Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
yichael
/
AnimationManager
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: e7a81ebec4
Atzari Tagi
AnimationManage...
/
server
/
node_modules
/
@noble
/
hashes
/
src
/
_md.ts

_md.ts 6.3 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176 
  1. /**
    2. 

  2.  * Internal Merkle-Damgard hash utils.
    3. 

  3.  * @module
    4. 

  4.  */
    5. 

  5. import { type Input, Hash, abytes, aexists, aoutput, clean, createView, toBytes } from './utils.ts';
    6. 

  6. 

  7. /** Polyfill for Safari 14. https://caniuse.com/mdn-javascript_builtins_dataview_setbiguint64 */
    8. 

  8. export function setBigUint64(
    9. 

  9.   view: DataView,
    10. 

  10.   byteOffset: number,
    11. 

  11.   value: bigint,
    12. 

  12.   isLE: boolean
    13. 

  13. ): void {
    14. 

  14.   if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE);
    15. 

  15.   const _32n = BigInt(32);
    16. 

  16.   const _u32_max = BigInt(0xffffffff);
    17. 

  17.   const wh = Number((value >> _32n) & _u32_max);
    18. 

  18.   const wl = Number(value & _u32_max);
    19. 

  19.   const h = isLE ? 4 : 0;
    20. 

  20.   const l = isLE ? 0 : 4;
    21. 

  21.   view.setUint32(byteOffset + h, wh, isLE);
    22. 

  22.   view.setUint32(byteOffset + l, wl, isLE);
    23. 

  23. }
    24. 

  24. 

  25. /** Choice: a ? b : c */
    26. 

  26. export function Chi(a: number, b: number, c: number): number {
    27. 

  27.   return (a & b) ^ (~a & c);
    28. 

  28. }
    29. 

  29. 

  30. /** Majority function, true if any two inputs is true. */
    31. 

  31. export function Maj(a: number, b: number, c: number): number {
    32. 

  32.   return (a & b) ^ (a & c) ^ (b & c);
    33. 

  33. }
    34. 

  34. 

  35. /**
    36. 

  36.  * Merkle-Damgard hash construction base class.
    37. 

  37.  * Could be used to create MD5, RIPEMD, SHA1, SHA2.
    38. 

  38.  */
    39. 

  39. export abstract class HashMD<T extends HashMD<T>> extends Hash<T> {
    40. 

  40.   protected abstract process(buf: DataView, offset: number): void;
    41. 

  41.   protected abstract get(): number[];
    42. 

  42.   protected abstract set(...args: number[]): void;
    43. 

  43.   abstract destroy(): void;
    44. 

  44.   protected abstract roundClean(): void;
    45. 

  45. 

  46.   readonly blockLen: number;
    47. 

  47.   readonly outputLen: number;
    48. 

  48.   readonly padOffset: number;
    49. 

  49.   readonly isLE: boolean;
    50. 

  50. 

  51.   // For partial updates less than block size
    52. 

  52.   protected buffer: Uint8Array;
    53. 

  53.   protected view: DataView;
    54. 

  54.   protected finished = false;
    55. 

  55.   protected length = 0;
    56. 

  56.   protected pos = 0;
    57. 

  57.   protected destroyed = false;
    58. 

  58. 

  59.   constructor(blockLen: number, outputLen: number, padOffset: number, isLE: boolean) {
    60. 

  60.     super();
    61. 

  61.     this.blockLen = blockLen;
    62. 

  62.     this.outputLen = outputLen;
    63. 

  63.     this.padOffset = padOffset;
    64. 

  64.     this.isLE = isLE;
    65. 

  65.     this.buffer = new Uint8Array(blockLen);
    66. 

  66.     this.view = createView(this.buffer);
    67. 

  67.   }
    68. 

  68.   update(data: Input): this {
    69. 

  69.     aexists(this);
    70. 

  70.     data = toBytes(data);
    71. 

  71.     abytes(data);
    72. 

  72.     const { view, buffer, blockLen } = this;
    73. 

  73.     const len = data.length;
    74. 

  74.     for (let pos = 0; pos < len; ) {
    75. 

  75.       const take = Math.min(blockLen - this.pos, len - pos);
    76. 

  76.       // Fast path: we have at least one block in input, cast it to view and process
    77. 

  77.       if (take === blockLen) {
    78. 

  78.         const dataView = createView(data);
    79. 

  79.         for (; blockLen <= len - pos; pos += blockLen) this.process(dataView, pos);
    80. 

  80.         continue;
    81. 

  81.       }
    82. 

  82.       buffer.set(data.subarray(pos, pos + take), this.pos);
    83. 

  83.       this.pos += take;
    84. 

  84.       pos += take;
    85. 

  85.       if (this.pos === blockLen) {
    86. 

  86.         this.process(view, 0);
    87. 

  87.         this.pos = 0;
    88. 

  88.       }
    89. 

  89.     }
    90. 

  90.     this.length += data.length;
    91. 

  91.     this.roundClean();
    92. 

  92.     return this;
    93. 

  93.   }
    94. 

  94.   digestInto(out: Uint8Array): void {
    95. 

  95.     aexists(this);
    96. 

  96.     aoutput(out, this);
    97. 

  97.     this.finished = true;
    98. 

  98.     // Padding
    99. 

  99.     // We can avoid allocation of buffer for padding completely if it
    100. 

  100.     // was previously not allocated here. But it won't change performance.
    101. 

  101.     const { buffer, view, blockLen, isLE } = this;
    102. 

  102.     let { pos } = this;
    103. 

  103.     // append the bit '1' to the message
    104. 

  104.     buffer[pos++] = 0b10000000;
    105. 

  105.     clean(this.buffer.subarray(pos));
    106. 

  106.     // we have less than padOffset left in buffer, so we cannot put length in
    107. 

  107.     // current block, need process it and pad again
    108. 

  108.     if (this.padOffset > blockLen - pos) {
    109. 

  109.       this.process(view, 0);
    110. 

  110.       pos = 0;
    111. 

  111.     }
    112. 

  112.     // Pad until full block byte with zeros
    113. 

  113.     for (let i = pos; i < blockLen; i++) buffer[i] = 0;
    114. 

  114.     // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that
    115. 

  115.     // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen.
    116. 

  116.     // So we just write lowest 64 bits of that value.
    117. 

  117.     setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE);
    118. 

  118.     this.process(view, 0);
    119. 

  119.     const oview = createView(out);
    120. 

  120.     const len = this.outputLen;
    121. 

  121.     // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT
    122. 

  122.     if (len % 4) throw new Error('_sha2: outputLen should be aligned to 32bit');
    123. 

  123.     const outLen = len / 4;
    124. 

  124.     const state = this.get();
    125. 

  125.     if (outLen > state.length) throw new Error('_sha2: outputLen bigger than state');
    126. 

  126.     for (let i = 0; i < outLen; i++) oview.setUint32(4 * i, state[i], isLE);
    127. 

  127.   }
    128. 

  128.   digest(): Uint8Array {
    129. 

  129.     const { buffer, outputLen } = this;
    130. 

  130.     this.digestInto(buffer);
    131. 

  131.     const res = buffer.slice(0, outputLen);
    132. 

  132.     this.destroy();
    133. 

  133.     return res;
    134. 

  134.   }
    135. 

  135.   _cloneInto(to?: T): T {
    136. 

  136.     to ||= new (this.constructor as any)() as T;
    137. 

  137.     to.set(...this.get());
    138. 

  138.     const { blockLen, buffer, length, finished, destroyed, pos } = this;
    139. 

  139.     to.destroyed = destroyed;
    140. 

  140.     to.finished = finished;
    141. 

  141.     to.length = length;
    142. 

  142.     to.pos = pos;
    143. 

  143.     if (length % blockLen) to.buffer.set(buffer);
    144. 

  144.     return to;
    145. 

  145.   }
    146. 

  146.   clone(): T {
    147. 

  147.     return this._cloneInto();
    148. 

  148.   }
    149. 

  149. }
    150. 

  150. 

  151. /**
    152. 

  152.  * Initial SHA-2 state: fractional parts of square roots of first 16 primes 2..53.
    153. 

  153.  * Check out `test/misc/sha2-gen-iv.js` for recomputation guide.
    154. 

  154.  */
    155. 

  155. 

  156. /** Initial SHA256 state. Bits 0..32 of frac part of sqrt of primes 2..19 */
    157. 

  157. export const SHA256_IV: Uint32Array = /* @__PURE__ */ Uint32Array.from([
    158. 

  158.   0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19,
    159. 

  159. ]);
    160. 

  160. 

  161. /** Initial SHA224 state. Bits 32..64 of frac part of sqrt of primes 23..53 */
    162. 

  162. export const SHA224_IV: Uint32Array = /* @__PURE__ */ Uint32Array.from([
    163. 

  163.   0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4,
    164. 

  164. ]);
    165. 

  165. 

  166. /** Initial SHA384 state. Bits 0..64 of frac part of sqrt of primes 23..53 */
    167. 

  167. export const SHA384_IV: Uint32Array = /* @__PURE__ */ Uint32Array.from([
    168. 

  168.   0xcbbb9d5d, 0xc1059ed8, 0x629a292a, 0x367cd507, 0x9159015a, 0x3070dd17, 0x152fecd8, 0xf70e5939,
    169. 

  169.   0x67332667, 0xffc00b31, 0x8eb44a87, 0x68581511, 0xdb0c2e0d, 0x64f98fa7, 0x47b5481d, 0xbefa4fa4,
    170. 

  170. ]);
    171. 

  171. 

  172. /** Initial SHA512 state. Bits 0..64 of frac part of sqrt of primes 2..19 */
    173. 

  173. export const SHA512_IV: Uint32Array = /* @__PURE__ */ Uint32Array.from([
    174. 

  174.   0x6a09e667, 0xf3bcc908, 0xbb67ae85, 0x84caa73b, 0x3c6ef372, 0xfe94f82b, 0xa54ff53a, 0x5f1d36f1,
    175. 

  175.   0x510e527f, 0xade682d1, 0x9b05688c, 0x2b3e6c1f, 0x1f83d9ab, 0xfb41bd6b, 0x5be0cd19, 0x137e2179,
    176. 

  176. ]);
    177.