = v[b] ^ v[c]
-  xor1 = v[b + 1] ^ v[c + 1]
-  v[b] = (xor0 >>> 24) ^ (xor1 << 8)
-  v[b + 1] = (xor1 >>> 24) ^ (xor0 << 8)
+  xor0 = v[b] ^ v[c];
+  xor1 = v[b + 1] ^ v[c + 1];
+  v[b] = (xor0 >>> 24) ^ (xor1 << 8);
+  v[b + 1] = (xor1 >>> 24) ^ (xor0 << 8);
 
-  ADD64AA(v, a, b)
-  ADD64AC(v, a, y0, y1)
+  ADD64AA(v, a, b);
+  ADD64AC(v, a, y0, y1);
 
   // v[d,d+1] = (v[d,d+1] xor v[a,a+1]) rotated right by 16 bits
-  xor0 = v[d] ^ v[a]
-  xor1 = v[d + 1] ^ v[a + 1]
-  v[d] = (xor0 >>> 16) ^ (xor1 << 16)
-  v[d + 1] = (xor1 >>> 16) ^ (xor0 << 16)
+  xor0 = v[d] ^ v[a];
+  xor1 = v[d + 1] ^ v[a + 1];
+  v[d] = (xor0 >>> 16) ^ (xor1 << 16);
+  v[d + 1] = (xor1 >>> 16) ^ (xor0 << 16);
 
-  ADD64AA(v, c, d)
+  ADD64AA(v, c, d);
 
   // v[b,b+1] = (v[b,b+1] xor v[c,c+1]) rotated right by 63 bits
-  xor0 = v[b] ^ v[c]
-  xor1 = v[b + 1] ^ v[c + 1]
-  v[b] = (xor1 >>> 31) ^ (xor0 << 1)
-  v[b + 1] = (xor0 >>> 31) ^ (xor1 << 1)
+  xor0 = v[b] ^ v[c];
+  xor1 = v[b + 1] ^ v[c + 1];
+  v[b] = (xor1 >>> 31) ^ (xor0 << 1);
+  v[b + 1] = (xor0 >>> 31) ^ (xor1 << 1);
 }
 
 // Initialization Vector
 var BLAKE2B_IV32 = new Uint32Array([
-  0xF3BCC908, 0x6A09E667, 0x84CAA73B, 0xBB67AE85,
-  0xFE94F82B, 0x3C6EF372, 0x5F1D36F1, 0xA54FF53A,
-  0xADE682D1, 0x510E527F, 0x2B3E6C1F, 0x9B05688C,
-  0xFB41BD6B, 0x1F83D9AB, 0x137E2179, 0x5BE0CD19
-])
+  0xf3bcc908, 0x6a09e667, 0x84caa73b, 0xbb67ae85, 0xfe94f82b, 0x3c6ef372, 0x5f1d36f1, 0xa54ff53a, 0xade682d1,
+  0x510e527f, 0x2b3e6c1f, 0x9b05688c, 0xfb41bd6b, 0x1f83d9ab, 0x137e2179, 0x5be0cd19,
+]);
 
 var SIGMA8 = [
-  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
-  14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3,
-  11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4,
-  7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8,
-  9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13,
-  2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9,
-  12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11,
-  13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10,
-  6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5,
-  10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0,
-  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
-  14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3
-]
+  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3, 11, 8, 12,
+  0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4, 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8, 9, 0, 5, 7, 2, 4, 10,
+  15, 14, 1, 11, 12, 6, 8, 3, 13, 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9, 12, 5, 1, 15, 14, 13, 4, 10, 0,
+  7, 6, 3, 9, 2, 8, 11, 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10, 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7,
+  1, 4, 10, 5, 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
+  15, 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3,
+];
 
 // These are offsets into a uint64 buffer.
 // Multiply them all by 2 to make them offsets into a uint32 buffer,
 // because this is JavaScript and we don't have uint64s
-var SIGMA82 = new Uint8Array(SIGMA8.map(function (x) { return x * 2 }))
+var SIGMA82 = new Uint8Array(
+  SIGMA8.map(function (x) {
+    return x * 2;
+  })
+);
 
 // Compression function. 'last' flag indicates last block.
 // Note we're representing 16 uint64s as 32 uint32s
-var v = new Uint32Array(32)
-var m = new Uint32Array(32)
-function blake2bCompress (ctx, last) {
-  var i = 0
+var v = new Uint32Array(32);
+var m = new Uint32Array(32);
+function blake2bCompress(ctx, last) {
+  var i = 0;
 
   // init work variables
   for (i = 0; i < 16; i++) {
-    v[i] = ctx.h[i]
-    v[i + 16] = BLAKE2B_IV32[i]
+    v[i] = ctx.h[i];
+    v[i + 16] = BLAKE2B_IV32[i];
   }
 
   // low 64 bits of offset
-  v[24] = v[24] ^ ctx.t
-  v[25] = v[25] ^ (ctx.t / 0x100000000)
+  v[24] = v[24] ^ ctx.t;
+  v[25] = v[25] ^ (ctx.t / 0x100000000);
   // high 64 bits not supported, offset may not be higher than 2**53-1
 
   // last block flag set ?
   if (last) {
-    v[28] = ~v[28]
-    v[29] = ~v[29]
+    v[28] = ~v[28];
+    v[29] = ~v[29];
   }
 
   // get little-endian words
   for (i = 0; i < 32; i++) {
-    m[i] = B2B_GET32(ctx.b, 4 * i)
+    m[i] = B2B_GET32(ctx.b, 4 * i);
   }
 
   // twelve rounds of mixing
   for (i = 0; i < 12; i++) {
-    B2B_G(0, 8, 16, 24, SIGMA82[i * 16 + 0], SIGMA82[i * 16 + 1])
-    B2B_G(2, 10, 18, 26, SIGMA82[i * 16 + 2], SIGMA82[i * 16 + 3])
-    B2B_G(4, 12, 20, 28, SIGMA82[i * 16 + 4], SIGMA82[i * 16 + 5])
-    B2B_G(6, 14, 22, 30, SIGMA82[i * 16 + 6], SIGMA82[i * 16 + 7])
-    B2B_G(0, 10, 20, 30, SIGMA82[i * 16 + 8], SIGMA82[i * 16 + 9])
-    B2B_G(2, 12, 22, 24, SIGMA82[i * 16 + 10], SIGMA82[i * 16 + 11])
-    B2B_G(4, 14, 16, 26, SIGMA82[i * 16 + 12], SIGMA82[i * 16 + 13])
-    B2B_G(6, 8, 18, 28, SIGMA82[i * 16 + 14], SIGMA82[i * 16 + 15])
+    B2B_G(0, 8, 16, 24, SIGMA82[i * 16 + 0], SIGMA82[i * 16 + 1]);
+    B2B_G(2, 10, 18, 26, SIGMA82[i * 16 + 2], SIGMA82[i * 16 + 3]);
+    B2B_G(4, 12, 20, 28, SIGMA82[i * 16 + 4], SIGMA82[i * 16 + 5]);
+    B2B_G(6, 14, 22, 30, SIGMA82[i * 16 + 6], SIGMA82[i * 16 + 7]);
+    B2B_G(0, 10, 20, 30, SIGMA82[i * 16 + 8], SIGMA82[i * 16 + 9]);
+    B2B_G(2, 12, 22, 24, SIGMA82[i * 16 + 10], SIGMA82[i * 16 + 11]);
+    B2B_G(4, 14, 16, 26, SIGMA82[i * 16 + 12], SIGMA82[i * 16 + 13]);
+    B2B_G(6, 8, 18, 28, SIGMA82[i * 16 + 14], SIGMA82[i * 16 + 15]);
   }
 
   for (i = 0; i < 16; i++) {
-    ctx.h[i] = ctx.h[i] ^ v[i] ^ v[i + 16]
+    ctx.h[i] = ctx.h[i] ^ v[i] ^ v[i + 16];
   }
 }
 
 // reusable parameter_block
 var parameter_block = new Uint8Array([
-  0, 0, 0, 0,      //  0: outlen, keylen, fanout, depth
-  0, 0, 0, 0,      //  4: leaf length, sequential mode
-  0, 0, 0, 0,      //  8: node offset
-  0, 0, 0, 0,      // 12: node offset
-  0, 0, 0, 0,      // 16: node depth, inner length, rfu
-  0, 0, 0, 0,      // 20: rfu
-  0, 0, 0, 0,      // 24: rfu
-  0, 0, 0, 0,      // 28: rfu
-  0, 0, 0, 0,      // 32: salt
-  0, 0, 0, 0,      // 36: salt
-  0, 0, 0, 0,      // 40: salt
-  0, 0, 0, 0,      // 44: salt
-  0, 0, 0, 0,      // 48: personal
-  0, 0, 0, 0,      // 52: personal
-  0, 0, 0, 0,      // 56: personal
-  0, 0, 0, 0       // 60: personal
-])
+  0,
+  0,
+  0,
+  0, //  0: outlen, keylen, fanout, depth
+  0,
+  0,
+  0,
+  0, //  4: leaf length, sequential mode
+  0,
+  0,
+  0,
+  0, //  8: node offset
+  0,
+  0,
+  0,
+  0, // 12: node offset
+  0,
+  0,
+  0,
+  0, // 16: node depth, inner length, rfu
+  0,
+  0,
+  0,
+  0, // 20: rfu
+  0,
+  0,
+  0,
+  0, // 24: rfu
+  0,
+  0,
+  0,
+  0, // 28: rfu
+  0,
+  0,
+  0,
+  0, // 32: salt
+  0,
+  0,
+  0,
+  0, // 36: salt
+  0,
+  0,
+  0,
+  0, // 40: salt
+  0,
+  0,
+  0,
+  0, // 44: salt
+  0,
+  0,
+  0,
+  0, // 48: personal
+  0,
+  0,
+  0,
+  0, // 52: personal
+  0,
+  0,
+  0,
+  0, // 56: personal
+  0,
+  0,
+  0,
+  0, // 60: personal
+]);
 
 // Creates a BLAKE2b hashing context
 // Requires an output length between 1 and 64 bytes
 // Takes an optional Uint8Array key
-function Blake2b (outlen, key, salt, personal) {
+function Blake2b(outlen, key, salt, personal) {
   // zero out parameter_block before usage
-  parameter_block.fill(0)
+  parameter_block.fill(0);
   // state, 'param block'
 
-  this.b = new Uint8Array(128)
-  this.h = new Uint32Array(16)
-  this.t = 0 // input count
-  this.c = 0 // pointer within buffer
-  this.outlen = outlen // output length in bytes
+  this.b = new Uint8Array(128);
+  this.h = new Uint32Array(16);
+  this.t = 0; // input count
+  this.c = 0; // pointer within buffer
+  this.outlen = outlen; // output length in bytes
 
-  parameter_block[0] = outlen
-  if (key) parameter_block[1] = key.length
-  parameter_block[2] = 1 // fanout
-  parameter_block[3] = 1 // depth
+  parameter_block[0] = outlen;
+  if (key) parameter_block[1] = key.length;
+  parameter_block[2] = 1; // fanout
+  parameter_block[3] = 1; // depth
 
-  if (salt) parameter_block.set(salt, 32)
-  if (personal) parameter_block.set(personal, 48)
+  if (salt) parameter_block.set(salt, 32);
+  if (personal) parameter_block.set(personal, 48);
 
   // initialize hash state
   for (var i = 0; i < 16; i++) {
-    this.h[i] = BLAKE2B_IV32[i] ^ B2B_GET32(parameter_block, i * 4)
+    this.h[i] = BLAKE2B_IV32[i] ^ B2B_GET32(parameter_block, i * 4);
   }
 
   // key the hash, if applicable
   if (key) {
-    blake2bUpdate(this, key)
+    blake2bUpdate(this, key);
     // at the end
-    this.c = 128
+    this.c = 128;
   }
 }
 
 Blake2b.prototype.update = function (input) {
-  assert(input instanceof Uint8Array, 'input must be Uint8Array or Buffer')
-  blake2bUpdate(this, input)
-  return this
-}
+  assert(input instanceof Uint8Array, 'input must be Uint8Array or Buffer');
+  blake2bUpdate(this, input);
+  return this;
+};
 
 Blake2b.prototype.digest = function (out) {
-  var buf = (!out || out === 'binary' || out === 'hex') ? new Uint8Array(this.outlen) : out
-  assert(buf instanceof Uint8Array, 'out must be "binary", "hex", Uint8Array, or Buffer')
-  assert(buf.length >= this.outlen, 'out must have at least outlen bytes of space')
-  blake2bFinal(this, buf)
-  if (out === 'hex') return hexSlice(buf)
-  return buf
-}
+  var buf = !out || out === 'binary' || out === 'hex' ? new Uint8Array(this.outlen) : out;
+  assert(buf instanceof Uint8Array, 'out must be "binary", "hex", Uint8Array, or Buffer');
+  assert(buf.length >= this.outlen, 'out must have at least outlen bytes of space');
+  blake2bFinal(this, buf);
+  if (out === 'hex') return hexSlice(buf);
+  return buf;
+};
 
-Blake2b.prototype.final = Blake2b.prototype.digest
+Blake2b.prototype.final = Blake2b.prototype.digest;
 
 Blake2b.ready = function (cb) {
   b2wasm.ready(function () {
-    cb() // ignore the error
-  })
-}
+    cb(); // ignore the error
+  });
+};
 
 // Updates a BLAKE2b streaming hash
 // Requires hash context and Uint8Array (byte array)
-function blake2bUpdate (ctx, input) {
+function blake2bUpdate(ctx, input) {
   for (var i = 0; i < input.length; i++) {
-    if (ctx.c === 128) { // buffer full ?
-      ctx.t += ctx.c // add counters
-      blake2bCompress(ctx, false) // compress (not last)
-      ctx.c = 0 // counter to zero
+    if (ctx.c === 128) {
+      // buffer full ?
+      ctx.t += ctx.c; // add counters
+      blake2bCompress(ctx, false); // compress (not last)
+      ctx.c = 0; // counter to zero
     }
-    ctx.b[ctx.c++] = input[i]
+    ctx.b[ctx.c++] = input[i];
   }
 }
 
 // Completes a BLAKE2b streaming hash
 // Returns a Uint8Array containing the message digest
-function blake2bFinal (ctx, out) {
-  ctx.t += ctx.c // mark last block offset
+function blake2bFinal(ctx, out) {
+  ctx.t += ctx.c; // mark last block offset
 
-  while (ctx.c < 128) { // fill up with zeros
-    ctx.b[ctx.c++] = 0
+  while (ctx.c < 128) {
+    // fill up with zeros
+    ctx.b[ctx.c++] = 0;
   }
-  blake2bCompress(ctx, true) // final block flag = 1
+  blake2bCompress(ctx, true); // final block flag = 1
 
   for (var i = 0; i < ctx.outlen; i++) {
-    out[i] = ctx.h[i >> 2] >> (8 * (i & 3))
+    out[i] = ctx.h[i >> 2] >> (8 * (i & 3));
   }
-  return out
+  return out;
 }
 
-function hexSlice (buf) {
-  var str = ''
-  for (var i = 0; i < buf.length; i++) str += toHex(buf[i])
-  return str
+function hexSlice(buf) {
+  var str = '';
+  for (var i = 0; i < buf.length; i++) str += toHex(buf[i]);
+  return str;
 }
 
-function toHex (n) {
-  if (n < 16) return '0' + n.toString(16)
-  return n.toString(16)
+function toHex(n) {
+  if (n < 16) return '0' + n.toString(16);
+  return n.toString(16);
 }
 
-var Proto = Blake2b
+var Proto = Blake2b;
 
-module.exports = function createHash (outlen, key, salt, personal, noAssert) {
+module.exports = function createHash(outlen, key, salt, personal, noAssert) {
   if (noAssert !== true) {
-    assert(outlen >= BYTES_MIN, 'outlen must be at least ' + BYTES_MIN + ', was given ' + outlen)
-    assert(outlen <= BYTES_MAX, 'outlen must be at most ' + BYTES_MAX + ', was given ' + outlen)
+    assert(outlen >= BYTES_MIN, 'outlen must be at least ' + BYTES_MIN + ', was given ' + outlen);
+    assert(outlen <= BYTES_MAX, 'outlen must be at most ' + BYTES_MAX + ', was given ' + outlen);
     if (key != null) {
-      assert(key instanceof Uint8Array, 'key must be Uint8Array or Buffer')
-      assert(key.length >= KEYBYTES_MIN, 'key must be at least ' + KEYBYTES_MIN + ', was given ' + key.length)
-      assert(key.length <= KEYBYTES_MAX, 'key must be at most ' + KEYBYTES_MAX + ', was given ' + key.length)
+      assert(key instanceof Uint8Array, 'key must be Uint8Array or Buffer');
+      assert(key.length >= KEYBYTES_MIN, 'key must be at least ' + KEYBYTES_MIN + ', was given ' + key.length);
+      assert(key.length <= KEYBYTES_MAX, 'key must be at most ' + KEYBYTES_MAX + ', was given ' + key.length);
     }
     if (salt != null) {
-      assert(salt instanceof Uint8Array, 'salt must be Uint8Array or Buffer')
-      assert(salt.length === SALTBYTES, 'salt must be exactly ' + SALTBYTES + ', was given ' + salt.length)
+      assert(salt instanceof Uint8Array, 'salt must be Uint8Array or Buffer');
+      assert(salt.length === SALTBYTES, 'salt must be exactly ' + SALTBYTES + ', was given ' + salt.length);
     }
     if (personal != null) {
-      assert(personal instanceof Uint8Array, 'personal must be Uint8Array or Buffer')
-      assert(personal.length === PERSONALBYTES, 'personal must be exactly ' + PERSONALBYTES + ', was given ' + personal.length)
+      assert(personal instanceof Uint8Array, 'personal must be Uint8Array or Buffer');
+      assert(
+        personal.length === PERSONALBYTES,
+        'personal must be exactly ' + PERSONALBYTES + ', was given ' + personal.length
+      );
     }
   }
 
-  return new Proto(outlen, key, salt, personal)
-}
+  return new Proto(outlen, key, salt, personal);
+};
 
 module.exports.ready = function (cb) {
-  b2wasm.ready(function () { // ignore errors
-    cb()
-  })
-}
-
-module.exports.WASM_SUPPORTED = b2wasm.SUPPORTED
-module.exports.WASM_LOADED = false
-
-var BYTES_MIN = module.exports.BYTES_MIN = 16
-var BYTES_MAX = module.exports.BYTES_MAX = 64
-var BYTES = module.exports.BYTES = 32
-var KEYBYTES_MIN = module.exports.KEYBYTES_MIN = 16
-var KEYBYTES_MAX = module.exports.KEYBYTES_MAX = 64
-var KEYBYTES = module.exports.KEYBYTES = 32
-var SALTBYTES = module.exports.SALTBYTES = 16
-var PERSONALBYTES = module.exports.PERSONALBYTES = 16
+  b2wasm.ready(function () {
+    // ignore errors
+    cb();
+  });
+};
+
+module.exports.WASM_SUPPORTED = b2wasm.SUPPORTED;
+module.exports.WASM_LOADED = false;
+
+var BYTES_MIN = (module.exports.BYTES_MIN = 16);
+var BYTES_MAX = (module.exports.BYTES_MAX = 64);
+var BYTES = (module.exports.BYTES = 32);
+var KEYBYTES_MIN = (module.exports.KEYBYTES_MIN = 16);
+var KEYBYTES_MAX = (module.exports.KEYBYTES_MAX = 64);
+var KEYBYTES = (module.exports.KEYBYTES = 32);
+var SALTBYTES = (module.exports.SALTBYTES = 16);
+var PERSONALBYTES = (module.exports.PERSONALBYTES = 16);
 
 b2wasm.ready(function (err) {
   if (!err) {
-    module.exports.WASM_LOADED = true
-    module.exports = b2wasm
+    module.exports.WASM_LOADED = true;
+    module.exports = b2wasm;
   }
-})
+});

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@bitgo-beta/blake2b",
-  "version": "3.2.1-alpha.53",
+  "version": "3.2.1-alpha.54",
   "description": "Blake2b (64-bit version) in pure JavaScript",
   "main": "index.js",
   "dependencies": {
-    "@bitgo-beta/blake2b-wasm": "3.2.1-alpha.53",
+    "@bitgo-beta/blake2b-wasm": "3.2.1-alpha.54",
     "nanoassert": "^2.0.0"
   },
   "publishConfig": {
@@ -28,5 +28,5 @@
     "url": "https://github.com/emilbayes/blake2b/issues"
   },
   "homepage": "https://github.com/emilbayes/blake2b#readme",
-  "gitHead": "7a75e6dc947b4432742058c58f6e2ead01fa68d1"
+  "gitHead": "90bd3e274aecafbd5ac5fe37153e764dfe340e94"
 }

package/test.js

@@ -10,7 +10,7 @@ test('wait for ready', function (assert) {
 });
 setup();
 
-function setup () {
+function setup() {
   test('vectors', function (assert) {
     for (let i = 0; i < vectors.length; i++) {
       const v = vectors[i];
@@ -69,7 +69,11 @@ function setup () {
     const out = Buffer.alloc(blake2b.BYTES);
     instance.digest(out);
 
-    t.same(out.toString('hex'), '405f14acbeeb30396b8030f78e6a84bab0acf08cb1376aa200a500f669f675dc', 'streaming keyed hash');
+    t.same(
+      out.toString('hex'),
+      '405f14acbeeb30396b8030f78e6a84bab0acf08cb1376aa200a500f669f675dc',
+      'streaming keyed hash'
+    );
     t.end();
   });
 
@@ -103,7 +107,7 @@ function setup () {
   });
 }
 
-function hexWrite (buf, string) {
+function hexWrite(buf, string) {
   // must be an even number of digits
   const strLen = string.length;
   if (strLen % 2 !== 0) throw new TypeError('Invalid hex string');