From be00dafcc9c4c661d73c3ed4326d926bf368cfc3 Mon Sep 17 00:00:00 2001 From: Paul Miller Date: Thu, 27 Jun 2024 10:57:57 +0000 Subject: [PATCH] Lint --- src/_arx.ts | 2 +- src/_micro.ts | 59 ++++++++++++++++++---------------- src/_poly1305.ts | 2 +- src/aes.ts | 34 ++++++++++---------- src/chacha.ts | 83 +++++++++++++++++++++++++----------------------- src/utils.ts | 2 +- 6 files changed, 95 insertions(+), 87 deletions(-) diff --git a/src/_arx.ts b/src/_arx.ts index c6a653e..bef694a 100644 --- a/src/_arx.ts +++ b/src/_arx.ts @@ -207,7 +207,7 @@ export function createCipher(core: CipherCoreFn, opts: CipherOpts): XorStream { } const n32 = u32(nonce); runCipher(core, sigma, k32, n32, data, output, counter, rounds); - clean(...toClean) + clean(...toClean); return output; }; } diff --git a/src/_micro.ts b/src/_micro.ts index e33afc9..2eda571 100644 --- a/src/_micro.ts +++ b/src/_micro.ts @@ -3,11 +3,16 @@ import { createCipher, rotl } from './_arx.js'; import { bytes as abytes } from './_assert.js'; import { - Cipher, XorStream, - bytesToHex, concatBytes, + Cipher, + XorStream, + bytesToHex, + concatBytes, createView, - equalBytes, hexToNumber, numberToBytesBE, - setBigUint64, wrapCipher, + equalBytes, + hexToNumber, + numberToBytesBE, + setBigUint64, + wrapCipher, } from './utils.js'; /* @@ -285,30 +290,30 @@ export function secretbox(key: Uint8Array, nonce: Uint8Array) { export const _poly1305_aead = (fn: XorStream) => - (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): Cipher => { - const tagLength = 16; - const keyLength = 32; - abytes(key, keyLength); - abytes(nonce); - return { - encrypt(plaintext: Uint8Array) { - abytes(plaintext); - const res = fn(key, nonce, plaintext, undefined, 1); - const tag = computeTag(fn, key, nonce, res, AAD); - return concatBytes(res, tag); - }, - decrypt(ciphertext: Uint8Array) { - abytes(ciphertext); - if (ciphertext.length < tagLength) - throw new Error(`encrypted data must be at least ${tagLength} bytes`); - const passedTag = ciphertext.subarray(-tagLength); - const data = ciphertext.subarray(0, -tagLength); - const tag = computeTag(fn, key, nonce, data, AAD); - if (!equalBytes(passedTag, tag)) throw new Error('invalid poly1305 tag'); - return fn(key, nonce, data, undefined, 1); - }, - }; + (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): Cipher => { + const tagLength = 16; + const keyLength = 32; + abytes(key, keyLength); + abytes(nonce); + return { + encrypt(plaintext: Uint8Array) { + abytes(plaintext); + const res = fn(key, nonce, plaintext, undefined, 1); + const tag = computeTag(fn, key, nonce, res, AAD); + return concatBytes(res, tag); + }, + decrypt(ciphertext: Uint8Array) { + abytes(ciphertext); + if (ciphertext.length < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + const passedTag = ciphertext.subarray(-tagLength); + const data = ciphertext.subarray(0, -tagLength); + const tag = computeTag(fn, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) throw new Error('invalid poly1305 tag'); + return fn(key, nonce, data, undefined, 1); + }, }; + }; /** * chacha20-poly1305 12-byte-nonce chacha. diff --git a/src/_poly1305.ts b/src/_poly1305.ts index d45277b..47b96c0 100644 --- a/src/_poly1305.ts +++ b/src/_poly1305.ts @@ -222,7 +222,7 @@ class Poly1305 implements Hash { data = toBytes(data); const len = data.length; - for (let pos = 0; pos < len;) { + for (let pos = 0; pos < len; ) { const take = Math.min(blockLen - this.pos, len - pos); // Fast path: we have at least one block in input if (take === blockLen) { diff --git a/src/aes.ts b/src/aes.ts index e615085..ab89a0e 100644 --- a/src/aes.ts +++ b/src/aes.ts @@ -131,7 +131,7 @@ export function expandKeyLE(key: Uint8Array): Uint32Array { else if (Nk > 6 && i % Nk === 4) t = subByte(t); xk[i] = xk[i - Nk] ^ t; } - clean(...toClean) + clean(...toClean); return xk; } @@ -329,7 +329,7 @@ export const ctr = wrapCipher( const toClean = [xk, n]; if (!isAligned32(buf)) toClean.push((buf = copyBytes(buf))); const out = ctrCounter(xk, n, buf, dst); - clean(...toClean) + clean(...toClean); return out; } return { @@ -403,7 +403,7 @@ export const ecb = wrapCipher( const { b, o, out: _out } = validateBlockEncrypt(plaintext, pcks5, dst); const xk = expandKeyLE(key); let i = 0; - for (; i + 4 <= b.length;) { + for (; i + 4 <= b.length; ) { const { s0, s1, s2, s3 } = encrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); } @@ -423,11 +423,11 @@ export const ecb = wrapCipher( if (!isAligned32(ciphertext)) toClean.push((ciphertext = copyBytes(ciphertext))); const b = u32(ciphertext); const o = u32(out); - for (let i = 0; i + 4 <= b.length;) { + for (let i = 0; i + 4 <= b.length; ) { const { s0, s1, s2, s3 } = decrypt(xk, b[i + 0], b[i + 1], b[i + 2], b[i + 3]); (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); } - clean(...toClean) + clean(...toClean); return validatePCKS(out, pcks5); }, }; @@ -455,7 +455,7 @@ export const cbc = wrapCipher( // prettier-ignore let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; let i = 0; - for (; i + 4 <= b.length;) { + for (; i + 4 <= b.length; ) { (s0 ^= b[i + 0]), (s1 ^= b[i + 1]), (s2 ^= b[i + 2]), (s3 ^= b[i + 3]); ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); @@ -466,7 +466,7 @@ export const cbc = wrapCipher( ({ s0, s1, s2, s3 } = encrypt(xk, s0, s1, s2, s3)); (o[i++] = s0), (o[i++] = s1), (o[i++] = s2), (o[i++] = s3); } - clean(...toClean) + clean(...toClean); return _out; }, decrypt(ciphertext: Uint8Array, dst?: Uint8Array) { @@ -482,14 +482,14 @@ export const cbc = wrapCipher( const o = u32(out); // prettier-ignore let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; - for (let i = 0; i + 4 <= b.length;) { + for (let i = 0; i + 4 <= b.length; ) { // prettier-ignore const ps0 = s0, ps1 = s1, ps2 = s2, ps3 = s3; (s0 = b[i + 0]), (s1 = b[i + 1]), (s2 = b[i + 2]), (s3 = b[i + 3]); const { s0: o0, s1: o1, s2: o2, s3: o3 } = decrypt(xk, s0, s1, s2, s3); (o[i++] = o0 ^ ps0), (o[i++] = o1 ^ ps1), (o[i++] = o2 ^ ps2), (o[i++] = o3 ^ ps3); } - clean(...toClean) + clean(...toClean); return validatePCKS(out, pcks5); }, }; @@ -520,7 +520,7 @@ export const cfb = wrapCipher( const n32 = u32(_iv); // prettier-ignore let s0 = n32[0], s1 = n32[1], s2 = n32[2], s3 = n32[3]; - for (let i = 0; i + 4 <= src32.length;) { + for (let i = 0; i + 4 <= src32.length; ) { const { s0: e0, s1: e1, s2: e2, s3: e3 } = encrypt(xk, s0, s1, s2, s3); dst32[i + 0] = src32[i + 0] ^ e0; dst32[i + 1] = src32[i + 1] ^ e1; @@ -536,7 +536,7 @@ export const cfb = wrapCipher( for (let i = start, pos = 0; i < srcLen; i++, pos++) dst[i] = src[i] ^ buf[pos]; clean(buf); } - clean(...toClean) + clean(...toClean); return dst; } return { @@ -618,7 +618,7 @@ export const gcm = wrapCipher( const tag = _computeTag(authKey, tagMask, out.subarray(0, out.length - tagLength)); toClean.push(tag); out.set(tag, plaintext.length); - clean(...toClean) + clean(...toClean); return out; }, decrypt(ciphertext: Uint8Array) { @@ -634,7 +634,7 @@ export const gcm = wrapCipher( toClean.push(tag); if (!equalBytes(tag, passedTag)) throw new Error('aes/gcm: invalid ghash tag'); const out = ctr32(xk, false, counter, data); - clean(...toClean) + clean(...toClean); return out; }, }; @@ -691,7 +691,7 @@ export const siv = wrapCipher( } const res = { authKey, encKey: expandKeyLE(encKey) }; // Cleanup - clean(...toClean) + clean(...toClean); return res; } function _computeTag(encKey: Uint32Array, authKey: Uint8Array, data: Uint8Array) { @@ -730,7 +730,7 @@ export const siv = wrapCipher( out.set(tag, plaintext.length); out.set(processSiv(encKey, tag, plaintext)); // Cleanup - clean(...toClean) + clean(...toClean); return out; }, decrypt(ciphertext: Uint8Array) { @@ -744,11 +744,11 @@ export const siv = wrapCipher( const expectedTag = _computeTag(encKey, authKey, plaintext); toClean.push(expectedTag); if (!equalBytes(tag, expectedTag)) { - clean(...toClean) + clean(...toClean); throw new Error('invalid polyval tag'); } // Cleanup - clean(...toClean) + clean(...toClean); return plaintext; }, }; diff --git a/src/chacha.ts b/src/chacha.ts index 18223c1..ce7e10d 100644 --- a/src/chacha.ts +++ b/src/chacha.ts @@ -3,9 +3,12 @@ import { createCipher, rotl } from './_arx.js'; import { bytes as abytes } from './_assert.js'; import { poly1305 } from './_poly1305.js'; import { - CipherWithOutput, XorStream, + CipherWithOutput, + XorStream, clean, - createView, equalBytes, setBigUint64, + createView, + equalBytes, + setBigUint64, wrapCipher, } from './utils.js'; @@ -231,45 +234,45 @@ function computeTag( */ export const _poly1305_aead = (xorStream: XorStream) => - (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): CipherWithOutput => { - const tagLength = 16; - abytes(key, 32); - abytes(nonce); - return { - encrypt(plaintext: Uint8Array, output?: Uint8Array) { - const plength = plaintext.length; - const clength = plength + tagLength; - if (output) { - abytes(output, clength); - } else { - output = new Uint8Array(clength); - } - xorStream(key, nonce, plaintext, output, 1); - const tag = computeTag(xorStream, key, nonce, output.subarray(0, -tagLength), AAD); - output.set(tag, plength); // append tag - clean(tag); - return output; - }, - decrypt(ciphertext: Uint8Array, output?: Uint8Array) { - const clength = ciphertext.length; - const plength = clength - tagLength; - if (clength < tagLength) - throw new Error(`encrypted data must be at least ${tagLength} bytes`); - if (output) { - abytes(output, plength); - } else { - output = new Uint8Array(plength); - } - const data = ciphertext.subarray(0, -tagLength); - const passedTag = ciphertext.subarray(-tagLength); - const tag = computeTag(xorStream, key, nonce, data, AAD); - if (!equalBytes(passedTag, tag)) throw new Error('invalid tag'); - xorStream(key, nonce, data, output, 1); - clean(tag); - return output; - }, - }; + (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): CipherWithOutput => { + const tagLength = 16; + abytes(key, 32); + abytes(nonce); + return { + encrypt(plaintext: Uint8Array, output?: Uint8Array) { + const plength = plaintext.length; + const clength = plength + tagLength; + if (output) { + abytes(output, clength); + } else { + output = new Uint8Array(clength); + } + xorStream(key, nonce, plaintext, output, 1); + const tag = computeTag(xorStream, key, nonce, output.subarray(0, -tagLength), AAD); + output.set(tag, plength); // append tag + clean(tag); + return output; + }, + decrypt(ciphertext: Uint8Array, output?: Uint8Array) { + const clength = ciphertext.length; + const plength = clength - tagLength; + if (clength < tagLength) + throw new Error(`encrypted data must be at least ${tagLength} bytes`); + if (output) { + abytes(output, plength); + } else { + output = new Uint8Array(plength); + } + const data = ciphertext.subarray(0, -tagLength); + const passedTag = ciphertext.subarray(-tagLength); + const tag = computeTag(xorStream, key, nonce, data, AAD); + if (!equalBytes(passedTag, tag)) throw new Error('invalid tag'); + xorStream(key, nonce, data, output, 1); + clean(tag); + return output; + }, }; + }; /** * ChaCha20-Poly1305 from RFC 8439. diff --git a/src/utils.ts b/src/utils.ts index 903970f..297b07f 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -85,7 +85,7 @@ export function numberToBytesBE(n: number | bigint, len: number): Uint8Array { // There is no setImmediate in browser and setTimeout is slow. // call of async fn will return Promise, which will be fullfiled only on // next scheduler queue processing step and this is exactly what we need. -export const nextTick = async () => { }; +export const nextTick = async () => {}; // Returns control to thread each 'tick' ms to avoid blocking export async function asyncLoop(iters: number, tick: number, cb: (i: number) => void) {