npm - leviathan-crypto - Versions diffs - 2.0.1 → 3.0.0 - Mend

leviathan-crypto 2.0.1 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (312) hide show

package/CLAUDE.md +88 -281
package/LICENSE +4 -0
package/README.md +275 -87
package/dist/aes/aes-cbc.d.ts +40 -0
package/dist/aes/aes-cbc.js +158 -0
package/dist/aes/aes-ctr.d.ts +50 -0
package/dist/aes/aes-ctr.js +141 -0
package/dist/aes/aes-gcm-siv.d.ts +67 -0
package/dist/aes/aes-gcm-siv.js +217 -0
package/dist/aes/aes-gcm.d.ts +61 -0
package/dist/aes/aes-gcm.js +226 -0
package/dist/aes/cipher-suite.d.ts +21 -0
package/dist/aes/cipher-suite.js +179 -0
package/dist/aes/embedded.d.ts +1 -0
package/dist/aes/embedded.js +26 -0
package/dist/aes/generator.d.ts +14 -0
package/dist/aes/generator.js +103 -0
package/dist/aes/index.d.ts +58 -0
package/dist/aes/index.js +125 -0
package/dist/aes/ops.d.ts +60 -0
package/dist/aes/ops.js +164 -0
package/dist/aes/pool-worker.d.ts +1 -0
package/dist/aes/pool-worker.js +92 -0
package/dist/aes/types.d.ts +1 -0
package/dist/aes/types.js +23 -0
package/dist/aes.wasm +0 -0
package/dist/blake3/embedded.d.ts +1 -0
package/dist/blake3/embedded.js +26 -0
package/dist/blake3/index.d.ts +143 -0
package/dist/blake3/index.js +620 -0
package/dist/blake3/types.d.ts +102 -0
package/dist/blake3/types.js +31 -0
package/dist/blake3/validate.d.ts +29 -0
package/dist/blake3/validate.js +80 -0
package/dist/blake3.wasm +0 -0
package/dist/chacha20/cipher-suite.d.ts +10 -0
package/dist/chacha20/cipher-suite.js +98 -13
package/dist/chacha20/generator.d.ts +12 -0
package/dist/chacha20/generator.js +91 -0
package/dist/chacha20/index.d.ts +100 -3
package/dist/chacha20/index.js +169 -35
package/dist/chacha20/ops.d.ts +57 -6
package/dist/chacha20/ops.js +107 -27
package/dist/chacha20/pool-worker.js +14 -0
package/dist/chacha20/types.d.ts +1 -32
package/dist/cte-wasm.d.ts +1 -0
package/dist/cte-wasm.js +3 -0
package/dist/cte.wasm +0 -0
package/dist/curve25519.wasm +0 -0
package/dist/ecdsa/der.d.ts +23 -0
package/dist/ecdsa/der.js +192 -0
package/dist/ecdsa/ecprivatekey-der.d.ts +32 -0
package/dist/ecdsa/ecprivatekey-der.js +230 -0
package/dist/ecdsa/embedded.d.ts +1 -0
package/dist/ecdsa/embedded.js +25 -0
package/dist/ecdsa/index.d.ts +124 -0
package/dist/ecdsa/index.js +366 -0
package/dist/ecdsa/types.d.ts +31 -0
package/dist/ecdsa/types.js +28 -0
package/dist/ecdsa/validate.d.ts +18 -0
package/dist/ecdsa/validate.js +92 -0
package/dist/ed25519/embedded.d.ts +1 -0
package/dist/ed25519/embedded.js +31 -0
package/dist/ed25519/index.d.ts +70 -0
package/dist/ed25519/index.js +308 -0
package/dist/ed25519/types.d.ts +27 -0
package/dist/ed25519/types.js +27 -0
package/dist/ed25519/validate.d.ts +7 -0
package/dist/ed25519/validate.js +77 -0
package/dist/embedded/aes-pool-worker.d.ts +1 -0
package/dist/embedded/aes-pool-worker.js +5 -0
package/dist/embedded/aes.d.ts +1 -0
package/dist/embedded/aes.js +3 -0
package/dist/embedded/blake3.d.ts +1 -0
package/dist/embedded/blake3.js +3 -0
package/dist/embedded/chacha20-pool-worker.d.ts +1 -0
package/dist/embedded/chacha20-pool-worker.js +5 -0
package/dist/embedded/chacha20.d.ts +1 -1
package/dist/embedded/chacha20.js +2 -2
package/dist/embedded/curve25519.d.ts +1 -0
package/dist/embedded/curve25519.js +3 -0
package/dist/embedded/mldsa.d.ts +1 -0
package/dist/embedded/mldsa.js +3 -0
package/dist/embedded/mlkem.d.ts +1 -0
package/dist/embedded/mlkem.js +3 -0
package/dist/embedded/p256.d.ts +1 -0
package/dist/embedded/p256.js +3 -0
package/dist/embedded/serpent-pool-worker.d.ts +1 -0
package/dist/embedded/serpent-pool-worker.js +5 -0
package/dist/embedded/serpent.d.ts +1 -1
package/dist/embedded/serpent.js +2 -2
package/dist/embedded/sha2.d.ts +1 -1
package/dist/embedded/sha2.js +2 -2
package/dist/embedded/sha3.d.ts +1 -1
package/dist/embedded/sha3.js +2 -2
package/dist/embedded/slhdsa.d.ts +1 -0
package/dist/embedded/slhdsa.js +3 -0
package/dist/errors.d.ts +92 -1
package/dist/errors.js +111 -1
package/dist/fortuna.d.ts +18 -12
package/dist/fortuna.js +166 -99
package/dist/index.d.ts +42 -11
package/dist/index.js +65 -20
package/dist/init.d.ts +1 -3
package/dist/init.js +73 -7
package/dist/keccak/embedded.js +1 -1
package/dist/keccak/index.d.ts +2 -0
package/dist/keccak/index.js +4 -2
package/dist/loader.d.ts +1 -19
package/dist/loader.js +26 -32
package/dist/merkle/blake3-tree.d.ts +35 -0
package/dist/merkle/blake3-tree.js +187 -0
package/dist/merkle/checkpoint.d.ts +58 -0
package/dist/merkle/checkpoint.js +217 -0
package/dist/merkle/index.d.ts +19 -0
package/dist/merkle/index.js +37 -0
package/dist/merkle/merkle-log.d.ts +130 -0
package/dist/merkle/merkle-log.js +207 -0
package/dist/merkle/merkle-verifier.d.ts +126 -0
package/dist/merkle/merkle-verifier.js +296 -0
package/dist/merkle/proof.d.ts +70 -0
package/dist/merkle/proof.js +300 -0
package/dist/merkle/sha256-tree.d.ts +33 -0
package/dist/merkle/sha256-tree.js +145 -0
package/dist/merkle/signed-log.d.ts +156 -0
package/dist/merkle/signed-log.js +356 -0
package/dist/merkle/signed-note.d.ts +309 -0
package/dist/merkle/signed-note.js +648 -0
package/dist/merkle/sth.d.ts +31 -0
package/dist/merkle/sth.js +31 -0
package/dist/merkle/storage.d.ts +40 -0
package/dist/merkle/storage.js +71 -0
package/dist/merkle/tree.d.ts +68 -0
package/dist/merkle/tree.js +94 -0
package/dist/mldsa/embedded.d.ts +1 -0
package/dist/{kyber → mldsa}/embedded.js +5 -5
package/dist/mldsa/expand.d.ts +53 -0
package/dist/mldsa/expand.js +188 -0
package/dist/mldsa/format.d.ts +16 -0
package/dist/mldsa/format.js +68 -0
package/dist/mldsa/hashvariant.d.ts +32 -0
package/dist/mldsa/hashvariant.js +248 -0
package/dist/mldsa/index.d.ts +142 -0
package/dist/mldsa/index.js +463 -0
package/dist/mldsa/keygen.d.ts +16 -0
package/dist/mldsa/keygen.js +232 -0
package/dist/mldsa/params.d.ts +21 -0
package/dist/mldsa/params.js +55 -0
package/dist/mldsa/sha3-helpers.d.ts +30 -0
package/dist/mldsa/sha3-helpers.js +124 -0
package/dist/mldsa/sign.d.ts +36 -0
package/dist/mldsa/sign.js +380 -0
package/dist/mldsa/types.d.ts +91 -0
package/dist/mldsa/types.js +25 -0
package/dist/mldsa/validate.d.ts +55 -0
package/dist/mldsa/validate.js +125 -0
package/dist/mldsa/verify.d.ts +29 -0
package/dist/mldsa/verify.js +269 -0
package/dist/mldsa.wasm +0 -0
package/dist/mlkem/embedded.d.ts +1 -0
package/dist/mlkem/embedded.js +27 -0
package/dist/mlkem/indcpa.d.ts +49 -0
package/dist/{kyber → mlkem}/indcpa.js +48 -48
package/dist/mlkem/index.d.ts +37 -0
package/dist/{kyber → mlkem}/index.js +41 -31
package/dist/mlkem/kem.d.ts +21 -0
package/dist/{kyber → mlkem}/kem.js +48 -13
package/dist/{kyber → mlkem}/params.d.ts +4 -4
package/dist/{kyber → mlkem}/params.js +2 -2
package/dist/mlkem/suite.d.ts +12 -0
package/dist/{kyber → mlkem}/suite.js +17 -12
package/dist/{kyber → mlkem}/types.d.ts +4 -3
package/dist/{kyber → mlkem}/types.js +1 -1
package/dist/mlkem/validate.d.ts +23 -0
package/dist/{kyber → mlkem}/validate.js +24 -20
package/dist/{kyber.wasm → mlkem.wasm} +0 -0
package/dist/p256.wasm +0 -0
package/dist/ratchet/index.d.ts +8 -0
package/dist/ratchet/index.js +38 -0
package/dist/ratchet/kdf-chain.d.ts +13 -0
package/dist/ratchet/kdf-chain.js +85 -0
package/dist/ratchet/ratchet-keypair.d.ts +9 -0
package/dist/ratchet/ratchet-keypair.js +61 -0
package/dist/ratchet/root-kdf.d.ts +4 -0
package/dist/ratchet/root-kdf.js +124 -0
package/dist/ratchet/skipped-key-store.d.ts +14 -0
package/dist/ratchet/skipped-key-store.js +154 -0
package/dist/ratchet/types.d.ts +36 -0
package/dist/ratchet/types.js +26 -0
package/dist/serpent/cipher-suite.d.ts +10 -0
package/dist/serpent/cipher-suite.js +144 -56
package/dist/serpent/generator.d.ts +12 -0
package/dist/serpent/generator.js +97 -0
package/dist/serpent/index.d.ts +62 -1
package/dist/serpent/index.js +97 -21
package/dist/serpent/pool-worker.js +28 -102
package/dist/serpent/serpent-cbc.d.ts +16 -6
package/dist/serpent/serpent-cbc.js +58 -37
package/dist/serpent/shared-ops.d.ts +63 -0
package/dist/serpent/shared-ops.js +178 -0
package/dist/serpent/types.d.ts +1 -5
package/dist/serpent.wasm +0 -0
package/dist/sha2/hash.d.ts +2 -0
package/dist/sha2/hash.js +53 -0
package/dist/sha2/hkdf.js +5 -5
package/dist/sha2/index.d.ts +22 -1
package/dist/sha2/index.js +80 -11
package/dist/sha2/types.d.ts +41 -2
package/dist/sha2.wasm +0 -0
package/dist/sha3/hash.d.ts +2 -0
package/dist/sha3/hash.js +53 -0
package/dist/sha3/index.d.ts +87 -3
package/dist/sha3/index.js +317 -19
package/dist/sha3/kmac.d.ts +121 -0
package/dist/sha3/kmac.js +800 -0
package/dist/sha3.wasm +0 -0
package/dist/shared/pkcs7.d.ts +22 -0
package/dist/shared/pkcs7.js +84 -0
package/dist/sign/ctx.d.ts +41 -0
package/dist/sign/ctx.js +102 -0
package/dist/sign/envelope.d.ts +45 -0
package/dist/sign/envelope.js +152 -0
package/dist/sign/hasher.d.ts +9 -0
package/dist/sign/hasher.js +132 -0
package/dist/sign/index.d.ts +11 -0
package/dist/sign/index.js +34 -0
package/dist/sign/sign-stream.d.ts +25 -0
package/dist/sign/sign-stream.js +112 -0
package/dist/sign/suites/ecdsa-p256.d.ts +2 -0
package/dist/sign/suites/ecdsa-p256.js +120 -0
package/dist/sign/suites/ed25519.d.ts +3 -0
package/dist/sign/suites/ed25519.js +165 -0
package/dist/sign/suites/hybrid-classical.d.ts +23 -0
package/dist/sign/suites/hybrid-classical.js +526 -0
package/dist/sign/suites/hybrid-pq.d.ts +4 -0
package/dist/sign/suites/hybrid-pq.js +234 -0
package/dist/sign/suites/mldsa.d.ts +7 -0
package/dist/sign/suites/mldsa.js +161 -0
package/dist/sign/suites/slhdsa.d.ts +7 -0
package/dist/sign/suites/slhdsa.js +176 -0
package/dist/sign/types.d.ts +106 -0
package/dist/sign/types.js +28 -0
package/dist/sign/verify-stream.d.ts +30 -0
package/dist/sign/verify-stream.js +227 -0
package/dist/slhdsa/embedded.d.ts +1 -0
package/dist/slhdsa/embedded.js +26 -0
package/dist/slhdsa/index.d.ts +149 -0
package/dist/slhdsa/index.js +493 -0
package/dist/slhdsa/params.d.ts +26 -0
package/dist/slhdsa/params.js +70 -0
package/dist/slhdsa/prehash.d.ts +68 -0
package/dist/slhdsa/prehash.js +307 -0
package/dist/slhdsa/sign.d.ts +39 -0
package/dist/slhdsa/sign.js +116 -0
package/dist/slhdsa/types.d.ts +129 -0
package/dist/slhdsa/types.js +27 -0
package/dist/slhdsa/validate.d.ts +60 -0
package/dist/slhdsa/validate.js +127 -0
package/dist/slhdsa/verify.d.ts +32 -0
package/dist/slhdsa/verify.js +107 -0
package/dist/slhdsa.wasm +0 -0
package/dist/stream/header.js +8 -8
package/dist/stream/index.d.ts +1 -0
package/dist/stream/index.js +1 -0
package/dist/stream/open-stream.js +65 -22
package/dist/stream/seal-stream-pool.d.ts +2 -0
package/dist/stream/seal-stream-pool.js +100 -33
package/dist/stream/seal-stream.d.ts +1 -1
package/dist/stream/seal-stream.js +48 -19
package/dist/stream/seal.js +6 -6
package/dist/stream/types.d.ts +3 -1
package/dist/stream/types.js +1 -1
package/dist/types.d.ts +22 -1
package/dist/types.js +1 -1
package/dist/utils.d.ts +9 -10
package/dist/utils.js +84 -59
package/dist/wasm-source.d.ts +9 -8
package/dist/wasm-source.js +1 -1
package/dist/x25519/embedded.d.ts +1 -0
package/dist/x25519/embedded.js +31 -0
package/dist/x25519/index.d.ts +43 -0
package/dist/x25519/index.js +159 -0
package/dist/x25519/types.d.ts +25 -0
package/dist/x25519/types.js +27 -0
package/dist/x25519/validate.d.ts +2 -0
package/dist/x25519/validate.js +39 -0
package/package.json +123 -64
package/SECURITY.md +0 -276
package/dist/ct-wasm.d.ts +0 -1
package/dist/ct-wasm.js +0 -3
package/dist/ct.wasm +0 -0
package/dist/docs/aead.md +0 -323
package/dist/docs/architecture.md +0 -932
package/dist/docs/argon2id.md +0 -302
package/dist/docs/chacha20.md +0 -674
package/dist/docs/exports.md +0 -241
package/dist/docs/fortuna.md +0 -313
package/dist/docs/init.md +0 -302
package/dist/docs/loader.md +0 -161
package/dist/docs/serpent.md +0 -519
package/dist/docs/sha2.md +0 -613
package/dist/docs/sha3.md +0 -546
package/dist/docs/types.md +0 -276
package/dist/docs/utils.md +0 -367
package/dist/embedded/kyber.d.ts +0 -1
package/dist/embedded/kyber.js +0 -3
package/dist/kyber/embedded.d.ts +0 -1
package/dist/kyber/indcpa.d.ts +0 -49
package/dist/kyber/index.d.ts +0 -38
package/dist/kyber/kem.d.ts +0 -21
package/dist/kyber/suite.d.ts +0 -13
package/dist/kyber/validate.d.ts +0 -19

package/dist/sha2/index.js CHANGED Viewed

@@ -22,23 +22,15 @@
 // src/ts/sha2/index.ts
 //
 // Public API classes for the SHA-2 WASM module.
-// Uses the init() module cache — call sha2Init(source) before constructing.
-import { getInstance, initModule } from '../init.js';
+// Uses the init() module cache, call sha2Init(source) before constructing.
+import { getInstance, initModule, _assertNotOwned } from '../init.js';
 export async function sha2Init(source) {
     return initModule('sha2', source);
 }
+export { isInitialized } from '../init.js';
 function getExports() {
     return getInstance('sha2').exports;
 }
-export function _sha2Ready() {
-    try {
-        getInstance('sha2');
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
 // Write msg into input buffer in chunks, calling update for each chunk.
 function feedHash(x, msg, inputOff, chunkSize, updateFn) {
     const mem = new Uint8Array(x.memory.buffer);
@@ -57,6 +49,7 @@ export class SHA256 {
         this.x = getExports();
     }
     hash(msg) {
+        _assertNotOwned('sha2');
         this.x.sha256Init();
         feedHash(this.x, msg, this.x.getSha256InputOffset(), 64, this.x.sha256Update);
         this.x.sha256Final();
@@ -64,6 +57,7 @@ export class SHA256 {
         return mem.slice(this.x.getSha256OutOffset(), this.x.getSha256OutOffset() + 32);
     }
     dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
@@ -74,6 +68,7 @@ export class SHA512 {
         this.x = getExports();
     }
     hash(msg) {
+        _assertNotOwned('sha2');
         this.x.sha512Init();
         feedHash(this.x, msg, this.x.getSha512InputOffset(), 128, this.x.sha512Update);
         this.x.sha512Final();
@@ -81,6 +76,7 @@ export class SHA512 {
         return mem.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 64);
     }
     dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
@@ -91,6 +87,7 @@ export class SHA384 {
         this.x = getExports();
     }
     hash(msg) {
+        _assertNotOwned('sha2');
         this.x.sha384Init();
         feedHash(this.x, msg, this.x.getSha512InputOffset(), 128, this.x.sha512Update);
         this.x.sha384Final();
@@ -98,6 +95,70 @@ export class SHA384 {
         return mem.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 48);
     }
     dispose() {
+        _assertNotOwned('sha2');
+        this.x.wipeBuffers();
+    }
+}
+// ── SHA224 ──────────────────────────────────────────────────────────────────
+// FIPS 180-4 §6.3, SHA-256 round logic with the §5.3.2 IV; output is the
+// leftmost 224 bits (28 bytes) of the SHA-256 state.
+export class SHA224 {
+    x;
+    constructor() {
+        this.x = getExports();
+    }
+    hash(msg) {
+        _assertNotOwned('sha2');
+        this.x.sha224Init();
+        feedHash(this.x, msg, this.x.getSha256InputOffset(), 64, this.x.sha256Update);
+        this.x.sha224Final();
+        const mem = new Uint8Array(this.x.memory.buffer);
+        return mem.slice(this.x.getSha256OutOffset(), this.x.getSha256OutOffset() + 28);
+    }
+    dispose() {
+        _assertNotOwned('sha2');
+        this.x.wipeBuffers();
+    }
+}
+// ── SHA512_224 ──────────────────────────────────────────────────────────────
+// FIPS 180-4 §6.7.1, SHA-512 round logic with the §5.3.6.1 IV; output is the
+// leftmost 224 bits (28 bytes) of the SHA-512 state.
+export class SHA512_224 {
+    x;
+    constructor() {
+        this.x = getExports();
+    }
+    hash(msg) {
+        _assertNotOwned('sha2');
+        this.x.sha512_224Init();
+        feedHash(this.x, msg, this.x.getSha512InputOffset(), 128, this.x.sha512Update);
+        this.x.sha512_224Final();
+        const mem = new Uint8Array(this.x.memory.buffer);
+        return mem.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 28);
+    }
+    dispose() {
+        _assertNotOwned('sha2');
+        this.x.wipeBuffers();
+    }
+}
+// ── SHA512_256 ──────────────────────────────────────────────────────────────
+// FIPS 180-4 §6.7.2, SHA-512 round logic with the §5.3.6.2 IV; output is the
+// leftmost 256 bits (32 bytes) of the SHA-512 state.
+export class SHA512_256 {
+    x;
+    constructor() {
+        this.x = getExports();
+    }
+    hash(msg) {
+        _assertNotOwned('sha2');
+        this.x.sha512_256Init();
+        feedHash(this.x, msg, this.x.getSha512InputOffset(), 128, this.x.sha512Update);
+        this.x.sha512_256Final();
+        const mem = new Uint8Array(this.x.memory.buffer);
+        return mem.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 32);
+    }
+    dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
@@ -108,6 +169,7 @@ export class HMAC_SHA256 {
         this.x = getExports();
     }
     hash(key, msg) {
+        _assertNotOwned('sha2');
         let k = key;
         // RFC 2104 §3: keys longer than block size are pre-hashed
         if (k.length > 64) {
@@ -126,6 +188,7 @@ export class HMAC_SHA256 {
         return out.slice(this.x.getSha256OutOffset(), this.x.getSha256OutOffset() + 32);
     }
     dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
@@ -136,6 +199,7 @@ export class HMAC_SHA512 {
         this.x = getExports();
     }
     hash(key, msg) {
+        _assertNotOwned('sha2');
         let k = key;
         // RFC 2104 §3: keys longer than block size (128) are pre-hashed
         if (k.length > 128) {
@@ -154,6 +218,7 @@ export class HMAC_SHA512 {
         return out.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 64);
     }
     dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
@@ -164,6 +229,7 @@ export class HMAC_SHA384 {
         this.x = getExports();
     }
     hash(key, msg) {
+        _assertNotOwned('sha2');
         let k = key;
         // RFC 2104 §3: keys longer than block size (128) are pre-hashed with SHA-384
         if (k.length > 128) {
@@ -182,8 +248,11 @@ export class HMAC_SHA384 {
         return out.slice(this.x.getSha512OutOffset(), this.x.getSha512OutOffset() + 48);
     }
     dispose() {
+        _assertNotOwned('sha2');
         this.x.wipeBuffers();
     }
 }
 // ── HKDF ────────────────────────────────────────────────────────────────────
 export { HKDF_SHA256, HKDF_SHA512 } from './hkdf.js';
+// ── SHA256Hash ──────────────────────────────────────────────────────────────
+export { SHA256Hash } from './hash.js';

package/dist/sha2/types.d.ts CHANGED Viewed

@@ -1,5 +1,44 @@
-/** WASM exports for the sha2 module */
+/** WASM exports for the sha2 module, full FIPS 180-4 surface plus
+ *  HMAC variants. Importable from cross-module wrappers (e.g. mldsa's
+ *  HashML-DSA pre-hash dispatcher) that need to drive sha2 directly
+ *  without going through the public class API. */
 export interface Sha2Exports {
     memory: WebAssembly.Memory;
-    getModuleId(): number;
+    getModuleId: () => number;
+    getSha256InputOffset: () => number;
+    getSha256OutOffset: () => number;
+    getSha256HOffset: () => number;
+    getSha512InputOffset: () => number;
+    getSha512OutOffset: () => number;
+    getSha512HOffset: () => number;
+    getHmac256IpadOffset: () => number;
+    getHmac256OpadOffset: () => number;
+    getHmac256InnerOffset: () => number;
+    getHmac512IpadOffset: () => number;
+    getHmac512OpadOffset: () => number;
+    getHmac512InnerOffset: () => number;
+    sha256Init: () => void;
+    sha256Update: (len: number) => void;
+    sha256Final: () => void;
+    sha224Init: () => void;
+    sha224Final: () => void;
+    sha512Init: () => void;
+    sha384Init: () => void;
+    sha512_224Init: () => void;
+    sha512_256Init: () => void;
+    sha512Update: (len: number) => void;
+    sha512Final: () => void;
+    sha384Final: () => void;
+    sha512_224Final: () => void;
+    sha512_256Final: () => void;
+    hmac256Init: (keyLen: number) => void;
+    hmac256Update: (len: number) => void;
+    hmac256Final: () => void;
+    hmac512Init: (keyLen: number) => void;
+    hmac512Update: (len: number) => void;
+    hmac512Final: () => void;
+    hmac384Init: (keyLen: number) => void;
+    hmac384Update: (len: number) => void;
+    hmac384Final: () => void;
+    wipeBuffers: () => void;
 }

package/dist/sha2.wasm CHANGED Viewed

Binary file

package/dist/sha3/hash.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { HashFn } from '../types.js';
2	+ export declare const SHA3_256Hash: HashFn;

package/dist/sha3/hash.js ADDED Viewed

@@ -0,0 +1,53 @@
+//                  ▄▄▄▄▄▄▄▄▄▄
+//           ▄████████████████████▄▄          ▒  ▄▀▀ ▒ ▒ █ ▄▀▄ ▀█▀ █ ▒ ▄▀▄ █▀▄
+//        ▄██████████████████████ ▀████▄      ▓  ▓▀  ▓ ▓ ▓ ▓▄▓  ▓  ▓▀▓ ▓▄▓ ▓ ▓
+//      ▄█████████▀▀▀     ▀███████▄▄███████▌  ▀▄ ▀▄▄ ▀▄▀ ▒ ▒ ▒  ▒  ▒ █ ▒ ▒ ▒ █
+//     ▐████████▀   ▄▄▄▄     ▀████████▀██▀█▌
+//     ████████      ███▀▀     ████▀  █▀ █▀       Leviathan Crypto Library
+//     ███████▌    ▀██▀         ███
+//      ███████   ▀███           ▀██ ▀█▄      Repository & Mirror:
+//       ▀██████   ▄▄██            ▀▀  ██▄    github.com/xero/leviathan-crypto
+//         ▀█████▄   ▄██▄             ▄▀▄▀    unpkg.com/leviathan-crypto
+//            ▀████▄   ▄██▄
+//              ▐████   ▐███                  Author: xero (https://x-e.ro)
+//       ▄▄██████████    ▐███         ▄▄      License: MIT
+//    ▄██▀▀▀▀▀▀▀▀▀▀     ▄████      ▄██▀
+//  ▄▀  ▄▄█████████▄▄  ▀▀▀▀▀     ▄███         This file is provided completely
+//   ▄██████▀▀▀▀▀▀██████▄ ▀▄▄▄▄████▀          free, "as is", and without
+//  ████▀    ▄▄▄▄▄▄▄ ▀████▄ ▀█████▀  ▄▄▄▄     warranty of any kind. The author
+//  █████▄▄█████▀▀▀▀▀▀▄ ▀███▄      ▄████      assumes absolutely no liability
+//   ▀██████▀             ▀████▄▄▄████▀       for its {ab,mis,}use.
+//                           ▀█████▀▀
+//
+// src/ts/sha3/hash.ts
+//
+// Stateless SHA3-256 HashFn for Fortuna's accumulator and reseed slots.
+import { _assertNotOwned, getInstance } from '../init.js';
+export const SHA3_256Hash = {
+    outputSize: 32,
+    wasmModules: ['sha3'],
+    digest(msg) {
+        _assertNotOwned('sha3');
+        const x = getInstance('sha3').exports;
+        const mem = new Uint8Array(x.memory.buffer);
+        try {
+            x.sha3_256Init();
+            const inOff = x.getInputOffset();
+            let pos = 0;
+            while (pos < msg.length) {
+                const n = Math.min(msg.length - pos, 168);
+                mem.set(msg.subarray(pos, pos + n), inOff);
+                x.keccakAbsorb(n);
+                pos += n;
+            }
+            x.sha3_256Final();
+            const outOff = x.getOutOffset();
+            return mem.slice(outOff, outOff + 32);
+        }
+        finally {
+            // Wipe the keccak input/output/sponge state so secret-derived
+            // inputs (e.g. Fortuna pool entropy) do not outlive this call.
+            x.wipeBuffers();
+        }
+    },
+};

package/dist/sha3/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import type { WasmSource } from '../wasm-source.js';
 export declare function sha3Init(source: WasmSource): Promise<void>;
 export type { WasmSource };
-export declare function _sha3Ready(): boolean;
+export { isInitialized } from '../init.js';
 export declare class SHA3_256 {
     private readonly x;
     constructor();
@@ -26,13 +26,20 @@ export declare class SHA3_224 {
     hash(msg: Uint8Array): Uint8Array;
     dispose(): void;
 }
-/** SHAKE128 XOF — extendable output, multi-squeeze capable. */
+/**
+ * SHAKE128 XOF, extendable output, multi-squeeze capable.
+ *
+ * Holds exclusive access to the `sha3` WASM module from construction until
+ * `dispose()`. Constructing a second SHAKE128/SHAKE256 or any other sha3
+ * user while this instance is live throws. Call `dispose()` when done.
+ */
 export declare class SHAKE128 {
     private readonly x;
     private readonly _rate;
     private _squeezing;
     private _block;
     private _blockPos;
+    private _tok;
     constructor();
     reset(): this;
     absorb(msg: Uint8Array): this;
@@ -40,13 +47,20 @@ export declare class SHAKE128 {
     hash(msg: Uint8Array, outputLength: number): Uint8Array;
     dispose(): void;
 }
-/** SHAKE256 XOF — extendable output, multi-squeeze capable. */
+/**
+ * SHAKE256 XOF, extendable output, multi-squeeze capable.
+ *
+ * Holds exclusive access to the `sha3` WASM module from construction until
+ * `dispose()`. Constructing a second SHAKE128/SHAKE256 or any other sha3
+ * user while this instance is live throws. Call `dispose()` when done.
+ */
 export declare class SHAKE256 {
     private readonly x;
     private readonly _rate;
     private _squeezing;
     private _block;
     private _blockPos;
+    private _tok;
     constructor();
     reset(): this;
     absorb(msg: Uint8Array): this;
@@ -54,3 +68,73 @@ export declare class SHAKE256 {
     hash(msg: Uint8Array, outputLength: number): Uint8Array;
     dispose(): void;
 }
+/**
+ * Incremental SHA3-256. Construct, `update()` chunks (any size), `finalize()`
+ * to get the 32-byte digest. Finalize disposes the instance.
+ *
+ * Holds exclusive access to the `sha3` WASM module from construction until
+ * `dispose()` or `finalize()`. Mirrors SHAKE128 lifecycle.
+ */
+export declare class SHA3_256Stream {
+    private readonly x;
+    private _tok;
+    constructor();
+    update(chunk: Uint8Array): this;
+    finalize(): Uint8Array;
+    dispose(): void;
+}
+/**
+ * Incremental SHA3-512. Construct, `update()` chunks (any size), `finalize()`
+ * to get the 64-byte digest. Finalize disposes the instance.
+ *
+ * Holds exclusive access to the `sha3` WASM module from construction until
+ * `dispose()` or `finalize()`. Mirrors SHAKE128 lifecycle.
+ */
+export declare class SHA3_512Stream {
+    private readonly x;
+    private _tok;
+    constructor();
+    update(chunk: Uint8Array): this;
+    finalize(): Uint8Array;
+    dispose(): void;
+}
+/**
+ * Single-shot streaming SHAKE128. `outputLen` is bound at construction;
+ * `update()` absorbs chunks of any size, `finalize()` pads and squeezes
+ * exactly `outputLen` bytes, then disposes the instance.
+ *
+ * Used by `createRunningHash` in the sign layer: each StreamableSignatureSuite
+ * with `prehashAlgorithm: 'shake-128'` declares its `prehashSize` and that
+ * value is passed in here at construction time. The multi-squeeze
+ * `SHAKE128` class above remains for the XOF surface; this class is the
+ * fixed-output cousin that matches the RunningHash contract.
+ *
+ * Holds exclusive access to the `sha3` WASM module from construction until
+ * `dispose()` or `finalize()`. Mirrors `SHA3_256Stream` lifecycle.
+ */
+export declare class SHAKE128Stream {
+    private readonly x;
+    private readonly _rate;
+    private readonly outputLen;
+    private _tok;
+    constructor(outputLen: number);
+    update(chunk: Uint8Array): this;
+    finalize(): Uint8Array;
+    dispose(): void;
+}
+/**
+ * Single-shot streaming SHAKE256. `outputLen` is bound at construction;
+ * mirrors `SHAKE128Stream`. See that class for usage notes.
+ */
+export declare class SHAKE256Stream {
+    private readonly x;
+    private readonly _rate;
+    private readonly outputLen;
+    private _tok;
+    constructor(outputLen: number);
+    update(chunk: Uint8Array): this;
+    finalize(): Uint8Array;
+    dispose(): void;
+}
+export { SHA3_256Hash } from './hash.js';
+export { CSHAKE128, CSHAKE256, KMAC128, KMAC256, KMACXOF128, KMACXOF256 } from './kmac.js';