UNPKG

sodium-javascript/crypto_kdf.js

Version:

1.61 kBJavaScriptView Raw

1/* eslint-disable camelcase */
2const assert = require('nanoassert')
3const randombytes_buf = require('./randombytes').randombytes_buf
4const blake2b = require('blake2b')
5
6module.exports.crypto_kdf_PRIMITIVE = 'blake2b'
7module.exports.crypto_kdf_BYTES_MIN = 16
8module.exports.crypto_kdf_BYTES_MAX = 64
9module.exports.crypto_kdf_CONTEXTBYTES = 8
10module.exports.crypto_kdf_KEYBYTES = 32
11
12function STORE64_LE (dest, int) {
13  var mul = 1
14  var i = 0
15  dest[0] = int & 0xFF
16  while (++i < 8 && (mul *= 0x100)) {
17    dest[i] = (int / mul) & 0xFF
18  }
19}
20
21module.exports.crypto_kdf_derive_from_key = function crypto_kdf_derive_from_key (subkey, subkey_id, ctx, key) {
22  assert(subkey.length >= module.exports.crypto_kdf_BYTES_MIN, 'subkey must be at least crypto_kdf_BYTES_MIN')
23  assert(subkey_id >= 0 && subkey_id <= 0x1fffffffffffff, 'subkey_id must be safe integer')
24  assert(ctx.length >= module.exports.crypto_kdf_CONTEXTBYTES, 'context must be at least crypto_kdf_CONTEXTBYTES')
25
26  var ctx_padded = new Uint8Array(blake2b.PERSONALBYTES)
27  var salt = new Uint8Array(blake2b.SALTBYTES)
28
29  ctx_padded.set(ctx, 0, module.exports.crypto_kdf_CONTEXTBYTES)
30  STORE64_LE(salt, subkey_id)
31
32  var outlen = Math.min(subkey.length, module.exports.crypto_kdf_BYTES_MAX)
33  blake2b(outlen, key.subarray(0, module.exports.crypto_kdf_KEYBYTES), salt, ctx_padded, true)
34    .final(subkey)
35}
36
37module.exports.crypto_kdf_keygen = function crypto_kdf_keygen (out) {
38  assert(out.length >= module.exports.crypto_kdf_KEYBYTES, 'out.length must be crypto_kdf_KEYBYTES')
39  randombytes_buf(out.subarray(0, module.exports.crypto_kdf_KEYBYTES))
40}

1	`/* eslint-disable camelcase */`
2	`const assert = require('nanoassert')`
3	`const randombytes_buf = require('./randombytes').randombytes_buf`
4	`const blake2b = require('blake2b')`
5
6	`module.exports.crypto_kdf_PRIMITIVE = 'blake2b'`
7	`module.exports.crypto_kdf_BYTES_MIN = 16`
8	`module.exports.crypto_kdf_BYTES_MAX = 64`
9	`module.exports.crypto_kdf_CONTEXTBYTES = 8`
10	`module.exports.crypto_kdf_KEYBYTES = 32`
11
12	`function STORE64_LE (dest, int) {`
13	`var mul = 1`
14	`var i = 0`
15	`dest[0] = int & 0xFF`
16	`while (++i < 8 && (mul *= 0x100)) {`
17	`dest[i] = (int / mul) & 0xFF`
18	`}`
19	`}`
20
21	`module.exports.crypto_kdf_derive_from_key = function crypto_kdf_derive_from_key (subkey, subkey_id, ctx, key) {`
22	`assert(subkey.length >= module.exports.crypto_kdf_BYTES_MIN, 'subkey must be at least crypto_kdf_BYTES_MIN')`
23	`assert(subkey_id >= 0 && subkey_id <= 0x1fffffffffffff, 'subkey_id must be safe integer')`
24	`assert(ctx.length >= module.exports.crypto_kdf_CONTEXTBYTES, 'context must be at least crypto_kdf_CONTEXTBYTES')`
25
26	`var ctx_padded = new Uint8Array(blake2b.PERSONALBYTES)`
27	`var salt = new Uint8Array(blake2b.SALTBYTES)`
28
29	`ctx_padded.set(ctx, 0, module.exports.crypto_kdf_CONTEXTBYTES)`
30	`STORE64_LE(salt, subkey_id)`
31
32	`var outlen = Math.min(subkey.length, module.exports.crypto_kdf_BYTES_MAX)`
33	`blake2b(outlen, key.subarray(0, module.exports.crypto_kdf_KEYBYTES), salt, ctx_padded, true)`
34	`.final(subkey)`
35	`}`
36
37	`module.exports.crypto_kdf_keygen = function crypto_kdf_keygen (out) {`
38	`assert(out.length >= module.exports.crypto_kdf_KEYBYTES, 'out.length must be crypto_kdf_KEYBYTES')`
39	`randombytes_buf(out.subarray(0, module.exports.crypto_kdf_KEYBYTES))`
40	`}`