@bsv/sdk 2.1.0 → 2.1.2

package/src/primitives/Hash.ts

@@ -223,6 +223,68 @@ function isSurrogatePair (msg: string, i: number): boolean {
   return (msg.charCodeAt(i + 1) & 0xfc00) === 0xdc00
 }
 
+/**
+ * Encode a single UTF-16 code unit (and possibly its surrogate partner)
+ * into UTF-8 bytes, appending them to `out`.
+ *
+ * Returns the index of the last consumed code unit so the caller can
+ * advance its loop variable when a surrogate pair is consumed.
+ *
+ * Inspired by stringToUtf8ByteArray() in closure-library by Google
+ * https://github.com/google/closure-library/blob/8598d87242af59aac233270742c8984e2b2bdbe0/closure/goog/crypt/crypt#L117-L143
+ * Apache License 2.0
+ * https://github.com/google/closure-library/blob/master/LICENSE
+ */
+function appendUtf8CodeUnit (msg: string, i: number, out: number[]): number {
+  let c = msg.charCodeAt(i)
+  if (c < 128) {
+    out.push(c)
+    return i
+  }
+  if (c < 2048) {
+    out.push((c >> 6) | 192, (c & 63) | 128)
+    return i
+  }
+  if (isSurrogatePair(msg, i)) {
+    c = 0x10000 + ((c & 0x03ff) << 10) + (msg.charCodeAt(i + 1) & 0x03ff)
+    out.push(
+      (c >> 18) | 240,
+      ((c >> 12) & 63) | 128,
+      ((c >> 6) & 63) | 128,
+      (c & 63) | 128
+    )
+    return i + 1
+  }
+  out.push((c >> 12) | 224, ((c >> 6) & 63) | 128, (c & 63) | 128)
+  return i
+}
+
+function utf8StringToArray (msg: string): number[] {
+  const res: number[] = []
+  for (let i = 0; i < msg.length; i++) {
+    i = appendUtf8CodeUnit(msg, i, res)
+  }
+  return res
+}
+
+function hexStringToArray (msg: string): number[] {
+  assertValidHex(msg)
+  const normalized = normalizeHex(msg)
+  const res: number[] = []
+  for (let i = 0; i < normalized.length; i += 2) {
+    res.push(Number.parseInt(normalized[i] + normalized[i + 1], 16))
+  }
+  return res
+}
+
+function numberArrayToByteArray (msg: number[]): number[] {
+  const res: number[] = []
+  for (let i = 0; i < msg.length; i++) {
+    res[i] = Math.trunc(msg[i])
+  }
+  return res
+}
+
 /**
  *
  * @param msg
@@ -239,47 +301,10 @@ export function toArray (
   if (!(msg as unknown as boolean)) {
     return []
   }
-  const res: number[] = []
   if (typeof msg === 'string') {
-    if (enc !== 'hex') {
-      // Inspired by stringToUtf8ByteArray() in closure-library by Google
-      // https://github.com/google/closure-library/blob/8598d87242af59aac233270742c8984e2b2bdbe0/closure/goog/crypt/crypt#L117-L143
-      // Apache License 2.0
-      // https://github.com/google/closure-library/blob/master/LICENSE
-      let p = 0
-      for (let i = 0; i < msg.length; i++) {
-        let c = msg.charCodeAt(i)
-        if (c < 128) {
-          res[p++] = c
-        } else if (c < 2048) {
-          res[p++] = (c >> 6) | 192
-          res[p++] = (c & 63) | 128
-        } else if (isSurrogatePair(msg, i)) {
-          c = 0x10000 + ((c & 0x03ff) << 10) + (msg.charCodeAt(++i) & 0x03ff)
-          res[p++] = (c >> 18) | 240
-          res[p++] = ((c >> 12) & 63) | 128
-          res[p++] = ((c >> 6) & 63) | 128
-          res[p++] = (c & 63) | 128
-        } else {
-          res[p++] = (c >> 12) | 224
-          res[p++] = ((c >> 6) & 63) | 128
-          res[p++] = (c & 63) | 128
-        }
-      }
-    } else {
-      assertValidHex(msg)
-      msg = normalizeHex(msg)
-      for (let i = 0; i < msg.length; i += 2) {
-        res.push(parseInt(msg[i] + msg[i + 1], 16))
-      }
-    }
-  } else {
-    msg = msg as number[]
-    for (let i = 0; i < msg.length; i++) {
-      res[i] = msg[i] | 0
-    }
+    return enc === 'hex' ? hexStringToArray(msg) : utf8StringToArray(msg)
   }
-  return res
+  return numberArrayToByteArray(msg as number[])
 }
 
 /**
@@ -295,8 +320,7 @@ export function htonl (w: number): number {
 
 function toHex32 (msg: number[], endian?: 'little' | 'big'): string {
   let res = ''
-  for (let i = 0; i < msg.length; i++) {
-    let w = msg[i]
+  for (let w of msg) {
     if (endian === 'little') {
       w = htonl(w)
     }
@@ -325,10 +349,141 @@ function zero8 (word: string): string {
   }
 }
 
+const BufferCtor =
+  typeof globalThis === 'undefined' ? undefined : (globalThis as any).Buffer
+const CAN_USE_BUFFER =
+  BufferCtor != null && typeof BufferCtor.from === 'function'
+const HEX_DIGITS = '0123456789abcdef'
+const HEX_BYTE_STRINGS = new Array<string>(256)
+for (let i = 0; i < HEX_BYTE_STRINGS.length; i++) {
+  HEX_BYTE_STRINGS[i] = HEX_DIGITS[(i >> 4) & 0xf] + HEX_DIGITS[i & 0xf]
+}
+
 function bytesToHex (data: Uint8Array): string {
-  let res = ''
-  for (const b of data) res += (b.toString(16).padStart(2, '0'))
-  return res
+  if (CAN_USE_BUFFER) {
+    return BufferCtor.from(data).toString('hex')
+  }
+  const out = new Array<string>(data.length)
+  for (let i = 0; i < data.length; i++) out[i] = HEX_BYTE_STRINGS[data[i]]
+  return out.join('')
+}
+
+const NODE_CRYPTO = (() => {
+  const processLike =
+    typeof globalThis === 'undefined' ? undefined : (globalThis as any).process
+  const getBuiltinModule = processLike?.getBuiltinModule
+  if (typeof getBuiltinModule === 'function') {
+    try {
+      const crypto = getBuiltinModule.call(processLike, 'node:crypto')
+      if (crypto != null) return crypto
+    } catch {
+      // continue to CommonJS fallback
+    }
+  }
+
+  try {
+    if (typeof require === 'function') {
+      // eslint-disable-next-line @typescript-eslint/no-var-requires
+      return require('node:crypto')
+    }
+  } catch {
+    // node:crypto is unavailable in this runtime
+  }
+  return undefined
+})()
+
+type HashInput = Uint8Array | number[] | string
+
+function toHashBytes (msg: HashInput, enc?: 'hex' | 'utf8'): Uint8Array {
+  if (msg instanceof Uint8Array) {
+    return msg
+  }
+  if (Array.isArray(msg)) {
+    return new Uint8Array(msg)
+  }
+  return Uint8Array.from(toArray(msg, enc))
+}
+
+function toHashKeyBytes (key: HashInput): Uint8Array {
+  return typeof key === 'string' ? toHashBytes(key, 'hex') : toHashBytes(key)
+}
+
+interface FallbackHashLike {
+  update: (data: Uint8Array) => unknown
+  digest: () => Uint8Array
+}
+
+function updateNativeOrFallback (
+  native: any,
+  fallback: FallbackHashLike | undefined,
+  data: Uint8Array
+): void {
+  if (native != null) {
+    native.update(data)
+  } else if (fallback != null) {
+    fallback.update(data)
+  }
+}
+
+function digestNativeOrFallback (
+  native: any,
+  fallback: FallbackHashLike | undefined
+): number[] {
+  if (native != null) return Array.from(native.digest())
+  if (fallback != null) return Array.from(fallback.digest())
+  return []
+}
+
+function digestHexNativeOrFallback (
+  native: any,
+  fallback: FallbackHashLike | undefined
+): string {
+  if (native != null) return native.digest('hex')
+  if (fallback != null) return bytesToHex(fallback.digest())
+  return ''
+}
+
+function createNodeHash (algorithm: string): any {
+  const createHash = NODE_CRYPTO?.createHash
+  if (typeof createHash !== 'function') return undefined
+  try {
+    return createHash(algorithm)
+  } catch {
+    return undefined
+  }
+}
+
+function createNodeHmac (algorithm: string, keyBytes: Uint8Array): any {
+  const createHmac = NODE_CRYPTO?.createHmac
+  if (typeof createHmac !== 'function') return undefined
+  try {
+    return createHmac(algorithm, keyBytes)
+  } catch {
+    return undefined
+  }
+}
+
+function digestWithNodeHash (
+  algorithm: string,
+  msg: HashInput,
+  enc?: 'hex' | 'utf8'
+): Uint8Array | undefined {
+  const hash = createNodeHash(algorithm)
+  if (hash == null) return undefined
+  hash.update(toHashBytes(msg, enc))
+  return hash.digest()
+}
+
+function digestWithNodeHmac (
+  algorithm: string,
+  key: HashInput,
+  msg: HashInput,
+  enc?: 'hex' | 'utf8'
+): Uint8Array | undefined {
+  const hmac = createNodeHmac(algorithm, toHashKeyBytes(key))
+  if (hmac == null) return undefined
+  hmac.update(toHashBytes(msg, enc))
+  return hmac.digest()
 }
 
 function join32 (msg, start, end, endian): number[] {
@@ -607,27 +762,27 @@ export class RIPEMD160 extends BaseHash {
  * @property k - The round constants used for each round of SHA-256
  */
 export class SHA256 {
-  private readonly h: FastSHA256
+  private readonly h?: FastSHA256
+  private readonly native?: any
+
   constructor () {
-    this.h = new FastSHA256()
+    this.native = createNodeHash('sha256')
+    if (this.native == null) {
+      this.h = new FastSHA256()
+    }
   }
 
-  update (
-    msg: Uint8Array | number[] | string,
-    enc?: 'hex' | 'utf8'
-  ): this {
-    const data =
-      msg instanceof Uint8Array ? msg : Uint8Array.from(toArray(msg, enc))
-    this.h.update(data)
+  update (msg: HashInput, enc?: 'hex' | 'utf8'): this {
+    updateNativeOrFallback(this.native, this.h, toHashBytes(msg, enc))
     return this
   }
 
   digest (): number[] {
-    return Array.from(this.h.digest())
+    return digestNativeOrFallback(this.native, this.h)
   }
 
   digestHex (): string {
-    return bytesToHex(this.h.digest())
+    return digestHexNativeOrFallback(this.native, this.h)
   }
 }
 
@@ -686,7 +841,7 @@ export class SHA1 extends BaseHash {
     let e = this.h[4]
 
     for (i = 0; i < W.length; i++) {
-      const s = ~~(i / 20)
+      const s = Math.trunc(i / 20)
       const t = SUM32_5(rotl32(a, 5), FT_1(s, b, c, d), e, W[i], this.k[s])
       e = d
       d = c
@@ -731,23 +886,27 @@ export class SHA1 extends BaseHash {
  * @property k - The round constants used for each round of SHA-512.
  */
 export class SHA512 {
-  private readonly h: FastSHA512
+  private readonly h?: FastSHA512
+  private readonly native?: any
+
   constructor () {
-    this.h = new FastSHA512()
+    this.native = createNodeHash('sha512')
+    if (this.native == null) {
+      this.h = new FastSHA512()
+    }
   }
 
-  update (msg: number[] | string, enc?: 'hex' | 'utf8'): this {
-    const data = Uint8Array.from(toArray(msg, enc))
-    this.h.update(data)
+  update (msg: HashInput, enc?: 'hex' | 'utf8'): this {
+    updateNativeOrFallback(this.native, this.h, toHashBytes(msg, enc))
     return this
   }
 
   digest (): number[] {
-    return Array.from(this.h.digest())
+    return digestNativeOrFallback(this.native, this.h)
   }
 
   digestHex (): string {
-    return bytesToHex(this.h.digest())
+    return digestHexNativeOrFallback(this.native, this.h)
   }
 }
 
@@ -764,7 +923,8 @@ export class SHA512 {
  * @property outSize - The output size of the SHA-256 hash function, in bytes. It's set to 32 bytes.
  */
 export class SHA256HMAC {
-  private readonly h: HMAC<FastSHA256>
+  private readonly h?: HMAC<FastSHA256>
+  private readonly native?: any
   blockSize = 64
   outSize = 32
 
@@ -781,17 +941,12 @@ export class SHA256HMAC {
    * @example
    * const myHMAC = new SHA256HMAC('deadbeef');
    */
-  constructor (key: Uint8Array | number[] | string) {
-    const k =
-      key instanceof Uint8Array
-        ? key
-        : Uint8Array.from(
-          toArray(
-            key,
-            typeof key === 'string' ? 'hex' : undefined
-          )
-        )
-    this.h = new HMAC(sha256Fast, k)
+  constructor (key: HashInput) {
+    const k = toHashKeyBytes(key)
+    this.native = createNodeHmac('sha256', k)
+    if (this.native == null) {
+      this.h = new HMAC(sha256Fast, k)
+    }
   }
 
   /**
@@ -805,10 +960,8 @@ export class SHA256HMAC {
    * @example
    * myHMAC.update('deadbeef', 'hex');
    */
-  update (msg: Uint8Array | number[] | string, enc?: 'hex'): SHA256HMAC {
-    const data =
-      msg instanceof Uint8Array ? msg : Uint8Array.from(toArray(msg, enc))
-    this.h.update(data)
+  update (msg: HashInput, enc?: 'hex'): this {
+    updateNativeOrFallback(this.native, this.h, toHashBytes(msg, enc))
     return this
   }
 
@@ -822,7 +975,7 @@ export class SHA256HMAC {
    * let hashedMessage = myHMAC.digest();
    */
   digest (): number[] {
-    return Array.from(this.h.digest())
+    return digestNativeOrFallback(this.native, this.h)
   }
 
   /**
@@ -835,7 +988,7 @@ export class SHA256HMAC {
    * let hashedMessage = myHMAC.digestHex();
    */
   digestHex (): string {
-    return bytesToHex(this.h.digest())
+    return digestHexNativeOrFallback(this.native, this.h)
   }
 }
 
@@ -869,7 +1022,7 @@ export class SHA1HMAC {
     this.outer = new SHA1().update(key)
   }
 
-  update (msg: number[] | string, enc?: 'hex'): SHA1HMAC {
+  update (msg: number[] | string, enc?: 'hex'): this {
     this.inner.update(msg, enc)
     return this
   }
@@ -898,7 +1051,8 @@ export class SHA1HMAC {
  * @property outSize - The output size of the SHA-512 hash function, in bytes. It's set to 64 bytes.
  */
 export class SHA512HMAC {
-  private readonly h: HMAC<FastSHA512>
+  private readonly h?: HMAC<FastSHA512>
+  private readonly native?: any
   blockSize = 128
   outSize = 32
 
@@ -915,17 +1069,12 @@ export class SHA512HMAC {
    * @example
    * const myHMAC = new SHA512HMAC('deadbeef');
    */
-  constructor (key: Uint8Array | number[] | string) {
-    const k =
-      key instanceof Uint8Array
-        ? key
-        : Uint8Array.from(
-          toArray(
-            key,
-            typeof key === 'string' ? 'hex' : undefined
-          )
-        )
-    this.h = new HMAC(sha512Fast, k)
+  constructor (key: HashInput) {
+    const k = toHashKeyBytes(key)
+    this.native = createNodeHmac('sha512', k)
+    if (this.native == null) {
+      this.h = new HMAC(sha512Fast, k)
+    }
   }
 
   /**
@@ -939,10 +1088,8 @@ export class SHA512HMAC {
    * @example
    * myHMAC.update('deadbeef', 'hex');
    */
-  update (msg: Uint8Array | number[] | string, enc?: 'hex' | 'utf8'): SHA512HMAC {
-    const data =
-      msg instanceof Uint8Array ? msg : Uint8Array.from(toArray(msg, enc))
-    this.h.update(data)
+  update (msg: HashInput, enc?: 'hex' | 'utf8'): this {
+    updateNativeOrFallback(this.native, this.h, toHashBytes(msg, enc))
     return this
   }
 
@@ -956,7 +1103,7 @@ export class SHA512HMAC {
    * let hashedMessage = myHMAC.digest();
    */
   digest (): number[] {
-    return Array.from(this.h.digest())
+    return digestNativeOrFallback(this.native, this.h)
   }
 
   /**
@@ -969,10 +1116,32 @@ export class SHA512HMAC {
    * let hashedMessage = myHMAC.digestHex();
    */
   digestHex (): string {
-    return bytesToHex(this.h.digest())
+    return digestHexNativeOrFallback(this.native, this.h)
   }
 }
 
+function sha256Bytes (msg: HashInput, enc?: 'hex' | 'utf8'): Uint8Array {
+  const native = digestWithNodeHash('sha256', msg, enc)
+  if (native != null) return native
+  return new FastSHA256().update(toHashBytes(msg, enc)).digest()
+}
+
+function sha512Bytes (
+  msg: HashInput,
+  enc?: 'hex' | 'utf8'
+): Uint8Array {
+  const native = digestWithNodeHash('sha512', msg, enc)
+  if (native != null) return native
+  return new FastSHA512().update(toHashBytes(msg, enc)).digest()
+}
+
+function ripemd160Bytes (
+  msg: HashInput,
+  enc?: 'hex' | 'utf8'
+): Uint8Array | undefined {
+  return digestWithNodeHash('ripemd160', msg, enc)
+}
+
 /**
  * Computes RIPEMD160 hash of a given message.
  * @function ripemd160
@@ -988,6 +1157,8 @@ export const ripemd160 = (
   msg: number[] | string,
   enc?: 'hex' | 'utf8'
 ): number[] => {
+  const native = ripemd160Bytes(msg, enc)
+  if (native != null) return Array.from(native)
   return new RIPEMD160().update(msg, enc).digest()
 }
 
@@ -1020,11 +1191,8 @@ export const sha1 = (
  * @example
  * const digest = sha256('Hello, world!');
  */
-export const sha256 = (
-  msg: Uint8Array | number[] | string,
-  enc?: 'hex' | 'utf8'
-): number[] => {
-  return new SHA256().update(msg, enc).digest()
+export const sha256 = (msg: HashInput, enc?: 'hex' | 'utf8'): number[] => {
+  return Array.from(sha256Bytes(msg, enc))
 }
 
 /**
@@ -1038,11 +1206,8 @@ export const sha256 = (
  * @example
  * const digest = sha512('Hello, world!');
  */
-export const sha512 = (
-  msg: number[] | string,
-  enc?: 'hex' | 'utf8'
-): number[] => {
-  return new SHA512().update(msg, enc).digest()
+export const sha512 = (msg: HashInput, enc?: 'hex' | 'utf8'): number[] => {
+  return Array.from(sha512Bytes(msg, enc))
 }
 
 /**
@@ -1058,12 +1223,8 @@ export const sha512 = (
  * @example
  * const doubleHash = hash256('Hello, world!');
  */
-export const hash256 = (
-  msg: Uint8Array | number[] | string,
-  enc?: 'hex' | 'utf8'
-): number[] => {
-  const first = new SHA256().update(msg, enc).digest()
-  return new SHA256().update(first).digest()
+export const hash256 = (msg: HashInput, enc?: 'hex' | 'utf8'): number[] => {
+  return Array.from(sha256Bytes(sha256Bytes(msg, enc)))
 }
 
 /**
@@ -1078,11 +1239,10 @@ export const hash256 = (
  * @example
  * const hash = hash160('Hello, world!');
  */
-export const hash160 = (
-  msg: Uint8Array | number[] | string,
-  enc?: 'hex' | 'utf8'
-): number[] => {
-  const first = new SHA256().update(msg, enc).digest()
+export const hash160 = (msg: HashInput, enc?: 'hex' | 'utf8'): number[] => {
+  const first = sha256Bytes(msg, enc)
+  const native = ripemd160Bytes(first)
+  if (native != null) return Array.from(native)
   return new RIPEMD160().update(first).digest()
 }
 
@@ -1099,10 +1259,12 @@ export const hash160 = (
  * const digest = sha256hmac('deadbeef', 'ffff001d');
  */
 export const sha256hmac = (
-  key: Uint8Array | number[] | string,
-  msg: Uint8Array | number[] | string,
+  key: HashInput,
+  msg: HashInput,
   enc?: 'hex'
 ): number[] => {
+  const native = digestWithNodeHmac('sha256', key, msg, enc)
+  if (native != null) return Array.from(native)
   return new SHA256HMAC(key).update(msg, enc).digest()
 }
 
@@ -1119,10 +1281,12 @@ export const sha256hmac = (
  * const digest = sha512hmac('deadbeef', 'ffff001d');
  */
 export const sha512hmac = (
-  key: Uint8Array | number[] | string,
-  msg: Uint8Array | number[] | string,
+  key: HashInput,
+  msg: HashInput,
   enc?: 'hex'
 ): number[] => {
+  const native = digestWithNodeHmac('sha512', key, msg, enc)
+  if (native != null) return Array.from(native)
   return new SHA512HMAC(key).update(msg, enc).digest()
 }
 
@@ -1144,7 +1308,7 @@ function abytes (b: Uint8Array | undefined, ...lengths: number[]): void {
   }
 }
 function ahash (h: IHash): void {
-  if (typeof h !== 'function' || typeof h.create !== 'function') { throw new Error('Hash should be wrapped by utils.createHasher') }
+  if (typeof h !== 'function' || typeof h.create !== 'function') { throw new TypeError('Hash should be wrapped by utils.createHasher') }
   anumber(h.outputLen)
   anumber(h.blockLen)
 }
@@ -1171,7 +1335,7 @@ type TypedArray =
   | Int32Array
 
 function clean (...arrays: TypedArray[]): void {
-  for (let i = 0; i < arrays.length; i++) arrays[i].fill(0)
+  for (const arr of arrays) arr.fill(0)
 }
 function createView (arr: TypedArray): DataView {
   return new DataView(arr.buffer, arr.byteOffset, arr.byteLength)
@@ -1229,6 +1393,7 @@ const U32_MASK64 = BigInt(2 ** 32 - 1)
 const _32n = BigInt(32)
 function fromBig (n: bigint, le = false): { h: number, l: number } {
   if (le) return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) }
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 }
 }
 function split (lst: bigint[], le = false): Uint32Array[] {
@@ -1250,14 +1415,18 @@ const rotrBH = (h: number, l: number, s: number): number => (h << (64 - s)) | (l
 const rotrBL = (h: number, l: number, s: number): number => (h >>> (s - 32)) | (l << (64 - s))
 function add (Ah: number, Al: number, Bh: number, Bl: number): { h: number, l: number } {
   const l = (Al >>> 0) + (Bl >>> 0)
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 }
 }
 const add3L = (Al: number, Bl: number, Cl: number): number => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0)
+// eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
 const add3H = (low: number, Ah: number, Bh: number, Ch: number): number => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0
 const add4L = (Al: number, Bl: number, Cl: number, Dl: number): number => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0)
+// eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
 const add4H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number): number => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0
 const add5L = (Al: number, Bl: number, Cl: number, Dl: number, El: number): number =>
   (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0)
+// eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
 const add5H = (low: number, Ah: number, Bh: number, Ch: number, Dh: number, Eh: number): number =>
   (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0
 
@@ -1395,13 +1564,21 @@ const K256 = Uint32Array.from([
 const SHA256_W = new Uint32Array(64)
 
 class FastSHA256 extends HashMD<FastSHA256> {
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected A = SHA256_IV[0] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected B = SHA256_IV[1] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected C = SHA256_IV[2] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected D = SHA256_IV[3] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected E = SHA256_IV[4] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected F = SHA256_IV[5] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected G = SHA256_IV[6] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected H = SHA256_IV[7] | 0
   constructor (outputLen = 32) {
     super(64, outputLen, 8, false)
@@ -1422,13 +1599,21 @@ class FastSHA256 extends HashMD<FastSHA256> {
     G: number,
     H: number
   ): void {
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.A = A | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.B = B | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.C = C | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.D = D | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.E = E | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.F = F | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.G = G | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.H = H | 0
   }
 
@@ -1565,7 +1750,7 @@ const K512 = (() =>
     '0x597f299cfc657e2a',
     '0x5fcb6fab3ad6faec',
     '0x6c44198c4a475817'
-  ].map((n) => BigInt(n)))
+  ].map(BigInt))
 )()
 const SHA512_Kh = (() => K512[0])()
 const SHA512_Kl = (() => K512[1])()
@@ -1573,21 +1758,37 @@ const SHA512_W_H = new Uint32Array(80)
 const SHA512_W_L = new Uint32Array(80)
 
 class FastSHA512 extends HashMD<FastSHA512> {
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Ah = SHA512_IV[0] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Al = SHA512_IV[1] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Bh = SHA512_IV[2] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Bl = SHA512_IV[3] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Ch = SHA512_IV[4] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Cl = SHA512_IV[5] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Dh = SHA512_IV[6] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Dl = SHA512_IV[7] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Eh = SHA512_IV[8] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected El = SHA512_IV[9] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Fh = SHA512_IV[10] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Fl = SHA512_IV[11] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Gh = SHA512_IV[12] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Gl = SHA512_IV[13] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Hh = SHA512_IV[14] | 0
+  // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
   protected Hl = SHA512_IV[15] | 0
   constructor (outputLen = 64) {
     super(128, outputLen, 16, false)
@@ -1616,41 +1817,63 @@ class FastSHA512 extends HashMD<FastSHA512> {
     Hh: number,
     Hl: number
   ): void {
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Ah = Ah | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Al = Al | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Bh = Bh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Bl = Bl | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Ch = Ch | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Cl = Cl | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Dh = Dh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Dl = Dl | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Eh = Eh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.El = El | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Fh = Fh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Fl = Fl | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Gh = Gh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Gl = Gl | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Hh = Hh | 0
+    // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
     this.Hl = Hl | 0
   }
 
   protected process (view: DataView, offset: number): void {
-    for (let i = 0; i < 16; i++, offset += 4) {
+    for (let i = 0; i < 16; i++, offset += 8) {
       SHA512_W_H[i] = view.getUint32(offset)
-      SHA512_W_L[i] = view.getUint32((offset += 4))
+      SHA512_W_L[i] = view.getUint32(offset + 4)
     }
     for (let i = 16; i < 80; i++) {
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       const W15h = SHA512_W_H[i - 15] | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       const W15l = SHA512_W_L[i - 15] | 0
       const s0h = rotrSH(W15h, W15l, 1) ^ rotrSH(W15h, W15l, 8) ^ shrSH(W15h, W15l, 7)
       const s0l = rotrSL(W15h, W15l, 1) ^ rotrSL(W15h, W15l, 8) ^ shrSL(W15h, W15l, 7)
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       const W2h = SHA512_W_H[i - 2] | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       const W2l = SHA512_W_L[i - 2] | 0
       const s1h = rotrSH(W2h, W2l, 19) ^ rotrBH(W2h, W2l, 61) ^ shrSH(W2h, W2l, 6)
       const s1l = rotrSL(W2h, W2l, 19) ^ rotrBL(W2h, W2l, 61) ^ shrSL(W2h, W2l, 6)
       const SUMl = add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16])
       const SUMh = add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16])
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       SHA512_W_H[i] = SUMh | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       SHA512_W_L[i] = SUMl | 0
     }
     let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this
@@ -1661,26 +1884,41 @@ class FastSHA512 extends HashMD<FastSHA512> {
       const CHIl = (El & Fl) ^ (~El & Gl)
       const T1ll = add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i])
       const T1h = add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i])
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       const T1l = T1ll | 0
       const sigma0h = rotrSH(Ah, Al, 28) ^ rotrBH(Ah, Al, 34) ^ rotrBH(Ah, Al, 39)
       const sigma0l = rotrSL(Ah, Al, 28) ^ rotrBL(Ah, Al, 34) ^ rotrBL(Ah, Al, 39)
       const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch)
       const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl)
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Hh = Gh | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Hl = Gl | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Gh = Fh | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Gl = Fl | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Fh = Eh | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Fl = El | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       ;({ h: Eh, l: El } = add(Dh | 0, Dl | 0, T1h | 0, T1l | 0))
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Dh = Ch | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Dl = Cl | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Ch = Bh | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Cl = Bl | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Bh = Ah | 0
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Bl = Al | 0
       const T2l = add3L(sigma0l, MAJl, T1l)
       Ah = add3H(T2l, sigma0h, MAJh, T1h)
+      // eslint-disable-next-line no-bitwise -- ToInt32 (ECMA-262); not truncation. Required for SHA arithmetic.
       Al = T2l | 0
     }
     ;({ h: Ah, l: Al } = add(Ah, Al, this.Ah, this.Al))
@@ -1717,7 +1955,7 @@ class HMAC<T extends Hash<T>> extends Hash<HMAC<T>> {
     ahash(hash)
     const key = toBytes(_key)
     this.iHash = hash.create() as T
-    if (typeof (this.iHash as any).update !== 'function') { throw new Error('Expected instance of class which extends utils.Hash') }
+    if (typeof (this.iHash as any).update !== 'function') { throw new TypeError('Expected instance of class which extends utils.Hash') }
     this.blockLen = this.iHash.blockLen
     this.outputLen = this.iHash.outputLen
     const blockLen = this.blockLen
@@ -1795,7 +2033,8 @@ function pbkdf2Core (hash: (msg: Input) => Uint8Array & { create: () => FastSHA5
   for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) {
     const Ti = DK.subarray(pos, pos + PRF.outputLen)
     view.setInt32(0, ti, false)
-    ;(prfW = PRFSalt._cloneInto(prfW)).update(arr).digestInto(u)
+    prfW = PRFSalt._cloneInto(prfW)
+    prfW.update(arr).digestInto(u)
     Ti.set(u.subarray(0, Ti.length))
     for (let ui = 1; ui < c; ui++) {
       PRF._cloneInto(prfW).update(u).digestInto(u)
@@ -1839,20 +2078,16 @@ export function pbkdf2 (
   if (digest !== 'sha512') {
     throw new Error('Only sha512 is supported in this PBKDF2 implementation')
   }
-  // Attempt to use the native Node.js implementation if available as it is
-  // considerably faster than the pure TypeScript fallback below. If the crypto
-  // module isn't present (for example in a browser build) we'll silently fall
-  // back to the original implementation.
-  try {
-    // eslint-disable-next-line @typescript-eslint/no-var-requires
-    const nodeCrypto = require('crypto')
-    if (typeof nodeCrypto.pbkdf2Sync === 'function') {
-      const p = Buffer.from(password)
-      const s = Buffer.from(salt)
-      return [...nodeCrypto.pbkdf2Sync(p, s, iterations, keylen, digest)]
-    }
-  } catch {
-    // ignore
+  const pbkdf2Sync = NODE_CRYPTO?.pbkdf2Sync
+  if (typeof pbkdf2Sync === 'function') {
+    const out = pbkdf2Sync(
+      toHashBytes(password),
+      toHashBytes(salt),
+      iterations,
+      keylen,
+      digest
+    )
+    return Array.from(out)
   }
   const p = Uint8Array.from(password)
   const s = Uint8Array.from(salt)