@li0ard/gost 0.0.1 → 0.1.2

package/streebog/index.js

@@ -0,0 +1,295 @@
+import { concatBytes, createHasher } from "@noble/hashes/utils.js";
+import { A, C, TAU } from "./const.js";
+import { PI } from "../kuznyechik/const.js";
+import { pad1, xorBytes } from "../utils.js";
+import { numberToBytesBE } from "@noble/curves/utils.js";
+const BLOCKSIZE = 64;
+const _0020 = new Uint8Array([0, 0, 2, 0]);
+const _0 = new Uint8Array(64);
+const add512 = (a, b) => {
+    const c = new Uint8Array(64);
+    const tmpA = new Uint8Array(64);
+    const tmpB = new Uint8Array(64);
+    for (let i = 0; i < a.length; i++)
+        tmpA[63 - i] = a[a.length - i - 1];
+    for (let i = 0; i < b.length; i++)
+        tmpB[63 - i] = b[b.length - i - 1];
+    for (let i = 63, tmp = 0; i >= 0; i--) {
+        tmp = tmpA[i] + tmpB[i] + (tmp >> 8);
+        c[i] = tmp & 0xff;
+    }
+    return c;
+};
+const S = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //for (let i = 0; i < BLOCKSIZE; i++) result[i] = PI[input[i]];
+    result[0] = PI[input[0]];
+    result[1] = PI[input[1]];
+    result[2] = PI[input[2]];
+    result[3] = PI[input[3]];
+    result[4] = PI[input[4]];
+    result[5] = PI[input[5]];
+    result[6] = PI[input[6]];
+    result[7] = PI[input[7]];
+    result[8] = PI[input[8]];
+    result[9] = PI[input[9]];
+    result[10] = PI[input[10]];
+    result[11] = PI[input[11]];
+    result[12] = PI[input[12]];
+    result[13] = PI[input[13]];
+    result[14] = PI[input[14]];
+    result[15] = PI[input[15]];
+    result[16] = PI[input[16]];
+    result[17] = PI[input[17]];
+    result[18] = PI[input[18]];
+    result[19] = PI[input[19]];
+    result[20] = PI[input[20]];
+    result[21] = PI[input[21]];
+    result[22] = PI[input[22]];
+    result[23] = PI[input[23]];
+    result[24] = PI[input[24]];
+    result[25] = PI[input[25]];
+    result[26] = PI[input[26]];
+    result[27] = PI[input[27]];
+    result[28] = PI[input[28]];
+    result[29] = PI[input[29]];
+    result[30] = PI[input[30]];
+    result[31] = PI[input[31]];
+    result[32] = PI[input[32]];
+    result[33] = PI[input[33]];
+    result[34] = PI[input[34]];
+    result[35] = PI[input[35]];
+    result[36] = PI[input[36]];
+    result[37] = PI[input[37]];
+    result[38] = PI[input[38]];
+    result[39] = PI[input[39]];
+    result[40] = PI[input[40]];
+    result[41] = PI[input[41]];
+    result[42] = PI[input[42]];
+    result[43] = PI[input[43]];
+    result[44] = PI[input[44]];
+    result[45] = PI[input[45]];
+    result[46] = PI[input[46]];
+    result[47] = PI[input[47]];
+    result[48] = PI[input[48]];
+    result[49] = PI[input[49]];
+    result[50] = PI[input[50]];
+    result[51] = PI[input[51]];
+    result[52] = PI[input[52]];
+    result[53] = PI[input[53]];
+    result[54] = PI[input[54]];
+    result[55] = PI[input[55]];
+    result[56] = PI[input[56]];
+    result[57] = PI[input[57]];
+    result[58] = PI[input[58]];
+    result[59] = PI[input[59]];
+    result[60] = PI[input[60]];
+    result[61] = PI[input[61]];
+    result[62] = PI[input[62]];
+    result[63] = PI[input[63]];
+    return result;
+};
+const P = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //for (let i = 0; i < BLOCKSIZE; i++) result[i] = input[TAU[i]];
+    result[0] = input[TAU[0]];
+    result[1] = input[TAU[1]];
+    result[2] = input[TAU[2]];
+    result[3] = input[TAU[3]];
+    result[4] = input[TAU[4]];
+    result[5] = input[TAU[5]];
+    result[6] = input[TAU[6]];
+    result[7] = input[TAU[7]];
+    result[8] = input[TAU[8]];
+    result[9] = input[TAU[9]];
+    result[10] = input[TAU[10]];
+    result[11] = input[TAU[11]];
+    result[12] = input[TAU[12]];
+    result[13] = input[TAU[13]];
+    result[14] = input[TAU[14]];
+    result[15] = input[TAU[15]];
+    result[16] = input[TAU[16]];
+    result[17] = input[TAU[17]];
+    result[18] = input[TAU[18]];
+    result[19] = input[TAU[19]];
+    result[20] = input[TAU[20]];
+    result[21] = input[TAU[21]];
+    result[22] = input[TAU[22]];
+    result[23] = input[TAU[23]];
+    result[24] = input[TAU[24]];
+    result[25] = input[TAU[25]];
+    result[26] = input[TAU[26]];
+    result[27] = input[TAU[27]];
+    result[28] = input[TAU[28]];
+    result[29] = input[TAU[29]];
+    result[30] = input[TAU[30]];
+    result[31] = input[TAU[31]];
+    result[32] = input[TAU[32]];
+    result[33] = input[TAU[33]];
+    result[34] = input[TAU[34]];
+    result[35] = input[TAU[35]];
+    result[36] = input[TAU[36]];
+    result[37] = input[TAU[37]];
+    result[38] = input[TAU[38]];
+    result[39] = input[TAU[39]];
+    result[40] = input[TAU[40]];
+    result[41] = input[TAU[41]];
+    result[42] = input[TAU[42]];
+    result[43] = input[TAU[43]];
+    result[44] = input[TAU[44]];
+    result[45] = input[TAU[45]];
+    result[46] = input[TAU[46]];
+    result[47] = input[TAU[47]];
+    result[48] = input[TAU[48]];
+    result[49] = input[TAU[49]];
+    result[50] = input[TAU[50]];
+    result[51] = input[TAU[51]];
+    result[52] = input[TAU[52]];
+    result[53] = input[TAU[53]];
+    result[54] = input[TAU[54]];
+    result[55] = input[TAU[55]];
+    result[56] = input[TAU[56]];
+    result[57] = input[TAU[57]];
+    result[58] = input[TAU[58]];
+    result[59] = input[TAU[59]];
+    result[60] = input[TAU[60]];
+    result[61] = input[TAU[61]];
+    result[62] = input[TAU[62]];
+    result[63] = input[TAU[63]];
+    return result;
+};
+const L = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    for (let i = 0; i < 8; i++) {
+        const parts = new Uint32Array(2);
+        const tmp = input.slice(i * 8, i * 8 + 8).reverse();
+        for (let j = 0; j < 8; j++) {
+            for (let k = 0; k < 8; k++) {
+                if ((tmp[7 - j] >> 7 - k) & 1) {
+                    parts[0] ^= A[j * 16 + k * 2];
+                    parts[1] ^= A[j * 16 + k * 2 + 1];
+                }
+            }
+        }
+        result.set(numberToBytesBE(parts[0], 4), i * 8);
+        result.set(numberToBytesBE(parts[1], 4), i * 8 + 4);
+    }
+    return result;
+};
+const LPS = (input) => L(P(S(input)));
+const E = (block, keys) => {
+    // block will be mutated
+    let c = xorBytes(block, keys);
+    /*for (let i = 0; i < 12; i++) {
+        block = LPS(xorBytes(block, C[i]));
+        c = xorBytes(LPS(c), block);
+    }*/
+    block = LPS(xorBytes(block, C[0]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[1]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[2]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[3]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[4]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[5]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[6]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[7]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[8]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[9]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[10]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[11]));
+    c = xorBytes(LPS(c), block);
+    return c;
+};
+const G = (hash, n, message) => xorBytes(xorBytes(E(LPS(xorBytes(n, hash)), message), n), message);
+/** Streebog (GOST R 34.11-2012) hash function */
+class Streebog {
+    is512;
+    blockLen = BLOCKSIZE;
+    outputLen;
+    canXOF = false;
+    buffer;
+    /** Streebog (GOST R 34.11-2012) hash function */
+    constructor(is512) {
+        this.is512 = is512;
+        this.buffer = new Uint8Array();
+        this.outputLen = is512 ? 64 : 32;
+    }
+    destroy() { this.buffer = new Uint8Array(); }
+    update(data) {
+        this.buffer = concatBytes(this.buffer, data);
+        return this;
+    }
+    digest() {
+        const buffer = new Uint8Array(this.outputLen);
+        this.digestInto(buffer);
+        return buffer;
+    }
+    digestInto(buf) {
+        const message = this.buffer.slice().reverse();
+        let n = new Uint8Array(BLOCKSIZE);
+        let sigma = new Uint8Array(BLOCKSIZE);
+        let hash = new Uint8Array(BLOCKSIZE).fill(this.is512 ? 0 : 1);
+        let blocks = 1;
+        for (let i = message.length; i >= BLOCKSIZE; i -= BLOCKSIZE) {
+            const pos = message.length - blocks * BLOCKSIZE;
+            hash = G(n, hash, message.subarray(pos, pos + BLOCKSIZE));
+            n = add512(n, _0020);
+            sigma = add512(sigma, message.subarray(pos, pos + BLOCKSIZE));
+            blocks++;
+        }
+        let paddedMsg = new Uint8Array(BLOCKSIZE);
+        const msg = message.subarray(0, message.length - (blocks - 1) * 64);
+        if (msg.length < BLOCKSIZE) {
+            paddedMsg = pad1(paddedMsg, BLOCKSIZE);
+            paddedMsg[BLOCKSIZE - msg.length - 1] = 0x01;
+            for (let i = 0; i < msg.length; i++)
+                paddedMsg[BLOCKSIZE - msg.length + i] = msg[i];
+        }
+        hash = G(_0, G(_0, G(n, hash, paddedMsg), add512(n, numberToBytesBE(msg.length * 8, 4))), add512(sigma, paddedMsg));
+        if (this.is512)
+            buf.set(hash.slice().reverse());
+        else
+            buf.set(hash.slice(0, 32).reverse());
+        this.destroy();
+    }
+}
+/** Streebog-256 (GOST R 34.11-2012) hash function */
+export class Streebog256 extends Streebog {
+    /** Streebog-256 (GOST R 34.11-2012) hash function */
+    constructor() { super(false); }
+    /** Create hash instance */
+    static create() { return new Streebog256(); }
+    clone() { return this._cloneInto(); }
+    _cloneInto(to) {
+        to ||= new Streebog256();
+        to.buffer = new Uint8Array(this.buffer);
+        return to;
+    }
+}
+/** Streebog-512 (GOST R 34.11-2012) hash function */
+export class Streebog512 extends Streebog {
+    /** Streebog-512 (GOST R 34.11-2012) hash function */
+    constructor() { super(true); }
+    /** Create hash instance */
+    static create() { return new Streebog512(); }
+    clone() { return this._cloneInto(); }
+    _cloneInto(to) {
+        to ||= new Streebog512();
+        to.buffer = new Uint8Array(this.buffer);
+        return to;
+    }
+}
+/** Streebog-256 (GOST R 34.11-2012) hash function */
+export const streebog256 = createHasher(Streebog256.create);
+/** Streebog-512 (GOST R 34.11-2012) hash function */
+export const streebog512 = createHasher(Streebog512.create);

package/types.d.ts

@@ -0,0 +1,50 @@
+import type { TArg, TRet } from "@noble/hashes/utils.js";
+/** Cipher core */
+export type Cipher = {
+    /** Block size */
+    readonly blockSize: number;
+    /** Key size */
+    readonly keySize: number;
+    /** Encrypt block */
+    encrypt(plaintext: TArg<Uint8Array>): TRet<Uint8Array>;
+    /** Decrypt block */
+    decrypt(ciphertext: TArg<Uint8Array>): TRet<Uint8Array>;
+};
+/** Block mode for {@link Cipher} */
+export type BlockMode = {
+    /** Encrypt plaintext */
+    encrypt: (plaintext: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Decrypt ciphertext */
+    decrypt: (ciphertext: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Stream-like mode for {@link Cipher} */
+export type StreamMode = {
+    /** Proceed message */
+    crypt: (msg: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** MAC mode for {@link Cipher} */
+export type MACMode = {
+    /** Compute MAC */
+    compute: (msg: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** AEAD mode for {@link Cipher} */
+export type AEADMode = {
+    /** Seal plaintext and AAD */
+    seal: (plaintext: TArg<Uint8Array>, aad?: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Open ciphertext and AAD */
+    open: (ciphertext: TArg<Uint8Array>, aad?: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Key wrapping mode for {@link Cipher} */
+export type WrapMode = {
+    /** Wrap encryption key */
+    wrap: (key: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Unwrap encryption key */
+    unwrap: (wrapped: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Key wrapping mode (KWP) for Magma */
+export type WrapModeMagma = {
+    /** Wrap encryption key */
+    wrap: (ukm: TArg<Uint8Array>, cek: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Unwrap encryption key */
+    unwrap: (wrapped: TArg<Uint8Array>) => TRet<Uint8Array>;
+};

package/types.js

@@ -0,0 +1 @@
+export {};

package/utils.d.ts

@@ -0,0 +1,7 @@
+import type { TArg, TRet } from "@noble/hashes/utils.js";
+export declare const xorBytes: (a: TArg<Uint8Array>, b: TArg<Uint8Array>) => TRet<Uint8Array>;
+export declare const getPadLength: (dataLength: number, blockSize: number) => number;
+export declare const pad1: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const pad2: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const unpad2: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const pad3: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;

package/utils.js

@@ -0,0 +1,47 @@
+export const xorBytes = (a, b) => {
+    const mlen = Math.min(a.length, b.length);
+    const result = new Uint8Array(mlen);
+    for (let i = 0; i < mlen; i++)
+        result[i] = a[i] ^ b[i];
+    return result;
+};
+export const getPadLength = (dataLength, blockSize) => {
+    if (dataLength < blockSize)
+        return blockSize - dataLength;
+    if (dataLength % blockSize == 0)
+        return 0;
+    return blockSize - dataLength % blockSize;
+};
+export const pad1 = (data, blockSize) => {
+    const padded = new Uint8Array(data.length + getPadLength(data.length, blockSize));
+    padded.set(data);
+    return padded;
+};
+export const pad2 = (data, blockSize) => {
+    const padded = new Uint8Array(data.length + 1 + getPadLength(data.length + 1, blockSize));
+    padded.set(data, 0);
+    padded[data.length] = 0x80;
+    return padded;
+};
+export const unpad2 = (data, blockSize) => {
+    const lastBlock = data.subarray(data.length - blockSize);
+    let padIndex = -1;
+    for (let i = lastBlock.length - 1; i >= 0; i--) {
+        if (lastBlock[i] == 0x80) {
+            padIndex = i;
+            break;
+        }
+    }
+    if (padIndex === -1)
+        throw new Error("Padding marker (0x80) not found");
+    for (let i = padIndex + 1; i < lastBlock.length; i++) {
+        if (lastBlock[i] !== 0)
+            throw new Error("Invalid padding: non-zero bytes after 0x80");
+    }
+    return data.slice(0, data.length - (blockSize - padIndex));
+};
+export const pad3 = (data, blockSize) => {
+    if (getPadLength(data.length, blockSize) == 0)
+        return data;
+    return pad2(data, blockSize);
+};

package/README.md

@@ -1,45 +0,0 @@
-# @li0ard/gost
-
-## ⚠️ IMPORTANT NOTICE ⚠️
-
-**This package is created solely for the purpose of setting up OIDC (OpenID Connect) trusted publishing with npm.**
-
-This is **NOT** a functional package and contains **NO** code or functionality beyond the OIDC setup configuration.
-
-## Purpose
-
-This package exists to:
-1. Configure OIDC trusted publishing for the package name `@li0ard/gost`
-2. Enable secure, token-less publishing from CI/CD workflows
-3. Establish provenance for packages published under this name
-
-## What is OIDC Trusted Publishing?
-
-OIDC trusted publishing allows package maintainers to publish packages directly from their CI/CD workflows without needing to manage npm access tokens. Instead, it uses OpenID Connect to establish trust between the CI/CD provider (like GitHub Actions) and npm.
-
-## Setup Instructions
-
-To properly configure OIDC trusted publishing for this package:
-
-1. Go to [npmjs.com](https://www.npmjs.com/) and navigate to your package settings
-2. Configure the trusted publisher (e.g., GitHub Actions)
-3. Specify the repository and workflow that should be allowed to publish
-4. Use the configured workflow to publish your actual package
-
-## DO NOT USE THIS PACKAGE
-
-This package is a placeholder for OIDC configuration only. It:
-- Contains no executable code
-- Provides no functionality
-- Should not be installed as a dependency
-- Exists only for administrative purposes
-
-## More Information
-
-For more details about npm's trusted publishing feature, see:
-- [npm Trusted Publishing Documentation](https://docs.npmjs.com/generating-provenance-statements)
-- [GitHub Actions OIDC Documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)
-
----
-
-**Maintained for OIDC setup purposes only**