@cloudpss/crypto 0.5.25 → 0.5.28

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cloudpss/crypto",
-  "version": "0.5.25",
+  "version": "0.5.28",
   "author": "CloudPSS",
   "license": "MIT",
   "type": "module",
@@ -13,22 +13,20 @@
       "browser": "./dist/encryption/browser.js",
       "node": "./dist/encryption/node.js",
       "default": "./dist/encryption/browser.js"
-    }
-  },
-  "dependencies": {
-    "sjcl": "^1.0.8"
+    },
+    "#lib-wasm": "./lib/wasm.js"
   },
+  "dependencies": {},
   "devDependencies": {
-    "crypto-js": "^4.2.0",
-    "hash-wasm": "^4.11.0",
-    "@types/crypto-js": "^4.2.2",
-    "@types/sjcl": "^1.0.34"
+    "esbuild": "^0.20.2",
+    "esbuild-plugin-wasm": "^1.1.0"
   },
   "scripts": {
-    "start": "pnpm clean && tsc --watch",
-    "build": "pnpm clean && tsc",
+    "start": "pnpm clean && pnpm build:wasm && tsc --watch",
+    "build": "pnpm clean && pnpm build:wasm && tsc",
+    "build:wasm": "node ./wasm-build.js",
     "test": "NODE_OPTIONS=\"${NODE_OPTIONS:-} --experimental-vm-modules\" jest",
     "benchmark": "node ./benchmark",
-    "clean": "rimraf dist"
+    "clean": "rimraf dist lib"
   }
 }

package/src/encryption/browser.ts

@@ -4,7 +4,6 @@ import type { EncryptedData, PlainData } from './common.js';
 const module = () => {
     if (
         typeof crypto == 'object' &&
-        typeof crypto.getRandomValues == 'function' &&
         typeof crypto.subtle == 'object' &&
         typeof crypto.subtle.importKey == 'function' &&
         typeof crypto.subtle.deriveKey == 'function' &&
@@ -13,7 +12,7 @@ const module = () => {
     ) {
         return import('./web.js');
     } else {
-        return import('./pure-js.js');
+        return import('./wasm.js');
     }
 };
 

package/src/encryption/common.ts

@@ -1,4 +1,4 @@
-import { toUint8Array } from '../utils.js';
+import { EMPTY_BUFFER, toUint8Array } from '../utils.js';
 
 /** PBKDF2 迭代次数 */
 export const PBKDF2_ITERATIONS = 100_000;
@@ -20,7 +20,7 @@ export const AES_TAG_SIZE = 128 / 8;
 /** 加密输入/解密结果 */
 export interface PlainData {
     /** 附加数据 */
-    aad?: Uint8Array;
+    aad: Uint8Array;
     /** 明文数据 */
     data: Uint8Array;
 }
@@ -30,7 +30,7 @@ export interface EncryptedData {
     /** NONCE */
     nonce: Uint8Array;
     /** 附加数据 */
-    aad?: Uint8Array;
+    aad: Uint8Array;
     /** 加密后的数据和 tag */
     data: Uint8Array;
 }
@@ -71,15 +71,19 @@ export function parseEncrypted(data: BinaryData): EncryptedData | undefined {
         (buffer[MAGIC_NUMBER.length + NONCE_SIZE + 1] << 16) |
         (buffer[MAGIC_NUMBER.length + NONCE_SIZE + 2] << 8) |
         buffer[MAGIC_NUMBER.length + NONCE_SIZE + 3];
-    if (aadSize > AAD_MAX_SIZE || aadSize < 0) return undefined;
+    if (aadSize > AAD_MAX_SIZE || aadSize < 0) {
+        return undefined;
+    }
     const paddingAadSize = padding(aadSize, AAD_PADDING);
-    if (buffer.byteLength < paddingAadSize + MIN_ENCRYPTED_SIZE) return undefined;
+    if (buffer.byteLength < paddingAadSize + MIN_ENCRYPTED_SIZE) {
+        return undefined;
+    }
     const aad = aadSize
         ? buffer.subarray(
               MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE,
               MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE + aadSize,
           )
-        : undefined;
+        : EMPTY_BUFFER;
     const encrypted = buffer.subarray(MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE + paddingAadSize);
     return { nonce, aad, data: encrypted };
 }

package/src/encryption/index.ts

@@ -18,7 +18,9 @@ export function extractAad(data: BinaryData): Uint8Array | undefined {
     if (encrypted == null) {
         throw new TypeError('Invalid encrypted data');
     }
-    return encrypted.aad;
+    const { aad } = encrypted;
+    if (!aad.byteLength) return undefined;
+    return aad;
 }
 
 // eslint-disable-next-line @typescript-eslint/unbound-method

package/src/encryption/module.ts

@@ -1,4 +1,4 @@
-import { toUint8Array } from '../utils.js';
+import { EMPTY_BUFFER, toUint8Array } from '../utils.js';
 import {
     AAD_LEN_SIZE,
     AAD_MAX_SIZE,
@@ -41,7 +41,7 @@ interface Module {
 }
 
 /** 创建模块 */
-export function createModule(impl: typeof import('#encryption')): Module {
+export function createModule(impl: typeof import('#encryption') | typeof import('./wasm.js')): Module {
     const encryptAad: Module['encryptAad'] = async (data, aad, passphrase) => {
         assertPassphrase(passphrase);
         const aadSize = aad?.byteLength ?? 0;
@@ -50,7 +50,7 @@ export function createModule(impl: typeof import('#encryption')): Module {
         }
         const paddedAddSize = padding(aadSize, AAD_PADDING);
         const plain: PlainData = {
-            aad: aadSize ? toUint8Array(aad!) : undefined,
+            aad: aadSize ? toUint8Array(aad!) : EMPTY_BUFFER,
             data: toUint8Array(data),
         };
         const encrypted = await impl.encrypt(plain, passphrase);
@@ -64,7 +64,7 @@ export function createModule(impl: typeof import('#encryption')): Module {
             result[MAGIC_NUMBER.length + NONCE_SIZE + 1] = aadSize >>> 16;
             result[MAGIC_NUMBER.length + NONCE_SIZE + 2] = aadSize >>> 8;
             result[MAGIC_NUMBER.length + NONCE_SIZE + 3] = aadSize;
-            result.set(plain.aad!, MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE);
+            result.set(plain.aad, MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE);
         }
         result.set(encrypted.data, MAGIC_NUMBER.length + NONCE_SIZE + AAD_LEN_SIZE + paddedAddSize);
         return result;

package/src/encryption/node.ts

@@ -20,10 +20,11 @@ export async function encrypt({ data, aad }: PlainData, passphrase: string): Pro
     const nonce = randomBytes(NONCE_SIZE);
     const key = await aesKdf(passphrase, nonce);
     const cipher = createCipheriv('aes-256-gcm', key, nonce, { authTagLength: AES_TAG_SIZE });
-    if (aad) cipher.setAAD(aad);
+    if (aad.byteLength) cipher.setAAD(aad);
     const encrypted = Buffer.concat([cipher.update(data), cipher.final(), cipher.getAuthTag()]);
     return {
         nonce: toUint8Array(nonce),
+        aad,
         data: toUint8Array(encrypted),
     };
 }
@@ -33,7 +34,7 @@ export async function decrypt({ nonce, aad, data }: EncryptedData, passphrase: s
     const key = await aesKdf(passphrase, nonce);
     const decipher = createDecipheriv('aes-256-gcm', key, nonce, { authTagLength: AES_TAG_SIZE });
     decipher.setAuthTag(data.subarray(data.length - AES_TAG_SIZE));
-    if (aad) decipher.setAAD(aad);
+    if (aad.byteLength) decipher.setAAD(aad);
     const decrypted = Buffer.concat([decipher.update(data.subarray(0, data.length - AES_TAG_SIZE)), decipher.final()]);
-    return { data: toUint8Array(decrypted) };
+    return { data: toUint8Array(decrypted), aad };
 }

package/src/encryption/wasm.ts

@@ -0,0 +1,47 @@
+import {
+    NONCE_SIZE,
+    AES_KEY_SIZE,
+    AES_TAG_SIZE,
+    type EncryptedData,
+    PBKDF2_ITERATIONS,
+    type PlainData,
+} from './common.js';
+import * as mod from '#lib-wasm';
+
+const encoder = new TextEncoder();
+
+/** crypto-js encrypt */
+export function encrypt({ data, aad }: PlainData, passphrase: string): EncryptedData {
+    const nonce = crypto.getRandomValues(new Uint8Array(NONCE_SIZE));
+    const result = mod.encrypt(
+        encoder.encode(passphrase),
+        data,
+        aad,
+        nonce,
+        PBKDF2_ITERATIONS,
+        AES_KEY_SIZE,
+        AES_TAG_SIZE,
+    );
+    return {
+        nonce,
+        aad,
+        data: result,
+    };
+}
+
+/** crypto-js decrypt */
+export function decrypt({ data, aad, nonce }: EncryptedData, passphrase: string): PlainData {
+    const decrypted = mod.decrypt(
+        encoder.encode(passphrase),
+        data,
+        aad,
+        nonce,
+        PBKDF2_ITERATIONS,
+        AES_KEY_SIZE,
+        AES_TAG_SIZE,
+    );
+    return {
+        aad,
+        data: decrypted,
+    };
+}

package/src/encryption/web.ts

@@ -40,6 +40,7 @@ export async function encrypt({ data, aad }: PlainData, passphrase: string): Pro
     );
     return {
         nonce,
+        aad,
         data: new Uint8Array(encrypted),
     };
 }
@@ -57,5 +58,8 @@ export async function decrypt({ data, nonce, aad }: EncryptedData, passphrase: s
         key,
         data,
     );
-    return { data: new Uint8Array(decrypted) };
+    return {
+        aad,
+        data: new Uint8Array(decrypted),
+    };
 }

package/src/utils.ts

@@ -8,3 +8,6 @@ export function toUint8Array(data: BinaryData): Uint8Array {
     }
     return new Uint8Array(data, 0, data.byteLength);
 }
+
+/** 长度为 0 的 Uint8Array */
+export const EMPTY_BUFFER = new Uint8Array(0);

package/tests/encryption.js

@@ -5,7 +5,7 @@ import { createModule } from '../dist/encryption/module.js';
 import * as nodeImpl from '../dist/encryption/node.js';
 import * as browserImpl from '../dist/encryption/browser.js';
 import * as webImpl from '../dist/encryption/web.js';
-import * as jsImpl from '../dist/encryption/pure-js.js';
+import * as wasmImpl from '../dist/encryption/wasm.js';
 
 const data = [
     Buffer.from(''),
@@ -23,13 +23,26 @@ describe('Encryption root export', () => {
     });
 
     it('check is encrypted', () => {
+        const nonce = Buffer.alloc(12);
+        const tag = Buffer.alloc(16);
+        const aadLength = Buffer.alloc(4);
+
         // @ts-expect-error bad type
         expect(() => isEncrypted({})).toThrow('Invalid data');
-        expect(isEncrypted(Buffer.from(MAGIC_NUMBER))).toBe(false);
-        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, Buffer.alloc(31)]))).toBe(false);
-        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, Buffer.alloc(32)]))).toBe(true);
         expect(isEncrypted(Buffer.alloc(40))).toBe(false);
         expect(isEncrypted(Buffer.alloc(41))).toBe(false);
+
+        expect(isEncrypted(Buffer.from(MAGIC_NUMBER))).toBe(false);
+
+        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, nonce, aadLength, tag]))).toBe(true);
+        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, nonce, aadLength, tag.subarray(1)]))).toBe(false);
+
+        aadLength.writeUInt32BE(100);
+        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, nonce, aadLength, Buffer.alloc(111), tag]))).toBe(false);
+        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, nonce, aadLength, Buffer.alloc(112), tag]))).toBe(true);
+
+        aadLength.writeUInt32BE(0xffff_fffe);
+        expect(isEncrypted(Buffer.concat([MAGIC_NUMBER, nonce, aadLength, Buffer.alloc(112), tag]))).toBe(false);
     });
 
     it('encrypt check', async () => {
@@ -50,25 +63,32 @@ describe('Encryption root export', () => {
         await expect(() => decrypt(Buffer.alloc(100), 'xx')).rejects.toThrow('Invalid encrypted data');
     });
 
-    it('accepts empty aad', async () => {
-        const encrypted = await encryptAad(Buffer.alloc(0), Buffer.alloc(0), passphrase);
-        expect(encrypted).toBeInstanceOf(Uint8Array);
-        const extractedAad = extractAad(encrypted);
-        expect(extractedAad).toBeUndefined();
-    });
+    describe('aad', () => {
+        it('accepts empty aad', async () => {
+            const encrypted = await encryptAad(Buffer.alloc(0), Buffer.alloc(0), passphrase);
+            expect(encrypted).toBeInstanceOf(Uint8Array);
+            const extractedAad = extractAad(encrypted);
+            expect(extractedAad).toBeUndefined();
+        });
 
-    it('accepts undefined aad', async () => {
-        const encrypted = await encryptAad(Buffer.alloc(0), undefined, passphrase);
-        expect(encrypted).toBeInstanceOf(Uint8Array);
-        const extractedAad = extractAad(encrypted);
-        expect(extractedAad).toBeUndefined();
-    });
+        it('accepts undefined aad', async () => {
+            const encrypted = await encryptAad(Buffer.alloc(0), undefined, passphrase);
+            expect(encrypted).toBeInstanceOf(Uint8Array);
+            const extractedAad = extractAad(encrypted);
+            expect(extractedAad).toBeUndefined();
+        });
 
-    it('rejects invalid aad size', async () => {
-        const aad2 = Buffer.alloc(1024 * 1024 * 1024 + 1);
-        await expect(async () => {
-            await encryptAad(Buffer.alloc(0), aad2, passphrase);
-        }).rejects.toThrow('Invalid AAD size');
+        it('rejects invalid aad size', async () => {
+            const aad2 = Buffer.alloc(1024 * 1024 * 1024 + 1);
+            await expect(async () => {
+                await encryptAad(Buffer.alloc(0), aad2, passphrase);
+            }).rejects.toThrow('Invalid AAD size');
+        });
+
+        it('rejects invalid data', () => {
+            const data = Buffer.alloc(10);
+            expect(() => extractAad(data)).toThrow('Invalid encrypted data');
+        });
     });
 
     checkModule({ encrypt, decrypt, encryptAad });
@@ -128,17 +148,18 @@ function checkModule(module) {
 
 /**
  * 检查实现
- * @param {(data: import('../dist/encryption/common.js').PlainData, passphrase: string) => Promise<import('../dist/encryption/common.js').EncryptedData>} encrypt encrypt
- * @param {(data: import('../dist/encryption/common.js').EncryptedData, passphrase: string) => Promise<import('../dist/encryption/common.js').PlainData>} decrypt decrypt
+ * @param {Function} encrypt encrypt
+ * @param {Function} decrypt decrypt
  */
 function checkImplEncryption(encrypt, decrypt) {
     it.each(data)(
         `$type[$length]`,
         async ({ raw }) => {
-            const encrypted = await encrypt({ data: toUint8Array(raw) }, passphrase);
+            const encrypted = await encrypt({ data: toUint8Array(raw), aad: new Uint8Array(0) }, passphrase);
             expect(encrypted.nonce).toBeInstanceOf(Uint8Array);
             expect(encrypted.nonce.byteLength).toBe(12);
-            expect(encrypted.aad).toBeUndefined();
+            expect(encrypted.aad).toBeInstanceOf(Uint8Array);
+            expect(encrypted.aad.byteLength).toBe(0);
             expect(encrypted.data).toBeInstanceOf(Uint8Array);
 
             await expect(async () => {
@@ -148,7 +169,8 @@ function checkImplEncryption(encrypt, decrypt) {
             const decrypted = await decrypt(encrypted, passphrase);
             expect(decrypted.data).toBeInstanceOf(Uint8Array);
             expect(decrypted.data).toEqual(toUint8Array(raw));
-            expect(decrypted.aad).toBeUndefined();
+            expect(decrypted.aad).toBeInstanceOf(Uint8Array);
+            expect(decrypted.aad.byteLength).toBe(0);
         },
         100_000,
     );
@@ -191,7 +213,7 @@ describe('Encryption impl', () => {
         node: nodeImpl,
         browser: browserImpl,
         web: webImpl,
-        js: jsImpl,
+        wasm: wasmImpl,
     });
     describe.each(impls)('impl %s', (name, impl) => {
         const module = createModule(impl);
@@ -208,14 +230,13 @@ describe('Encryption impl', () => {
 });
 
 describe('Encryption impl browser', () => {
-    describe('should work without crypto', () => {
-        const { crypto } = globalThis;
+    describe('should work without crypto subtle', () => {
+        const { subtle } = crypto;
         beforeAll(() => {
-            // @ts-expect-error remove crypto
-            globalThis.crypto = undefined;
+            Object.defineProperty(crypto, 'subtle', { value: undefined, configurable: true });
         });
         afterAll(() => {
-            globalThis.crypto = crypto;
+            Object.defineProperty(crypto, 'subtle', { value: subtle, configurable: true });
         });
         checkModule(createModule(browserImpl));
     });

package/tsconfig.json

@@ -4,7 +4,8 @@
   "compilerOptions": {
     "outDir": "./dist",
     "paths": {
-      "#encryption": ["./src/encryption/node.ts", "./src/encryption/browser.ts"]
+      "#encryption": ["./src/encryption/node.ts", "./src/encryption/browser.ts"],
+      "#lib-wasm": ["./lib/wasm.d.ts"]
     }
   }
 }

package/wasm-build.js

@@ -0,0 +1,30 @@
+import path from 'node:path';
+import fs from 'node:fs/promises';
+import { spawn } from 'node:child_process';
+import { fileURLToPath } from 'node:url';
+import esbuild from 'esbuild';
+import { wasmLoader } from 'esbuild-plugin-wasm';
+import { once } from 'node:events';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+const wasmPack = spawn('wasm-pack', ['build', '--target', 'bundler', '--release'], {
+    stdio: 'inherit',
+    cwd: path.resolve(__dirname, './wasm'),
+});
+
+await once(wasmPack, 'exit');
+
+await esbuild.build({
+    entryPoints: [path.resolve(__dirname, './wasm/pkg/wasm.js')],
+    outdir: path.resolve(__dirname, './lib'),
+    charset: 'utf8',
+    target: 'es2022',
+    format: 'esm',
+    bundle: true,
+    minify: false,
+    plugins: [wasmLoader({ mode: 'embedded' })],
+});
+
+await fs.copyFile(path.resolve(__dirname, './wasm/pkg/wasm.d.ts'), path.resolve(__dirname, './lib/wasm.d.ts'));

package/dist/encryption/js/aes.d.ts

@@ -1,20 +0,0 @@
-/** AES 算法 */
-export declare class AES {
-    /** 加密密钥 */
-    private readonly encKey;
-    /** 解密密钥 */
-    private readonly decKey;
-    constructor(key: Uint32Array);
-    /**
-     * Encryption and decryption core.
-     */
-    private crypt;
-    /**
-     * Encrypt a block of plain text.
-     */
-    encrypt(input: Uint32Array, inputOffset: number, output: Uint32Array, outputOffset: number): void;
-    /**
-     * Decrypt a block of cipher text.
-     */
-    decrypt(input: Uint32Array, inputOffset: number, output: Uint32Array, outputOffset: number): void;
-}

package/dist/encryption/js/aes.js

@@ -1,151 +0,0 @@
-/** Compute AES S-box Tables */
-function createSBox() {
-    const encTable = [
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint8Array(256),
-    ];
-    const decTable = [
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint32Array(256),
-        new Uint8Array(256),
-    ];
-    const sbox = encTable[4];
-    const sboxInv = decTable[4];
-    const d = new Uint8Array(256);
-    const th = new Uint8Array(256);
-    // Compute double and third tables
-    for (let i = 0; i < 256; i++) {
-        d[i] = (i << 1) ^ ((i >> 7) * 283);
-        th[d[i] ^ i] = i;
-    }
-    let x = 0, xInv = 0, x2 = 0, x4 = 0, x8 = 0;
-    for (; !sbox[x]; x ^= x2 || 1, xInv = th[xInv] || 1) {
-        // Compute sbox
-        let s = xInv ^ (xInv << 1) ^ (xInv << 2) ^ (xInv << 3) ^ (xInv << 4);
-        s = (s >> 8) ^ (s & 255) ^ 99;
-        sbox[x] = s;
-        sboxInv[s] = x;
-        // Compute MixColumns
-        x8 = d[(x4 = d[(x2 = d[x])])];
-        let tDec = (x8 * 0x101_0101) ^ (x4 * 0x1_0001) ^ (x2 * 0x101) ^ (x * 0x101_0100);
-        let tEnc = (d[s] * 0x101) ^ (s * 0x101_0100);
-        for (let i = 0; i < 4; i++) {
-            encTable[i][x] = tEnc = (tEnc << 24) ^ (tEnc >>> 8);
-            decTable[i][s] = tDec = (tDec << 24) ^ (tDec >>> 8);
-        }
-    }
-    return [encTable, decTable];
-}
-let encryptTable;
-let decryptTable;
-/** 初始化 */
-function init() {
-    if (!encryptTable) {
-        [encryptTable, decryptTable] = createSBox();
-    }
-}
-/** AES 算法 */
-export class AES {
-    /** 加密密钥 */
-    encKey;
-    /** 解密密钥 */
-    decKey;
-    constructor(key) {
-        if (key.length !== 4 && key.length !== 6 && key.length !== 8) {
-            throw new TypeError('Invalid aes key length');
-        }
-        init();
-        const sbox = encryptTable[4], decTable = decryptTable, keyLen = key.length, rKeyLen = 4 * key.length + 28;
-        this.encKey = new Uint32Array(rKeyLen);
-        this.decKey = new Uint32Array(rKeyLen);
-        const { encKey, decKey } = this;
-        encKey.set(key);
-        // schedule encryption keys
-        let rcon = 1;
-        for (let i = keyLen; i < rKeyLen; i++) {
-            let tmp = this.encKey[i - 1];
-            // apply sbox
-            if (i % keyLen === 0 || (keyLen === 8 && i % keyLen === 4)) {
-                tmp =
-                    (sbox[tmp >>> 24] << 24) ^
-                        (sbox[(tmp >> 16) & 255] << 16) ^
-                        (sbox[(tmp >> 8) & 255] << 8) ^
-                        sbox[tmp & 255];
-                // shift rows and add rcon
-                if (i % keyLen === 0) {
-                    tmp = (tmp << 8) ^ (tmp >>> 24) ^ (rcon << 24);
-                    rcon = (rcon << 1) ^ ((rcon >> 7) * 283);
-                }
-            }
-            encKey[i] = encKey[i - keyLen] ^ tmp;
-        }
-        // schedule decryption keys
-        for (let i = rKeyLen, j = 0; i; j++, i--) {
-            const tmp = encKey[j & 3 ? i : i - 4];
-            if (i <= 4 || j < 4) {
-                decKey[j] = tmp;
-            }
-            else {
-                decKey[j] =
-                    decTable[0][sbox[tmp >>> 24]] ^
-                        decTable[1][sbox[(tmp >> 16) & 255]] ^
-                        decTable[2][sbox[(tmp >> 8) & 255]] ^
-                        decTable[3][sbox[tmp & 255]];
-            }
-        }
-    }
-    /**
-     * Encryption and decryption core.
-     */
-    crypt(input, inputOffset, output, outputOffset, decrypt) {
-        const key = decrypt ? this.decKey : this.encKey;
-        const [t0, t1, t2, t3, sbox] = decrypt ? decryptTable : encryptTable;
-        // state variables a,b,c,d are loaded with pre-whitened data
-        let a = input[inputOffset] ^ key[0], b = input[inputOffset + (decrypt ? 3 : 1)] ^ key[1], c = input[inputOffset + 2] ^ key[2], d = input[inputOffset + (decrypt ? 1 : 3)] ^ key[3];
-        let kIndex = 4;
-        // Inner rounds.  Cribbed from OpenSSL.
-        const nInnerRounds = key.length / 4 - 2;
-        for (let i = 0; i < nInnerRounds; i++) {
-            const a2 = t0[a >>> 24] ^ t1[(b >> 16) & 255] ^ t2[(c >> 8) & 255] ^ t3[d & 255] ^ key[kIndex];
-            const b2 = t0[b >>> 24] ^ t1[(c >> 16) & 255] ^ t2[(d >> 8) & 255] ^ t3[a & 255] ^ key[kIndex + 1];
-            const c2 = t0[c >>> 24] ^ t1[(d >> 16) & 255] ^ t2[(a >> 8) & 255] ^ t3[b & 255] ^ key[kIndex + 2];
-            d = t0[d >>> 24] ^ t1[(a >> 16) & 255] ^ t2[(b >> 8) & 255] ^ t3[c & 255] ^ key[kIndex + 3];
-            a = a2;
-            b = b2;
-            c = c2;
-            kIndex += 4;
-        }
-        // Last round.
-        for (let i = 0; i < 4; i++) {
-            output[outputOffset + (decrypt ? 3 & -i : i)] =
-                (sbox[a >>> 24] << 24) ^
-                    (sbox[(b >> 16) & 255] << 16) ^
-                    (sbox[(c >> 8) & 255] << 8) ^
-                    sbox[d & 255] ^
-                    key[kIndex++];
-            const a2 = a;
-            a = b;
-            b = c;
-            c = d;
-            d = a2;
-        }
-    }
-    /**
-     * Encrypt a block of plain text.
-     */
-    encrypt(input, inputOffset, output, outputOffset) {
-        return this.crypt(input, inputOffset, output, outputOffset, false);
-    }
-    /**
-     * Decrypt a block of cipher text.
-     */
-    decrypt(input, inputOffset, output, outputOffset) {
-        return this.crypt(input, inputOffset, output, outputOffset, true);
-    }
-}
-//# sourceMappingURL=aes.js.map

package/dist/encryption/js/aes.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"aes.js","sourceRoot":"","sources":["../../../src/encryption/js/aes.ts"],"names":[],"mappings":"AAGA,+BAA+B;AAC/B,SAAS,UAAU;IACf,MAAM,QAAQ,GAAc;QACxB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,UAAU,CAAC,GAAG,CAAC;KACtB,CAAC;IACF,MAAM,QAAQ,GAAc;QACxB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,WAAW,CAAC,GAAG,CAAC;QACpB,IAAI,UAAU,CAAC,GAAG,CAAC;KACtB,CAAC;IAEF,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5B,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAE/B,kCAAkC;IAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;QACnC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,EACL,IAAI,GAAG,CAAC,EACR,EAAE,GAAG,CAAC,EACN,EAAE,GAAG,CAAC,EACN,EAAE,GAAG,CAAC,CAAC;IACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,eAAe;QACf,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;QACrE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;QAC9B,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACZ,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAEf,qBAAqB;QACrB,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,IAAI,GAAG,CAAC,EAAE,GAAG,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;QACjF,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;QAE7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACzB,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;YACpD,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;QACxD,CAAC;IACL,CAAC;IAED,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAChC,CAAC;AAED,IAAI,YAAuB,CAAC;AAC5B,IAAI,YAAuB,CAAC;AAC5B,UAAU;AACV,SAAS,IAAI;IACT,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,CAAC,YAAY,EAAE,YAAY,CAAC,GAAG,UAAU,EAAE,CAAC;IAChD,CAAC;AACL,CAAC;AACD,aAAa;AACb,MAAM,OAAO,GAAG;IACZ,WAAW;IACM,MAAM,CAAc;IACrC,WAAW;IACM,MAAM,CAAc;IACrC,YAAY,GAAgB;QACxB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3D,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,EAAE,CAAC;QAEP,MAAM,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,EACxB,QAAQ,GAAG,YAAY,EACvB,MAAM,GAAG,GAAG,CAAC,MAAM,EACnB,OAAO,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QAElC,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAEhC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhB,2BAA2B;QAC3B,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,MAAM,EAAE,CAAC,GAAG,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAE7B,aAAa;YACb,IAAI,CAAC,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;gBACzD,GAAG;oBACC,CAAC,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;wBACxB,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;wBAC/B,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;wBAC7B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;gBAEpB,0BAA0B;gBAC1B,IAAI,CAAC,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC;oBACnB,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;oBAC/C,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;gBAC7C,CAAC;YACL,CAAC;YAED,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,GAAG,CAAC;QACzC,CAAC;QAED,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAClB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;YACpB,CAAC;iBAAM,CAAC;gBACJ,MAAM,CAAC,CAAC,CAAC;oBACL,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC;wBAC7B,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;wBACpC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;wBACnC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;YACrC,CAAC;QACL,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CACT,KAAkB,EAClB,WAAmB,EACnB,MAAmB,EACnB,YAAoB,EACpB,OAAgB;QAEhB,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QAChD,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC;QAErE,4DAA4D;QAC5D,IAAI,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAC/B,CAAC,GAAG,KAAK,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EACnD,CAAC,GAAG,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EACnC,CAAC,GAAG,KAAK,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAExD,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,uCAAuC;QACvC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;QACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/F,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACnG,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACnG,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC5F,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,CAAC,GAAG,EAAE,CAAC;YACP,MAAM,IAAI,CAAC,CAAC;QAChB,CAAC;QAED,cAAc;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACzB,MAAM,CAAC,YAAY,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;oBACtB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;oBAC7B,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;oBAC3B,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;oBACb,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;YAClB,MAAM,EAAE,GAAG,CAAC,CAAC;YACb,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,CAAC,CAAC;YACN,CAAC,GAAG,EAAE,CAAC;QACX,CAAC;IACL,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,KAAkB,EAAE,WAAmB,EAAE,MAAmB,EAAE,YAAoB;QACtF,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,KAAkB,EAAE,WAAmB,EAAE,MAAmB,EAAE,YAAoB;QACtF,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;CACJ"}

package/dist/encryption/js/gcm.d.ts

@@ -1,26 +0,0 @@
-import { AES } from './aes.js';
-/** GCM (Galois/Counter Mode) */
-export declare class GCM {
-    readonly cipher: AES;
-    readonly iv: Uint8Array;
-    readonly tagLength: number;
-    readonly aad: Uint8Array;
-    constructor(cipher: AES, iv: Uint8Array, tagLength?: number, aad?: Uint8Array);
-    /** Convert a Uint8Array to a Uint32Array */
-    private toUint32Array;
-    /** Convert a Uint32Array to a Uint8Array */
-    private toUint8Array;
-    /** Set out of range bytes to 0 */
-    private clamp;
-    private readonly H;
-    /** Compute the galois multiplication of X and Y */
-    private galoisMultiply;
-    /** Ghash */
-    private ghash;
-    /** GCM CTR mode. */
-    private ctr;
-    /** 加密 */
-    encrypt(data: Uint8Array): Uint8Array;
-    /** 解密 */
-    decrypt(data: Uint8Array): Uint8Array;
-}