@gcoredev/as-jwt 1.0.0-alpha.2

package/modules/as-base64/assembly/tsconfig.json

@@ -0,0 +1,6 @@
+{
+  "extends": "assemblyscript/std/assembly.json",
+  "include": [
+    "./**/*.ts"
+  ]
+}

package/modules/as-base64/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "as-base64",
+  "version": "0.2.0",
+  "types": "assembly/index.ts",
+  "license": "MIT",
+  "author": "Willem Wyndham <hello@near.org>",
+  "scripts": {
+    "test": "asp"
+  },
+  "devDependencies": {
+    "@as-pect/cli": "^6.1.1",
+    "assemblyscript": "^0.19.1"
+  },
+  "keywords": [
+    "crypto",
+    "AssemblyScript",
+    "encoder",
+    "decoder",
+    "base64"
+  ]
+}

package/modules/as-hmac-sha2/README.md

@@ -0,0 +1,40 @@
+# HMAC-SHA-256 and HMAC-SHA-512 for AssemblyScript
+
+Self-contained implementations of SHA-256, SHA-512, HMAC-SHA-256 and HMAC-SHA-512 for AssemblyScript.
+
+Simple hashing:
+
+```typescript
+let msg = Uint8Array.wrap(String.UTF8.encode("test"));
+let h = Sha256.hash(msg);
+```
+
+Chunked input:
+
+```typescript
+let st = new Sha256();
+st.update(msg1);
+st.update(msg2);
+let h = st.final();
+```
+
+HMAC:
+
+```typescript
+let msg = Uint8Array.wrap(String.UTF8.encode("message"));
+let key = Uint8Array.wrap(String.UTF8.encode("key"));
+let mac = Sha256.hmac(msg, key);
+```
+
+Constant-time check for equality:
+
+```typescript
+let ok = verify(mac, expected_mac);
+```
+
+Constant-time hexadecimal encoding/decoding:
+
+```typescript
+let hex = bin2hex(h);
+let bin = hex2bin(hex);
+```

package/modules/as-hmac-sha2/assembly/index.ts

@@ -0,0 +1,5 @@
+/// <reference path="../node_modules/assemblyscript/index.d.ts" />
+
+export * from "./sha256";
+export * from "./sha512";
+export * from "./utils";

package/modules/as-hmac-sha2/assembly/sha256.ts

@@ -0,0 +1,257 @@
+type aisize = i32;
+
+function setU8(t: Uint8Array, s: Uint8Array, o: isize = 0): void {
+  memory.copy(t.dataStart + o, s.dataStart, s.length);
+}
+
+function store64_be(x: Uint8Array, offset: isize, u: u64): void {
+  store<u64>(changetype<usize>(x.buffer) + offset, bswap(u));
+}
+
+function load32_be(x: Uint8Array, offset: isize): u32 {
+  return bswap(load<u32>(changetype<usize>(x.buffer) + offset));
+}
+
+function store32_be(x: Uint8Array, offset: isize, u: u32): void {
+  store<u32>(changetype<usize>(x.buffer) + offset, bswap(u));
+}
+
+class Internal {
+  @inline static Sigma0(x: u32): u32 {
+    return rotr(x, 2) ^ rotr(x, 13) ^ rotr(x, 22);
+  }
+
+  @inline static Sigma1(x: u32): u32 {
+    return rotr(x, 6) ^ rotr(x, 11) ^ rotr(x, 25);
+  }
+
+  @inline static sigma0(x: u32): u32 {
+    return rotr(x, 7) ^ rotr(x, 18) ^ (x >> 3);
+  }
+
+  @inline static sigma1(x: u32): u32 {
+    return rotr(x, 17) ^ rotr(x, 19) ^ (x >> 10);
+  }
+
+  @inline static Ch(x: u32, y: u32, z: u32): u32 {
+    return z ^ (x & (y ^ z));
+  }
+
+  @inline static Maj(x: u32, y: u32, z: u32): u32 {
+    return (x & (y ^ z)) ^ (y & z);
+  }
+
+  static expand(w: StaticArray<u32>): void {
+    for (let i = 0; i < 16; i++) {
+      unchecked(w[i] += w[(i + 9) & 15] + Internal.sigma1(w[(i + 14) & 15]) + Internal.sigma0(w[(i + 1) & 15]));
+    }
+  }
+
+  static handle(r: StaticArray<u32>, w: StaticArray<u32>, c: u32[]): void {
+    for (let i = 0; i < 16; i++) {
+      var x = (r[7 & (7 - i)] + w[i] + c[i]);
+      x += unchecked(Internal.Sigma1(r[7 & (4 - i)]));
+      x += unchecked(Internal.Ch(r[7 & (4 - i)], r[7 & (5 - i)], r[7 & (6 - i)]));
+      unchecked(r[7 & (3 - i)] += x);
+      x += unchecked(Internal.Sigma0(r[7 & (0 - i)]));
+      x += unchecked(Internal.Maj(r[7 & (0 - i)], r[7 & (1 - i)], r[7 & (2 - i)]));
+      unchecked(r[7 & (7 - i)] = x);
+    }
+  }
+
+  static K: u32[] = [
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+  ];
+
+  static _hashblocks(st: Uint8Array, m: Uint8Array, n_: isize): isize {
+    let z = new StaticArray<u32>(8),
+      r = new StaticArray<u32>(8),
+      w = new StaticArray<u32>(16);
+    for (let i = 0; i < 8; ++i) {
+      unchecked(z[i] = r[i] = load32_be(st, i << 2));
+    }
+    let pos = 0, n = n_;
+    while (n >= 64) {
+      for (let i = 0; i < 16; ++i) {
+        w[i] = load32_be(m, (i << 2) + pos);
+      }
+      Internal.handle(r, w, Internal.K.slice(0));
+      Internal.expand(w);
+      Internal.handle(r, w, Internal.K.slice(16));
+      Internal.expand(w);
+      Internal.handle(r, w, Internal.K.slice(32));
+      Internal.expand(w);
+      Internal.handle(r, w, Internal.K.slice(48));
+      for (let i = 0; i < 8; ++i) {
+        let x = unchecked(r[i] + z[i]);
+        unchecked(z[i] = x);
+        unchecked(r[i] = x);
+      }
+      pos += 64;
+      n -= 64;
+    }
+    for (let i = 0; i < 8; ++i) {
+      store32_be(st, i << 2, unchecked(z[i]));
+    }
+    return n;
+  }
+
+  static iv: u8[] = [
+    0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85, 0x3c, 0x6e, 0xf3, 0x72, 0xa5, 0x4f, 0xf5, 0x3a,
+    0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05, 0x68, 0x8c, 0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19,
+  ];
+
+  static _hashInit(): Uint8Array {
+    let st = new Uint8Array(32 + 64);
+
+    for (let i = 0; i < 32; ++i) {
+      st[i] = Internal.iv[i];
+    }
+    return st;
+  }
+
+  static _hashUpdate(st: Uint8Array, m: Uint8Array, n: isize, r: isize): isize {
+    let obuffered = st.subarray(32);
+    let buffered = new Uint8Array(64);
+    setU8(buffered, obuffered.subarray(0, 64));
+
+    let still_available_in_buffer = <isize>64 - r;
+    let copiable_to_buffer = min(n, still_available_in_buffer);
+    setU8(buffered, m.subarray(0, <aisize>copiable_to_buffer), r);
+    r += copiable_to_buffer;
+    n -= copiable_to_buffer;
+    let pos: isize = 0;
+    if (r === 64) {
+      Internal._hashblocks(st, buffered, 64);
+      r = 0;
+      pos = copiable_to_buffer;
+    }
+    if (n == 0) {
+      setU8(obuffered, buffered);
+      return r;
+    }
+    let left = m.subarray(<aisize>pos);
+    r = Internal._hashblocks(st, left, left.length);
+    if (r > 0) {
+      setU8(obuffered, left.subarray(left.length - <aisize>r));
+    }
+    return r;
+  }
+
+  static _hashFinal(st: Uint8Array, out: Uint8Array, t: isize, r: isize): void {
+    let buffered = st.subarray(32);
+    let padded = new Uint8Array(128);
+    setU8(padded, buffered.subarray(0, <aisize>r));
+    padded[<aisize>r] = 0x80;
+    if (r < 56) {
+      store64_be(padded, 64 - 8, t << 3);
+      Internal._hashblocks(st, padded, 64);
+    } else {
+      store64_be(padded, 128 - 8, t << 3);
+      Internal._hashblocks(st, padded, 128);
+    }
+    for (let i = 0; i < 32; ++i) {
+      out[i] = st[i];
+    }
+  }
+
+  static _hash(out: Uint8Array, m: Uint8Array, n: isize): void {
+    let st = Internal._hashInit();
+    let r = Internal._hashUpdate(st, m, n, 0);
+
+    Internal._hashFinal(st, out, n, r);
+  }
+
+  static _hmac(m: Uint8Array, k: Uint8Array): Uint8Array {
+    if (k.length > 64) {
+      k = Sha256.hash(k);
+    }
+    let b = new Uint8Array(64);
+    setU8(b, k);
+    for (let i = 0; i < b.length; ++i) {
+      b[i] ^= 0x36;
+    }
+    let out = new Uint8Array(32);
+    let st = Internal._hashInit();
+    let r = Internal._hashUpdate(st, b, b.length, 0);
+    r = Internal._hashUpdate(st, m, m.length, r);
+    Internal._hashFinal(st, out, b.length + m.length, r);
+    for (let i = 0; i < b.length; ++i) {
+      b[i] ^= 0x6a;
+    }
+    st = Internal._hashInit();
+    r = Internal._hashUpdate(st, b, b.length, 0);
+    r = Internal._hashUpdate(st, out, out.length, r);
+    Internal._hashFinal(st, out, b.length + out.length, r);
+    return out;
+  }
+}
+
+/**
+ * Hash function output size, in bytes
+ */
+export const SHA256_HASH_BYTES: isize = 32;
+
+export class Sha256 {
+  r: u64 = 0;
+  t: u64 = 0;
+  st: Uint8Array;
+
+  /**
+   * Initialize a multipart hash computation
+   * @returns A hash function state
+   */
+  constructor() {
+    let st = Internal._hashInit();
+    this.st = st;
+  }
+
+  /**
+  * Absorb data to be hashed  
+  * @param m (partial) message
+  */
+  update(m: Uint8Array): void {
+    let n = m.length;
+    this.t += n;
+    this.r = Internal._hashUpdate(this.st, m, n, this.r as isize);
+  }
+
+  /**
+  * Finalize a hash computation  
+  * @returns Hash
+  */
+  final(): Uint8Array {
+    let h = new Uint8Array(<aisize>SHA256_HASH_BYTES);
+    Internal._hashFinal(this.st, h, this.t as isize, this.r as isize);
+    return h;
+  }
+
+  /**
+  * Compute a hash for a single-part message
+  * @param m Message
+  * @returns Hash
+  */
+  static hash(m: Uint8Array): Uint8Array {
+    let h = new Uint8Array(<aisize>SHA256_HASH_BYTES);
+    Internal._hash(h, m, m.length);
+    return h;
+  }
+
+  /**
+  * HMAC-SHA-256
+  * @param m Message
+  * @param k Key
+  * @returns `HMAC-SHA-256(m, k)`
+  */
+  static hmac(m: Uint8Array, k: Uint8Array): Uint8Array {
+    return Internal._hmac(m, k);
+  }
+}
+

package/modules/as-hmac-sha2/assembly/sha512.ts

@@ -0,0 +1,272 @@
+type aisize = i32;
+
+function setU8(t: Uint8Array, s: Uint8Array, o: isize = 0): void {
+    memory.copy(t.dataStart + o, s.dataStart, s.length);
+}
+
+function load64_be(x: Uint8Array, offset: isize): u64 {
+    return bswap(load<u64>(changetype<usize>(x.buffer) + offset));
+}
+
+function store64_be(x: Uint8Array, offset: isize, u: u64): void {
+    store<u64>(changetype<usize>(x.buffer) + offset, bswap(u));
+}
+
+class Internal {
+    @inline static Sigma0(x: u64): u64 {
+        return rotr(x, 28) ^ rotr(x, 34) ^ rotr(x, 39);
+    }
+
+    @inline static Sigma1(x: u64): u64 {
+        return rotr(x, 14) ^ rotr(x, 18) ^ rotr(x, 41);
+    }
+
+    @inline static sigma0(x: u64): u64 {
+        return rotr(x, 1) ^ rotr(x, 8) ^ (x >> 7);
+    }
+
+    @inline static sigma1(x: u64): u64 {
+        return rotr(x, 19) ^ rotr(x, 61) ^ (x >> 6);
+    }
+
+    @inline static Ch(x: u64, y: u64, z: u64): u64 {
+        return z ^ (x & (y ^ z));
+    }
+
+    @inline static Maj(x: u64, y: u64, z: u64): u64 {
+        return (x & (y ^ z)) ^ (y & z);
+    }
+
+    static expand(w: StaticArray<u64>): void {
+        for (let i = 0; i < 16; i++) {
+            unchecked(w[i] += w[(i + 9) & 15] + Internal.sigma1(w[(i + 14) & 15]) + Internal.sigma0(w[(i + 1) & 15]));
+        }
+    }
+
+    static handle(r: StaticArray<u64>, w: StaticArray<u64>, c: u64[]): void {
+        for (let i = 0; i < 16; i++) {
+            var x = unchecked(r[7 & (7 - i)] + w[i] + c[i]);
+            x += unchecked(Internal.Sigma1(r[7 & (4 - i)]));
+            x += unchecked(Internal.Ch(r[7 & (4 - i)], r[7 & (5 - i)], r[7 & (6 - i)]));
+            unchecked(r[7 & (3 - i)] += x);
+            x += unchecked(Internal.Sigma0(r[7 & (0 - i)]));
+            x += unchecked(Internal.Maj(r[7 & (0 - i)], r[7 & (1 - i)], r[7 & (2 - i)]));
+            unchecked(r[7 & (7 - i)] = x);
+        }
+    }
+
+    static K: u64[] = [
+        0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,
+        0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118,
+        0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
+        0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694,
+        0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,
+        0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
+        0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4,
+        0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70,
+        0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
+        0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b,
+        0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30,
+        0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8,
+        0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,
+        0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,
+        0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec,
+        0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b,
+        0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,
+        0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b,
+        0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,
+        0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817,
+    ];
+
+    static _hashblocks(st: Uint8Array, m: Uint8Array, n_: isize): isize {
+        let z = new StaticArray<u64>(8),
+            r = new StaticArray<u64>(8),
+            w = new StaticArray<u64>(16);
+        for (let i = 0; i < 8; ++i) {
+            z[i] = load64_be(st, i << 3);
+            r[i] = z[i];
+        }
+        let pos = 0, n = n_;
+        while (n >= 128) {
+            for (let i = 0; i < 16; ++i) {
+                w[i] = load64_be(m, (i << 3) + pos);
+            }
+            Internal.handle(r, w, Internal.K.slice(0));
+            Internal.expand(w);
+            Internal.handle(r, w, Internal.K.slice(16));
+            Internal.expand(w);
+            Internal.handle(r, w, Internal.K.slice(32));
+            Internal.expand(w);
+            Internal.handle(r, w, Internal.K.slice(48));
+            Internal.expand(w);
+            Internal.handle(r, w, Internal.K.slice(64));
+            for (let i = 0; i < 8; ++i) {
+                let x = r[i] + z[i];
+                z[i] = x;
+                r[i] = x;
+            }
+            pos += 128;
+            n -= 128;
+        }
+        for (let i = 0; i < 8; ++i) {
+            store64_be(st, i << 3, z[i]);
+        }
+        return n;
+    }
+
+    static iv: u8[] = [
+        0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae, 0x85, 0x84, 0xca, 0xa7, 0x3b,
+        0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94, 0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1,
+        0x51, 0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c, 0x2b, 0x3e, 0x6c, 0x1f,
+        0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd, 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79,
+    ];
+
+    static _hashInit(): Uint8Array {
+        let st = new Uint8Array(64 + 128);
+
+        for (let i = 0; i < 64; ++i) {
+            st[i] = Internal.iv[i];
+        }
+        return st;
+    }
+
+    static _hashUpdate(st: Uint8Array, m: Uint8Array, n: isize, r: isize): isize {
+        let obuffered = st.subarray(64);
+        let buffered = new Uint8Array(128);
+        setU8(buffered, obuffered.subarray(0, 128)); // extra copy work around compiler bugs
+
+        let still_available_in_buffer = <isize>128 - r;
+        let copiable_to_buffer = min(n, still_available_in_buffer);
+        setU8(buffered, m.subarray(0, <aisize>copiable_to_buffer), r);
+        r += copiable_to_buffer;
+        n -= copiable_to_buffer;
+        let pos: isize = 0;
+        if (r === 128) {
+            Internal._hashblocks(st, buffered, 128);
+            r = 0;
+            pos = copiable_to_buffer;
+        }
+        if (n == 0) {
+            setU8(obuffered, buffered);
+            return r;
+        }
+        let left = m.subarray(<aisize>pos);
+        r = Internal._hashblocks(st, left, left.length);
+        if (r > 0) {
+            setU8(obuffered, left.subarray(left.length - <aisize>r));
+        }
+        return r;
+    }
+
+    static _hashFinal(st: Uint8Array, out: Uint8Array, t: isize, r: isize): void {
+        let buffered = st.subarray(64);
+        let padded = new Uint8Array(256);
+        setU8(padded, buffered.subarray(0, <aisize>r));
+        padded[<aisize>r] = 0x80;
+        if (r < 112) {
+            store64_be(padded, 128 - 8, t << 3);
+            Internal._hashblocks(st, padded, 128);
+        } else {
+            store64_be(padded, 256 - 8, t << 3);
+            Internal._hashblocks(st, padded, 256);
+        }
+        for (let i = 0; i < 64; ++i) {
+            out[i] = st[i];
+        }
+    }
+
+    static _hash(out: Uint8Array, m: Uint8Array, n: isize): void {
+        let st = Internal._hashInit();
+        let r = Internal._hashUpdate(st, m, n, 0);
+        Internal._hashFinal(st, out, n, r);
+    }
+
+    // HMAC
+
+    static _hmac(m: Uint8Array, k: Uint8Array): Uint8Array {
+        if (k.length > 128) {
+            k = Sha512.hash(k);
+        }
+        let b = new Uint8Array(128);
+        setU8(b, k);
+        for (let i = 0; i < b.length; ++i) {
+            b[i] ^= 0x36;
+        }
+        let out = new Uint8Array(64);
+        let st = Internal._hashInit();
+        let r = Internal._hashUpdate(st, b, b.length, 0);
+        r = Internal._hashUpdate(st, m, m.length, r);
+        Internal._hashFinal(st, out, b.length + m.length, r);
+        for (let i = 0; i < b.length; ++i) {
+            b[i] ^= 0x6a;
+        }
+        st = Internal._hashInit();
+        r = Internal._hashUpdate(st, b, b.length, 0);
+        r = Internal._hashUpdate(st, out, out.length, r);
+        Internal._hashFinal(st, out, b.length + out.length, r);
+        return out;
+    }
+}
+
+
+/**
+ * Hash function output size, in bytes
+ */
+export const SHA512_HASH_BYTES: isize = 64;
+
+export class Sha512 {
+    r: u64 = 0;
+    t: u64 = 0;
+    st: Uint8Array;
+
+    /**
+     * Initialize a multipart hash computation
+     * @returns A hash function state
+     */
+    constructor() {
+        let st = Internal._hashInit();
+        this.st = st;
+    }
+
+    /**
+    * Absorb data to be hashed  
+    * @param m (partial) message
+    */
+    update(m: Uint8Array): void {
+        let n = m.length;
+        this.t += n;
+        this.r = Internal._hashUpdate(this.st, m, n, this.r as isize);
+    }
+
+    /**
+    * Finalize a hash computation  
+    * @returns Hash
+    */
+    final(): Uint8Array {
+        let h = new Uint8Array(<aisize>SHA512_HASH_BYTES);
+        Internal._hashFinal(this.st, h, this.t as isize, this.r as isize);
+        return h;
+    }
+
+    /**
+    * Compute a hash for a single-part message
+    * @param m Message
+    * @returns Hash
+    */
+    static hash(m: Uint8Array): Uint8Array {
+        let h = new Uint8Array(<aisize>SHA512_HASH_BYTES);
+        Internal._hash(h, m, m.length);
+        return h;
+    }
+
+    /**
+    * HMAC-SHA-512
+    * @param m Message
+    * @param k Key
+    * @returns `HMAC-SHA-512(m, k)`
+    */
+    static hmac(m: Uint8Array, k: Uint8Array): Uint8Array {
+        return Internal._hmac(m, k);
+    }
+}
+

package/modules/as-hmac-sha2/assembly/tsconfig.json

@@ -0,0 +1,6 @@
+{
+  "extends": "assemblyscript/std/assembly.json",
+  "include": [
+    "./**/*.ts"
+  ]
+}

package/modules/as-hmac-sha2/assembly/utils.ts

@@ -0,0 +1,75 @@
+type aisize = i32;
+
+/**
+ * (best-effort) Constant-time hexadecimal encoding
+ * @param bin Binary data
+ * @returns Hex-encoded representation
+ */
+export function bin2hex(bin: Uint8Array): string {
+    let bin_len = bin.length;
+    let hex = "";
+    for (let i = 0; i < bin_len; i++) {
+        let bin_i = bin[i] as u32;
+        let c = bin_i & 0xf;
+        let b = bin_i >> 4;
+        let x: u32 = ((87 + c + (((c - 10) >> 8) & ~38)) << 8) |
+            (87 + b + (((b - 10) >> 8) & ~38));
+        hex += String.fromCharCode(x as u8);
+        x >>= 8;
+        hex += String.fromCharCode(x as u8);
+    }
+    return hex;
+}
+
+/**
+* (best-effort) Constant-time hexadecimal decoding
+* @param hex Hex-encoded data
+* @returns Raw binary representation
+*/
+function hex2bin(hex: string): Uint8Array | null {
+    let hex_len = hex.length;
+    if ((hex_len & 1) !== 0) {
+        return null;
+    }
+    let bin = new Uint8Array(<aisize>(hex_len / 2));
+    let c_acc = 0;
+    let bin_pos = 0;
+    let state = false;
+    for (let hex_pos = 0; hex_pos < hex_len; hex_pos++) {
+        let c = hex.charCodeAt(hex_pos) as u32;
+        let c_num = c ^ 48;
+        let c_num0 = (c_num - 10) >> 8;
+        let c_alpha = (c & ~32) - 55;
+        let c_alpha0 = ((c_alpha - 10) ^ (c_alpha - 16)) >> 8;
+        if ((c_num0 | c_alpha0) === 0) {
+            return null;
+        }
+        let c_val = ((c_num0 & c_num) | (c_alpha0 & c_alpha)) as u8;
+        if (state === false) {
+            c_acc = c_val << 4;
+        } else {
+            bin[bin_pos++] = c_acc | c_val;
+        }
+        state = !state;
+    }
+    return bin;
+}
+
+
+/**
+* (best-effort) Constant-time verification that x == y
+* @param x array 1
+* @param y array 2
+* @returns true if both arrays contain the same data
+*/
+export function verify(x: Uint8Array, y: Uint8Array): bool {
+    let d: u8 = 0;
+
+    if (x.length != y.length) {
+        return false;
+    }
+    for (let i = 0; i < x.length; ++i) {
+        d |= x[i] ^ y[i];
+    }
+    return d === 0;
+}

package/modules/as-hmac-sha2/index.js

@@ -0,0 +1,5 @@
+import fs from "fs";
+import loader from "@assemblyscript/loader";
+const imports = { /* imports go here */ };
+const wasmModule = loader.instantiateSync(fs.readFileSync(__dirname + "/build/optimized.wasm"), imports);
+export default wasmModule.exports;