lycan/sha3.js

22 lines
14 KiB
JavaScript

/**
* A JavaScript implementation of the SHA family of hashes - defined in FIPS PUB 180-4, FIPS PUB 202,
* and SP 800-185 - as well as the corresponding HMAC implementation as defined in FIPS PUB 198-1.
*
* Copyright 2008-2020 Brian Turek, 1998-2009 Paul Johnston & Contributors
* Distributed under the BSD License
* See http://caligatio.github.com/jsSHA/ for more information
*
* Two ECMAScript polyfill functions carry the following license:
*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
*
* THIS CODE IS PROVIDED ON AN *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED,
* INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE,
* MERCHANTABLITY OR NON-INFRINGEMENT.
*
* See the Apache Version 2.0 License for specific language governing permissions and limitations under the License.
*/
!function(r,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(r="undefined"!=typeof globalThis?globalThis:r||self).jsSHA=t()}(this,(function(){"use strict";var r=function(t,n){return(r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(r,t){r.__proto__=t}||function(r,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(r[n]=t[n])})(t,n)};var t="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function n(r,t,n,e){var i,o,s,u=t||[0],f=(n=n||0)>>>3,a=-1===e?3:0;for(i=0;i<r.length;i+=1)o=(s=i+f)>>>2,u.length<=o&&u.push(0),u[o]|=r[i]<<8*(a+e*(s%4));return{value:u,binLen:8*r.length+n}}function e(r,e,i){switch(e){case"UTF8":case"UTF16BE":case"UTF16LE":break;default:throw new Error("encoding must be UTF8, UTF16BE, or UTF16LE")}switch(r){case"HEX":return function(r,t,n){return function(r,t,n,e){var i,o,s,u;if(0!=r.length%2)throw new Error("String of HEX type must be in byte increments");var f=t||[0],a=(n=n||0)>>>3,h=-1===e?3:0;for(i=0;i<r.length;i+=2){if(o=parseInt(r.substr(i,2),16),isNaN(o))throw new Error("String of HEX type contains invalid characters");for(s=(u=(i>>>1)+a)>>>2;f.length<=s;)f.push(0);f[s]|=o<<8*(h+e*(u%4))}return{value:f,binLen:4*r.length+n}}(r,t,n,i)};case"TEXT":return function(r,t,n){return function(r,t,n,e,i){var o,s,u,f,a,h,c,w,v=0,l=n||[0],E=(e=e||0)>>>3;if("UTF8"===t)for(c=-1===i?3:0,u=0;u<r.length;u+=1)for(s=[],128>(o=r.charCodeAt(u))?s.push(o):2048>o?(s.push(192|o>>>6),s.push(128|63&o)):55296>o||57344<=o?s.push(224|o>>>12,128|o>>>6&63,128|63&o):(u+=1,o=65536+((1023&o)<<10|1023&r.charCodeAt(u)),s.push(240|o>>>18,128|o>>>12&63,128|o>>>6&63,128|63&o)),f=0;f<s.length;f+=1){for(a=(h=v+E)>>>2;l.length<=a;)l.push(0);l[a]|=s[f]<<8*(c+i*(h%4)),v+=1}else for(c=-1===i?2:0,w="UTF16LE"===t&&1!==i||"UTF16LE"!==t&&1===i,u=0;u<r.length;u+=1){for(o=r.charCodeAt(u),!0===w&&(o=(f=255&o)<<8|o>>>8),a=(h=v+E)>>>2;l.length<=a;)l.push(0);l[a]|=o<<8*(c+i*(h%4)),v+=2}return{value:l,binLen:8*v+e}}(r,e,t,n,i)};case"B64":return function(r,n,e){return function(r,n,e,i){var o,s,u,f,a,h,c=0,w=n||[0],v=(e=e||0)>>>3,l=-1===i?3:0,E=r.indexOf("=");if(-1===r.search(/^[a-zA-Z0-9=+/]+$/))throw new Error("Invalid character in base-64 string");if(r=r.replace(/=/g,""),-1!==E&&E<r.length)throw new Error("Invalid '=' found in base-64 string");for(o=0;o<r.length;o+=4){for(f=r.substr(o,4),u=0,s=0;s<f.length;s+=1)u|=t.indexOf(f.charAt(s))<<18-6*s;for(s=0;s<f.length-1;s+=1){for(a=(h=c+v)>>>2;w.length<=a;)w.push(0);w[a]|=(u>>>16-8*s&255)<<8*(l+i*(h%4)),c+=1}}return{value:w,binLen:8*c+e}}(r,n,e,i)};case"BYTES":return function(r,t,n){return function(r,t,n,e){var i,o,s,u,f=t||[0],a=(n=n||0)>>>3,h=-1===e?3:0;for(o=0;o<r.length;o+=1)i=r.charCodeAt(o),s=(u=o+a)>>>2,f.length<=s&&f.push(0),f[s]|=i<<8*(h+e*(u%4));return{value:f,binLen:8*r.length+n}}(r,t,n,i)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(r){throw new Error("ARRAYBUFFER not supported by this environment")}return function(r,t,e){return function(r,t,e,i){return n(new Uint8Array(r),t,e,i)}(r,t,e,i)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(r){throw new Error("UINT8ARRAY not supported by this environment")}return function(r,t,e){return n(r,t,e,i)};default:throw new Error("format must be HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function i(r,n,e,i){switch(r){case"HEX":return function(r){return function(r,t,n,e){var i,o,s="",u=t/8,f=-1===n?3:0;for(i=0;i<u;i+=1)o=r[i>>>2]>>>8*(f+n*(i%4)),s+="0123456789abcdef".charAt(o>>>4&15)+"0123456789abcdef".charAt(15&o);return e.outputUpper?s.toUpperCase():s}(r,n,e,i)};case"B64":return function(r){return function(r,n,e,i){var o,s,u,f,a,h="",c=n/8,w=-1===e?3:0;for(o=0;o<c;o+=3)for(f=o+1<c?r[o+1>>>2]:0,a=o+2<c?r[o+2>>>2]:0,u=(r[o>>>2]>>>8*(w+e*(o%4))&255)<<16|(f>>>8*(w+e*((o+1)%4))&255)<<8|a>>>8*(w+e*((o+2)%4))&255,s=0;s<4;s+=1)h+=8*o+6*s<=n?t.charAt(u>>>6*(3-s)&63):i.b64Pad;return h}(r,n,e,i)};case"BYTES":return function(r){return function(r,t,n){var e,i,o="",s=t/8,u=-1===n?3:0;for(e=0;e<s;e+=1)i=r[e>>>2]>>>8*(u+n*(e%4))&255,o+=String.fromCharCode(i);return o}(r,n,e)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(r){throw new Error("ARRAYBUFFER not supported by this environment")}return function(r){return function(r,t,n){var e,i=t/8,o=new ArrayBuffer(i),s=new Uint8Array(o),u=-1===n?3:0;for(e=0;e<i;e+=1)s[e]=r[e>>>2]>>>8*(u+n*(e%4))&255;return o}(r,n,e)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(r){throw new Error("UINT8ARRAY not supported by this environment")}return function(r){return function(r,t,n){var e,i=t/8,o=-1===n?3:0,s=new Uint8Array(i);for(e=0;e<i;e+=1)s[e]=r[e>>>2]>>>8*(o+n*(e%4))&255;return s}(r,n,e)};default:throw new Error("format must be HEX, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function o(r,t){var n,e,i=r.binLen>>>3,o=t.binLen>>>3,s=i<<3,u=4-i<<3;if(i%4!=0){for(n=0;n<o;n+=4)e=i+n>>>2,r.value[e]|=t.value[n>>>2]<<s,r.value.push(0),r.value[e+1]|=t.value[n>>>2]>>>u;return(r.value.length<<2)-4>=o+i&&r.value.pop(),{value:r.value,binLen:r.binLen+t.binLen}}return{value:r.value.concat(t.value),binLen:r.binLen+t.binLen}}function s(r){var t={outputUpper:!1,b64Pad:"=",outputLen:-1},n=r||{},e="Output length must be a multiple of 8";if(t.outputUpper=n.outputUpper||!1,n.b64Pad&&(t.b64Pad=n.b64Pad),n.outputLen){if(n.outputLen%8!=0)throw new Error(e);t.outputLen=n.outputLen}else if(n.shakeLen){if(n.shakeLen%8!=0)throw new Error(e);t.outputLen=n.shakeLen}if("boolean"!=typeof t.outputUpper)throw new Error("Invalid outputUpper formatting option");if("string"!=typeof t.b64Pad)throw new Error("Invalid b64Pad formatting option");return t}function u(r,t,n,i){var o=r+" must include a value and format";if(!t){if(!i)throw new Error(o);return i}if(void 0===t.value||!t.format)throw new Error(o);return e(t.format,t.encoding||"UTF8",n)(t.value)}var f=function(){function r(r,t,n){var e=n||{};if(this.t=t,this.i=e.encoding||"UTF8",this.numRounds=e.numRounds||1,isNaN(this.numRounds)||this.numRounds!==parseInt(this.numRounds,10)||1>this.numRounds)throw new Error("numRounds must a integer >= 1");this.o=r,this.s=[],this.u=0,this.h=!1,this.v=0,this.l=!1,this.A=[],this.p=[]}return r.prototype.update=function(r){var t,n=0,e=this.m>>>5,i=this.R(r,this.s,this.u),o=i.binLen,s=i.value,u=o>>>5;for(t=0;t<u;t+=e)n+this.m<=o&&(this.U=this.T(s.slice(t,t+e),this.U),n+=this.m);this.v+=n,this.s=s.slice(n>>>5),this.u=o%this.m,this.h=!0},r.prototype.getHash=function(r,t){var n,e,o=this.F,u=s(t);if(this.C){if(-1===u.outputLen)throw new Error("Output length must be specified in options");o=u.outputLen}var f=i(r,o,this.H,u);if(this.l&&this.B)return f(this.B(u));for(e=this.L(this.s.slice(),this.u,this.v,this.S(this.U),o),n=1;n<this.numRounds;n+=1)this.C&&o%32!=0&&(e[e.length-1]&=16777215>>>24-o%32),e=this.L(e,o,0,this.g(this.o),o);return f(e)},r.prototype.setHMACKey=function(r,t,n){if(!this.k)throw new Error("Variant does not support HMAC");if(this.h)throw new Error("Cannot set MAC key after calling update");var i=e(t,(n||{}).encoding||"UTF8",this.H);this.Y(i(r))},r.prototype.Y=function(r){var t,n=this.m>>>3,e=n/4-1;if(1!==this.numRounds)throw new Error("Cannot set numRounds with MAC");if(this.l)throw new Error("MAC key already set");for(n<r.binLen/8&&(r.value=this.L(r.value,r.binLen,0,this.g(this.o),this.F));r.value.length<=e;)r.value.push(0);for(t=0;t<=e;t+=1)this.A[t]=909522486^r.value[t],this.p[t]=1549556828^r.value[t];this.U=this.T(this.A,this.U),this.v=this.m,this.l=!0},r.prototype.getHMAC=function(r,t){var n=s(t);return i(r,this.F,this.H,n)(this.N())},r.prototype.N=function(){var r;if(!this.l)throw new Error("Cannot call getHMAC without first setting MAC key");var t=this.L(this.s.slice(),this.u,this.v,this.S(this.U),this.F);return r=this.T(this.p,this.g(this.o)),r=this.L(t,this.F,this.m,r,this.F)},r}(),a=function(r,t){this.I=r,this.K=t};function h(r,t){var n;return t>32?(n=64-t,new a(r.K<<t|r.I>>>n,r.I<<t|r.K>>>n)):0!==t?(n=32-t,new a(r.I<<t|r.K>>>n,r.K<<t|r.I>>>n)):r}function c(r,t){return new a(r.I^t.I,r.K^t.K)}var w=[new a(0,1),new a(0,32898),new a(2147483648,32906),new a(2147483648,2147516416),new a(0,32907),new a(0,2147483649),new a(2147483648,2147516545),new a(2147483648,32777),new a(0,138),new a(0,136),new a(0,2147516425),new a(0,2147483658),new a(0,2147516555),new a(2147483648,139),new a(2147483648,32905),new a(2147483648,32771),new a(2147483648,32770),new a(2147483648,128),new a(0,32778),new a(2147483648,2147483658),new a(2147483648,2147516545),new a(2147483648,32896),new a(0,2147483649),new a(2147483648,2147516424)],v=[[0,36,3,41,18],[1,44,10,45,2],[62,6,43,15,61],[28,55,25,21,56],[27,20,39,8,14]];function l(r){var t,n=[];for(t=0;t<5;t+=1)n[t]=[new a(0,0),new a(0,0),new a(0,0),new a(0,0),new a(0,0)];return n}function E(r){var t,n=[];for(t=0;t<5;t+=1)n[t]=r[t].slice();return n}function A(r,t){var n,e,i,o,s,u,f,E,A,b=[],d=[];if(null!==r)for(e=0;e<r.length;e+=2)t[(e>>>1)%5][(e>>>1)/5|0]=c(t[(e>>>1)%5][(e>>>1)/5|0],new a(r[e+1],r[e]));for(n=0;n<24;n+=1){for(o=l(),e=0;e<5;e+=1)b[e]=(s=t[e][0],u=t[e][1],f=t[e][2],E=t[e][3],A=t[e][4],new a(s.I^u.I^f.I^E.I^A.I,s.K^u.K^f.K^E.K^A.K));for(e=0;e<5;e+=1)d[e]=c(b[(e+4)%5],h(b[(e+1)%5],1));for(e=0;e<5;e+=1)for(i=0;i<5;i+=1)t[e][i]=c(t[e][i],d[e]);for(e=0;e<5;e+=1)for(i=0;i<5;i+=1)o[i][(2*e+3*i)%5]=h(t[e][i],v[e][i]);for(e=0;e<5;e+=1)for(i=0;i<5;i+=1)t[e][i]=c(o[e][i],new a(~o[(e+1)%5][i].I&o[(e+2)%5][i].I,~o[(e+1)%5][i].K&o[(e+2)%5][i].K));t[0][0]=c(t[0][0],w[n])}return t}function b(r){var t,n,e=0,i=[0,0],o=[4294967295&r,r/4294967296&2097151];for(t=6;t>=0;t--)0===(n=o[t>>2]>>>8*t&255)&&0===e||(i[e+1>>2]|=n<<8*(e+1),e+=1);return e=0!==e?e:1,i[0]|=e,{value:e+1>4?i:[i[0]],binLen:8+8*e}}function d(r){return o(b(r.binLen),r)}function p(r,t){var n,e=b(t),i=t>>>2,s=(i-(e=o(e,r)).value.length%i)%i;for(n=0;n<s;n++)e.value.push(0);return e.value}return function(t){function n(r,n,i){var o=this,s=6,f=0,a=i||{};if(1!==(o=t.call(this,r,n,i)||this).numRounds){if(a.kmacKey||a.hmacKey)throw new Error("Cannot set numRounds with MAC");if("CSHAKE128"===o.o||"CSHAKE256"===o.o)throw new Error("Cannot set numRounds for CSHAKE variants")}switch(o.H=1,o.R=e(o.t,o.i,o.H),o.T=A,o.S=E,o.g=l,o.U=l(),o.C=!1,r){case"SHA3-224":o.m=f=1152,o.F=224,o.k=!0,o.B=o.N;break;case"SHA3-256":o.m=f=1088,o.F=256,o.k=!0,o.B=o.N;break;case"SHA3-384":o.m=f=832,o.F=384,o.k=!0,o.B=o.N;break;case"SHA3-512":o.m=f=576,o.F=512,o.k=!0,o.B=o.N;break;case"SHAKE128":s=31,o.m=f=1344,o.F=-1,o.C=!0,o.k=!1,o.B=null;break;case"SHAKE256":s=31,o.m=f=1088,o.F=-1,o.C=!0,o.k=!1,o.B=null;break;case"KMAC128":s=4,o.m=f=1344,o.M(i),o.F=-1,o.C=!0,o.k=!1,o.B=o.X;break;case"KMAC256":s=4,o.m=f=1088,o.M(i),o.F=-1,o.C=!0,o.k=!1,o.B=o.X;break;case"CSHAKE128":o.m=f=1344,s=o.O(i),o.F=-1,o.C=!0,o.k=!1,o.B=null;break;case"CSHAKE256":o.m=f=1088,s=o.O(i),o.F=-1,o.C=!0,o.k=!1,o.B=null;break;default:throw new Error("Chosen SHA variant is not supported")}return o.L=function(r,t,n,e,i){return function(r,t,n,e,i,o,s){var u,f,a=0,h=[],c=i>>>5,w=t>>>5;for(u=0;u<w&&t>=i;u+=c)e=A(r.slice(u,u+c),e),t-=i;for(r=r.slice(u),t%=i;r.length<c;)r.push(0);for(r[(u=t>>>3)>>2]^=o<<u%4*8,r[c-1]^=2147483648,e=A(r,e);32*h.length<s&&(f=e[a%5][a/5|0],h.push(f.K),!(32*h.length>=s));)h.push(f.I),0==64*(a+=1)%i&&(A(null,e),a=0);return h}(r,t,0,e,f,s,i)},a.hmacKey&&o.Y(u("hmacKey",a.hmacKey,o.H)),o}return function(t,n){function e(){this.constructor=t}r(t,n),t.prototype=null===n?Object.create(n):(e.prototype=n.prototype,new e)}(n,t),n.prototype.O=function(r,t){var n=function(r){var t=r||{};return{funcName:u("funcName",t.funcName,1,{value:[],binLen:0}),customization:u("Customization",t.customization,1,{value:[],binLen:0})}}(r||{});t&&(n.funcName=t);var e=o(d(n.funcName),d(n.customization));if(0!==n.customization.binLen||0!==n.funcName.binLen){for(var i=p(e,this.m>>>3),s=0;s<i.length;s+=this.m>>>5)this.U=this.T(i.slice(s,s+(this.m>>>5)),this.U),this.v+=this.m;return 4}return 31},n.prototype.M=function(r){var t=function(r){var t=r||{};return{kmacKey:u("kmacKey",t.kmacKey,1),funcName:{value:[1128353099],binLen:32},customization:u("Customization",t.customization,1,{value:[],binLen:0})}}(r||{});this.O(r,t.funcName);for(var n=p(d(t.kmacKey),this.m>>>3),e=0;e<n.length;e+=this.m>>>5)this.U=this.T(n.slice(e,e+(this.m>>>5)),this.U),this.v+=this.m;this.l=!0},n.prototype.X=function(r){var t=o({value:this.s.slice(),binLen:this.u},function(r){var t,n,e=0,i=[0,0],o=[4294967295&r,r/4294967296&2097151];for(t=6;t>=0;t--)0==(n=o[t>>2]>>>8*t&255)&&0===e||(i[e>>2]|=n<<8*e,e+=1);return i[(e=0!==e?e:1)>>2]|=e<<8*e,{value:e+1>4?i:[i[0]],binLen:8+8*e}}(r.outputLen));return this.L(t.value,t.binLen,this.v,this.S(this.U),r.outputLen)},n}(f)}));