npm - @li0ard/gost - Versions diffs - 0.0.1 → 0.1.3 - Mend

@li0ard/gost 0.0.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/gost341194/index.js ADDED Viewed

@@ -0,0 +1,193 @@
+import { concatBytes } from "@noble/hashes/utils.js";
+import { Magma } from "../magma/index.js";
+import { DSSZZI_UA_DKE_1, ID_GOSTR_3411_94_CRYPTOPRO_PARAM_SET } from "../magma/const.js";
+import { bytesToNumberBE, numberToBytesBE } from "@noble/curves/utils.js";
+import { xorBytes } from "../utils.js";
+const BLOCKSIZE = 32;
+const r = (1n << 256n) - 1n;
+const C2 = new Uint8Array(32);
+const C3 = new Uint8Array([
+    0xff, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0xff,
+    0xff, 0x00, 0x00, 0xff, 0x00, 0xff, 0xff, 0x00,
+    0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff,
+    0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00
+]);
+const C4 = new Uint8Array(32);
+const A = (x) => {
+    const x2 = x.subarray(16, 24);
+    return concatBytes(xorBytes(x.subarray(24, 32), x2), x.subarray(0, 8), x.subarray(8, 16), x2);
+};
+const P = (x) => new Uint8Array([
+    x[0], x[8], x[16], x[24], x[1], x[9], x[17], x[25],
+    x[2], x[10], x[18], x[26], x[3], x[11], x[19], x[27],
+    x[4], x[12], x[20], x[28], x[5], x[13], x[21], x[29],
+    x[6], x[14], x[22], x[30], x[7], x[15], x[23], x[31]
+]);
+/*const chi = (Y: TArg<Uint8Array>): TRet<Uint8Array> => {
+    const byx = new Uint8Array(2);
+    byx[0] = Y[30] ^ Y[28] ^ Y[26] ^ Y[24] ^ Y[6] ^ Y[0];
+    byx[1] = Y[31] ^ Y[29] ^ Y[27] ^ Y[25] ^ Y[7] ^ Y[1];
+    const result = new Uint8Array(BLOCKSIZE);
+    result.set(byx, 0);
+    result.set(Y.slice(0,30), 2);
+    return result;
+}*/
+const chi = (Y) => new Uint8Array([
+    Y[30] ^ Y[28] ^ Y[26] ^ Y[24] ^ Y[6] ^ Y[0],
+    Y[31] ^ Y[29] ^ Y[27] ^ Y[25] ^ Y[7] ^ Y[1],
+    ...Y.subarray(0, 30)
+]);
+const _step = (hin, m, sbox) => {
+    let u = hin;
+    let v = m;
+    let w = xorBytes(hin, m);
+    const k1 = new Magma(P(w).reverse(), sbox, true);
+    u = xorBytes(A(u), C2);
+    v = A(A(v));
+    w = xorBytes(u, v);
+    const k2 = new Magma(P(w).reverse(), sbox, true);
+    u = xorBytes(A(u), C3);
+    v = A(A(v));
+    w = xorBytes(u, v);
+    const k3 = new Magma(P(w).reverse(), sbox, true);
+    u = xorBytes(A(u), C4);
+    v = A(A(v));
+    w = xorBytes(u, v);
+    const k4 = new Magma(P(w).reverse(), sbox, true);
+    const s = concatBytes(k4.encrypt(hin.slice(0, 8).reverse()).reverse(), k3.encrypt(hin.slice(8, 16).reverse()).reverse(), k2.encrypt(hin.slice(16, 24).reverse()).reverse(), k1.encrypt(hin.slice(24, 32).reverse()).reverse());
+    //let x = new Uint8Array(s);
+    //for(let i = 0; i < 12; i++) x = chi(x);
+    let x = chi(s);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = xorBytes(x, m);
+    x = chi(x);
+    x = xorBytes(hin, x);
+    //for(let i = 0; i < 61; i++) x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    x = chi(x);
+    return x;
+};
+/** GOST R 34.11-94 hash function */
+export class Gost341194 {
+    data;
+    sbox;
+    blockLen = BLOCKSIZE;
+    outputLen = 32;
+    canXOF = false;
+    /** GOST R 34.11-94 hash function */
+    constructor(data = new Uint8Array(), sbox = ID_GOSTR_3411_94_CRYPTOPRO_PARAM_SET) {
+        this.data = data;
+        this.sbox = sbox;
+    }
+    /** Create hash instance */
+    static create() { return new Gost341194(); }
+    destroy() { this.data = new Uint8Array(); }
+    clone() { return this._cloneInto(); }
+    _cloneInto(to) {
+        to ||= new Gost341194();
+        to.data = new Uint8Array(this.data);
+        to.sbox = this.sbox;
+        return to;
+    }
+    update(data) {
+        this.data = concatBytes(this.data, data);
+        return this;
+    }
+    digestInto(buf) {
+        let len = 0n;
+        let checksum = 0n;
+        const h = new Uint8Array(BLOCKSIZE);
+        const m = new Uint8Array(this.data);
+        for (let i = 0; i < m.length; i += BLOCKSIZE) {
+            let part = m.slice(i, i + BLOCKSIZE).reverse();
+            len += BigInt(part.length) * 8n;
+            checksum = (checksum + bytesToNumberBE(part)) & r;
+            if (part.length < BLOCKSIZE)
+                part = numberToBytesBE(bytesToNumberBE(part), BLOCKSIZE);
+            h.set(_step(h, part, this.sbox));
+        }
+        h.set(_step(_step(h, numberToBytesBE(len, BLOCKSIZE), this.sbox), numberToBytesBE(checksum, BLOCKSIZE), this.sbox));
+        buf.set(h.reverse());
+        this.destroy();
+    }
+    digest() {
+        const buffer = new Uint8Array(this.outputLen);
+        this.digestInto(buffer);
+        return buffer;
+    }
+}
+/** GOST R 34.11-94 hash function */
+export const gost341194 = (msg, sbox) => new Gost341194(msg, sbox).digest();
+/** DSTU GOST 34.311-95 */
+export const gost3431195 = (msg) => gost341194(msg, DSSZZI_UA_DKE_1);

package/hmac.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { type TArg, type TRet } from "@noble/hashes/utils.js";
+import { _HMAC } from "@noble/hashes/hmac.js";
+import { Gost341194 } from "./gost341194/index.js";
+export declare class Streebog256HMAC extends _HMAC<Streebog256HMAC> {
+    constructor(key: TArg<Uint8Array>);
+}
+export declare class Streebog512HMAC extends _HMAC<Streebog512HMAC> {
+    constructor(key: TArg<Uint8Array>);
+}
+export declare class Gost341194HMAC extends _HMAC<Gost341194> {
+    constructor(key: TArg<Uint8Array>);
+}
+export declare const streebog256hmac: (key: TArg<Uint8Array>, message: TArg<Uint8Array>) => TRet<Uint8Array>;
+export declare const streebog512hmac: (key: TArg<Uint8Array>, message: TArg<Uint8Array>) => TRet<Uint8Array>;
+export declare const gost341194hmac: (key: TArg<Uint8Array>, message: TArg<Uint8Array>) => TRet<Uint8Array>;

package/hmac.js ADDED Viewed

@@ -0,0 +1,22 @@
+import { createHasher } from "@noble/hashes/utils.js";
+import { _HMAC } from "@noble/hashes/hmac.js";
+import { streebog256, streebog512 } from "./streebog/index.js";
+import { Gost341194 } from "./gost341194/index.js";
+export class Streebog256HMAC extends _HMAC {
+    constructor(key) {
+        super(streebog256, key);
+    }
+}
+export class Streebog512HMAC extends _HMAC {
+    constructor(key) {
+        super(streebog512, key);
+    }
+}
+export class Gost341194HMAC extends _HMAC {
+    constructor(key) {
+        super(createHasher(Gost341194.create), key);
+    }
+}
+export const streebog256hmac = (key, message) => new Streebog256HMAC(key).update(message).digest();
+export const streebog512hmac = (key, message) => new Streebog512HMAC(key).update(message).digest();
+export const gost341194hmac = (key, message) => new Gost341194HMAC(key).update(message).digest();

package/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export * from "./gost3410/index.js";
+export * from "./gost341194/index.js";
+export * from "./kuznyechik/index.js";
+export * from "./magma/index.js";
+export * from "./modes/index.js";
+export * from "./streebog/index.js";
+export * from "./hmac.js";
+export * from "./kdf.js";
+export * from "./types.js";

package/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+export * from "./gost3410/index.js";
+export * from "./gost341194/index.js";
+export * from "./kuznyechik/index.js";
+export * from "./magma/index.js";
+export * from "./modes/index.js";
+export * from "./streebog/index.js";
+export * from "./hmac.js";
+export * from "./kdf.js";
+export * from "./types.js";

package/kdf.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { type TArg, type TRet } from "@noble/hashes/utils.js";
+export declare const kdf_gostr3411_2012_256: (key: TArg<Uint8Array>, label: TArg<Uint8Array>, seed: TArg<Uint8Array>) => TRet<Uint8Array>;
+export declare const kdf_tree_gostr3411_2012_256: (key: TArg<Uint8Array>, label: TArg<Uint8Array>, seed: TArg<Uint8Array>, keys: number, i_len?: number) => TRet<Uint8Array>[];
+export declare const streebog256pbkdf2: (password: TArg<Uint8Array>, salt: TArg<Uint8Array>, iter: number, dkLen: number) => TRet<Uint8Array>;
+export declare const streebog512pbkdf2: (password: TArg<Uint8Array>, salt: TArg<Uint8Array>, iter: number, dkLen: number) => TRet<Uint8Array>;
+export declare const gost341194pbkdf2: (password: TArg<Uint8Array>, salt: TArg<Uint8Array>, iter: number, dkLen: number) => TRet<Uint8Array>;
+export declare const cpkdf: (password: TArg<Uint8Array>, salt: TArg<Uint8Array>) => TRet<Uint8Array>;

package/kdf.js ADDED Viewed

@@ -0,0 +1,59 @@
+import { concatBytes, createHasher } from "@noble/hashes/utils.js";
+import { streebog256hmac } from "./hmac.js";
+import { numberToBytesBE } from "@noble/curves/utils.js";
+import { pbkdf2 } from "@noble/hashes/pbkdf2.js";
+import { Streebog256, streebog256, streebog512 } from "./streebog/index.js";
+import { Gost341194 } from "./gost341194/index.js";
+import { pad1, xorBytes } from "./utils.js";
+const _0 = new Uint8Array([0]);
+const _1 = new Uint8Array([1]);
+const _0100 = new Uint8Array([1, 0]);
+const CPKDF_CONST = new Uint8Array(64);
+CPKDF_CONST.set(new TextEncoder().encode("DENEFH028.760246785.IUEFHWUIO.EF"));
+const _36 = new Uint8Array(64).fill(0x36);
+const _5C = new Uint8Array(64).fill(0x5C);
+export const kdf_gostr3411_2012_256 = (key, label, seed) => streebog256hmac(key, concatBytes(_1, label, _0, seed, _0100));
+export const kdf_tree_gostr3411_2012_256 = (key, label, seed, keys, i_len = 1) => {
+    const keymat = [];
+    const length = numberToBytesBE(keys * 32 * 8, 2);
+    for (let i = 0; i < keys; i++)
+        keymat.push(streebog256hmac(key, concatBytes(numberToBytesBE(i + 1, i_len), label, _0, seed, length)));
+    return keymat;
+};
+export const streebog256pbkdf2 = (password, salt, iter, dkLen) => pbkdf2(streebog256, password, salt, { dkLen, c: iter });
+export const streebog512pbkdf2 = (password, salt, iter, dkLen) => pbkdf2(streebog512, password, salt, { dkLen, c: iter });
+export const gost341194pbkdf2 = (password, salt, iter, dkLen) => pbkdf2(createHasher(Gost341194.create), password, salt, { dkLen, c: iter });
+export const cpkdf = (password, salt) => {
+    const hasher = Streebog256.create();
+    const bs = 64;
+    if (password.length * 4 > 1024)
+        throw new Error("Password cannot be longer than 256 symbols");
+    const pin = new Uint8Array(password.length * 4);
+    for (let i = 0; i < password.length; i++)
+        pin[i * 4] = password[i];
+    hasher.update(salt);
+    if (password.length != 0)
+        hasher.update(pin);
+    const hash = hasher.digest();
+    const c = new Uint8Array(CPKDF_CONST);
+    const m0 = new Uint8Array(bs);
+    const m1 = new Uint8Array(bs);
+    for (let j = 0; j < (password.length != 0 ? 2000 : 2); j++) {
+        m0.set(xorBytes(c, _36));
+        m1.set(xorBytes(c, _5C));
+        hasher.update(m0);
+        hasher.update(hash);
+        hasher.update(m1);
+        hasher.update(hash);
+        c.set(pad1(hasher.digest(), bs));
+    }
+    m0.set(xorBytes(c, _36));
+    m1.set(xorBytes(c, _5C));
+    hasher.update(m0.subarray(0, 32));
+    hasher.update(salt);
+    hasher.update(m1.subarray(0, 32));
+    if (password.length != 0)
+        hasher.update(pin);
+    hasher.update(hasher.digest());
+    return hasher.digest();
+};

package/kuznyechik/const.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export declare const PI: Uint8Array;
+export declare const PI_REV: Uint8Array;
+export declare const L: Uint8Array;
+export declare const ITER: Uint8Array<ArrayBuffer>[];

package/kuznyechik/const.js ADDED Viewed

@@ -0,0 +1,78 @@
+export const PI = new Uint8Array([
+    0xfc, 0xee, 0xdd, 0x11, 0xcf, 0x6e, 0x31, 0x16, 0xfb, 0xc4, 0xfa, 0xda, 0x23, 0xc5, 0x04, 0x4d,
+    0xe9, 0x77, 0xf0, 0xdb, 0x93, 0x2e, 0x99, 0xba, 0x17, 0x36, 0xf1, 0xbb, 0x14, 0xcd, 0x5f, 0xc1,
+    0xf9, 0x18, 0x65, 0x5a, 0xe2, 0x5c, 0xef, 0x21, 0x81, 0x1c, 0x3c, 0x42, 0x8b, 0x01, 0x8e, 0x4f,
+    0x05, 0x84, 0x02, 0xae, 0xe3, 0x6a, 0x8f, 0xa0, 0x06, 0x0b, 0xed, 0x98, 0x7f, 0xd4, 0xd3, 0x1f,
+    0xeb, 0x34, 0x2c, 0x51, 0xea, 0xc8, 0x48, 0xab, 0xf2, 0x2a, 0x68, 0xa2, 0xfd, 0x3a, 0xce, 0xcc,
+    0xb5, 0x70, 0x0e, 0x56, 0x08, 0x0c, 0x76, 0x12, 0xbf, 0x72, 0x13, 0x47, 0x9c, 0xb7, 0x5d, 0x87,
+    0x15, 0xa1, 0x96, 0x29, 0x10, 0x7b, 0x9a, 0xc7, 0xf3, 0x91, 0x78, 0x6f, 0x9d, 0x9e, 0xb2, 0xb1,
+    0x32, 0x75, 0x19, 0x3d, 0xff, 0x35, 0x8a, 0x7e, 0x6d, 0x54, 0xc6, 0x80, 0xc3, 0xbd, 0x0d, 0x57,
+    0xdf, 0xf5, 0x24, 0xa9, 0x3e, 0xa8, 0x43, 0xc9, 0xd7, 0x79, 0xd6, 0xf6, 0x7c, 0x22, 0xb9, 0x03,
+    0xe0, 0x0f, 0xec, 0xde, 0x7a, 0x94, 0xb0, 0xbc, 0xdc, 0xe8, 0x28, 0x50, 0x4e, 0x33, 0x0a, 0x4a,
+    0xa7, 0x97, 0x60, 0x73, 0x1e, 0x00, 0x62, 0x44, 0x1a, 0xb8, 0x38, 0x82, 0x64, 0x9f, 0x26, 0x41,
+    0xad, 0x45, 0x46, 0x92, 0x27, 0x5e, 0x55, 0x2f, 0x8c, 0xa3, 0xa5, 0x7d, 0x69, 0xd5, 0x95, 0x3b,
+    0x07, 0x58, 0xb3, 0x40, 0x86, 0xac, 0x1d, 0xf7, 0x30, 0x37, 0x6b, 0xe4, 0x88, 0xd9, 0xe7, 0x89,
+    0xe1, 0x1b, 0x83, 0x49, 0x4c, 0x3f, 0xf8, 0xfe, 0x8d, 0x53, 0xaa, 0x90, 0xca, 0xd8, 0x85, 0x61,
+    0x20, 0x71, 0x67, 0xa4, 0x2d, 0x2b, 0x09, 0x5b, 0xcb, 0x9b, 0x25, 0xd0, 0xbe, 0xe5, 0x6c, 0x52,
+    0x59, 0xa6, 0x74, 0xd2, 0xe6, 0xf4, 0xb4, 0xc0, 0xd1, 0x66, 0xaf, 0xc2, 0x39, 0x4b, 0x63, 0xb6,
+]);
+export const PI_REV = new Uint8Array([
+    0xa5, 0x2d, 0x32, 0x8f, 0x0e, 0x30, 0x38, 0xc0, 0x54, 0xe6, 0x9e, 0x39, 0x55, 0x7e, 0x52, 0x91,
+    0x64, 0x03, 0x57, 0x5a, 0x1c, 0x60, 0x07, 0x18, 0x21, 0x72, 0xa8, 0xd1, 0x29, 0xc6, 0xa4, 0x3f,
+    0xe0, 0x27, 0x8d, 0x0c, 0x82, 0xea, 0xae, 0xb4, 0x9a, 0x63, 0x49, 0xe5, 0x42, 0xe4, 0x15, 0xb7,
+    0xc8, 0x06, 0x70, 0x9d, 0x41, 0x75, 0x19, 0xc9, 0xaa, 0xfc, 0x4d, 0xbf, 0x2a, 0x73, 0x84, 0xd5,
+    0xc3, 0xaf, 0x2b, 0x86, 0xa7, 0xb1, 0xb2, 0x5b, 0x46, 0xd3, 0x9f, 0xfd, 0xd4, 0x0f, 0x9c, 0x2f,
+    0x9b, 0x43, 0xef, 0xd9, 0x79, 0xb6, 0x53, 0x7f, 0xc1, 0xf0, 0x23, 0xe7, 0x25, 0x5e, 0xb5, 0x1e,
+    0xa2, 0xdf, 0xa6, 0xfe, 0xac, 0x22, 0xf9, 0xe2, 0x4a, 0xbc, 0x35, 0xca, 0xee, 0x78, 0x05, 0x6b,
+    0x51, 0xe1, 0x59, 0xa3, 0xf2, 0x71, 0x56, 0x11, 0x6a, 0x89, 0x94, 0x65, 0x8c, 0xbb, 0x77, 0x3c,
+    0x7b, 0x28, 0xab, 0xd2, 0x31, 0xde, 0xc4, 0x5f, 0xcc, 0xcf, 0x76, 0x2c, 0xb8, 0xd8, 0x2e, 0x36,
+    0xdb, 0x69, 0xb3, 0x14, 0x95, 0xbe, 0x62, 0xa1, 0x3b, 0x16, 0x66, 0xe9, 0x5c, 0x6c, 0x6d, 0xad,
+    0x37, 0x61, 0x4b, 0xb9, 0xe3, 0xba, 0xf1, 0xa0, 0x85, 0x83, 0xda, 0x47, 0xc5, 0xb0, 0x33, 0xfa,
+    0x96, 0x6f, 0x6e, 0xc2, 0xf6, 0x50, 0xff, 0x5d, 0xa9, 0x8e, 0x17, 0x1b, 0x97, 0x7d, 0xec, 0x58,
+    0xf7, 0x1f, 0xfb, 0x7c, 0x09, 0x0d, 0x7a, 0x67, 0x45, 0x87, 0xdc, 0xe8, 0x4f, 0x1d, 0x4e, 0x04,
+    0xeb, 0xf8, 0xf3, 0x3e, 0x3d, 0xbd, 0x8a, 0x88, 0xdd, 0xcd, 0x0b, 0x13, 0x98, 0x02, 0x93, 0x80,
+    0x90, 0xd0, 0x24, 0x34, 0xcb, 0xed, 0xf4, 0xce, 0x99, 0x10, 0x44, 0x40, 0x92, 0x3a, 0x01, 0x26,
+    0x12, 0x1a, 0x48, 0x68, 0xf5, 0x81, 0x8b, 0xc7, 0xd6, 0x20, 0x0a, 0x08, 0x00, 0x4c, 0xd7, 0x74,
+]);
+export const L = new Uint8Array([
+    0x01, 0x94, 0x20, 0x85, 0x10, 0xc2, 0xc0, 0x01, 0xfb, 0x01, 0xc0, 0xc2, 0x10, 0x85, 0x20, 0x94,
+]);
+/*const ITER: Uint8Array[] = Array(32).fill(null).map(() => new Uint8Array(16).fill(0));
+for(let i = 0; i < 32; i++) {
+    ITER[i][15] = i + 1;
+    ITER[i] = LL(ITER[i]);
+}*/
+export const ITER = [
+    new Uint8Array([0x6E, 0xA2, 0x76, 0x72, 0x6C, 0x48, 0x7A, 0xB8, 0x5D, 0x27, 0xBD, 0x10, 0xDD, 0x84, 0x94, 0x01]),
+    new Uint8Array([0xDC, 0x87, 0xEC, 0xE4, 0xD8, 0x90, 0xF4, 0xB3, 0xBA, 0x4E, 0xB9, 0x20, 0x79, 0xCB, 0xEB, 0x02]),
+    new Uint8Array([0xB2, 0x25, 0x9A, 0x96, 0xB4, 0xD8, 0x8E, 0x0B, 0xE7, 0x69, 0x04, 0x30, 0xA4, 0x4F, 0x7F, 0x03]),
+    new Uint8Array([0x7B, 0xCD, 0x1B, 0x0B, 0x73, 0xE3, 0x2B, 0xA5, 0xB7, 0x9C, 0xB1, 0x40, 0xF2, 0x55, 0x15, 0x04]),
+    new Uint8Array([0x15, 0x6F, 0x6D, 0x79, 0x1F, 0xAB, 0x51, 0x1D, 0xEA, 0xBB, 0x0C, 0x50, 0x2F, 0xD1, 0x81, 0x05]),
+    new Uint8Array([0xA7, 0x4A, 0xF7, 0xEF, 0xAB, 0x73, 0xDF, 0x16, 0x0D, 0xD2, 0x08, 0x60, 0x8B, 0x9E, 0xFE, 0x06]),
+    new Uint8Array([0xC9, 0xE8, 0x81, 0x9D, 0xC7, 0x3B, 0xA5, 0xAE, 0x50, 0xF5, 0xB5, 0x70, 0x56, 0x1A, 0x6A, 0x07]),
+    new Uint8Array([0xF6, 0x59, 0x36, 0x16, 0xE6, 0x05, 0x56, 0x89, 0xAD, 0xFB, 0xA1, 0x80, 0x27, 0xAA, 0x2A, 0x08]),
+    new Uint8Array([0x98, 0xFB, 0x40, 0x64, 0x8A, 0x4D, 0x2C, 0x31, 0xF0, 0xDC, 0x1C, 0x90, 0xFA, 0x2E, 0xBE, 0x09]),
+    new Uint8Array([0x2A, 0xDE, 0xDA, 0xF2, 0x3E, 0x95, 0xA2, 0x3A, 0x17, 0xB5, 0x18, 0xA0, 0x5E, 0x61, 0xC1, 0x0A]),
+    new Uint8Array([0x44, 0x7C, 0xAC, 0x80, 0x52, 0xDD, 0xD8, 0x82, 0x4A, 0x92, 0xA5, 0xB0, 0x83, 0xE5, 0x55, 0x0B]),
+    new Uint8Array([0x8D, 0x94, 0x2D, 0x1D, 0x95, 0xE6, 0x7D, 0x2C, 0x1A, 0x67, 0x10, 0xC0, 0xD5, 0xFF, 0x3F, 0x0C]),
+    new Uint8Array([0xE3, 0x36, 0x5B, 0x6F, 0xF9, 0xAE, 0x07, 0x94, 0x47, 0x40, 0xAD, 0xD0, 0x08, 0x7B, 0xAB, 0x0D]),
+    new Uint8Array([0x51, 0x13, 0xC1, 0xF9, 0x4D, 0x76, 0x89, 0x9F, 0xA0, 0x29, 0xA9, 0xE0, 0xAC, 0x34, 0xD4, 0x0E]),
+    new Uint8Array([0x3F, 0xB1, 0xB7, 0x8B, 0x21, 0x3E, 0xF3, 0x27, 0xFD, 0x0E, 0x14, 0xF0, 0x71, 0xB0, 0x40, 0x0F]),
+    new Uint8Array([0x2F, 0xB2, 0x6C, 0x2C, 0x0F, 0x0A, 0xAC, 0xD1, 0x99, 0x35, 0x81, 0xC3, 0x4E, 0x97, 0x54, 0x10]),
+    new Uint8Array([0x41, 0x10, 0x1A, 0x5E, 0x63, 0x42, 0xD6, 0x69, 0xC4, 0x12, 0x3C, 0xD3, 0x93, 0x13, 0xC0, 0x11]),
+    new Uint8Array([0xF3, 0x35, 0x80, 0xC8, 0xD7, 0x9A, 0x58, 0x62, 0x23, 0x7B, 0x38, 0xE3, 0x37, 0x5C, 0xBF, 0x12]),
+    new Uint8Array([0x9D, 0x97, 0xF6, 0xBA, 0xBB, 0xD2, 0x22, 0xDA, 0x7E, 0x5C, 0x85, 0xF3, 0xEA, 0xD8, 0x2B, 0x13]),
+    new Uint8Array([0x54, 0x7F, 0x77, 0x27, 0x7C, 0xE9, 0x87, 0x74, 0x2E, 0xA9, 0x30, 0x83, 0xBC, 0xC2, 0x41, 0x14]),
+    new Uint8Array([0x3A, 0xDD, 0x01, 0x55, 0x10, 0xA1, 0xFD, 0xCC, 0x73, 0x8E, 0x8D, 0x93, 0x61, 0x46, 0xD5, 0x15]),
+    new Uint8Array([0x88, 0xF8, 0x9B, 0xC3, 0xA4, 0x79, 0x73, 0xC7, 0x94, 0xE7, 0x89, 0xA3, 0xC5, 0x09, 0xAA, 0x16]),
+    new Uint8Array([0xE6, 0x5A, 0xED, 0xB1, 0xC8, 0x31, 0x09, 0x7F, 0xC9, 0xC0, 0x34, 0xB3, 0x18, 0x8D, 0x3E, 0x17]),
+    new Uint8Array([0xD9, 0xEB, 0x5A, 0x3A, 0xE9, 0x0F, 0xFA, 0x58, 0x34, 0xCE, 0x20, 0x43, 0x69, 0x3D, 0x7E, 0x18]),
+    new Uint8Array([0xB7, 0x49, 0x2C, 0x48, 0x85, 0x47, 0x80, 0xE0, 0x69, 0xE9, 0x9D, 0x53, 0xB4, 0xB9, 0xEA, 0x19]),
+    new Uint8Array([0x05, 0x6C, 0xB6, 0xDE, 0x31, 0x9F, 0x0E, 0xEB, 0x8E, 0x80, 0x99, 0x63, 0x10, 0xF6, 0x95, 0x1A]),
+    new Uint8Array([0x6B, 0xCE, 0xC0, 0xAC, 0x5D, 0xD7, 0x74, 0x53, 0xD3, 0xA7, 0x24, 0x73, 0xCD, 0x72, 0x01, 0x1B]),
+    new Uint8Array([0xA2, 0x26, 0x41, 0x31, 0x9A, 0xEC, 0xD1, 0xFD, 0x83, 0x52, 0x91, 0x03, 0x9B, 0x68, 0x6B, 0x1C]),
+    new Uint8Array([0xCC, 0x84, 0x37, 0x43, 0xF6, 0xA4, 0xAB, 0x45, 0xDE, 0x75, 0x2C, 0x13, 0x46, 0xEC, 0xFF, 0x1D]),
+    new Uint8Array([0x7E, 0xA1, 0xAD, 0xD5, 0x42, 0x7C, 0x25, 0x4E, 0x39, 0x1C, 0x28, 0x23, 0xE2, 0xA3, 0x80, 0x1E]),
+    new Uint8Array([0x10, 0x03, 0xDB, 0xA7, 0x2E, 0x34, 0x5F, 0xF6, 0x64, 0x3B, 0x95, 0x33, 0x3F, 0x27, 0x14, 0x1F]),
+    new Uint8Array([0x5E, 0xA7, 0xD8, 0x58, 0x1E, 0x14, 0x9B, 0x61, 0xF1, 0x6A, 0xC1, 0x45, 0x9C, 0xED, 0xA8, 0x20])
+];

package/kuznyechik/index.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { type TArg, type TRet } from "@noble/curves/utils.js";
+import type { Cipher } from "../types.js";
+/** Kuznyechik (GOST R 34.12-2015) cipher */
+export declare class Kuznyechik implements Cipher {
+    readonly keySize = 32;
+    readonly blockSize = 16;
+    private roundKeys;
+    /** Kuznyechik (GOST R 34.12-2015) cipher */
+    constructor(key: TArg<Uint8Array>);
+    encrypt(plaintext: TArg<Uint8Array>): TRet<Uint8Array>;
+    decrypt(ciphertext: TArg<Uint8Array>): TRet<Uint8Array>;
+}

package/kuznyechik/index.js ADDED Viewed

@@ -0,0 +1,207 @@
+import { copyBytes } from "@noble/curves/utils.js";
+import { ITER, L, PI, PI_REV } from "./const.js";
+import { xorBytes } from "../utils.js";
+const BLOCKSIZE = 16, KEYSIZE = 32;
+const S = (input, pi = PI) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //for(let i = 0; i < BLOCKSIZE; i++) result[i] = pi[input[i]];
+    result[0] = pi[input[0]];
+    result[1] = pi[input[1]];
+    result[2] = pi[input[2]];
+    result[3] = pi[input[3]];
+    result[4] = pi[input[4]];
+    result[5] = pi[input[5]];
+    result[6] = pi[input[6]];
+    result[7] = pi[input[7]];
+    result[8] = pi[input[8]];
+    result[9] = pi[input[9]];
+    result[10] = pi[input[10]];
+    result[11] = pi[input[11]];
+    result[12] = pi[input[12]];
+    result[13] = pi[input[13]];
+    result[14] = pi[input[14]];
+    result[15] = pi[input[15]];
+    return result;
+};
+const gfMultiply = (a, b) => {
+    let result = 0;
+    let high_bit;
+    for (let i = 0; i < 8; i++) {
+        if ((b & 0b00000001) === 0b00000001)
+            result ^= a;
+        high_bit = a & 0b10000000;
+        a <<= 1;
+        if (high_bit == 0b10000000)
+            a ^= 0b11000011;
+        b >>= 1;
+    }
+    return result & 0xFF;
+};
+const R = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    result.set(input.slice(0, 15), 1);
+    result[0] = input[15];
+    //let temp = 0;
+    //for (let i = 0; i < BLOCKSIZE; i++) temp ^= gfMultiply(result[i], L[i]);
+    let temp = gfMultiply(result[0], L[0]);
+    temp ^= gfMultiply(result[1], L[1]);
+    temp ^= gfMultiply(result[2], L[2]);
+    temp ^= gfMultiply(result[3], L[3]);
+    temp ^= gfMultiply(result[4], L[4]);
+    temp ^= gfMultiply(result[5], L[5]);
+    temp ^= gfMultiply(result[6], L[6]);
+    temp ^= gfMultiply(result[7], L[7]);
+    temp ^= gfMultiply(result[8], L[8]);
+    temp ^= gfMultiply(result[9], L[9]);
+    temp ^= gfMultiply(result[10], L[10]);
+    temp ^= gfMultiply(result[11], L[11]);
+    temp ^= gfMultiply(result[12], L[12]);
+    temp ^= gfMultiply(result[13], L[13]);
+    temp ^= gfMultiply(result[14], L[14]);
+    temp ^= gfMultiply(result[15], L[15]);
+    result[0] = temp;
+    return result;
+};
+const Rr = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //let temp = 0;
+    //for (let i = 0; i < BLOCKSIZE; i++) temp ^= gfMultiply(input[i], L[i]);
+    let temp = gfMultiply(input[0], L[0]);
+    temp ^= gfMultiply(input[1], L[1]);
+    temp ^= gfMultiply(input[2], L[2]);
+    temp ^= gfMultiply(input[3], L[3]);
+    temp ^= gfMultiply(input[4], L[4]);
+    temp ^= gfMultiply(input[5], L[5]);
+    temp ^= gfMultiply(input[6], L[6]);
+    temp ^= gfMultiply(input[7], L[7]);
+    temp ^= gfMultiply(input[8], L[8]);
+    temp ^= gfMultiply(input[9], L[9]);
+    temp ^= gfMultiply(input[10], L[10]);
+    temp ^= gfMultiply(input[11], L[11]);
+    temp ^= gfMultiply(input[12], L[12]);
+    temp ^= gfMultiply(input[13], L[13]);
+    temp ^= gfMultiply(input[14], L[14]);
+    temp ^= gfMultiply(input[15], L[15]);
+    result.set(input.slice(1));
+    result[15] = temp;
+    return result;
+};
+const LL = (input) => {
+    //let result = copyBytes(input);
+    //for(let i = 0; i < BLOCKSIZE; i++) result = R(result);
+    let result = R(copyBytes(input));
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    result = R(result);
+    return result;
+};
+const LLr = (input) => {
+    //let result = copyBytes(input);
+    //for(let i = 0; i < BLOCKSIZE; i++) result = Rr(result);
+    let result = Rr(copyBytes(input));
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    result = Rr(result);
+    return result;
+};
+const LLS = (block) => LL(S(block));
+const SLLr = (block) => S(LLr(block), PI_REV);
+const F = (in_key1, in_key2, iter_constant) => xorBytes(LLS(xorBytes(in_key1, iter_constant)), in_key2);
+/** Kuznyechik (GOST R 34.12-2015) cipher */
+export class Kuznyechik {
+    keySize = KEYSIZE;
+    blockSize = BLOCKSIZE;
+    roundKeys;
+    /** Kuznyechik (GOST R 34.12-2015) cipher */
+    constructor(key) {
+        if (key.length !== this.keySize)
+            throw new Error("Invalid key length");
+        const roundKeys = Array(10).fill(null).map(() => new Uint8Array(this.blockSize));
+        roundKeys[0] = key.slice(0, this.blockSize);
+        roundKeys[1] = key.slice(this.blockSize);
+        let temp1 = copyBytes(roundKeys[0]);
+        let temp2 = copyBytes(roundKeys[1]);
+        let temp3 = new Uint8Array(16);
+        let temp4 = new Uint8Array(16);
+        for (let i = 0; i < 4; i++) {
+            const baseIndex = i * 8;
+            temp3 = F(temp1, temp2, ITER[baseIndex]);
+            temp4 = copyBytes(temp1);
+            temp1 = F(temp3, temp4, ITER[baseIndex + 1]);
+            temp2 = copyBytes(temp3);
+            temp3 = F(temp1, temp2, ITER[baseIndex + 2]);
+            temp4 = copyBytes(temp1);
+            temp1 = F(temp3, temp4, ITER[baseIndex + 3]);
+            temp2 = copyBytes(temp3);
+            temp3 = F(temp1, temp2, ITER[baseIndex + 4]);
+            temp4 = copyBytes(temp1);
+            temp1 = F(temp3, temp4, ITER[baseIndex + 5]);
+            temp2 = copyBytes(temp3);
+            temp3 = F(temp1, temp2, ITER[baseIndex + 6]);
+            temp4 = copyBytes(temp1);
+            temp1 = F(temp3, temp4, ITER[baseIndex + 7]);
+            temp2 = copyBytes(temp3);
+            roundKeys[2 + 2 * i] = copyBytes(temp1);
+            roundKeys[3 + 2 * i] = copyBytes(temp2);
+        }
+        this.roundKeys = roundKeys;
+    }
+    encrypt(plaintext) {
+        if (plaintext.length !== this.blockSize)
+            throw new Error("Invalid block size");
+        //let currentBlock = copyBytes(plaintext);
+        //for (let i = 0; i < 9; i++) currentBlock = LLS(xorBytes(this.roundKeys[i], currentBlock));
+        let currentBlock = LLS(xorBytes(this.roundKeys[0], plaintext));
+        currentBlock = LLS(xorBytes(this.roundKeys[1], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[2], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[3], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[4], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[5], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[6], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[7], currentBlock));
+        currentBlock = LLS(xorBytes(this.roundKeys[8], currentBlock));
+        currentBlock = xorBytes(this.roundKeys[9], currentBlock);
+        return currentBlock;
+    }
+    decrypt(ciphertext) {
+        if (ciphertext.length !== this.blockSize)
+            throw new Error("Invalid block size");
+        let currentBlock = xorBytes(this.roundKeys[9], ciphertext);
+        //const reversedKeys = this.roundKeys.slice(0, 9).reverse();
+        //for (let i = 0; i < 9; i++) currentBlock = xorBytes(reversedKeys[i], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[8], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[7], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[6], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[5], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[4], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[3], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[2], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[1], SLLr(currentBlock));
+        currentBlock = xorBytes(this.roundKeys[0], SLLr(currentBlock));
+        return currentBlock;
+    }
+}