diff options
author | Florian Dold <florian.dold@gmail.com> | 2020-08-03 13:00:48 +0530 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2020-08-03 13:01:05 +0530 |
commit | ffd2a62c3f7df94365980302fef3bc3376b48182 (patch) | |
tree | 270af6f16b4cc7f5da2afdba55c8bc9dbea5eca5 /src/crypto/primitives/kdf.ts | |
parent | aa481e42675fb7c4dcbbeec0ba1c61e1953b9596 (diff) | |
download | wallet-core-ffd2a62c3f7df94365980302fef3bc3376b48182.tar.xz |
modularize repo, use pnpm, improve typechecking
Diffstat (limited to 'src/crypto/primitives/kdf.ts')
-rw-r--r-- | src/crypto/primitives/kdf.ts | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/src/crypto/primitives/kdf.ts b/src/crypto/primitives/kdf.ts deleted file mode 100644 index edc681bc1..000000000 --- a/src/crypto/primitives/kdf.ts +++ /dev/null @@ -1,92 +0,0 @@ -/* - This file is part of GNU Taler - (C) 2019 GNUnet e.V. - - GNU Taler is free software; you can redistribute it and/or modify it under the - terms of the GNU General Public License as published by the Free Software - Foundation; either version 3, or (at your option) any later version. - - GNU Taler is distributed in the hope that it will be useful, but WITHOUT ANY - WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR - A PARTICULAR PURPOSE. See the GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along with - GNU Taler; see the file COPYING. If not, see <http://www.gnu.org/licenses/> - */ - -import * as nacl from "./nacl-fast"; -import { sha256 } from "./sha256"; - -export function sha512(data: Uint8Array): Uint8Array { - return nacl.hash(data); -} - -export function hmac( - digest: (d: Uint8Array) => Uint8Array, - blockSize: number, - key: Uint8Array, - message: Uint8Array, -): Uint8Array { - if (key.byteLength > blockSize) { - key = digest(key); - } - if (key.byteLength < blockSize) { - const k = key; - key = new Uint8Array(blockSize); - key.set(k, 0); - } - const okp = new Uint8Array(blockSize); - const ikp = new Uint8Array(blockSize); - for (let i = 0; i < blockSize; i++) { - ikp[i] = key[i] ^ 0x36; - okp[i] = key[i] ^ 0x5c; - } - const b1 = new Uint8Array(blockSize + message.byteLength); - b1.set(ikp, 0); - b1.set(message, blockSize); - const h0 = digest(b1); - const b2 = new Uint8Array(blockSize + h0.length); - b2.set(okp, 0); - b2.set(h0, blockSize); - return digest(b2); -} - -export function hmacSha512(key: Uint8Array, message: Uint8Array): Uint8Array { - return hmac(sha512, 128, key, message); -} - -export function hmacSha256(key: Uint8Array, message: Uint8Array): Uint8Array { - return hmac(sha256, 64, key, message); -} - -export function kdf( - outputLength: number, - ikm: Uint8Array, - salt: Uint8Array, - info: Uint8Array, -): Uint8Array { - // extract - const prk = hmacSha512(salt, ikm); - - // expand - const N = Math.ceil(outputLength / 32); - const output = new Uint8Array(N * 32); - for (let i = 0; i < N; i++) { - let buf; - if (i == 0) { - buf = new Uint8Array(info.byteLength + 1); - buf.set(info, 0); - } else { - buf = new Uint8Array(info.byteLength + 1 + 32); - for (let j = 0; j < 32; j++) { - buf[j] = output[(i - 1) * 32 + j]; - } - buf.set(info, 32); - } - buf[buf.length - 1] = i + 1; - const chunk = hmacSha256(prk, buf); - output.set(chunk, i * 32); - } - - return output.slice(0, outputLength); -} |