npm - @li0ard/gost - Versions diffs - 0.0.1 → 0.1.3 - Mend

@li0ard/gost 0.0.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/streebog/index.js ADDED Viewed

@@ -0,0 +1,295 @@
+import { concatBytes, createHasher } from "@noble/hashes/utils.js";
+import { A, C, TAU } from "./const.js";
+import { PI } from "../kuznyechik/const.js";
+import { pad1, xorBytes } from "../utils.js";
+import { numberToBytesBE } from "@noble/curves/utils.js";
+const BLOCKSIZE = 64;
+const _0020 = new Uint8Array([0, 0, 2, 0]);
+const _0 = new Uint8Array(64);
+const add512 = (a, b) => {
+    const c = new Uint8Array(64);
+    const tmpA = new Uint8Array(64);
+    const tmpB = new Uint8Array(64);
+    for (let i = 0; i < a.length; i++)
+        tmpA[63 - i] = a[a.length - i - 1];
+    for (let i = 0; i < b.length; i++)
+        tmpB[63 - i] = b[b.length - i - 1];
+    for (let i = 63, tmp = 0; i >= 0; i--) {
+        tmp = tmpA[i] + tmpB[i] + (tmp >> 8);
+        c[i] = tmp & 0xff;
+    }
+    return c;
+};
+const S = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //for (let i = 0; i < BLOCKSIZE; i++) result[i] = PI[input[i]];
+    result[0] = PI[input[0]];
+    result[1] = PI[input[1]];
+    result[2] = PI[input[2]];
+    result[3] = PI[input[3]];
+    result[4] = PI[input[4]];
+    result[5] = PI[input[5]];
+    result[6] = PI[input[6]];
+    result[7] = PI[input[7]];
+    result[8] = PI[input[8]];
+    result[9] = PI[input[9]];
+    result[10] = PI[input[10]];
+    result[11] = PI[input[11]];
+    result[12] = PI[input[12]];
+    result[13] = PI[input[13]];
+    result[14] = PI[input[14]];
+    result[15] = PI[input[15]];
+    result[16] = PI[input[16]];
+    result[17] = PI[input[17]];
+    result[18] = PI[input[18]];
+    result[19] = PI[input[19]];
+    result[20] = PI[input[20]];
+    result[21] = PI[input[21]];
+    result[22] = PI[input[22]];
+    result[23] = PI[input[23]];
+    result[24] = PI[input[24]];
+    result[25] = PI[input[25]];
+    result[26] = PI[input[26]];
+    result[27] = PI[input[27]];
+    result[28] = PI[input[28]];
+    result[29] = PI[input[29]];
+    result[30] = PI[input[30]];
+    result[31] = PI[input[31]];
+    result[32] = PI[input[32]];
+    result[33] = PI[input[33]];
+    result[34] = PI[input[34]];
+    result[35] = PI[input[35]];
+    result[36] = PI[input[36]];
+    result[37] = PI[input[37]];
+    result[38] = PI[input[38]];
+    result[39] = PI[input[39]];
+    result[40] = PI[input[40]];
+    result[41] = PI[input[41]];
+    result[42] = PI[input[42]];
+    result[43] = PI[input[43]];
+    result[44] = PI[input[44]];
+    result[45] = PI[input[45]];
+    result[46] = PI[input[46]];
+    result[47] = PI[input[47]];
+    result[48] = PI[input[48]];
+    result[49] = PI[input[49]];
+    result[50] = PI[input[50]];
+    result[51] = PI[input[51]];
+    result[52] = PI[input[52]];
+    result[53] = PI[input[53]];
+    result[54] = PI[input[54]];
+    result[55] = PI[input[55]];
+    result[56] = PI[input[56]];
+    result[57] = PI[input[57]];
+    result[58] = PI[input[58]];
+    result[59] = PI[input[59]];
+    result[60] = PI[input[60]];
+    result[61] = PI[input[61]];
+    result[62] = PI[input[62]];
+    result[63] = PI[input[63]];
+    return result;
+};
+const P = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    //for (let i = 0; i < BLOCKSIZE; i++) result[i] = input[TAU[i]];
+    result[0] = input[TAU[0]];
+    result[1] = input[TAU[1]];
+    result[2] = input[TAU[2]];
+    result[3] = input[TAU[3]];
+    result[4] = input[TAU[4]];
+    result[5] = input[TAU[5]];
+    result[6] = input[TAU[6]];
+    result[7] = input[TAU[7]];
+    result[8] = input[TAU[8]];
+    result[9] = input[TAU[9]];
+    result[10] = input[TAU[10]];
+    result[11] = input[TAU[11]];
+    result[12] = input[TAU[12]];
+    result[13] = input[TAU[13]];
+    result[14] = input[TAU[14]];
+    result[15] = input[TAU[15]];
+    result[16] = input[TAU[16]];
+    result[17] = input[TAU[17]];
+    result[18] = input[TAU[18]];
+    result[19] = input[TAU[19]];
+    result[20] = input[TAU[20]];
+    result[21] = input[TAU[21]];
+    result[22] = input[TAU[22]];
+    result[23] = input[TAU[23]];
+    result[24] = input[TAU[24]];
+    result[25] = input[TAU[25]];
+    result[26] = input[TAU[26]];
+    result[27] = input[TAU[27]];
+    result[28] = input[TAU[28]];
+    result[29] = input[TAU[29]];
+    result[30] = input[TAU[30]];
+    result[31] = input[TAU[31]];
+    result[32] = input[TAU[32]];
+    result[33] = input[TAU[33]];
+    result[34] = input[TAU[34]];
+    result[35] = input[TAU[35]];
+    result[36] = input[TAU[36]];
+    result[37] = input[TAU[37]];
+    result[38] = input[TAU[38]];
+    result[39] = input[TAU[39]];
+    result[40] = input[TAU[40]];
+    result[41] = input[TAU[41]];
+    result[42] = input[TAU[42]];
+    result[43] = input[TAU[43]];
+    result[44] = input[TAU[44]];
+    result[45] = input[TAU[45]];
+    result[46] = input[TAU[46]];
+    result[47] = input[TAU[47]];
+    result[48] = input[TAU[48]];
+    result[49] = input[TAU[49]];
+    result[50] = input[TAU[50]];
+    result[51] = input[TAU[51]];
+    result[52] = input[TAU[52]];
+    result[53] = input[TAU[53]];
+    result[54] = input[TAU[54]];
+    result[55] = input[TAU[55]];
+    result[56] = input[TAU[56]];
+    result[57] = input[TAU[57]];
+    result[58] = input[TAU[58]];
+    result[59] = input[TAU[59]];
+    result[60] = input[TAU[60]];
+    result[61] = input[TAU[61]];
+    result[62] = input[TAU[62]];
+    result[63] = input[TAU[63]];
+    return result;
+};
+const L = (input) => {
+    const result = new Uint8Array(BLOCKSIZE);
+    for (let i = 0; i < 8; i++) {
+        const parts = new Uint32Array(2);
+        const tmp = input.slice(i * 8, i * 8 + 8).reverse();
+        for (let j = 0; j < 8; j++) {
+            for (let k = 0; k < 8; k++) {
+                if ((tmp[7 - j] >> 7 - k) & 1) {
+                    parts[0] ^= A[j * 16 + k * 2];
+                    parts[1] ^= A[j * 16 + k * 2 + 1];
+                }
+            }
+        }
+        result.set(numberToBytesBE(parts[0], 4), i * 8);
+        result.set(numberToBytesBE(parts[1], 4), i * 8 + 4);
+    }
+    return result;
+};
+const LPS = (input) => L(P(S(input)));
+const E = (block, keys) => {
+    // block will be mutated
+    let c = xorBytes(block, keys);
+    /*for (let i = 0; i < 12; i++) {
+        block = LPS(xorBytes(block, C[i]));
+        c = xorBytes(LPS(c), block);
+    }*/
+    block = LPS(xorBytes(block, C[0]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[1]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[2]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[3]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[4]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[5]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[6]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[7]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[8]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[9]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[10]));
+    c = xorBytes(LPS(c), block);
+    block = LPS(xorBytes(block, C[11]));
+    c = xorBytes(LPS(c), block);
+    return c;
+};
+const G = (hash, n, message) => xorBytes(xorBytes(E(LPS(xorBytes(n, hash)), message), n), message);
+/** Streebog (GOST R 34.11-2012) hash function */
+class Streebog {
+    is512;
+    blockLen = BLOCKSIZE;
+    outputLen;
+    canXOF = false;
+    buffer;
+    /** Streebog (GOST R 34.11-2012) hash function */
+    constructor(is512) {
+        this.is512 = is512;
+        this.buffer = new Uint8Array();
+        this.outputLen = is512 ? 64 : 32;
+    }
+    destroy() { this.buffer = new Uint8Array(); }
+    update(data) {
+        this.buffer = concatBytes(this.buffer, data);
+        return this;
+    }
+    digest() {
+        const buffer = new Uint8Array(this.outputLen);
+        this.digestInto(buffer);
+        return buffer;
+    }
+    digestInto(buf) {
+        const message = this.buffer.slice().reverse();
+        let n = new Uint8Array(BLOCKSIZE);
+        let sigma = new Uint8Array(BLOCKSIZE);
+        let hash = new Uint8Array(BLOCKSIZE).fill(this.is512 ? 0 : 1);
+        let blocks = 1;
+        for (let i = message.length; i >= BLOCKSIZE; i -= BLOCKSIZE) {
+            const pos = message.length - blocks * BLOCKSIZE;
+            hash = G(n, hash, message.subarray(pos, pos + BLOCKSIZE));
+            n = add512(n, _0020);
+            sigma = add512(sigma, message.subarray(pos, pos + BLOCKSIZE));
+            blocks++;
+        }
+        let paddedMsg = new Uint8Array(BLOCKSIZE);
+        const msg = message.subarray(0, message.length - (blocks - 1) * 64);
+        if (msg.length < BLOCKSIZE) {
+            paddedMsg = pad1(paddedMsg, BLOCKSIZE);
+            paddedMsg[BLOCKSIZE - msg.length - 1] = 0x01;
+            for (let i = 0; i < msg.length; i++)
+                paddedMsg[BLOCKSIZE - msg.length + i] = msg[i];
+        }
+        hash = G(_0, G(_0, G(n, hash, paddedMsg), add512(n, numberToBytesBE(msg.length * 8, 4))), add512(sigma, paddedMsg));
+        if (this.is512)
+            buf.set(hash.slice().reverse());
+        else
+            buf.set(hash.slice(0, 32).reverse());
+        this.destroy();
+    }
+}
+/** Streebog-256 (GOST R 34.11-2012) hash function */
+export class Streebog256 extends Streebog {
+    /** Streebog-256 (GOST R 34.11-2012) hash function */
+    constructor() { super(false); }
+    /** Create hash instance */
+    static create() { return new Streebog256(); }
+    clone() { return this._cloneInto(); }
+    _cloneInto(to) {
+        to ||= new Streebog256();
+        to.buffer = new Uint8Array(this.buffer);
+        return to;
+    }
+}
+/** Streebog-512 (GOST R 34.11-2012) hash function */
+export class Streebog512 extends Streebog {
+    /** Streebog-512 (GOST R 34.11-2012) hash function */
+    constructor() { super(true); }
+    /** Create hash instance */
+    static create() { return new Streebog512(); }
+    clone() { return this._cloneInto(); }
+    _cloneInto(to) {
+        to ||= new Streebog512();
+        to.buffer = new Uint8Array(this.buffer);
+        return to;
+    }
+}
+/** Streebog-256 (GOST R 34.11-2012) hash function */
+export const streebog256 = createHasher(Streebog256.create);
+/** Streebog-512 (GOST R 34.11-2012) hash function */
+export const streebog512 = createHasher(Streebog512.create);

package/types.d.ts ADDED Viewed

@@ -0,0 +1,50 @@
+import type { TArg, TRet } from "@noble/hashes/utils.js";
+/** Cipher core */
+export type Cipher = {
+    /** Block size */
+    readonly blockSize: number;
+    /** Key size */
+    readonly keySize: number;
+    /** Encrypt block */
+    encrypt(plaintext: TArg<Uint8Array>): TRet<Uint8Array>;
+    /** Decrypt block */
+    decrypt(ciphertext: TArg<Uint8Array>): TRet<Uint8Array>;
+};
+/** Block mode for {@link Cipher} */
+export type BlockMode = {
+    /** Encrypt plaintext */
+    encrypt: (plaintext: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Decrypt ciphertext */
+    decrypt: (ciphertext: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Stream-like mode for {@link Cipher} */
+export type StreamMode = {
+    /** Proceed message */
+    crypt: (msg: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** MAC mode for {@link Cipher} */
+export type MACMode = {
+    /** Compute MAC */
+    compute: (msg: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** AEAD mode for {@link Cipher} */
+export type AEADMode = {
+    /** Seal plaintext and AAD */
+    seal: (plaintext: TArg<Uint8Array>, aad?: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Open ciphertext and AAD */
+    open: (ciphertext: TArg<Uint8Array>, aad?: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Key wrapping mode for {@link Cipher} */
+export type WrapMode = {
+    /** Wrap encryption key */
+    wrap: (key: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Unwrap encryption key */
+    unwrap: (wrapped: TArg<Uint8Array>) => TRet<Uint8Array>;
+};
+/** Key wrapping mode (KWP) for Magma */
+export type WrapModeMagma = {
+    /** Wrap encryption key */
+    wrap: (ukm: TArg<Uint8Array>, cek: TArg<Uint8Array>) => TRet<Uint8Array>;
+    /** Unwrap encryption key */
+    unwrap: (wrapped: TArg<Uint8Array>) => TRet<Uint8Array>;
+};

package/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/utils.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { TArg, TRet } from "@noble/hashes/utils.js";
+export declare const xorBytes: (a: TArg<Uint8Array>, b: TArg<Uint8Array>) => TRet<Uint8Array>;
+export declare const getPadLength: (dataLength: number, blockSize: number) => number;
+export declare const pad1: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const pad2: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const unpad2: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;
+export declare const pad3: (data: TArg<Uint8Array>, blockSize: number) => TRet<Uint8Array>;

package/utils.js ADDED Viewed

@@ -0,0 +1,47 @@
+export const xorBytes = (a, b) => {
+    const mlen = Math.min(a.length, b.length);
+    const result = new Uint8Array(mlen);
+    for (let i = 0; i < mlen; i++)
+        result[i] = a[i] ^ b[i];
+    return result;
+};
+export const getPadLength = (dataLength, blockSize) => {
+    if (dataLength < blockSize)
+        return blockSize - dataLength;
+    if (dataLength % blockSize == 0)
+        return 0;
+    return blockSize - dataLength % blockSize;
+};
+export const pad1 = (data, blockSize) => {
+    const padded = new Uint8Array(data.length + getPadLength(data.length, blockSize));
+    padded.set(data);
+    return padded;
+};
+export const pad2 = (data, blockSize) => {
+    const padded = new Uint8Array(data.length + 1 + getPadLength(data.length + 1, blockSize));
+    padded.set(data, 0);
+    padded[data.length] = 0x80;
+    return padded;
+};
+export const unpad2 = (data, blockSize) => {
+    const lastBlock = data.subarray(data.length - blockSize);
+    let padIndex = -1;
+    for (let i = lastBlock.length - 1; i >= 0; i--) {
+        if (lastBlock[i] == 0x80) {
+            padIndex = i;
+            break;
+        }
+    }
+    if (padIndex === -1)
+        throw new Error("Padding marker (0x80) not found");
+    for (let i = padIndex + 1; i < lastBlock.length; i++) {
+        if (lastBlock[i] !== 0)
+            throw new Error("Invalid padding: non-zero bytes after 0x80");
+    }
+    return data.slice(0, data.length - (blockSize - padIndex));
+};
+export const pad3 = (data, blockSize) => {
+    if (getPadLength(data.length, blockSize) == 0)
+        return data;
+    return pad2(data, blockSize);
+};