/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ import { bytes as abytes, isBytes } from './_assert.js'; // prettier-ignore export type TypedArray = Int8Array | Uint8ClampedArray | Uint8Array | Uint16Array | Int16Array | Uint32Array | Int32Array; // Cast array to different type export const u8 = (arr: TypedArray) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); export const u16 = (arr: TypedArray) => new Uint16Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 2)); export const u32 = (arr: TypedArray) => new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); // Cast array to view export const createView = (arr: TypedArray) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength); // big-endian hardware is rare. Just in case someone still decides to run ciphers: // early-throw an error because we don't support BE yet. export const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44; if (!isLE) throw new Error('Non little-endian hardware is not supported'); // Array where index 0xf0 (240) is mapped to string 'f0' const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0') ); /** * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' */ export function bytesToHex(bytes: Uint8Array): string { abytes(bytes); // pre-caching improves the speed 6x let hex = ''; for (let i = 0; i < bytes.length; i++) { hex += hexes[bytes[i]]; } return hex; } // We use optimized technique to convert hex string to byte array const asciis = { _0: 48, _9: 57, _A: 65, _F: 70, _a: 97, _f: 102 } as const; function asciiToBase16(char: number): number | undefined { if (char >= asciis._0 && char <= asciis._9) return char - asciis._0; if (char >= asciis._A && char <= asciis._F) return char - (asciis._A - 10); if (char >= asciis._a && char <= asciis._f) return char - (asciis._a - 10); return; } /** * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) */ export function hexToBytes(hex: string): Uint8Array { if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); const hl = hex.length; const al = hl / 2; if (hl % 2) throw new Error('padded hex string expected, got unpadded hex of length ' + hl); const array = new Uint8Array(al); for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) { const n1 = asciiToBase16(hex.charCodeAt(hi)); const n2 = asciiToBase16(hex.charCodeAt(hi + 1)); if (n1 === undefined || n2 === undefined) { const char = hex[hi] + hex[hi + 1]; throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi); } array[ai] = n1 * 16 + n2; } return array; } export function hexToNumber(hex: string): bigint { if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); // Big Endian return BigInt(hex === '' ? '0' : `0x${hex}`); } // BE: Big Endian, LE: Little Endian export function bytesToNumberBE(bytes: Uint8Array): bigint { return hexToNumber(bytesToHex(bytes)); } export function numberToBytesBE(n: number | bigint, len: number): Uint8Array { return hexToBytes(n.toString(16).padStart(len * 2, '0')); } // There is no setImmediate in browser and setTimeout is slow. // call of async fn will return Promise, which will be fullfiled only on // next scheduler queue processing step and this is exactly what we need. export const nextTick = async () => {}; // Returns control to thread each 'tick' ms to avoid blocking export async function asyncLoop(iters: number, tick: number, cb: (i: number) => void) { let ts = Date.now(); for (let i = 0; i < iters; i++) { cb(i); // Date.now() is not monotonic, so in case if clock goes backwards we return return control too const diff = Date.now() - ts; if (diff >= 0 && diff < tick) continue; await nextTick(); ts += diff; } } // Global symbols in both browsers and Node.js since v11 // See https://github.com/microsoft/TypeScript/issues/31535 declare const TextEncoder: any; declare const TextDecoder: any; /** * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) */ export function utf8ToBytes(str: string): Uint8Array { if (typeof str !== 'string') throw new Error(`string expected, got ${typeof str}`); return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 } /** * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' */ export function bytesToUtf8(bytes: Uint8Array): string { return new TextDecoder().decode(bytes); } export type Input = Uint8Array | string; /** * Normalizes (non-hex) string or Uint8Array to Uint8Array. * Warning: when Uint8Array is passed, it would NOT get copied. * Keep in mind for future mutable operations. */ export function toBytes(data: Input): Uint8Array { if (typeof data === 'string') data = utf8ToBytes(data); else if (isBytes(data)) data = data.slice(); else throw new Error(`Uint8Array expected, got ${typeof data}`); return data; } /** * Copies several Uint8Arrays into one. */ export function concatBytes(...arrays: Uint8Array[]): Uint8Array { let sum = 0; for (let i = 0; i < arrays.length; i++) { const a = arrays[i]; abytes(a); sum += a.length; } const res = new Uint8Array(sum); for (let i = 0, pad = 0; i < arrays.length; i++) { const a = arrays[i]; res.set(a, pad); pad += a.length; } return res; } type EmptyObj = {}; export function checkOpts( defaults: T1, opts: T2 ): T1 & T2 { if (opts == null || typeof opts !== 'object') throw new Error('options must be defined'); const merged = Object.assign(defaults, opts); return merged as T1 & T2; } // Compares 2 u8a-s in kinda constant time export function equalBytes(a: Uint8Array, b: Uint8Array) { if (a.length !== b.length) return false; let diff = 0; for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i]; return diff === 0; } // For runtime check if class implements interface export abstract class Hash> { abstract blockLen: number; // Bytes per block abstract outputLen: number; // Bytes in output abstract update(buf: Input): this; // Writes digest into buf abstract digestInto(buf: Uint8Array): void; abstract digest(): Uint8Array; /** * Resets internal state. Makes Hash instance unusable. * Reset is impossible for keyed hashes if key is consumed into state. If digest is not consumed * by user, they will need to manually call `destroy()` when zeroing is necessary. */ abstract destroy(): void; } // This will allow to re-use with composable things like packed & base encoders // Also, we probably can make tags composable export type Cipher = { encrypt(plaintext: Uint8Array): Uint8Array; decrypt(ciphertext: Uint8Array): Uint8Array; }; export type AsyncCipher = { encrypt(plaintext: Uint8Array): Promise; decrypt(ciphertext: Uint8Array): Promise; }; export type CipherWithOutput = Cipher & { encrypt(plaintext: Uint8Array, output?: Uint8Array): Uint8Array; decrypt(ciphertext: Uint8Array, output?: Uint8Array): Uint8Array; }; // Params is outside return type, so it is accessible before calling constructor // If function support multiple nonceLength's, we return best one export type CipherParams = { blockSize: number; nonceLength?: number; tagLength?: number }; export type CipherCons = (key: Uint8Array, ...args: T) => Cipher; /** * @__NO_SIDE_EFFECTS__ */ export const wrapCipher = , P extends CipherParams>( params: P, c: C ): C & P => { Object.assign(c, params); return c as C & P; }; export type XorStream = ( key: Uint8Array, nonce: Uint8Array, data: Uint8Array, output?: Uint8Array, counter?: number ) => Uint8Array; // Polyfill for Safari 14 export function setBigUint64( view: DataView, byteOffset: number, value: bigint, isLE: boolean ): void { if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE); const _32n = BigInt(32); const _u32_max = BigInt(0xffffffff); const wh = Number((value >> _32n) & _u32_max); const wl = Number(value & _u32_max); const h = isLE ? 4 : 0; const l = isLE ? 0 : 4; view.setUint32(byteOffset + h, wh, isLE); view.setUint32(byteOffset + l, wl, isLE); } export function u64Lengths(ciphertext: Uint8Array, AAD?: Uint8Array) { const num = new Uint8Array(16); const view = createView(num); setBigUint64(view, 0, BigInt(AAD ? AAD.length : 0), true); setBigUint64(view, 8, BigInt(ciphertext.length), true); return num; }