├── .gitignore ├── .npmignore ├── .travis.yml ├── LICENSE ├── README.md ├── nacl-auth.js ├── nacl-auth.min.js ├── package.json ├── test ├── benchmark │ └── bench.js ├── data │ └── hmac.random.js ├── generate_data │ └── hmac.go └── test.js └── yarn.lock /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | bower_components 3 | -------------------------------------------------------------------------------- /.npmignore: -------------------------------------------------------------------------------- 1 | .travis.yml 2 | bower.json 3 | bower_components 4 | test 5 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: node_js 2 | node_js: 3 | - "0.10" 4 | - "0.11" 5 | - "0.12" 6 | - "iojs" 7 | script: "npm test" 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | This is free and unencumbered software released into the public domain. 2 | 3 | Anyone is free to copy, modify, publish, use, compile, sell, or 4 | distribute this software, either in source code form or as a compiled 5 | binary, for any purpose, commercial or non-commercial, and by any 6 | means. 7 | 8 | In jurisdictions that recognize copyright laws, the author or authors 9 | of this software dedicate any and all copyright interest in the 10 | software to the public domain. We make this dedication for the benefit 11 | of the public at large and to the detriment of our heirs and 12 | successors. We intend this dedication to be an overt act of 13 | relinquishment in perpetuity of all present and future rights to this 14 | software under copyright law. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 19 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR 20 | OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 21 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 | OTHER DEALINGS IN THE SOFTWARE. 23 | 24 | For more information, please refer to 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | HMAC-SHA-512-256 for TweetNacl.js 2 | ================================= 3 | 4 | Implementation of 5 | (requires [TweetNaCl.js](https://github.com/dchest/tweetnacl-js)). 6 | 7 | Written in 2014 by Dmitry Chestnykh. Public domain. 8 | 9 | [![Build Status](https://travis-ci.org/dchest/tweetnacl-auth-js.svg?branch=master) 10 | ](https://travis-ci.org/dchest/tweetnacl-auth-js) 11 | 12 | 13 | Installation 14 | ------------ 15 | 16 | Via NPM: 17 | 18 | $ npm install tweetnacl-auth 19 | 20 | or just download `nacl-auth.js` or `nacl-auth.min.js` and include it after 21 | TweetNaCl.js: 22 | 23 | ```html 24 | 25 | 26 | ``` 27 | 28 | If using a CommonJS environment, such as Node.js, you can import it into `nacl` 29 | namespace: 30 | 31 | ```javascript 32 | var nacl = require('tweetnacl'); 33 | nacl.auth = require('tweetnacl-auth'); 34 | ``` 35 | 36 | 37 | Usage 38 | ----- 39 | 40 | 41 | ### nacl.auth(message, key) 42 | 43 | Authenticates the given message with the secret key. 44 | (In other words, returns HMAC-SHA-512-256 of the message under the key.) 45 | 46 | 47 | ### nacl.auth.full(message, key) 48 | 49 | Returns HMAC-SHA-512 (without truncation) of the message under the key 50 | 51 | ### nacl.auth.authLength = 32 52 | 53 | Length of authenticator returned by `nacl.auth`. 54 | 55 | ### nacl.auth.authFullLength = 64 56 | 57 | Length of authenticator returned by `nacl.auth.full`. 58 | 59 | ### nacl.auth.keyLength = 32 60 | 61 | Length of key for `nacl.auth` and `nacl.auth.full` (key length is currently not 62 | enforced). 63 | -------------------------------------------------------------------------------- /nacl-auth.js: -------------------------------------------------------------------------------- 1 | (function(root, f) { 2 | 'use strict'; 3 | if (typeof module !== 'undefined' && module.exports) module.exports = f(require('tweetnacl')); 4 | else root.nacl.auth = f(root.nacl); 5 | 6 | }(this, function(nacl) { 7 | 'use strict'; 8 | 9 | if (!nacl) throw new Error('tweetnacl not loaded'); 10 | 11 | var BLOCK_SIZE = 128, HASH_SIZE = 64; 12 | 13 | function hmac(message, key) { 14 | var buf = new Uint8Array(BLOCK_SIZE + Math.max(HASH_SIZE, message.length)); 15 | var i, innerHash; 16 | 17 | if (key.length > BLOCK_SIZE) 18 | key = nacl.hash(key); 19 | 20 | for (i = 0; i < BLOCK_SIZE; i++) buf[i] = 0x36; 21 | for (i = 0; i < key.length; i++) buf[i] ^= key[i]; 22 | buf.set(message, BLOCK_SIZE); 23 | innerHash = nacl.hash(buf.subarray(0, BLOCK_SIZE + message.length)); 24 | 25 | for (i = 0; i < BLOCK_SIZE; i++) buf[i] = 0x5c; 26 | for (i = 0; i < key.length; i++) buf[i] ^= key[i]; 27 | buf.set(innerHash, BLOCK_SIZE); 28 | return nacl.hash(buf.subarray(0, BLOCK_SIZE + innerHash.length)); 29 | } 30 | 31 | function auth(message, key) { 32 | var out = new Uint8Array(32); 33 | out.set(hmac(message, key).subarray(0, 32)); 34 | return out; 35 | } 36 | 37 | auth.full = function (message, key) { 38 | return hmac(message, key); 39 | }; 40 | 41 | auth.authLength = 32; 42 | auth.authFullLength = 64; 43 | auth.keyLength = 32; 44 | 45 | return auth; 46 | 47 | })); 48 | -------------------------------------------------------------------------------- /nacl-auth.min.js: -------------------------------------------------------------------------------- 1 | !function(t,e){"use strict";"undefined"!=typeof module&&module.exports?module.exports=e(require("tweetnacl")):t.nacl.auth=e(t.nacl)}(this,function(t){"use strict";function e(e,n){var u,h,o=new Uint8Array(r+Math.max(a,e.length));for(n.length>r&&(n=t.hash(n)),u=0;u