"use strict"; /** * Utilities for hex, bytes, CSPRNG. * @module */ /*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */ Object.defineProperty(exports, "__esModule", { value: true }); exports.wrapCipher = exports.Hash = exports.nextTick = exports.isLE = void 0; exports.isBytes = isBytes; exports.abool = abool; exports.anumber = anumber; exports.abytes = abytes; exports.ahash = ahash; exports.aexists = aexists; exports.aoutput = aoutput; exports.u8 = u8; exports.u32 = u32; exports.clean = clean; exports.createView = createView; exports.bytesToHex = bytesToHex; exports.hexToBytes = hexToBytes; exports.hexToNumber = hexToNumber; exports.bytesToNumberBE = bytesToNumberBE; exports.numberToBytesBE = numberToBytesBE; exports.utf8ToBytes = utf8ToBytes; exports.bytesToUtf8 = bytesToUtf8; exports.toBytes = toBytes; exports.overlapBytes = overlapBytes; exports.complexOverlapBytes = complexOverlapBytes; exports.concatBytes = concatBytes; exports.checkOpts = checkOpts; exports.equalBytes = equalBytes; exports.getOutput = getOutput; exports.setBigUint64 = setBigUint64; exports.u64Lengths = u64Lengths; exports.isAligned32 = isAligned32; exports.copyBytes = copyBytes; /** Checks if something is Uint8Array. Be careful: nodejs Buffer will return true. */ function isBytes(a) { return a instanceof Uint8Array || (ArrayBuffer.isView(a) && a.constructor.name === 'Uint8Array'); } /** Asserts something is boolean. */ function abool(b) { if (typeof b !== 'boolean') throw new Error(`boolean expected, not ${b}`); } /** Asserts something is positive integer. */ function anumber(n) { if (!Number.isSafeInteger(n) || n < 0) throw new Error('positive integer expected, got ' + n); } /** Asserts something is Uint8Array. */ function abytes(b, ...lengths) { if (!isBytes(b)) throw new Error('Uint8Array expected'); if (lengths.length > 0 && !lengths.includes(b.length)) throw new Error('Uint8Array expected of length ' + lengths + ', got length=' + b.length); } /** * Asserts something is hash * TODO: remove * @deprecated */ function ahash(h) { if (typeof h !== 'function' || typeof h.create !== 'function') throw new Error('Hash should be wrapped by utils.createHasher'); anumber(h.outputLen); anumber(h.blockLen); } /** Asserts a hash instance has not been destroyed / finished */ function aexists(instance, checkFinished = true) { if (instance.destroyed) throw new Error('Hash instance has been destroyed'); if (checkFinished && instance.finished) throw new Error('Hash#digest() has already been called'); } /** Asserts output is properly-sized byte array */ function aoutput(out, instance) { abytes(out); const min = instance.outputLen; if (out.length < min) { throw new Error('digestInto() expects output buffer of length at least ' + min); } } /** Cast u8 / u16 / u32 to u8. */ function u8(arr) { return new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength); } /** Cast u8 / u16 / u32 to u32. */ function u32(arr) { return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4)); } /** Zeroize a byte array. Warning: JS provides no guarantees. */ function clean(...arrays) { for (let i = 0; i < arrays.length; i++) { arrays[i].fill(0); } } /** Create DataView of an array for easy byte-level manipulation. */ function createView(arr) { return new DataView(arr.buffer, arr.byteOffset, arr.byteLength); } /** Is current platform little-endian? Most are. Big-Endian platform: IBM */ exports.isLE = (() => new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44)(); // Built-in hex conversion https://caniuse.com/mdn-javascript_builtins_uint8array_fromhex const hasHexBuiltin = /* @__PURE__ */ (() => // @ts-ignore typeof Uint8Array.from([]).toHex === 'function' && typeof Uint8Array.fromHex === 'function')(); // Array where index 0xf0 (240) is mapped to string 'f0' const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); /** * Convert byte array to hex string. Uses built-in function, when available. * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' */ function bytesToHex(bytes) { abytes(bytes); // @ts-ignore if (hasHexBuiltin) return bytes.toHex(); // pre-caching improves the speed 6x let hex = ''; for (let i = 0; i < bytes.length; i++) { hex += hexes[bytes[i]]; } return hex; } // We use optimized technique to convert hex string to byte array const asciis = { _0: 48, _9: 57, A: 65, F: 70, a: 97, f: 102 }; function asciiToBase16(ch) { if (ch >= asciis._0 && ch <= asciis._9) return ch - asciis._0; // '2' => 50-48 if (ch >= asciis.A && ch <= asciis.F) return ch - (asciis.A - 10); // 'B' => 66-(65-10) if (ch >= asciis.a && ch <= asciis.f) return ch - (asciis.a - 10); // 'b' => 98-(97-10) return; } /** * Convert hex string to byte array. Uses built-in function, when available. * @example hexToBytes('cafe0123') // Uint8Array.from([0xca, 0xfe, 0x01, 0x23]) */ function hexToBytes(hex) { if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); // @ts-ignore if (hasHexBuiltin) return Uint8Array.fromHex(hex); const hl = hex.length; const al = hl / 2; if (hl % 2) throw new Error('hex string expected, got unpadded hex of length ' + hl); const array = new Uint8Array(al); for (let ai = 0, hi = 0; ai < al; ai++, hi += 2) { const n1 = asciiToBase16(hex.charCodeAt(hi)); const n2 = asciiToBase16(hex.charCodeAt(hi + 1)); if (n1 === undefined || n2 === undefined) { const char = hex[hi] + hex[hi + 1]; throw new Error('hex string expected, got non-hex character "' + char + '" at index ' + hi); } array[ai] = n1 * 16 + n2; // multiply first octet, e.g. 'a3' => 10*16+3 => 160 + 3 => 163 } return array; } // Used in micro function hexToNumber(hex) { if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex); return BigInt(hex === '' ? '0' : '0x' + hex); // Big Endian } // Used in ff1 // BE: Big Endian, LE: Little Endian function bytesToNumberBE(bytes) { return hexToNumber(bytesToHex(bytes)); } // Used in micro, ff1 function numberToBytesBE(n, len) { return hexToBytes(n.toString(16).padStart(len * 2, '0')); } // TODO: remove // There is no setImmediate in browser and setTimeout is slow. // call of async fn will return Promise, which will be fullfiled only on // next scheduler queue processing step and this is exactly what we need. const nextTick = async () => { }; exports.nextTick = nextTick; /** * Converts string to bytes using UTF8 encoding. * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99]) */ function utf8ToBytes(str) { if (typeof str !== 'string') throw new Error('string expected'); return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809 } /** * Converts bytes to string using UTF8 encoding. * @example bytesToUtf8(new Uint8Array([97, 98, 99])) // 'abc' */ function bytesToUtf8(bytes) { return new TextDecoder().decode(bytes); } /** * Normalizes (non-hex) string or Uint8Array to Uint8Array. * Warning: when Uint8Array is passed, it would NOT get copied. * Keep in mind for future mutable operations. */ function toBytes(data) { if (typeof data === 'string') data = utf8ToBytes(data); else if (isBytes(data)) data = copyBytes(data); else throw new Error('Uint8Array expected, got ' + typeof data); return data; } /** * Checks if two U8A use same underlying buffer and overlaps. * This is invalid and can corrupt data. */ function overlapBytes(a, b) { return (a.buffer === b.buffer && // best we can do, may fail with an obscure Proxy a.byteOffset < b.byteOffset + b.byteLength && // a starts before b end b.byteOffset < a.byteOffset + a.byteLength // b starts before a end ); } /** * If input and output overlap and input starts before output, we will overwrite end of input before * we start processing it, so this is not supported for most ciphers (except chacha/salse, which designed with this) */ function complexOverlapBytes(input, output) { // This is very cursed. It works somehow, but I'm completely unsure, // reasoning about overlapping aligned windows is very hard. if (overlapBytes(input, output) && input.byteOffset < output.byteOffset) throw new Error('complex overlap of input and output is not supported'); } /** * Copies several Uint8Arrays into one. */ function concatBytes(...arrays) { let sum = 0; for (let i = 0; i < arrays.length; i++) { const a = arrays[i]; abytes(a); sum += a.length; } const res = new Uint8Array(sum); for (let i = 0, pad = 0; i < arrays.length; i++) { const a = arrays[i]; res.set(a, pad); pad += a.length; } return res; } function checkOpts(defaults, opts) { if (opts == null || typeof opts !== 'object') throw new Error('options must be defined'); const merged = Object.assign(defaults, opts); return merged; } /** Compares 2 uint8array-s in kinda constant time. */ function equalBytes(a, b) { if (a.length !== b.length) return false; let diff = 0; for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i]; return diff === 0; } // TODO: remove /** For runtime check if class implements interface. */ class Hash { } exports.Hash = Hash; /** * Wraps a cipher: validates args, ensures encrypt() can only be called once. * @__NO_SIDE_EFFECTS__ */ const wrapCipher = (params, constructor) => { function wrappedCipher(key, ...args) { // Validate key abytes(key); // Big-Endian hardware is rare. Just in case someone still decides to run ciphers: if (!exports.isLE) throw new Error('Non little-endian hardware is not yet supported'); // Validate nonce if nonceLength is present if (params.nonceLength !== undefined) { const nonce = args[0]; if (!nonce) throw new Error('nonce / iv required'); if (params.varSizeNonce) abytes(nonce); else abytes(nonce, params.nonceLength); } // Validate AAD if tagLength present const tagl = params.tagLength; if (tagl && args[1] !== undefined) { abytes(args[1]); } const cipher = constructor(key, ...args); const checkOutput = (fnLength, output) => { if (output !== undefined) { if (fnLength !== 2) throw new Error('cipher output not supported'); abytes(output); } }; // Create wrapped cipher with validation and single-use encryption let called = false; const wrCipher = { encrypt(data, output) { if (called) throw new Error('cannot encrypt() twice with same key + nonce'); called = true; abytes(data); checkOutput(cipher.encrypt.length, output); return cipher.encrypt(data, output); }, decrypt(data, output) { abytes(data); if (tagl && data.length < tagl) throw new Error('invalid ciphertext length: smaller than tagLength=' + tagl); checkOutput(cipher.decrypt.length, output); return cipher.decrypt(data, output); }, }; return wrCipher; } Object.assign(wrappedCipher, params); return wrappedCipher; }; exports.wrapCipher = wrapCipher; /** * By default, returns u8a of length. * When out is available, it checks it for validity and uses it. */ function getOutput(expectedLength, out, onlyAligned = true) { if (out === undefined) return new Uint8Array(expectedLength); if (out.length !== expectedLength) throw new Error('invalid output length, expected ' + expectedLength + ', got: ' + out.length); if (onlyAligned && !isAligned32(out)) throw new Error('invalid output, must be aligned'); return out; } /** Polyfill for Safari 14. */ function setBigUint64(view, byteOffset, value, isLE) { if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE); const _32n = BigInt(32); const _u32_max = BigInt(0xffffffff); const wh = Number((value >> _32n) & _u32_max); const wl = Number(value & _u32_max); const h = isLE ? 4 : 0; const l = isLE ? 0 : 4; view.setUint32(byteOffset + h, wh, isLE); view.setUint32(byteOffset + l, wl, isLE); } function u64Lengths(dataLength, aadLength, isLE) { abool(isLE); const num = new Uint8Array(16); const view = createView(num); setBigUint64(view, 0, BigInt(aadLength), isLE); setBigUint64(view, 8, BigInt(dataLength), isLE); return num; } // Is byte array aligned to 4 byte offset (u32)? function isAligned32(bytes) { return bytes.byteOffset % 4 === 0; } // copy bytes to new u8a (aligned). Because Buffer.slice is broken. function copyBytes(bytes) { return Uint8Array.from(bytes); } //# sourceMappingURL=utils.js.map