From 9275119dbc3f5fab9393c6630e27b09740558789 Mon Sep 17 00:00:00 2001 From: Mahrud Sayrafi Date: Wed, 28 Feb 2018 14:13:27 -0800 Subject: [PATCH] Enables JSDoc Markdown Plugin --- .jsdocrc.js | 3 + Gruntfile.js | 1 + src/crypto/hash/sha.js | 1472 ----------------- src/enums.js | 53 +- src/key.js | 6 +- src/packet/compressed.js | 7 +- src/packet/literal.js | 9 +- src/packet/marker.js | 12 +- src/packet/one_pass_signature.js | 9 +- src/packet/public_key.js | 4 +- .../public_key_encrypted_session_key.js | 7 +- src/packet/secret_key.js | 4 +- src/packet/signature.js | 4 +- .../sym_encrypted_integrity_protected.js | 5 +- src/packet/sym_encrypted_session_key.js | 7 +- src/packet/symmetrically_encrypted.js | 9 +- src/packet/user_attribute.js | 6 +- src/packet/userid.js | 4 +- src/type/ecdh_symkey.js | 4 +- src/type/kdf_params.js | 4 +- src/type/keyid.js | 5 +- src/type/oid.js | 5 +- src/type/s2k.js | 5 +- 23 files changed, 100 insertions(+), 1545 deletions(-) create mode 100644 .jsdocrc.js delete mode 100644 src/crypto/hash/sha.js diff --git a/.jsdocrc.js b/.jsdocrc.js new file mode 100644 index 00000000..f4b88806 --- /dev/null +++ b/.jsdocrc.js @@ -0,0 +1,3 @@ +module.exports = { + plugins: ['plugins/markdown'] +}; diff --git a/Gruntfile.js b/Gruntfile.js index ca6abf05..913eb952 100644 --- a/Gruntfile.js +++ b/Gruntfile.js @@ -181,6 +181,7 @@ module.exports = function(grunt) { dist: { src: ['README.md', 'src'], options: { + configure: '.jsdocrc.js', destination: 'doc', recurse: true } diff --git a/src/crypto/hash/sha.js b/src/crypto/hash/sha.js deleted file mode 100644 index 10997513..00000000 --- a/src/crypto/hash/sha.js +++ /dev/null @@ -1,1472 +0,0 @@ -/** - * @preserve A JavaScript implementation of the SHA family of hashes, as - * defined in FIPS PUB 180-2 as well as the corresponding HMAC implementation - * as defined in FIPS PUB 198a - * - * Copyright Brian Turek 2008-2015 - * Distributed under the BSD License - * See https://caligatio.github.com/jsSHA/ for more information - * - * Several functions taken from Paul Johnston - */ - -/** - * SUPPORTED_ALGS is the stub for a compile flag that will cause pruning of - * functions that are not needed when a limited number of SHA families are - * selected - * - * @define {number} ORed value of SHA variants to be supported - * 1 = SHA-1, 2 = SHA-224/SHA-256, 4 = SHA-384/SHA-512 - */ - -const SUPPORTED_ALGS = 4 | 2 | 1; - -/** - * Int_64 is a object for 2 32-bit numbers emulating a 64-bit number - * - * @private - * @constructor - * @this {Int_64} - * @param {number} msint_32 The most significant 32-bits of a 64-bit number - * @param {number} lsint_32 The least significant 32-bits of a 64-bit number - */ -function Int_64(msint_32, lsint_32) { - this.highOrder = msint_32; - this.lowOrder = lsint_32; -} - -/** - * Convert a string to an array of big-endian words - * - * @private - * @param {string} str String to be converted to binary representation - * @param {string} utfType The Unicode type, UTF8 or UTF16BE, UTF16LE, to - * use to encode the source string - * @return {{value : Array., binLen : number}} Hash list where - * "value" contains the output number array and "binLen" is the binary - * length of "value" - */ -function str2binb(str, utfType) { - const bin = []; - let codePnt; - let binArr = []; - let byteCnt = 0; - let i; - let j; - let offset; - - if (utfType === "UTF8") { - for (i = 0; i < str.length; i += 1) { - codePnt = str.charCodeAt(i); - binArr = []; - - if (codePnt < 0x80) { - binArr.push(codePnt); - } else if (codePnt < 0x800) { - binArr.push(0xC0 | (codePnt >>> 6)); - binArr.push(0x80 | (codePnt & 0x3F)); - } else if ((codePnt < 0xd800) || (codePnt >= 0xe000)) { - binArr.push( - 0xe0 | (codePnt >>> 12), - 0x80 | ((codePnt >>> 6) & 0x3f), - 0x80 | (codePnt & 0x3f) - ); - } else { - i += 1; - codePnt = 0x10000 + (((codePnt & 0x3ff) << 10) | (str.charCodeAt(i) & 0x3ff)); - binArr.push( - 0xf0 | (codePnt >>> 18), - 0x80 | ((codePnt >>> 12) & 0x3f), - 0x80 | ((codePnt >>> 6) & 0x3f), - 0x80 | (codePnt & 0x3f) - ); - } - - for (j = 0; j < binArr.length; j += 1) { - offset = byteCnt >>> 2; - while (bin.length <= offset) { - bin.push(0); - } - bin[offset] |= binArr[j] << (24 - (8 * (byteCnt % 4))); - byteCnt += 1; - } - } - } else if ((utfType === "UTF16BE") || utfType === "UTF16LE") { - for (i = 0; i < str.length; i += 1) { - codePnt = str.charCodeAt(i); - /* Internally strings are UTF-16BE so only change if UTF-16LE */ - if (utfType === "UTF16LE") { - j = codePnt & 0xFF; - codePnt = (j << 8) | (codePnt >> 8); - } - - offset = byteCnt >>> 2; - while (bin.length <= offset) { - bin.push(0); - } - bin[offset] |= codePnt << (16 - (8 * (byteCnt % 4))); - byteCnt += 2; - } - } - return { "value" : bin, "binLen" : byteCnt * 8 }; -} - -/** - * Convert a hex string to an array of big-endian words - * - * @private - * @param {string} str String to be converted to binary representation - * @return {{value : Array., binLen : number}} Hash list where - * "value" contains the output number array and "binLen" is the binary - * length of "value" - */ -function hex2binb(str) { - const bin = []; - const { length } = str; - let num; - let offset; - - if ((length % 2) !== 0) { - throw new Error('String of HEX type must be in byte increments'); - } - - for (let i = 0; i < length; i += 2) { - num = parseInt(str.substr(i, 2), 16); - if (!Number.isNaN(num)) { - offset = i >>> 3; - while (bin.length <= offset) { - bin.push(0); - } - bin[i >>> 3] |= num << (24 - (4 * (i % 8))); - } else { - throw new Error('String of HEX type contains invalid characters'); - } - } - - return { "value" : bin, "binLen" : length * 4 }; -} - -/** - * Convert a string of raw bytes to an array of big-endian words - * - * @private - * @param {string} str String of raw bytes to be converted to binary representation - * @return {{value : Array., binLen : number}} Hash list where - * "value" contains the output number array and "binLen" is the binary - * length of "value" - */ -function bytes2binb(str) { - const bin = []; - let codePnt; - let offset; - - for (let i = 0; i < str.length; i += 1) { - codePnt = str.charCodeAt(i); - - offset = i >>> 2; - if (bin.length <= offset) { - bin.push(0); - } - bin[offset] |= codePnt << (24 - (8 * (i % 4))); - } - - return { "value" : bin, "binLen" : str.length * 8 }; -} - -/** - * Convert a Uint8Array of raw bytes to an array of big-endian 32-bit words - * - * @private - * @param {Uint8Array} str String of raw bytes to be converted to binary representation - * @return {{value : Array., binLen : number}} Hash list where - * "value" contains the output array and "binLen" is the binary - * length of "value" - */ -function typed2binb(array) { - const bin = []; - let octet; - let offset; - - for (let i = 0; i < array.length; i += 1) { - octet = array[i]; - - offset = i >>> 2; - if (bin.length <= offset) { - bin.push(0); - } - bin[offset] |= octet << (24 - (8 * (i % 4))); - } - - return { "value" : bin, "binLen" : array.length * 8 }; -} - -/** - * Convert a base-64 string to an array of big-endian words - * - * @private - * @param {string} str String to be converted to binary representation - * @return {{value : Array., binLen : number}} Hash list where - * "value" contains the output number array and "binLen" is the binary - * length of "value" - */ -function b642binb(str) { - const retVal = []; - let byteCnt = 0; - let index; - let j; - let tmpInt; - let strPart; - let offset; - const b64Tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - - if (str.search(/^[a-zA-Z0-9=+\/]+$/) === -1) { - throw new Error('Invalid character in base-64 string'); - } - const firstEqual = str.indexOf('='); - str = str.replace(/\=/g, ''); - if ((firstEqual !== -1) && (firstEqual < str.length)) { - throw new Error('Invalid \'=\' found in base-64 string'); - } - - for (let i = 0; i < str.length; i += 4) { - strPart = str.substr(i, 4); - tmpInt = 0; - - for (j = 0; j < strPart.length; j += 1) { - index = b64Tab.indexOf(strPart[j]); - tmpInt |= index << (18 - (6 * j)); - } - - for (j = 0; j < strPart.length - 1; j += 1) { - offset = byteCnt >>> 2; - while (retVal.length <= offset) { - retVal.push(0); - } - retVal[offset] |= ((tmpInt >>> (16 - (j * 8))) & 0xFF) << - (24 - (8 * (byteCnt % 4))); - byteCnt += 1; - } - } - - return { "value" : retVal, "binLen" : byteCnt * 8 }; -} - -/** - * Convert an array of big-endian words to a hex string. - * - * @private - * @param {Array.} binarray Array of integers to be converted to - * hexidecimal representation - * @param {{outputUpper : boolean, b64Pad : string}} formatOpts Hash list - * containing validated output formatting options - * @return {string} Hexidecimal representation of the parameter in string - * form - */ -function binb2hex(binarray, formatOpts) { - const hex_tab = "0123456789abcdef"; - let str = ""; - const length = binarray.length * 4; - let srcByte; - - for (let i = 0; i < length; i += 1) { - /* The below is more than a byte but it gets taken care of later */ - srcByte = binarray[i >>> 2] >>> ((3 - (i % 4)) * 8); - str += hex_tab.charAt((srcByte >>> 4) & 0xF) + - hex_tab.charAt(srcByte & 0xF); - } - - return (formatOpts.outputUpper) ? str.toUpperCase() : str; -} - -/** - * Convert an array of big-endian words to a base-64 string - * - * @private - * @param {Array.} binarray Array of integers to be converted to - * base-64 representation - * @param {{outputUpper : boolean, b64Pad : string}} formatOpts Hash list - * containing validated output formatting options - * @return {string} Base-64 encoded representation of the parameter in - * string form - */ -function binb2b64(binarray, formatOpts) { - let str = ""; - const length = binarray.length * 4; - let triplet; - let offset; - let int1; - let int2; - const b64Tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - - for (let i = 0; i < length; i += 3) { - offset = (i + 1) >>> 2; - int1 = (binarray.length <= offset) ? 0 : binarray[offset]; - offset = (i + 2) >>> 2; - int2 = (binarray.length <= offset) ? 0 : binarray[offset]; - triplet = (((binarray[i >>> 2] >>> 8 * (3 - i % 4)) & 0xFF) << 16) | - (((int1 >>> 8 * (3 - (i + 1) % 4)) & 0xFF) << 8) | - ((int2 >>> 8 * (3 - (i + 2) % 4)) & 0xFF); - for (let j = 0; j < 4; j += 1) { - if (i * 8 + j * 6 <= binarray.length * 32) { - str += b64Tab.charAt((triplet >>> 6 * (3 - j)) & 0x3F); - } else { - str += formatOpts.b64Pad; - } - } - } - return str; -} - -/** - * Convert an array of big-endian words to raw bytes string - * - * @private - * @param {Array.} binarray Array of integers to be converted to - * a raw bytes string representation - * @param {!Object} formatOpts Unused Hash list - * @return {string} Raw bytes representation of the parameter in string - * form - */ -function binb2bytes(binarray, formatOpts) { - let str = ""; - const length = binarray.length * 4; - let srcByte; - - for (let i = 0; i < length; i += 1) { - srcByte = (binarray[i >>> 2] >>> ((3 - (i % 4)) * 8)) & 0xFF; - str += String.fromCharCode(srcByte); - } - - return str; -} - -/** - * Convert an array of big-endian words to raw bytes Uint8Array - * - * @private - * @param {Array.} binarray Array of integers to be converted to - * a raw bytes string representation - * @param {!Object} formatOpts Unused Hash list - * @return {Uint8Array} Raw bytes representation of the parameter - */ -function binb2typed(binarray, formatOpts) { - const length = binarray.length * 4; - const arr = new Uint8Array(length); - - for (let i = 0; i < length; i += 1) { - arr[i] = (binarray[i >>> 2] >>> ((3 - (i % 4)) * 8)) & 0xFF; - } - - return arr; -} - -/** - * Validate hash list containing output formatting options, ensuring - * presence of every option or adding the default value - * - * @private - * @param {{outputUpper : boolean, b64Pad : string}|undefined} outputOpts - * Hash list of output formatting options - * @return {{outputUpper : boolean, b64Pad : string}} Validated hash list - * containing output formatting options - */ -function getOutputOpts(outputOpts) { - const retVal = { "outputUpper" : false, "b64Pad" : "=" }; - - try { - if (outputOpts.hasOwnProperty("outputUpper")) { - retVal.outputUpper = outputOpts.outputUpper; - } - - if (outputOpts.hasOwnProperty("b64Pad")) { - retVal.b64Pad = outputOpts.b64Pad; - } - } catch (ignore) {} - - if (typeof (retVal.outputUpper) !== "boolean") { - throw new Error('Invalid outputUpper formatting option'); - } - - if (typeof (retVal.b64Pad) !== "string") { - throw new Error('Invalid b64Pad formatting option'); - } - - return retVal; -} - -/** - * The 32-bit implementation of circular rotate left - * - * @private - * @param {number} x The 32-bit integer argument - * @param {number} n The number of bits to shift - * @return {number} The x shifted circularly by n bits - */ -function rotl_32(x, n) { - return (x << n) | (x >>> (32 - n)); -} - -/** - * The 32-bit implementation of circular rotate right - * - * @private - * @param {number} x The 32-bit integer argument - * @param {number} n The number of bits to shift - * @return {number} The x shifted circularly by n bits - */ -function rotr_32(x, n) { - return (x >>> n) | (x << (32 - n)); -} - -/** - * The 64-bit implementation of circular rotate right - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @param {number} n The number of bits to shift - * @return {Int_64} The x shifted circularly by n bits - */ -function rotr_64(x, n) { - let retVal = null; - const tmp = new Int_64(x.highOrder, x.lowOrder); - - if (n <= 32) { - retVal = new Int_64( - (tmp.highOrder >>> n) | ((tmp.lowOrder << (32 - n)) & 0xFFFFFFFF), - (tmp.lowOrder >>> n) | ((tmp.highOrder << (32 - n)) & 0xFFFFFFFF) - ); - } else { - retVal = new Int_64( - (tmp.lowOrder >>> (n - 32)) | ((tmp.highOrder << (64 - n)) & 0xFFFFFFFF), - (tmp.highOrder >>> (n - 32)) | ((tmp.lowOrder << (64 - n)) & 0xFFFFFFFF) - ); - } - - return retVal; -} - -/** - * The 32-bit implementation of shift right - * - * @private - * @param {number} x The 32-bit integer argument - * @param {number} n The number of bits to shift - * @return {number} The x shifted by n bits - */ -function shr_32(x, n) { - return x >>> n; -} - -/** - * The 64-bit implementation of shift right - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @param {number} n The number of bits to shift - * @return {Int_64} The x shifted by n bits - */ -function shr_64(x, n) { - let retVal = null; - - if (n <= 32) { - retVal = new Int_64( - x.highOrder >>> n, - (x.lowOrder >>> n) | ((x.highOrder << (32 - n)) & 0xFFFFFFFF) - ); - } else { - retVal = new Int_64( - 0, - x.highOrder >>> (n - 32) - ); - } - - return retVal; -} - -/** - * The 32-bit implementation of the NIST specified Parity function - * - * @private - * @param {number} x The first 32-bit integer argument - * @param {number} y The second 32-bit integer argument - * @param {number} z The third 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function parity_32(x, y, z) { - return x ^ y ^ z; -} - -/** - * The 32-bit implementation of the NIST specified Ch function - * - * @private - * @param {number} x The first 32-bit integer argument - * @param {number} y The second 32-bit integer argument - * @param {number} z The third 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function ch_32(x, y, z) { - return (x & y) ^ (~x & z); -} - -/** - * The 64-bit implementation of the NIST specified Ch function - * - * @private - * @param {Int_64} x The first 64-bit integer argument - * @param {Int_64} y The second 64-bit integer argument - * @param {Int_64} z The third 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function ch_64(x, y, z) { - return new Int_64( - (x.highOrder & y.highOrder) ^ (~x.highOrder & z.highOrder), - (x.lowOrder & y.lowOrder) ^ (~x.lowOrder & z.lowOrder) - ); -} - -/** - * The 32-bit implementation of the NIST specified Maj function - * - * @private - * @param {number} x The first 32-bit integer argument - * @param {number} y The second 32-bit integer argument - * @param {number} z The third 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function maj_32(x, y, z) { - return (x & y) ^ (x & z) ^ (y & z); -} - -/** - * The 64-bit implementation of the NIST specified Maj function - * - * @private - * @param {Int_64} x The first 64-bit integer argument - * @param {Int_64} y The second 64-bit integer argument - * @param {Int_64} z The third 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function maj_64(x, y, z) { - return new Int_64( - (x.highOrder & y.highOrder) ^ - (x.highOrder & z.highOrder) ^ - (y.highOrder & z.highOrder), - (x.lowOrder & y.lowOrder) ^ - (x.lowOrder & z.lowOrder) ^ - (y.lowOrder & z.lowOrder) - ); -} - -/** - * The 32-bit implementation of the NIST specified Sigma0 function - * - * @private - * @param {number} x The 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function sigma0_32(x) { - return rotr_32(x, 2) ^ rotr_32(x, 13) ^ rotr_32(x, 22); -} - -/** - * The 64-bit implementation of the NIST specified Sigma0 function - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function sigma0_64(x) { - const rotr28 = rotr_64(x, 28); - const rotr34 = rotr_64(x, 34); - const rotr39 = rotr_64(x, 39); - - return new Int_64( - rotr28.highOrder ^ rotr34.highOrder ^ rotr39.highOrder, - rotr28.lowOrder ^ rotr34.lowOrder ^ rotr39.lowOrder - ); -} - -/** - * The 32-bit implementation of the NIST specified Sigma1 function - * - * @private - * @param {number} x The 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function sigma1_32(x) { - return rotr_32(x, 6) ^ rotr_32(x, 11) ^ rotr_32(x, 25); -} - -/** - * The 64-bit implementation of the NIST specified Sigma1 function - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function sigma1_64(x) { - const rotr14 = rotr_64(x, 14); - const rotr18 = rotr_64(x, 18); - const rotr41 = rotr_64(x, 41); - - return new Int_64( - rotr14.highOrder ^ rotr18.highOrder ^ rotr41.highOrder, - rotr14.lowOrder ^ rotr18.lowOrder ^ rotr41.lowOrder - ); -} - -/** - * The 32-bit implementation of the NIST specified Gamma0 function - * - * @private - * @param {number} x The 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function gamma0_32(x) { - return rotr_32(x, 7) ^ rotr_32(x, 18) ^ shr_32(x, 3); -} - -/** - * The 64-bit implementation of the NIST specified Gamma0 function - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function gamma0_64(x) { - const rotr1 = rotr_64(x, 1); - const rotr8 = rotr_64(x, 8); - const shr7 = shr_64(x, 7); - - return new Int_64( - rotr1.highOrder ^ rotr8.highOrder ^ shr7.highOrder, - rotr1.lowOrder ^ rotr8.lowOrder ^ shr7.lowOrder - ); -} - -/** - * The 32-bit implementation of the NIST specified Gamma1 function - * - * @private - * @param {number} x The 32-bit integer argument - * @return {number} The NIST specified output of the function - */ -function gamma1_32(x) { - return rotr_32(x, 17) ^ rotr_32(x, 19) ^ shr_32(x, 10); -} - -/** - * The 64-bit implementation of the NIST specified Gamma1 function - * - * @private - * @param {Int_64} x The 64-bit integer argument - * @return {Int_64} The NIST specified output of the function - */ -function gamma1_64(x) { - const rotr19 = rotr_64(x, 19); - const rotr61 = rotr_64(x, 61); - const shr6 = shr_64(x, 6); - - return new Int_64( - rotr19.highOrder ^ rotr61.highOrder ^ shr6.highOrder, - rotr19.lowOrder ^ rotr61.lowOrder ^ shr6.lowOrder - ); -} - -/** - * Add two 32-bit integers, wrapping at 2^32. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {number} a The first 32-bit integer argument to be added - * @param {number} b The second 32-bit integer argument to be added - * @return {number} The sum of a + b - */ -function safeAdd_32_2(a, b) { - const lsw = (a & 0xFFFF) + (b & 0xFFFF); - const msw = (a >>> 16) + (b >>> 16) + (lsw >>> 16); - - return ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); -} - -/** - * Add four 32-bit integers, wrapping at 2^32. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {number} a The first 32-bit integer argument to be added - * @param {number} b The second 32-bit integer argument to be added - * @param {number} c The third 32-bit integer argument to be added - * @param {number} d The fourth 32-bit integer argument to be added - * @return {number} The sum of a + b + c + d - */ -function safeAdd_32_4(a, b, c, d) { - const lsw = (a & 0xFFFF) + (b & 0xFFFF) + (c & 0xFFFF) + (d & 0xFFFF); - const msw = (a >>> 16) + (b >>> 16) + (c >>> 16) + (d >>> 16) + - (lsw >>> 16); - - return ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); -} - -/** - * Add five 32-bit integers, wrapping at 2^32. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {number} a The first 32-bit integer argument to be added - * @param {number} b The second 32-bit integer argument to be added - * @param {number} c The third 32-bit integer argument to be added - * @param {number} d The fourth 32-bit integer argument to be added - * @param {number} e The fifth 32-bit integer argument to be added - * @return {number} The sum of a + b + c + d + e - */ -function safeAdd_32_5(a, b, c, d, e) { - const lsw = (a & 0xFFFF) + (b & 0xFFFF) + (c & 0xFFFF) + (d & 0xFFFF) + - (e & 0xFFFF); - const msw = (a >>> 16) + (b >>> 16) + (c >>> 16) + (d >>> 16) + - (e >>> 16) + (lsw >>> 16); - - return ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); -} - -/** - * Add two 64-bit integers, wrapping at 2^64. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {Int_64} x The first 64-bit integer argument to be added - * @param {Int_64} y The second 64-bit integer argument to be added - * @return {Int_64} The sum of x + y - */ -function safeAdd_64_2(x, y) { - let lsw; - let msw; - - lsw = (x.lowOrder & 0xFFFF) + (y.lowOrder & 0xFFFF); - msw = (x.lowOrder >>> 16) + (y.lowOrder >>> 16) + (lsw >>> 16); - const lowOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - lsw = (x.highOrder & 0xFFFF) + (y.highOrder & 0xFFFF) + (msw >>> 16); - msw = (x.highOrder >>> 16) + (y.highOrder >>> 16) + (lsw >>> 16); - const highOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - return new Int_64(highOrder, lowOrder); -} - -/** - * Add four 64-bit integers, wrapping at 2^64. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {Int_64} a The first 64-bit integer argument to be added - * @param {Int_64} b The second 64-bit integer argument to be added - * @param {Int_64} c The third 64-bit integer argument to be added - * @param {Int_64} d The fourth 64-bit integer argument to be added - * @return {Int_64} The sum of a + b + c + d - */ -function safeAdd_64_4(a, b, c, d) { - let lsw; - let msw; - - lsw = (a.lowOrder & 0xFFFF) + (b.lowOrder & 0xFFFF) + - (c.lowOrder & 0xFFFF) + (d.lowOrder & 0xFFFF); - msw = (a.lowOrder >>> 16) + (b.lowOrder >>> 16) + - (c.lowOrder >>> 16) + (d.lowOrder >>> 16) + (lsw >>> 16); - const lowOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - lsw = (a.highOrder & 0xFFFF) + (b.highOrder & 0xFFFF) + - (c.highOrder & 0xFFFF) + (d.highOrder & 0xFFFF) + (msw >>> 16); - msw = (a.highOrder >>> 16) + (b.highOrder >>> 16) + - (c.highOrder >>> 16) + (d.highOrder >>> 16) + (lsw >>> 16); - const highOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - return new Int_64(highOrder, lowOrder); -} - -/** - * Add five 64-bit integers, wrapping at 2^64. This uses 16-bit operations - * internally to work around bugs in some JS interpreters. - * - * @private - * @param {Int_64} a The first 64-bit integer argument to be added - * @param {Int_64} b The second 64-bit integer argument to be added - * @param {Int_64} c The third 64-bit integer argument to be added - * @param {Int_64} d The fourth 64-bit integer argument to be added - * @param {Int_64} e The fourth 64-bit integer argument to be added - * @return {Int_64} The sum of a + b + c + d + e - */ -function safeAdd_64_5(a, b, c, d, e) { - let lsw; - let msw; - - lsw = (a.lowOrder & 0xFFFF) + (b.lowOrder & 0xFFFF) + - (c.lowOrder & 0xFFFF) + (d.lowOrder & 0xFFFF) + - (e.lowOrder & 0xFFFF); - msw = (a.lowOrder >>> 16) + (b.lowOrder >>> 16) + - (c.lowOrder >>> 16) + (d.lowOrder >>> 16) + (e.lowOrder >>> 16) + - (lsw >>> 16); - const lowOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - lsw = (a.highOrder & 0xFFFF) + (b.highOrder & 0xFFFF) + - (c.highOrder & 0xFFFF) + (d.highOrder & 0xFFFF) + - (e.highOrder & 0xFFFF) + (msw >>> 16); - msw = (a.highOrder >>> 16) + (b.highOrder >>> 16) + - (c.highOrder >>> 16) + (d.highOrder >>> 16) + - (e.highOrder >>> 16) + (lsw >>> 16); - const highOrder = ((msw & 0xFFFF) << 16) | (lsw & 0xFFFF); - - return new Int_64(highOrder, lowOrder); -} - -/** - * Calculates the SHA-1 hash of the string set at instantiation - * - * @private - * @param {Array.} message The binary array representation of the - * string to hash - * @param {number} messageLen The number of bits in the message - * @return {Array.} The array of integers representing the SHA-1 - * hash of message - */ -function coreSHA1(message, messageLen) { - const W = []; - let T; - const ch = ch_32; - const parity = parity_32; - const maj = maj_32; - const rotl = rotl_32; - const safeAdd_2 = safeAdd_32_2; - const safeAdd_5 = safeAdd_32_5; - - const H = [ - 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0 - ]; - - const offset = (((messageLen + 65) >>> 9) << 4) + 15; - while (message.length <= offset) { - message.push(0); - } - /* Append '1' at the end of the binary string */ - message[messageLen >>> 5] |= 0x80 << (24 - (messageLen % 32)); - /* Append length of binary string in the position such that the new - length is a multiple of 512. Logic does not work for even multiples - of 512 but there can never be even multiples of 512 */ - message[offset] = messageLen; - - const appendedMessageLength = message.length; - - for (let i = 0; i < appendedMessageLength; i += 16) { - let [a, b, c, d, e] = H; - - for (let t = 0; t < 80; t += 1) { - if (t < 16) { - W[t] = message[t + i]; - } else { - W[t] = rotl(W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16], 1); - } - - if (t < 20) { - T = safeAdd_5(rotl(a, 5), ch(b, c, d), e, 0x5a827999, W[t]); - } else if (t < 40) { - T = safeAdd_5(rotl(a, 5), parity(b, c, d), e, 0x6ed9eba1, W[t]); - } else if (t < 60) { - T = safeAdd_5(rotl(a, 5), maj(b, c, d), e, 0x8f1bbcdc, W[t]); - } else { - T = safeAdd_5(rotl(a, 5), parity(b, c, d), e, 0xca62c1d6, W[t]); - } - - e = d; - d = c; - c = rotl(b, 30); - b = a; - a = T; - } - - H[0] = safeAdd_2(a, H[0]); - H[1] = safeAdd_2(b, H[1]); - H[2] = safeAdd_2(c, H[2]); - H[3] = safeAdd_2(d, H[3]); - H[4] = safeAdd_2(e, H[4]); - } - - return H; -} - -/** - * Calculates the desired SHA-2 hash of the string set at instantiation - * - * @private - * @param {Array.} message The binary array representation of the - * string to hash - * @param {number} messageLen The number of bits in message - * @param {string} variant The desired SHA-2 variant - * @return {Array.} The array of integers representing the SHA-2 - * hash of message - */ -function coreSHA2(message, messageLen, variant) { - let a; - let b; - let c; - let d; - let e; - let f; - let g; - let h; - let T1; - let T2; - let H; - let numRounds; - let lengthPosition; - let i; - let t; - let binaryStringInc; - let binaryStringMult; - let safeAdd_2; - let safeAdd_4; - let safeAdd_5; - let gamma0; - let gamma1; - let sigma0; - let sigma1; - let ch; - let maj; - let Int; - const W = []; - let int1; - let int2; - let offset; - let retVal; - let K = [ - 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, - 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5, - 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3, - 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174, - 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC, - 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA, - 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7, - 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967, - 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13, - 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85, - 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3, - 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070, - 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5, - 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3, - 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208, - 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2 - ]; - const H_trunc = [ - 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, - 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 - ]; - const H_full = [ - 0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, - 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19 - ]; - - /* Set up the various function handles and variable for the specific - * variant */ - if ((variant === "SHA-224" || variant === "SHA-256") && - (2 & SUPPORTED_ALGS)) { - /* 32-bit variant */ - numRounds = 64; - lengthPosition = (((messageLen + 65) >>> 9) << 4) + 15; - binaryStringInc = 16; - binaryStringMult = 1; - Int = Number; - safeAdd_2 = safeAdd_32_2; - safeAdd_4 = safeAdd_32_4; - safeAdd_5 = safeAdd_32_5; - gamma0 = gamma0_32; - gamma1 = gamma1_32; - sigma0 = sigma0_32; - sigma1 = sigma1_32; - maj = maj_32; - ch = ch_32; - - if (variant === "SHA-224") { - H = H_trunc; - } else { /* "SHA-256" === variant */ - H = H_full; - } - } else if ((variant === "SHA-384" || variant === "SHA-512") && - (4 & SUPPORTED_ALGS)) { - /* 64-bit variant */ - numRounds = 80; - lengthPosition = (((messageLen + 128) >>> 10) << 5) + 31; - binaryStringInc = 32; - binaryStringMult = 2; - Int = Int_64; - safeAdd_2 = safeAdd_64_2; - safeAdd_4 = safeAdd_64_4; - safeAdd_5 = safeAdd_64_5; - gamma0 = gamma0_64; - gamma1 = gamma1_64; - sigma0 = sigma0_64; - sigma1 = sigma1_64; - maj = maj_64; - ch = ch_64; - - K = [ - new Int(K[0], 0xd728ae22), new Int(K[1], 0x23ef65cd), - new Int(K[2], 0xec4d3b2f), new Int(K[3], 0x8189dbbc), - new Int(K[4], 0xf348b538), new Int(K[5], 0xb605d019), - new Int(K[6], 0xaf194f9b), new Int(K[7], 0xda6d8118), - new Int(K[8], 0xa3030242), new Int(K[9], 0x45706fbe), - new Int(K[10], 0x4ee4b28c), new Int(K[11], 0xd5ffb4e2), - new Int(K[12], 0xf27b896f), new Int(K[13], 0x3b1696b1), - new Int(K[14], 0x25c71235), new Int(K[15], 0xcf692694), - new Int(K[16], 0x9ef14ad2), new Int(K[17], 0x384f25e3), - new Int(K[18], 0x8b8cd5b5), new Int(K[19], 0x77ac9c65), - new Int(K[20], 0x592b0275), new Int(K[21], 0x6ea6e483), - new Int(K[22], 0xbd41fbd4), new Int(K[23], 0x831153b5), - new Int(K[24], 0xee66dfab), new Int(K[25], 0x2db43210), - new Int(K[26], 0x98fb213f), new Int(K[27], 0xbeef0ee4), - new Int(K[28], 0x3da88fc2), new Int(K[29], 0x930aa725), - new Int(K[30], 0xe003826f), new Int(K[31], 0x0a0e6e70), - new Int(K[32], 0x46d22ffc), new Int(K[33], 0x5c26c926), - new Int(K[34], 0x5ac42aed), new Int(K[35], 0x9d95b3df), - new Int(K[36], 0x8baf63de), new Int(K[37], 0x3c77b2a8), - new Int(K[38], 0x47edaee6), new Int(K[39], 0x1482353b), - new Int(K[40], 0x4cf10364), new Int(K[41], 0xbc423001), - new Int(K[42], 0xd0f89791), new Int(K[43], 0x0654be30), - new Int(K[44], 0xd6ef5218), new Int(K[45], 0x5565a910), - new Int(K[46], 0x5771202a), new Int(K[47], 0x32bbd1b8), - new Int(K[48], 0xb8d2d0c8), new Int(K[49], 0x5141ab53), - new Int(K[50], 0xdf8eeb99), new Int(K[51], 0xe19b48a8), - new Int(K[52], 0xc5c95a63), new Int(K[53], 0xe3418acb), - new Int(K[54], 0x7763e373), new Int(K[55], 0xd6b2b8a3), - new Int(K[56], 0x5defb2fc), new Int(K[57], 0x43172f60), - new Int(K[58], 0xa1f0ab72), new Int(K[59], 0x1a6439ec), - new Int(K[60], 0x23631e28), new Int(K[61], 0xde82bde9), - new Int(K[62], 0xb2c67915), new Int(K[63], 0xe372532b), - new Int(0xca273ece, 0xea26619c), new Int(0xd186b8c7, 0x21c0c207), - new Int(0xeada7dd6, 0xcde0eb1e), new Int(0xf57d4f7f, 0xee6ed178), - new Int(0x06f067aa, 0x72176fba), new Int(0x0a637dc5, 0xa2c898a6), - new Int(0x113f9804, 0xbef90dae), new Int(0x1b710b35, 0x131c471b), - new Int(0x28db77f5, 0x23047d84), new Int(0x32caab7b, 0x40c72493), - new Int(0x3c9ebe0a, 0x15c9bebc), new Int(0x431d67c4, 0x9c100d4c), - new Int(0x4cc5d4be, 0xcb3e42b6), new Int(0x597f299c, 0xfc657e2a), - new Int(0x5fcb6fab, 0x3ad6faec), new Int(0x6c44198c, 0x4a475817) - ]; - - if (variant === "SHA-384") { - H = [ - new Int(0xcbbb9d5d, H_trunc[0]), new Int(0x0629a292a, H_trunc[1]), - new Int(0x9159015a, H_trunc[2]), new Int(0x0152fecd8, H_trunc[3]), - new Int(0x67332667, H_trunc[4]), new Int(0x98eb44a87, H_trunc[5]), - new Int(0xdb0c2e0d, H_trunc[6]), new Int(0x047b5481d, H_trunc[7]) - ]; - } else { /* "SHA-512" === variant */ - H = [ - new Int(H_full[0], 0xf3bcc908), new Int(H_full[1], 0x84caa73b), - new Int(H_full[2], 0xfe94f82b), new Int(H_full[3], 0x5f1d36f1), - new Int(H_full[4], 0xade682d1), new Int(H_full[5], 0x2b3e6c1f), - new Int(H_full[6], 0xfb41bd6b), new Int(H_full[7], 0x137e2179) - ]; - } - } else { - throw new Error("Unexpected error in SHA-2 implementation"); - } - - while (message.length <= lengthPosition) { - message.push(0); - } - /* Append '1' at the end of the binary string */ - message[messageLen >>> 5] |= 0x80 << (24 - messageLen % 32); - /* Append length of binary string in the position such that the new - * length is correct */ - message[lengthPosition] = messageLen; - - const appendedMessageLength = message.length; - - for (i = 0; i < appendedMessageLength; i += binaryStringInc) { - [a, b, c, d, e, f, g, h] = H; - - for (t = 0; t < numRounds; t += 1) { - if (t < 16) { - offset = t * binaryStringMult + i; - int1 = (message.length <= offset) ? 0 : message[offset]; - int2 = (message.length <= offset + 1) ? 0 : message[offset + 1]; - /* Bit of a hack - for 32-bit, the second term is ignored */ - W[t] = new Int(int1, int2); - } else { - W[t] = safeAdd_4( - gamma1(W[t - 2]), W[t - 7], - gamma0(W[t - 15]), W[t - 16] - ); - } - - T1 = safeAdd_5(h, sigma1(e), ch(e, f, g), K[t], W[t]); - T2 = safeAdd_2(sigma0(a), maj(a, b, c)); - h = g; - g = f; - f = e; - e = safeAdd_2(d, T1); - d = c; - c = b; - b = a; - a = safeAdd_2(T1, T2); - } - - H[0] = safeAdd_2(a, H[0]); - H[1] = safeAdd_2(b, H[1]); - H[2] = safeAdd_2(c, H[2]); - H[3] = safeAdd_2(d, H[3]); - H[4] = safeAdd_2(e, H[4]); - H[5] = safeAdd_2(f, H[5]); - H[6] = safeAdd_2(g, H[6]); - H[7] = safeAdd_2(h, H[7]); - } - - if ((variant === "SHA-224") && (2 & SUPPORTED_ALGS)) { - retVal = [ - H[0], H[1], H[2], H[3], - H[4], H[5], H[6] - ]; - } else if ((variant === "SHA-256") && (2 & SUPPORTED_ALGS)) { - retVal = H; - } else if ((variant === "SHA-384") && (4 & SUPPORTED_ALGS)) { - retVal = [ - H[0].highOrder, H[0].lowOrder, - H[1].highOrder, H[1].lowOrder, - H[2].highOrder, H[2].lowOrder, - H[3].highOrder, H[3].lowOrder, - H[4].highOrder, H[4].lowOrder, - H[5].highOrder, H[5].lowOrder - ]; - } else if ((variant === "SHA-512") && (4 & SUPPORTED_ALGS)) { - retVal = [ - H[0].highOrder, H[0].lowOrder, - H[1].highOrder, H[1].lowOrder, - H[2].highOrder, H[2].lowOrder, - H[3].highOrder, H[3].lowOrder, - H[4].highOrder, H[4].lowOrder, - H[5].highOrder, H[5].lowOrder, - H[6].highOrder, H[6].lowOrder, - H[7].highOrder, H[7].lowOrder - ]; - } else { /* This should never be reached */ - throw new Error("Unexpected error in SHA-2 implementation"); - } - - return retVal; -} - -/** - * jsSHA is the workhorse of the library. Instantiate it with the string to - * be hashed as the parameter - * - * @constructor - * @this {jsSHA} - * @param {string} srcString The string to be hashed - * @param {string} inputFormat The format of srcString, HEX, ASCII, TEXT, - * B64, or BYTES - * @param {string=} encoding The text encoding to use to encode the source - * string - */ -const jsSHA = function(srcString, inputFormat, encoding) { - let strBinLen = 0; - let strToHash = [0]; - let utfType = ''; - let srcConvertRet = null; - - utfType = encoding || "UTF8"; - - if (!((utfType === "UTF8") || (utfType === "UTF16BE") || (utfType === "UTF16LE"))) { - throw new Error('encoding must be UTF8, UTF16BE, or UTF16LE'); - } - - /* Convert the input string into the correct type */ - if (inputFormat === "HEX") { - if ((srcString.length % 2) !== 0) { - throw new Error('srcString of HEX type must be in byte increments'); - } - srcConvertRet = hex2binb(srcString); - strBinLen = srcConvertRet.binLen; - strToHash = srcConvertRet.value; - } else if ((inputFormat === "TEXT") || (inputFormat === "ASCII")) { - srcConvertRet = str2binb(srcString, utfType); - strBinLen = srcConvertRet.binLen; - strToHash = srcConvertRet.value; - } else if (inputFormat === "B64") { - srcConvertRet = b642binb(srcString); - strBinLen = srcConvertRet.binLen; - strToHash = srcConvertRet.value; - } else if (inputFormat === "BYTES") { - srcConvertRet = bytes2binb(srcString); - strBinLen = srcConvertRet.binLen; - strToHash = srcConvertRet.value; - } else if (inputFormat === "TYPED") { - srcConvertRet = typed2binb(srcString); - strBinLen = srcConvertRet.binLen; - strToHash = srcConvertRet.value; - } else { - throw new Error('inputFormat must be HEX, TEXT, ASCII, B64, BYTES, or TYPED'); - } - - /** - * Returns the desired SHA hash of the string specified at instantiation - * using the specified parameters - * - * @expose - * @param {string} variant The desired SHA variant (SHA-1, SHA-224, - * SHA-256, SHA-384, or SHA-512) - * @param {string} format The desired output formatting (B64, HEX, or BYTES) - * @param {number=} numRounds The number of rounds of hashing to be - * executed - * @param {{outputUpper : boolean, b64Pad : string}=} outputFormatOpts - * Hash list of output formatting options - * @return {string} The string representation of the hash in the format - * specified - */ - this.getHash = function(variant, format, numRounds, outputFormatOpts) { - let formatFunc = null; - let message = strToHash.slice(); - let messageBinLen = strBinLen; - let i; - - /* Need to do argument patching since both numRounds and - outputFormatOpts are optional */ - if (arguments.length === 3) { - if (typeof numRounds !== "number") { - outputFormatOpts = numRounds; - numRounds = 1; - } - } else if (arguments.length === 2) { - numRounds = 1; - } - - /* Validate the numRounds argument */ - if ((numRounds !== parseInt(numRounds, 10)) || (numRounds < 1)) { - throw new Error('numRounds must a integer >= 1'); - } - - /* Validate the output format selection */ - switch (format) { - case "HEX": - formatFunc = binb2hex; - break; - case "B64": - formatFunc = binb2b64; - break; - case "BYTES": - formatFunc = binb2bytes; - break; - case "TYPED": - formatFunc = binb2typed; - break; - default: - throw new Error('format must be HEX, B64, or BYTES'); - } - - if ((variant === "SHA-1") && (1 & SUPPORTED_ALGS)) { - for (i = 0; i < numRounds; i += 1) { - message = coreSHA1(message, messageBinLen); - messageBinLen = 160; - } - } else if ((variant === "SHA-224") && (2 & SUPPORTED_ALGS)) { - for (i = 0; i < numRounds; i += 1) { - message = coreSHA2(message, messageBinLen, variant); - messageBinLen = 224; - } - } else if ((variant === "SHA-256") && (2 & SUPPORTED_ALGS)) { - for (i = 0; i < numRounds; i += 1) { - message = coreSHA2(message, messageBinLen, variant); - messageBinLen = 256; - } - } else if ((variant === "SHA-384") && (4 & SUPPORTED_ALGS)) { - for (i = 0; i < numRounds; i += 1) { - message = coreSHA2(message, messageBinLen, variant); - messageBinLen = 384; - } - } else if ((variant === "SHA-512") && (4 & SUPPORTED_ALGS)) { - for (i = 0; i < numRounds; i += 1) { - message = coreSHA2(message, messageBinLen, variant); - messageBinLen = 512; - } - } else { - throw new Error('Chosen SHA variant is not supported'); - } - - return formatFunc(message, getOutputOpts(outputFormatOpts)); - }; - - /** - * Returns the desired HMAC of the string specified at instantiation - * using the key and variant parameter - * - * @expose - * @param {string} key The key used to calculate the HMAC - * @param {string} inputFormat The format of key, HEX, TEXT, ASCII, - * B64, or BYTES - * @param {string} variant The desired SHA variant (SHA-1, SHA-224, - * SHA-256, SHA-384, or SHA-512) - * @param {string} outputFormat The desired output formatting - * (B64, HEX, or BYTES) - * @param {{outputUpper : boolean, b64Pad : string}=} outputFormatOpts - * associative array of output formatting options - * @return {string} The string representation of the hash in the format - * specified - */ - this.getHMAC = function( - key, inputFormat, variant, outputFormat, - outputFormatOpts - ) { - let formatFunc; - let keyToUse; - let blockByteSize; - let i; - let retVal; - let keyBinLen; - let hashBitSize; - const keyWithIPad = []; - const keyWithOPad = []; - let keyConvertRet = null; - - /* Validate the output format selection */ - switch (outputFormat) { - case "HEX": - formatFunc = binb2hex; - break; - case "B64": - formatFunc = binb2b64; - break; - case "BYTES": - formatFunc = binb2bytes; - break; - default: - throw new Error('outputFormat must be HEX, B64, or BYTES'); - } - - /* Validate the hash variant selection and set needed variables */ - if ((variant === "SHA-1") && (1 & SUPPORTED_ALGS)) { - blockByteSize = 64; - hashBitSize = 160; - } else if ((variant === "SHA-224") && (2 & SUPPORTED_ALGS)) { - blockByteSize = 64; - hashBitSize = 224; - } else if ((variant === "SHA-256") && (2 & SUPPORTED_ALGS)) { - blockByteSize = 64; - hashBitSize = 256; - } else if ((variant === "SHA-384") && (4 & SUPPORTED_ALGS)) { - blockByteSize = 128; - hashBitSize = 384; - } else if ((variant === "SHA-512") && (4 & SUPPORTED_ALGS)) { - blockByteSize = 128; - hashBitSize = 512; - } else { - throw new Error('Chosen SHA variant is not supported'); - } - - /* Validate input format selection */ - if (inputFormat === "HEX") { - keyConvertRet = hex2binb(key); - keyBinLen = keyConvertRet.binLen; - keyToUse = keyConvertRet.value; - } else if ((inputFormat === "TEXT") || (inputFormat === "ASCII")) { - keyConvertRet = str2binb(key, utfType); - keyBinLen = keyConvertRet.binLen; - keyToUse = keyConvertRet.value; - } else if (inputFormat === "B64") { - keyConvertRet = b642binb(key); - keyBinLen = keyConvertRet.binLen; - keyToUse = keyConvertRet.value; - } else if (inputFormat === "BYTES") { - keyConvertRet = bytes2binb(key); - keyBinLen = keyConvertRet.binLen; - keyToUse = keyConvertRet.value; - } else { - throw new Error('inputFormat must be HEX, TEXT, ASCII, B64, or BYTES'); - } - - /* These are used multiple times, calculate and store them */ - const blockBitSize = blockByteSize * 8; - const lastArrayIndex = (blockByteSize / 4) - 1; - - /* Figure out what to do with the key based on its size relative to - * the hash's block size */ - if (blockByteSize < (keyBinLen / 8)) { - if ((variant === "SHA-1") && (1 & SUPPORTED_ALGS)) { - keyToUse = coreSHA1(keyToUse, keyBinLen); - } else if (6 & SUPPORTED_ALGS) { - keyToUse = coreSHA2(keyToUse, keyBinLen, variant); - } else { - throw new Error('Unexpected error in HMAC implementation'); - } - /* For all variants, the block size is bigger than the output - * size so there will never be a useful byte at the end of the - * string */ - while (keyToUse.length <= lastArrayIndex) { - keyToUse.push(0); - } - keyToUse[lastArrayIndex] &= 0xFFFFFF00; - } else if (blockByteSize > (keyBinLen / 8)) { - /* If the blockByteSize is greater than the key length, there - * will always be at LEAST one "useless" byte at the end of the - * string */ - while (keyToUse.length <= lastArrayIndex) { - keyToUse.push(0); - } - keyToUse[lastArrayIndex] &= 0xFFFFFF00; - } - - /* Create ipad and opad */ - for (i = 0; i <= lastArrayIndex; i += 1) { - keyWithIPad[i] = keyToUse[i] ^ 0x36363636; - keyWithOPad[i] = keyToUse[i] ^ 0x5C5C5C5C; - } - - /* Calculate the HMAC */ - if ((variant === "SHA-1") && (1 & SUPPORTED_ALGS)) { - retVal = coreSHA1( - keyWithOPad.concat(coreSHA1( - keyWithIPad.concat(strToHash), - blockBitSize + strBinLen - )), - blockBitSize + hashBitSize - ); - } else if (6 & SUPPORTED_ALGS) { - retVal = coreSHA2( - keyWithOPad.concat(coreSHA2( - keyWithIPad.concat(strToHash), - blockBitSize + strBinLen, - variant - )), - blockBitSize + hashBitSize, variant - ); - } else { - throw new Error('Unexpected error in HMAC implementation'); - } - - return formatFunc(retVal, getOutputOpts(outputFormatOpts)); - }; -}; - -export default { - /** SHA1 hash */ - sha1: function(str) { - const shaObj = new jsSHA(str, "TYPED", "UTF8"); - return shaObj.getHash("SHA-1", "TYPED"); - }, - /** SHA224 hash */ - sha224: function(str) { - const shaObj = new jsSHA(str, "TYPED", "UTF8"); - return shaObj.getHash("SHA-224", "TYPED"); - }, - /** SHA256 hash */ - sha256: function(str) { - const shaObj = new jsSHA(str, "TYPED", "UTF8"); - return shaObj.getHash("SHA-256", "TYPED"); - }, - /** SHA384 hash */ - sha384: function(str) { - const shaObj = new jsSHA(str, "TYPED", "UTF8"); - return shaObj.getHash("SHA-384", "TYPED"); - }, - /** SHA512 hash */ - sha512: function(str) { - const shaObj = new jsSHA(str, "TYPED", "UTF8"); - return shaObj.getHash("SHA-512", "TYPED"); - } -}; diff --git a/src/enums.js b/src/enums.js index ce331d7f..74799d4f 100644 --- a/src/enums.js +++ b/src/enums.js @@ -192,37 +192,44 @@ export default { signature: { /** 0x00: Signature of a binary document. */ binary: 0, - /** 0x01: Signature of a canonical text document.
+ /** 0x01: Signature of a canonical text document. + * * Canonicalyzing the document by converting line endings. */ text: 1, - /** 0x02: Standalone signature.
+ /** 0x02: Standalone signature. + * * This signature is a signature of only its own subpacket contents. * It is calculated identically to a signature over a zero-lengh * binary document. Note that it doesn't make sense to have a V3 * standalone signature. */ standalone: 2, - /** 0x10: Generic certification of a User ID and Public-Key packet.
+ /** 0x10: Generic certification of a User ID and Public-Key packet. + * * The issuer of this certification does not make any particular * assertion as to how well the certifier has checked that the owner * of the key is in fact the person described by the User ID. */ cert_generic: 16, - /** 0x11: Persona certification of a User ID and Public-Key packet.
+ /** 0x11: Persona certification of a User ID and Public-Key packet. + * * The issuer of this certification has not done any verification of * the claim that the owner of this key is the User ID specified. */ cert_persona: 17, - /** 0x12: Casual certification of a User ID and Public-Key packet.
+ /** 0x12: Casual certification of a User ID and Public-Key packet. + * * The issuer of this certification has done some casual * verification of the claim of identity. */ cert_casual: 18, - /** 0x13: Positive certification of a User ID and Public-Key packet.
+ /** 0x13: Positive certification of a User ID and Public-Key packet. + * * The issuer of this certification has done substantial - * verification of the claim of identity.
- *
+ * verification of the claim of identity. + * * Most OpenPGP implementations make their "key signatures" as 0x10 * certifications. Some implementations can issue 0x11-0x13 * certifications, but few differentiate between the types. */ cert_positive: 19, - /** 0x30: Certification revocation signature
+ /** 0x30: Certification revocation signature + * * This signature revokes an earlier User ID certification signature * (signature class 0x10 through 0x13) or direct-key signature * (0x1F). It should be issued by the same key that issued the @@ -231,7 +238,8 @@ export default { * revokes, and should have a later creation date than that * certificate. */ cert_revocation: 48, - /** 0x18: Subkey Binding Signature
+ /** 0x18: Subkey Binding Signature + * * This signature is a statement by the top-level signing key that * indicates that it owns the subkey. This signature is calculated * directly on the primary key and subkey, and not on any User ID or @@ -240,12 +248,13 @@ export default { * contains a 0x19 signature made by the signing subkey on the * primary key and subkey. */ subkey_binding: 24, - /** 0x19: Primary Key Binding Signature
+ /** 0x19: Primary Key Binding Signature + * * This signature is a statement by a signing subkey, indicating * that it is owned by the primary key and subkey. This signature * is calculated the same way as a 0x18 signature: directly on the - * primary key and subkey, and not on any User ID or other packets.
- *
+ * primary key and subkey, and not on any User ID or other packets. + * * When a signature is made over a key, the hash data starts with the * octet 0x99, followed by a two-octet length of the key, and then body * of the key packet. (Note that this is an old-style packet header for @@ -254,7 +263,8 @@ export default { * the subkey using the same format as the main key (also using 0x99 as * the first octet). */ key_binding: 25, - /** 0x1F: Signature directly on a key
+ /** 0x1F: Signature directly on a key + * * This signature is calculated directly on a key. It binds the * information in the Signature subpackets to the key, and is * appropriate to be used for subpackets that provide information @@ -263,27 +273,30 @@ export default { * about the key itself, rather than the binding between a key and a * name. */ key: 31, - /** 0x20: Key revocation signature
+ /** 0x20: Key revocation signature + * * The signature is calculated directly on the key being revoked. A * revoked key is not to be used. Only revocation signatures by the * key being revoked, or by an authorized revocation key, should be * considered valid revocation signatures.a */ key_revocation: 32, - /** 0x28: Subkey revocation signature
+ /** 0x28: Subkey revocation signature + * * The signature is calculated directly on the subkey being revoked. * A revoked subkey is not to be used. Only revocation signatures * by the top-level signature key that is bound to this subkey, or * by an authorized revocation key, should be considered valid - * revocation signatures.
- *
+ * revocation signatures. + * * Key revocation signatures (types 0x20 and 0x28) * hash only the key being revoked. */ subkey_revocation: 40, - /** 0x40: Timestamp signature.
+ /** 0x40: Timestamp signature. * This signature is only meaningful for the timestamp contained in * it. */ timestamp: 64, - /** 0x50: Third-Party Confirmation signature.
+ /** 0x50: Third-Party Confirmation signature. + * * This signature is a signature over some other OpenPGP Signature * packet(s). It is analogous to a notary seal on the signed data. * A third-party signature SHOULD include Signature Target diff --git a/src/key.js b/src/key.js index 57c8b8b4..15b68c76 100644 --- a/src/key.js +++ b/src/key.js @@ -514,8 +514,10 @@ function getExpirationTime(keyPacket, selfCertificate, defaultValue=null) { /** * Returns primary user and most significant (latest valid) self signature - * - if multiple users are marked as primary users returns the one with the latest self signature - * - if no primary user is found returns the user with the latest self signature + * - if multiple primary users exist, returns the one with the latest self signature + * - otherwise, returns the user with the latest self signature + * + * NOTE: call verifyPrimaryUser before calling this function. * @param {Date} date use the given date for verification instead of the current time * @return {{user: Array, selfCertificate: Array}|null} The primary user and the self signature */ diff --git a/src/packet/compressed.js b/src/packet/compressed.js index a726a103..4a3ee47d 100644 --- a/src/packet/compressed.js +++ b/src/packet/compressed.js @@ -16,9 +16,10 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Compressed Data Packet (Tag 8)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.6|RFC4880 5.6}: The Compressed Data packet contains compressed data. Typically, + * Implementation of the Compressed Data Packet (Tag 8) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.6|RFC4880 5.6}: + * The Compressed Data packet contains compressed data. Typically, * this packet is found as the contents of an encrypted packet, or following * a Signature or One-Pass Signature packet, and contains a literal data packet. * @requires compression/zlib diff --git a/src/packet/literal.js b/src/packet/literal.js index 5ff1bf64..5da18f32 100644 --- a/src/packet/literal.js +++ b/src/packet/literal.js @@ -16,10 +16,11 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Literal Data Packet (Tag 11)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.9|RFC4880 5.9}: A Literal Data packet contains the body of a message; data that - * is not to be further interpreted. + * Implementation of the Literal Data Packet (Tag 11) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.9|RFC4880 5.9}: + * A Literal Data packet contains the body of a message; data that is not to be + * further interpreted. * @requires enums * @requires util * @module packet/literal diff --git a/src/packet/marker.js b/src/packet/marker.js index 1c008a38..f77ce0c4 100644 --- a/src/packet/marker.js +++ b/src/packet/marker.js @@ -15,15 +15,15 @@ // License along with this library; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - /** - * Implementation of the strange "Marker packet" (Tag 10)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.8|RFC4880 5.8}: An experimental version of PGP used this packet as the Literal + * Implementation of the strange "Marker packet" (Tag 10) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.8|RFC4880 5.8}: + * An experimental version of PGP used this packet as the Literal * packet, but no released version of PGP generated Literal packets with this * tag. With PGP 5.x, this packet has been reassigned and is reserved for use as - * the Marker packet.
- *
+ * the Marker packet. + * * Such a packet MUST be ignored when received. * @requires enums * @module packet/marker diff --git a/src/packet/one_pass_signature.js b/src/packet/one_pass_signature.js index b3dc74f6..7facea19 100644 --- a/src/packet/one_pass_signature.js +++ b/src/packet/one_pass_signature.js @@ -16,14 +16,15 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the One-Pass Signature Packets (Tag 4)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.4|RFC4880 5.4}: The One-Pass Signature packet precedes the signed data and contains + * Implementation of the One-Pass Signature Packets (Tag 4) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.4|RFC4880 5.4}: + * The One-Pass Signature packet precedes the signed data and contains * enough information to allow the receiver to begin calculating any * hashes needed to verify the signature. It allows the Signature * packet to be placed at the end of the message, so that the signer * can compute the entire signed message in one pass. -* @requires util + * @requires util * @requires enums * @requires type/keyid * @module packet/one_pass_signature diff --git a/src/packet/public_key.js b/src/packet/public_key.js index ba51f487..f2898f61 100644 --- a/src/packet/public_key.js +++ b/src/packet/public_key.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Key Material Packet (Tag 5,6,7,14)
- *
+ * Implementation of the Key Material Packet (Tag 5,6,7,14) + * * {@link https://tools.ietf.org/html/rfc4880#section-5.5|RFC4480 5.5}: * A key material packet contains all the information about a public or * private key. There are four variants of this packet type, and two diff --git a/src/packet/public_key_encrypted_session_key.js b/src/packet/public_key_encrypted_session_key.js index f4d5e90c..41978c7b 100644 --- a/src/packet/public_key_encrypted_session_key.js +++ b/src/packet/public_key_encrypted_session_key.js @@ -16,9 +16,10 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Public-Key Encrypted Session Key Packets (Tag 1)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}: A Public-Key Encrypted Session Key packet holds the session key + * Public-Key Encrypted Session Key Packets (Tag 1) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}: + * A Public-Key Encrypted Session Key packet holds the session key * used to encrypt a message. Zero or more Public-Key Encrypted Session Key * packets and/or Symmetric-Key Encrypted Session Key packets may precede a * Symmetrically Encrypted Data Packet, which holds an encrypted message. The diff --git a/src/packet/secret_key.js b/src/packet/secret_key.js index 85ce93d4..b91ec6e3 100644 --- a/src/packet/secret_key.js +++ b/src/packet/secret_key.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Key Material Packet (Tag 5,6,7,14)
- *
+ * Implementation of the Key Material Packet (Tag 5,6,7,14) + * * {@link https://tools.ietf.org/html/rfc4880#section-5.5|RFC4480 5.5}: * A key material packet contains all the information about a public or * private key. There are four variants of this packet type, and two diff --git a/src/packet/signature.js b/src/packet/signature.js index 1baf0a7f..5fa38c08 100644 --- a/src/packet/signature.js +++ b/src/packet/signature.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Signature Packet (Tag 2)
- *
+ * Implementation of the Signature Packet (Tag 2) + * * {@link https://tools.ietf.org/html/rfc4880#section-5.2|RFC4480 5.2}: * A Signature packet describes a binding between some public key and * some data. The most common signatures are a signature of a file or a diff --git a/src/packet/sym_encrypted_integrity_protected.js b/src/packet/sym_encrypted_integrity_protected.js index 56d0ce50..f54f1bfc 100644 --- a/src/packet/sym_encrypted_integrity_protected.js +++ b/src/packet/sym_encrypted_integrity_protected.js @@ -16,9 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Sym. Encrypted Integrity Protected Data - * Packet (Tag 18)
- *
+ * Implementation of the Sym. Encrypted Integrity Protected Data Packet (Tag 18) + * * {@link https://tools.ietf.org/html/rfc4880#section-5.13|RFC4880 5.13}: * The Symmetrically Encrypted Integrity Protected Data packet is * a variant of the Symmetrically Encrypted Data packet. It is a new feature diff --git a/src/packet/sym_encrypted_session_key.js b/src/packet/sym_encrypted_session_key.js index 3ef36fde..fa6d25ab 100644 --- a/src/packet/sym_encrypted_session_key.js +++ b/src/packet/sym_encrypted_session_key.js @@ -16,9 +16,10 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Public-Key Encrypted Session Key Packets (Tag 1)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}: A Public-Key Encrypted Session Key packet holds the session key + * Public-Key Encrypted Session Key Packets (Tag 1) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}: + * A Public-Key Encrypted Session Key packet holds the session key * used to encrypt a message. Zero or more Public-Key Encrypted Session Key * packets and/or Symmetric-Key Encrypted Session Key packets may precede a * Symmetrically Encrypted Data Packet, which holds an encrypted message. The diff --git a/src/packet/symmetrically_encrypted.js b/src/packet/symmetrically_encrypted.js index cb3efbb6..210ef532 100644 --- a/src/packet/symmetrically_encrypted.js +++ b/src/packet/symmetrically_encrypted.js @@ -16,10 +16,11 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the Symmetrically Encrypted Data Packet (Tag 9)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.7|RFC4880 5.7}: The Symmetrically Encrypted Data packet contains data encrypted - * with a symmetric-key algorithm. When it has been decrypted, it contains other + * Implementation of the Symmetrically Encrypted Data Packet (Tag 9) + * + * {@link https://tools.ietf.org/html/rfc4880#section-5.7|RFC4880 5.7}: + * The Symmetrically Encrypted Data packet contains data encrypted with a + * symmetric-key algorithm. When it has been decrypted, it contains other * packets (usually a literal data packet or compressed data packet, but in * theory other Symmetrically Encrypted Data packets or sequences of packets * that form whole OpenPGP messages). diff --git a/src/packet/user_attribute.js b/src/packet/user_attribute.js index d671153f..0281609c 100644 --- a/src/packet/user_attribute.js +++ b/src/packet/user_attribute.js @@ -16,15 +16,15 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the User Attribute Packet (Tag 17)
- *
+ * Implementation of the User Attribute Packet (Tag 17) + * * The User Attribute packet is a variation of the User ID packet. It * is capable of storing more types of data than the User ID packet, * which is limited to text. Like the User ID packet, a User Attribute * packet may be certified by the key owner ("self-signed") or any other * key owner who cares to certify it. Except as noted, a User Attribute * packet may be used anywhere that a User ID packet may be used. - *
+ * * While User Attribute packets are not a required part of the OpenPGP * standard, implementations SHOULD provide at least enough * compatibility to properly handle a certification signature on the diff --git a/src/packet/userid.js b/src/packet/userid.js index 68ff8958..adf49219 100644 --- a/src/packet/userid.js +++ b/src/packet/userid.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the User ID Packet (Tag 13)
- *
+ * Implementation of the User ID Packet (Tag 13) + * * A User ID packet consists of UTF-8 text that is intended to represent * the name and email address of the key holder. By convention, it * includes an RFC 2822 [RFC2822] mail name-addr, but there are no diff --git a/src/type/ecdh_symkey.js b/src/type/ecdh_symkey.js index dfbf6a35..28e6e214 100644 --- a/src/type/ecdh_symkey.js +++ b/src/type/ecdh_symkey.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Encoded symmetric key for ECDH
- *
+ * Encoded symmetric key for ECDH + * * @requires util * @module type/ecdh_symkey */ diff --git a/src/type/kdf_params.js b/src/type/kdf_params.js index 82598702..d8e60ea4 100644 --- a/src/type/kdf_params.js +++ b/src/type/kdf_params.js @@ -16,8 +16,8 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of type KDF parameters RFC 6637
- *
+ * Implementation of type KDF parameters RFC 6637 + * * @requires enums * @module type/kdf_params */ diff --git a/src/type/keyid.js b/src/type/keyid.js index b256a3bb..5214f6ba 100644 --- a/src/type/keyid.js +++ b/src/type/keyid.js @@ -16,8 +16,9 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of type key id ({@link https://tools.ietf.org/html/rfc4880#section-3.3|RFC4880 3.3})
- *
+ * Implementation of type key id + * + * {@link https://tools.ietf.org/html/rfc4880#section-3.3|RFC4880 3.3}: * A Key ID is an eight-octet scalar that identifies a key. * Implementations SHOULD NOT assume that Key IDs are unique. The * section "Enhanced Key Formats" below describes how Key IDs are diff --git a/src/type/oid.js b/src/type/oid.js index a8394874..af488a6d 100644 --- a/src/type/oid.js +++ b/src/type/oid.js @@ -17,8 +17,9 @@ /** * Wrapper to an OID value - *
- * An object identifier type from {@link https://tools.ietf.org/html/rfc6637#section-11|RFC6637, section 11}. + * + * An object identifier type from + * {@link https://tools.ietf.org/html/rfc6637#section-11|RFC6637, section 11}. * @requires util * @requires enums * @module type/oid diff --git a/src/type/s2k.js b/src/type/s2k.js index 74aa0f60..61d358af 100644 --- a/src/type/s2k.js +++ b/src/type/s2k.js @@ -16,8 +16,9 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA /** - * Implementation of the String-to-key specifier ({@link https://tools.ietf.org/html/rfc4880#section-3.7|RFC4880 3.7})
- *
+ * Implementation of the String-to-key specifier + * + * {@link https://tools.ietf.org/html/rfc4880#section-3.7|RFC4880 3.7}: * String-to-key (S2K) specifiers are used to convert passphrase strings * into symmetric-key encryption/decryption keys. They are used in two * places, currently: to encrypt the secret part of private keys in the