@bsv/sdk 1.5.3 → 1.6.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bsv/sdk",
-  "version": "1.5.3",
+  "version": "1.6.0",
   "type": "module",
   "description": "BSV Blockchain Software Development Kit",
   "main": "dist/cjs/mod.js",

package/src/auth/__tests/Peer.test.ts

@@ -8,6 +8,10 @@ import { MasterCertificate } from '../../auth/certificates/MasterCertificate.js'
 import { getVerifiableCertificates } from '../../auth/utils/getVerifiableCertificates.js'
 import { CompletedProtoWallet } from '../certificates/__tests/CompletedProtoWallet.js'
 
+const certifierPrivKey = new PrivateKey(21)
+const alicePrivKey = new PrivateKey(22)
+const bobPrivKey = new PrivateKey(23)
+
 jest.mock('../../auth/utils/getVerifiableCertificates')
 
 class LocalTransport implements Transport {
@@ -40,6 +44,19 @@ class LocalTransport implements Transport {
   }
 }
 
+function waitForNextGeneralMessage (
+  peer: Peer,
+  handler?: (senderPublicKey: string, payload: number[]) => void
+): Promise<void> {
+  return new Promise(resolve => {
+    const listenerId = peer.listenForGeneralMessages((senderPublicKey, payload) => {
+      peer.stopListeningForGeneralMessages(listenerId)
+      if (handler !== undefined) handler(senderPublicKey, payload)
+      resolve()
+    })
+  })
+}
+
 describe('Peer class mutual authentication and certificate exchange', () => {
   let walletA: WalletInterface, walletB: WalletInterface
   let transportA: LocalTransport, transportB: LocalTransport
@@ -49,7 +66,7 @@ describe('Peer class mutual authentication and certificate exchange', () => {
 
   const certificateType = Utils.toBase64(new Array(32).fill(1))
   // const certificateSerialNumber = Utils.toBase64(new Array(32).fill(2))
-  const certifierPrivateKey = PrivateKey.fromRandom()
+  const certifierPrivateKey = certifierPrivKey
   const certifierPublicKey = certifierPrivateKey.toPublicKey().toString()
   const certificatesToRequest = {
     certifiers: [certifierPublicKey],
@@ -198,8 +215,8 @@ describe('Peer class mutual authentication and certificate exchange', () => {
     certificatesReceivedByAlice = []
     certificatesReceivedByBob = []
 
-    walletA = new CompletedProtoWallet(PrivateKey.fromRandom())
-    walletB = new CompletedProtoWallet(PrivateKey.fromRandom())
+    walletA = new CompletedProtoWallet(alicePrivKey)
+    walletB = new CompletedProtoWallet(bobPrivKey)
   })
 
   it('Neither Alice nor Bob request certificates, mutual authentication completes successfully', async () => {
@@ -235,10 +252,10 @@ describe('Peer class mutual authentication and certificate exchange', () => {
     const transportA2 = new LocalTransport()
     const transportB = new LocalTransport()
     transportA1.connect(transportB)
-    const aliceKey = PrivateKey.fromRandom()
+    const aliceKey = alicePrivKey
     const walletA1 = new CompletedProtoWallet(aliceKey)
     const walletA2 = new CompletedProtoWallet(aliceKey)
-    const walletB = new CompletedProtoWallet(PrivateKey.fromRandom())
+    const walletB = new CompletedProtoWallet(alicePrivKey)
     const aliceFirstDevice = new Peer(
       walletA1,
       transportA1
@@ -264,22 +281,14 @@ describe('Peer class mutual authentication and certificate exchange', () => {
         })().catch(e => { })
       })
     })
-    let aliceReceivedGeneralMessageOnFirstDevice = new Promise<void>((resolve) => {
-      aliceFirstDevice.listenForGeneralMessages((senderPublicKey, payload) => {
-        (async () => {
-          resolve()
-          alice1MessageHandler(senderPublicKey, payload)
-        })().catch(e => { })
-      })
-    })
-    const aliceReceivedGeneralMessageOnOtherDevice = new Promise<void>((resolve) => {
-      aliceOtherDevice.listenForGeneralMessages((senderPublicKey, payload) => {
-        (async () => {
-          resolve()
-          alice2MessageHandler(senderPublicKey, payload)
-        })().catch(e => { })
-      })
-    })
+    const aliceReceivedGeneralMessageOnFirstDevice = waitForNextGeneralMessage(
+      aliceFirstDevice,
+      alice1MessageHandler
+    )
+    const aliceReceivedGeneralMessageOnOtherDevice = waitForNextGeneralMessage(
+      aliceOtherDevice,
+      alice2MessageHandler
+    )
 
     await aliceFirstDevice.toPeer(Utils.toArray('Hello Bob!'))
     await bobReceivedGeneralMessage
@@ -288,8 +297,14 @@ describe('Peer class mutual authentication and certificate exchange', () => {
     await aliceOtherDevice.toPeer(Utils.toArray('Hello Bob from my other device!'))
     await aliceReceivedGeneralMessageOnOtherDevice
     transportA1.connect(transportB)
-    await aliceFirstDevice.toPeer(Utils.toArray('Back on my first device now, Bob! Can you still hear me?'))
-    await new Promise(resolve => setTimeout(resolve, 2000))
+    const waitForSecondMessage = waitForNextGeneralMessage(
+      aliceFirstDevice,
+      alice1MessageHandler
+    )
+    await aliceFirstDevice.toPeer(
+      Utils.toArray('Back on my first device now, Bob! Can you still hear me?')
+    )
+    await waitForSecondMessage
     expect(alice1MessageHandler.mock.calls.length).toEqual(2)
   }, 30000)
 

package/src/auth/certificates/__tests/MasterCertificate.test.ts

@@ -3,23 +3,30 @@ import { VerifiableCertificate } from '../../../auth/certificates/VerifiableCert
 import { PrivateKey, SymmetricKey, Utils, Random } from '../../../../mod'
 import { CompletedProtoWallet } from '../../../auth/certificates/__tests/CompletedProtoWallet'
 
+const subjectPrivateKey = new PrivateKey(21)
+const certifierPrivateKey = new PrivateKey(22)
+
+const fieldSymFixed1 = new SymmetricKey(51)
+const fieldSymWrong = new SymmetricKey(61)
+
+const subjectKey2 = new PrivateKey(71)
+const verifierKey2 = new PrivateKey(81)
+
+// A mock revocation outpoint for testing
+const mockRevocationOutpoint =
+  'deadbeefdeadbeefdeadbeefdeadbeef00000000000000000000000000000000.1'
+
+// Arbitrary certificate data (in plaintext)
+const plaintextFields = {
+  name: 'Alice',
+  email: 'alice@example.com',
+  department: 'Engineering'
+}
+
+const subjectWallet = new CompletedProtoWallet(subjectPrivateKey)
+const certifierWallet = new CompletedProtoWallet(certifierPrivateKey)
+
 describe('MasterCertificate', () => {
-  const subjectPrivateKey = PrivateKey.fromRandom()
-  const certifierPrivateKey = PrivateKey.fromRandom()
-
-  // A mock revocation outpoint for testing
-  const mockRevocationOutpoint =
-    'deadbeefdeadbeefdeadbeefdeadbeef00000000000000000000000000000000.1'
-
-  // Arbitrary certificate data (in plaintext)
-  const plaintextFields = {
-    name: 'Alice',
-    email: 'alice@example.com',
-    department: 'Engineering'
-  }
-
-  const subjectWallet = new CompletedProtoWallet(subjectPrivateKey)
-  const certifierWallet = new CompletedProtoWallet(certifierPrivateKey)
   let subjectIdentityKey: string
   let certifierIdentityKey: string
 
@@ -35,7 +42,7 @@ describe('MasterCertificate', () => {
   describe('constructor', () => {
     it('should construct a MasterCertificate successfully when masterKeyring is valid', () => {
       // Prepare a minimal valid MasterCertificate
-      const fieldSymKey = SymmetricKey.fromRandom()
+      const fieldSymKey = fieldSymFixed1
       const encryptedFieldValue = Utils.toBase64(
         fieldSymKey.encrypt(Utils.toArray('Alice', 'utf8')) as number[]
       )
@@ -129,7 +136,7 @@ describe('MasterCertificate', () => {
         mockRevocationOutpoint,
         {
           name: Utils.toBase64(
-            SymmetricKey.fromRandom().encrypt(
+            fieldSymWrong.encrypt(
               Utils.toArray('Alice', 'utf8')
             ) as number[]
           )
@@ -149,7 +156,7 @@ describe('MasterCertificate', () => {
   })
 
   describe('createKeyringForVerifier (static)', () => {
-    const verifierPrivateKey = PrivateKey.fromRandom()
+    const verifierPrivateKey = verifierKey2
     const verifierWallet = new CompletedProtoWallet(verifierPrivateKey)
     let verifierIdentityKey: string
 
@@ -350,7 +357,7 @@ describe('MasterCertificate', () => {
     })
     it('should allow issuing a self-signed certificate and decrypt it with the same wallet', async () => {
       // In a self-signed scenario, the subject and certifier are the same
-      const subjectWallet = new CompletedProtoWallet(PrivateKey.fromRandom())
+      const subjectWallet = new CompletedProtoWallet(subjectKey2)
 
       // Some sample fields
       const selfSignedFields = {

package/src/auth/certificates/__tests/VerifiableCertificate.test.ts

@@ -5,28 +5,31 @@ import { CompletedProtoWallet } from '../../../auth/certificates/__tests/Complet
 import { MasterCertificate } from '../../../auth/certificates/MasterCertificate'
 import { ProtoWallet, WalletCertificate } from '../../../wallet/index'
 
-describe('VerifiableCertificate', () => {
-  const subjectPrivateKey = PrivateKey.fromRandom()
-  const subjectIdentityKey = subjectPrivateKey.toPublicKey().toString()
-  const certifierPrivateKey = PrivateKey.fromRandom()
-  const certifierIdentityKey = certifierPrivateKey.toPublicKey().toString()
-  const verifierPrivateKey = PrivateKey.fromRandom()
-  const verifierIdentityKey = verifierPrivateKey.toPublicKey().toString()
-
-  const subjectWallet = new CompletedProtoWallet(subjectPrivateKey)
-  const verifierWallet = new CompletedProtoWallet(verifierPrivateKey)
-
-  const sampleType = Utils.toBase64(new Array(32).fill(1))
-  const sampleSerialNumber = Utils.toBase64(new Array(32).fill(2))
-  const sampleRevocationOutpoint =
-    'deadbeefdeadbeefdeadbeefdeadbeef00000000000000000000000000000000.1'
-
-  const plaintextFields = {
-    name: 'Alice',
-    email: 'alice@example.com',
-    organization: 'Example Corp'
-  }
+const subjectPrivateKey = new PrivateKey(21)
+const subjectIdentityKey = subjectPrivateKey.toPublicKey().toString()
+const certifierPrivateKey = new PrivateKey(22)
+const certifierIdentityKey = certifierPrivateKey.toPublicKey().toString()
+const verifierPrivateKey = new PrivateKey(23)
+const verifierIdentityKey = verifierPrivateKey.toPublicKey().toString()
+
+const wrongPrivateKey = new PrivateKey(31)
+const wrongWallet = new CompletedProtoWallet(wrongPrivateKey)
+
+const subjectWallet = new CompletedProtoWallet(subjectPrivateKey)
+const verifierWallet = new CompletedProtoWallet(verifierPrivateKey)
+
+const sampleType = Utils.toBase64(new Array(32).fill(1))
+const sampleSerialNumber = Utils.toBase64(new Array(32).fill(2))
+const sampleRevocationOutpoint =
+  'deadbeefdeadbeefdeadbeefdeadbeef00000000000000000000000000000000.1'
+
+const plaintextFields = {
+  name: 'Alice',
+  email: 'alice@example.com',
+  organization: 'Example Corp'
+}
 
+describe('VerifiableCertificate', () => {
   let verifiableCert: VerifiableCertificate
 
   beforeEach(async () => {
@@ -79,9 +82,6 @@ describe('VerifiableCertificate', () => {
     })
 
     it('should fail if the verifier wallet does not have the correct private key (wrong key)', async () => {
-      const wrongPrivateKey = PrivateKey.fromRandom()
-      const wrongWallet = new CompletedProtoWallet(wrongPrivateKey)
-
       await expect(verifiableCert.decryptFields(wrongWallet)).rejects.toThrow(
         /Failed to decrypt selectively revealed certificate fields using keyring/
       )

package/src/primitives/AESGCM.ts

@@ -1,53 +1,61 @@
 
 // @ts-nocheck
-const SBox = [[0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76],
-  [0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0],
-  [0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15],
-  [0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75],
-  [0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84],
-  [0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf],
-  [0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8],
-  [0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2],
-  [0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73],
-  [0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb],
-  [0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79],
-  [0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08],
-  [0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a],
-  [0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e],
-  [0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf],
-  [0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16]]
-const Rcon = [[0x00, 0x00, 0x00, 0x00], [0x01, 0x00, 0x00, 0x00], [0x02, 0x00, 0x00, 0x00], [0x04, 0x00, 0x00, 0x00],
+const SBox = new Uint8Array([
+  0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
+  0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
+  0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+  0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
+  0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
+  0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+  0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
+  0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
+  0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+  0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
+  0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
+  0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+  0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
+  0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
+  0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+  0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+])
+const Rcon = [
+  [0x00, 0x00, 0x00, 0x00], [0x01, 0x00, 0x00, 0x00], [0x02, 0x00, 0x00, 0x00], [0x04, 0x00, 0x00, 0x00],
   [0x08, 0x00, 0x00, 0x00], [0x10, 0x00, 0x00, 0x00], [0x20, 0x00, 0x00, 0x00], [0x40, 0x00, 0x00, 0x00],
-  [0x80, 0x00, 0x00, 0x00], [0x1b, 0x00, 0x00, 0x00], [0x36, 0x00, 0x00, 0x00]]
+  [0x80, 0x00, 0x00, 0x00], [0x1b, 0x00, 0x00, 0x00], [0x36, 0x00, 0x00, 0x00]
+].map(v => new Uint8Array(v))
+
+const mul2 = new Uint8Array(256)
+const mul3 = new Uint8Array(256)
+for (let i = 0; i < 256; i++) {
+  const m2 = ((i << 1) ^ ((i & 0x80) !== 0 ? 0x1b : 0)) & 0xff
+  mul2[i] = m2
+  mul3[i] = m2 ^ i
+}
 
 function addRoundKey (
   state: number[][],
   roundKeyArray: number[][],
   offset: number
 ): void {
-  let i
-  let j: number
-  for (i = 0; i < 4; i++) {
-    for (j = 0; j < 4; j++) {
-      state[i][j] = state[i][j] ^ roundKeyArray[offset + j][i]
+  for (let c = 0; c < 4; c++) {
+    const keyCol = roundKeyArray[offset + c]
+    for (let r = 0; r < 4; r++) {
+      state[r][c] ^= keyCol[r]
     }
   }
 }
 
 function subBytes (state: number[][]): void {
-  let i
-  let j
-  for (i = 0; i < 4; i++) {
-    for (j = 0; j < 4; j++) {
-      state[i][j] = SBox[(state[i][j] & 0xF0) >> 4][(state[i][j] & 0x0F)]
+  for (let r = 0; r < 4; r++) {
+    for (let c = 0; c < 4; c++) {
+      state[r][c] = SBox[state[r][c]]
     }
   }
 }
 
 function subWord (value: number[]): void {
-  let i
-  for (i = 0; i < 4; i++) {
-    value[i] = SBox[(value[i] & 0xF0) >> 4][(value[i] & 0x0F)]
+  for (let i = 0; i < 4; i++) {
+    value[i] = SBox[value[i]]
   }
 }
 
@@ -61,110 +69,65 @@ function rotWord (value: number[]): void {
 }
 
 function shiftRows (state: number[][]): void {
-  let i: number
-  let j: number
-  let k: number
-  let l: number
-  let temp
-
-  for (i = 1; i < 4; i++) {
-    for (j = 0; j < ((i - 1) % 2) + 1; j++) {
-      temp = state[i][j]
-      k = j
-      while (true) {
-        l = k + i
-        if (l >= 4) {
-          l = l - 4
-        }
-
-        if (l === j) {
-          break
-        }
-
-        state[i][k] = state[i][l]
-        k = l
-      }
-
-      state[i][k] = temp
-    }
-  }
-}
-
-function finiteFieldMultiplication (value0: number, value1: number): number {
-  let i
-  let result = 0
-
-  for (i = 0; i < 8; i++) {
-    if ((value1 & 1) !== 0) {
-      result = result ^ value0
-    }
-
-    if ((value0 & 0x80) !== 0) {
-      value0 = value0 << 1
-      value0 = value0 ^ 0x11b
-    } else {
-      value0 = value0 << 1
-    }
-
-    value1 = value1 >> 1
-  }
-
-  return result
+  let tmp = state[1][0]
+  state[1][0] = state[1][1]
+  state[1][1] = state[1][2]
+  state[1][2] = state[1][3]
+  state[1][3] = tmp
+
+  tmp = state[2][0]
+  const tmp2 = state[2][1]
+  state[2][0] = state[2][2]
+  state[2][1] = state[2][3]
+  state[2][2] = tmp
+  state[2][3] = tmp2
+
+  tmp = state[3][3]
+  state[3][3] = state[3][2]
+  state[3][2] = state[3][1]
+  state[3][1] = state[3][0]
+  state[3][0] = tmp
 }
 
 function mixColumns (state: number[][]): void {
-  let i
-  let j
-  const temp: number[][] = [[], [], [], []]
-
-  for (i = 0; i < 4; i++) {
-    temp[0][i] = finiteFieldMultiplication(0x02, state[0][i]) ^ finiteFieldMultiplication(0x03, state[1][i]) ^
-      state[2][i] ^ state[3][i]
-    temp[1][i] = state[0][i] ^ finiteFieldMultiplication(0x02, state[1][i]) ^
-      finiteFieldMultiplication(0x03, state[2][i]) ^ state[3][i]
-    temp[2][i] = state[0][i] ^ state[1][i] ^ finiteFieldMultiplication(0x02, state[2][i]) ^
-      finiteFieldMultiplication(0x03, state[3][i])
-    temp[3][i] = finiteFieldMultiplication(0x03, state[0][i]) ^ state[1][i] ^ state[2][i] ^
-      finiteFieldMultiplication(0x02, state[3][i])
-  }
-
-  for (i = 0; i < 4; i++) {
-    for (j = 0; j < 4; j++) {
-      state[i][j] = temp[i][j]
-    }
+  for (let c = 0; c < 4; c++) {
+    const s0 = state[0][c]
+    const s1 = state[1][c]
+    const s2 = state[2][c]
+    const s3 = state[3][c]
+
+    state[0][c] = mul2[s0] ^ mul3[s1] ^ s2 ^ s3
+    state[1][c] = s0 ^ mul2[s1] ^ mul3[s2] ^ s3
+    state[2][c] = s0 ^ s1 ^ mul2[s2] ^ mul3[s3]
+    state[3][c] = mul3[s0] ^ s1 ^ s2 ^ mul2[s3]
   }
 }
 
 function keyExpansion (roundLimit: number, key: number[]): number[][] {
-  let i
-  let j
-  const nK = parseInt(String(key.length / 4))
-  const result = []
-
-  for (i = 0; i < key.length; i++) {
-    if (i % 4 === 0) {
-      result.push([])
-    }
+  const nK = key.length / 4
+  const result: number[][] = []
 
-    result[parseInt(String(i / 4))].push(key[i])
+  for (let i = 0; i < key.length; i++) {
+    if (i % 4 === 0) result.push([])
+    result[i >> 2].push(key[i])
   }
 
-  for (i = nK; i < 4 * roundLimit; i++) {
+  for (let i = nK; i < 4 * roundLimit; i++) {
     result[i] = []
     const temp = result[i - 1].slice()
 
     if (i % nK === 0) {
       rotWord(temp)
       subWord(temp)
-
-      for (j = 0; j < 4; j++) {
-        temp[j] = temp[j] ^ Rcon[parseInt(String(i / nK))][j]
+      const r = Rcon[i / nK]
+      for (let j = 0; j < 4; j++) {
+        temp[j] ^= r[j]
       }
     } else if (nK > 6 && (i % nK) === 4) {
       subWord(temp)
     }
 
-    for (j = 0; j < 4; j++) {
+    for (let j = 0; j < 4; j++) {
       result[i][j] = result[i - nK][j] ^ temp[j]
     }
   }
@@ -198,10 +161,12 @@ export function AES (input: number[], key: number[]): number[] {
 
   const w = keyExpansion(roundLimit, ekey)
 
-  for (i = 0; i < 15; i++) {
-    state[parseInt(String(i / 4))].push(input[(i * 4) % 15])
+  for (let c = 0; c < 4; c++) {
+    state[0][c] = input[c * 4]
+    state[1][c] = input[c * 4 + 1]
+    state[2][c] = input[c * 4 + 2]
+    state[3][c] = input[c * 4 + 3]
   }
-  state[3].push(input[15])
 
   addRoundKey(state, w, 0)
   for (round = 1; round < roundLimit; round++) {
@@ -242,29 +207,26 @@ export const getBytes = function (numericValue: number): number[] {
 }
 
 const createZeroBlock = function (length: number): number[] {
-  let i
-  const result = []
-
-  for (i = 0; i < length; i++) {
-    result.push(0x00)
-  }
-
-  return result
+  return new Array(length).fill(0)
 }
 
 const R = [0xe1].concat(createZeroBlock(15))
 
 export const exclusiveOR = function (block0: number[], block1: number[]): number[] {
-  let i
-  const result = []
-
-  for (i = 0; i < block0.length; i++) {
+  const len = block0.length
+  const result = new Array(len)
+  for (let i = 0; i < len; i++) {
     result[i] = block0[i] ^ block1[i]
   }
-
   return result
 }
 
+const xorInto = function (target: number[], block: number[]): void {
+  for (let i = 0; i < target.length; i++) {
+    target[i] ^= block[i]
+  }
+}
+
 export const rightShift = function (block: number[]): number[] {
   let i: number
   let carry = 0
@@ -284,21 +246,20 @@ export const rightShift = function (block: number[]): number[] {
 }
 
 export const multiply = function (block0: number[], block1: number[]): number[] {
-  let i
-  let j
-  let v = block1.slice()
-  let z = createZeroBlock(16)
+  const v = block1.slice()
+  const z = createZeroBlock(16)
 
-  for (i = 0; i < 16; i++) {
-    for (j = 7; j !== -1; j--) {
-      if (checkBit(block0, i, j) !== 0) {
-        z = exclusiveOR(z, v)
+  for (let i = 0; i < 16; i++) {
+    for (let j = 7; j >= 0; j--) {
+      if ((block0[i] & (1 << j)) !== 0) {
+        xorInto(z, v)
       }
 
-      if (checkBit(v, 15, 0) !== 0) {
-        v = exclusiveOR(rightShift(v), R)
+      if ((v[15] & 1) !== 0) {
+        rightShift(v)
+        xorInto(v, R)
       } else {
-        v = rightShift(v)
+        rightShift(v)
       }
     }
   }
@@ -325,17 +286,14 @@ export const incrementLeastSignificantThirtyTwoBits = function (
 }
 
 export function ghash (input: number[], hashSubKey: number[]): number[] {
-  let i: number
   let result = createZeroBlock(16)
 
-  for (i = 0; i < input.length; i += 16) {
-    result = multiply(
-      exclusiveOR(
-        result,
-        input.slice(i, Math.min(i + 16, input.length))
-      ),
-      hashSubKey
-    )
+  for (let i = 0; i < input.length; i += 16) {
+    const block = result.slice()
+    for (let j = 0; j < 16; j++) {
+      block[j] ^= input[i + j] ?? 0
+    }
+    result = multiply(block, hashSubKey)
   }
 
   return result
@@ -346,23 +304,19 @@ function gctr (
   initialCounterBlock: number[],
   key: number[]
 ): number[] {
-  let i: number
-  let j
-  let y
-  let counterBlock = initialCounterBlock
-  const output = []
-
-  if (input.length === 0) {
-    return input
-  }
+  if (input.length === 0) return []
 
+  const output = new Array(input.length)
+  let counterBlock = initialCounterBlock
+  let pos = 0
   const n = Math.ceil(input.length / 16)
-  for (i = 0; i < n; i++) {
-    y = exclusiveOR(input.slice(i * 16, Math.min((i + 1) * 16, input.length)),
-      AES(counterBlock, key))
 
-    for (j = 0; j < y.length; j++) {
-      output.push(y[j])
+  for (let i = 0; i < n; i++) {
+    const counter = AES(counterBlock, key)
+    const chunk = Math.min(16, input.length - pos)
+    for (let j = 0; j < chunk; j++) {
+      output[pos] = input[pos] ^ counter[j]
+      pos++
     }
 
     if (i + 1 < n) {