Merge pull request #43 from PeculiarVentures:shake

Support shake128 and shake256 mechanisms
2022-02-24 23:48:44 +03:00 · 2022-02-24 23:48:44 +03:00 · 7221414fbb
parent e708ea5e9c cd5a451ba5
commit 7221414fbb
12 changed files with 744 additions and 694 deletions
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@ -0,0 +1,102 @@
+name: publish
+
+on:
+  pull_request:
+    branches:
+      - master
+    types: [closed]
+
+env:
+  CI: true
+  ACTIONS_ALLOW_UNSECURE_COMMANDS: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Pull Request Merged
+        if: github.event.pull_request.merged == false
+        run: |
+          echo 'The pull request has not been merged'
+          exit 1
+
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set git config
+        run: |
+          git config user.name github-actions
+          git config user.email github-actions@github.com
+
+      - name: Use Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16.x
+          registry-url: "https://registry.npmjs.org"
+
+      - name: Setup .npmrc
+        shell: bash
+        run: |
+          npm set //registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}
+
+      - name: Ensure access
+        shell: bash
+        run: npm whoami --registry https://registry.npmjs.org/
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}
+
+      - name: Install global dependencies
+        run: npm i standard-version -g
+
+      - name: Install dependencies
+        run: npm i
+
+      - name: Get Prev Version
+        shell: bash -ex {0}
+        run: |
+          PREV_VERSION=$(node -p 'require("./package.json").version')
+          echo "::set-env name=PREV_VERSION::${PREV_VERSION}"
+
+      - name: Bump version
+        run: |
+          standard-version
+
+      - name: Get Current Version
+        shell: bash -ex {0}
+        run: |
+          CURRENT_VERSION=$(node -p 'require("./package.json").version')
+          echo "::set-env name=CURRENT_VERSION::${CURRENT_VERSION}"
+
+      - name: Publish
+        if: env.PREV_VERSION != env.CURRENT_VERSION
+        run: |
+          npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }}
+
+      - name: Push changes
+        uses: ad-m/github-push-action@v0.6.0
+        if: env.PREV_VERSION != env.CURRENT_VERSION
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.ref }}
+          tags: true
+
+      - name: Create comment
+        uses: actions/github-script@0.8.0
+        if: env.PREV_VERSION != env.CURRENT_VERSION
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            github.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'NPM package v${{ env.CURRENT_VERSION }} has been published 🎉'
+            })
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -1,6 +1,14 @@
 name: test

-on: [push, pull_request]
+on:
+  push:
+    branches:
+      - "*"
+      - "!master"
+  pull_request:
+    branches:
+      - "*"
+      - "!master"

 jobs:
  build:
--- a/README.md
+++ b/README.md
@ -55,6 +55,8 @@ npm install @peculiar/webcrypto
 | PBKDF2            |             |         |       X       |             |                 |                   |    X    |
 | DES-CBC<sup>2</sup>|      X      |         |       X       |             |        X        |         X         |         |
 | DES-EDE3-CBC<sup>2</sup>|      X      |         |       X       |             |        X        |         X         |         |
+| shake128<sup>2</sup>|             |    X    |               |             |                 |                   |         |
+| shake256<sup>2</sup>|             |    X    |               |             |                 |                   |         |

 <sup>1</sup> Mechanism supports extended list of named curves `P-256`, `P-384`, `P-521`, `K-256`, 
 `brainpoolP160r1`, `brainpoolP160t1`, `brainpoolP192r1`, `brainpoolP192t1`, `brainpoolP224r1`, `brainpoolP224t1`, `brainpoolP256r1`, `brainpoolP256t1`, `brainpoolP320r1`, `brainpoolP320t1`, `brainpoolP384r1`, `brainpoolP384t1`, `brainpoolP512r1`, and `brainpoolP512t1`
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -47,7 +47,9 @@
    "x25519",
    "ed25519",
    "x448",
-    "ed448"
+    "ed448",
+    "shake128",
+    "shake256"
  ],
  "author": "PeculiarVentures",
  "contributors": [
@ -61,20 +63,20 @@
  "banner": "// Copyright (c) 2021, Peculiar Ventures, All rights reserved.",
  "devDependencies": {
    "@peculiar/webcrypto-test": "^1.0.7",
-    "@types/mocha": "^9.0.0",
+    "@types/mocha": "^9.1.0",
    "@types/node": "^16.11.10",
-    "@typescript-eslint/eslint-plugin": "^5.4.0",
-    "@typescript-eslint/parser": "^5.4.0",
+    "@typescript-eslint/eslint-plugin": "^5.12.1",
+    "@typescript-eslint/parser": "^5.12.1",
    "coveralls": "^3.1.1",
-    "eslint": "^8.3.0",
-    "eslint-plugin-import": "^2.25.3",
-    "mocha": "^9.1.3",
+    "eslint": "^8.9.0",
+    "eslint-plugin-import": "^2.25.4",
+    "mocha": "^9.2.1",
    "nyc": "^15.1.0",
    "rimraf": "^3.0.2",
-    "rollup": "^2.60.1",
-    "rollup-plugin-typescript2": "^0.31.1",
-    "ts-node": "^10.4.0",
-    "typescript": "^4.5.2"
+    "rollup": "^2.68.0",
+    "rollup-plugin-typescript2": "^0.31.2",
+    "ts-node": "^10.5.0",
+    "typescript": "^4.5.5"
  },
  "dependencies": {
    "@peculiar/asn1-schema": "^2.0.44",
--- a/src/mechs/index.ts
+++ b/src/mechs/index.ts
@ -7,3 +7,4 @@ export * from "./sha";
 export * from "./pbkdf";
 export * from "./hmac";
 export * from "./hkdf";
+export * from "./shake";
--- a/src/mechs/shake/crypto.ts
+++ b/src/mechs/shake/crypto.ts
@ -0,0 +1,11 @@
+import crypto from "crypto";
+
+export class ShakeCrypto {
+
+  public static digest(algorithm: Algorithm, data: ArrayBuffer) {
+    const hash = crypto.createHash(algorithm.name.toLowerCase())
+      .update(Buffer.from(data)).digest();
+    return new Uint8Array(hash).buffer;
+  }
+
+}
--- a/src/mechs/shake/index.ts
+++ b/src/mechs/shake/index.ts
@ -0,0 +1,3 @@
+export * from "./crypto";
+export * from "./shake128";
+export * from "./shake256";
--- a/src/mechs/shake/shake128.ts
+++ b/src/mechs/shake/shake128.ts
@ -0,0 +1,12 @@
+import * as core from "webcrypto-core";
+import { ShakeCrypto } from "./crypto";
+
+export class Shake128Provider extends core.ProviderCrypto {
+  public name = "shake128";
+  public usages = [];
+
+  public async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+    return ShakeCrypto.digest(algorithm, data);
+  }
+
+}
--- a/src/mechs/shake/shake256.ts
+++ b/src/mechs/shake/shake256.ts
@ -0,0 +1,12 @@
+import * as core from "webcrypto-core";
+import { ShakeCrypto } from "./crypto";
+
+export class Shake256Provider extends core.ProviderCrypto {
+  public name = "shake256";
+  public usages = [];
+
+  public async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+    return ShakeCrypto.digest(algorithm, data);
+  }
+
+}
--- a/src/subtle.ts
+++ b/src/subtle.ts
@ -11,6 +11,7 @@ import {
  Pbkdf2Provider,
  RsaEsProvider, RsaOaepProvider, RsaPssProvider, RsaSsaProvider,
  Sha1Provider, Sha256Provider, Sha384Provider, Sha512Provider,
+  Shake128Provider, Shake256Provider,
 } from "./mechs";

 export class SubtleCrypto extends core.SubtleCrypto {
@ -63,6 +64,13 @@ export class SubtleCrypto extends core.SubtleCrypto {
    //#endregion

    const nodeMajorVersion = /^v(\d+)/.exec(process.version)?.[1];
+    if (nodeMajorVersion && parseInt(nodeMajorVersion, 10) >= 12) {
+      //#region SHAKE
+      this.providers.set(new Shake128Provider());
+      this.providers.set(new Shake256Provider());
+      //#endregion
+    }
+
    if (nodeMajorVersion && parseInt(nodeMajorVersion, 10) >= 14) {
      //#region EdDSA
      this.providers.set(new EdDsaProvider());
--- a/test/crypto.ts
+++ b/test/crypto.ts
@ -226,4 +226,22 @@ context("Crypto", () => {
    assert.strictEqual(hmacKey.algorithm.name, "HMAC");
  });

+  context("shake digest", () => {
+
+    const data = Buffer.from("test data");
+
+    it("shake128", async () => {
+      const hash = await crypto.subtle.digest("shake128", data);
+
+      assert.strictEqual(Buffer.from(hash).toString("hex"), "ae3bdcf04986a8e7ddd99ac948254693");
+    });
+
+    it("shake256", async () => {
+      const hash = await crypto.subtle.digest("shake256", data);
+      
+      assert.strictEqual(Buffer.from(hash).toString("hex"), "be15253026b9a85e01ae54b1939284e8e514fbdad2a3bd5c1c0f437e60548e26");
+    });
+
+  });
+
 });