111 lines
4.0 KiB
TypeScript
111 lines
4.0 KiB
TypeScript
|
import { type Cipher, type CipherWithOutput } from './utils.js';
|
|||
|
|
/** Key expansion used in CTR. */
|
|||
|
|
declare function expandKeyLE(key: Uint8Array): Uint32Array;
|
|||
|
|
declare function expandKeyDecLE(key: Uint8Array): Uint32Array;
|
|||
|
|
declare function encrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number): {
|
|||
|
|
s0: number;
|
|||
|
|
s1: number;
|
|||
|
|
s2: number;
|
|||
|
|
s3: number;
|
|||
|
|
};
|
|||
|
|
declare function decrypt(xk: Uint32Array, s0: number, s1: number, s2: number, s3: number): {
|
|||
|
|
s0: number;
|
|||
|
|
s1: number;
|
|||
|
|
s2: number;
|
|||
|
|
s3: number;
|
|||
|
|
};
|
|||
|
|
declare function ctrCounter(xk: Uint32Array, nonce: Uint8Array, src: Uint8Array, dst?: Uint8Array): Uint8Array;
|
|||
|
|
declare function ctr32(xk: Uint32Array, isLE: boolean, nonce: Uint8Array, src: Uint8Array, dst?: Uint8Array): Uint8Array;
|
|||
|
|
/**
|
|||
|
|
* CTR: counter mode. Creates stream cipher.
|
|||
|
|
* Requires good IV. Parallelizable. OK, but no MAC.
|
|||
|
|
*/
|
|||
|
|
export declare const ctr: ((key: Uint8Array, nonce: Uint8Array) => CipherWithOutput) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
nonceLength: number;
|
|||
|
|
};
|
|||
|
|
/** Options for ECB and CBC. */
|
|||
|
|
export type BlockOpts = {
|
|||
|
|
disablePadding?: boolean;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* ECB: Electronic CodeBook. Simple deterministic replacement.
|
|||
|
|
* Dangerous: always map x to y. See [AES Penguin](https://words.filippo.io/the-ecb-penguin/).
|
|||
|
|
*/
|
|||
|
|
export declare const ecb: ((key: Uint8Array, opts?: BlockOpts) => CipherWithOutput) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* CBC: Cipher-Block-Chaining. Key is previous round’s block.
|
|||
|
|
* Fragile: needs proper padding. Unauthenticated: needs MAC.
|
|||
|
|
*/
|
|||
|
|
export declare const cbc: ((key: Uint8Array, iv: Uint8Array, opts?: BlockOpts) => CipherWithOutput) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
nonceLength: number;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* CFB: Cipher Feedback Mode. The input for the block cipher is the previous cipher output.
|
|||
|
|
* Unauthenticated: needs MAC.
|
|||
|
|
*/
|
|||
|
|
export declare const cfb: ((key: Uint8Array, iv: Uint8Array) => CipherWithOutput) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
nonceLength: number;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* GCM: Galois/Counter Mode.
|
|||
|
|
* Modern, parallel version of CTR, with MAC.
|
|||
|
|
* Be careful: MACs can be forged.
|
|||
|
|
* Unsafe to use random nonces under the same key, due to collision chance.
|
|||
|
|
* As for nonce size, prefer 12-byte, instead of 8-byte.
|
|||
|
|
*/
|
|||
|
|
export declare const gcm: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
nonceLength: number;
|
|||
|
|
tagLength: number;
|
|||
|
|
varSizeNonce: true;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* AES-GCM-SIV: classic AES-GCM with nonce-misuse resistance.
|
|||
|
|
* Guarantees that, when a nonce is repeated, the only security loss is that identical
|
|||
|
|
* plaintexts will produce identical ciphertexts.
|
|||
|
|
* RFC 8452, https://datatracker.ietf.org/doc/html/rfc8452
|
|||
|
|
*/
|
|||
|
|
export declare const siv: ((key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => Cipher) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
nonceLength: number;
|
|||
|
|
tagLength: number;
|
|||
|
|
varSizeNonce: true;
|
|||
|
|
};
|
|||
|
|
declare function encryptBlock(xk: Uint32Array, block: Uint8Array): Uint8Array;
|
|||
|
|
declare function decryptBlock(xk: Uint32Array, block: Uint8Array): Uint8Array;
|
|||
|
|
/**
|
|||
|
|
* AES-KW (key-wrap). Injects static IV into plaintext, adds counter, encrypts 6 times.
|
|||
|
|
* Reduces block size from 16 to 8 bytes.
|
|||
|
|
* For padded version, use aeskwp.
|
|||
|
|
* [RFC 3394](https://datatracker.ietf.org/doc/rfc3394/),
|
|||
|
|
* [NIST.SP.800-38F](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf).
|
|||
|
|
*/
|
|||
|
|
export declare const aeskw: ((kek: Uint8Array) => Cipher) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
};
|
|||
|
|
/**
|
|||
|
|
* AES-KW, but with padding and allows random keys.
|
|||
|
|
* Second u32 of IV is used as counter for length.
|
|||
|
|
* [RFC 5649](https://www.rfc-editor.org/rfc/rfc5649)
|
|||
|
|
*/
|
|||
|
|
export declare const aeskwp: ((kek: Uint8Array) => Cipher) & {
|
|||
|
|
blockSize: number;
|
|||
|
|
};
|
|||
|
|
/** Unsafe low-level internal methods. May change at any time. */
|
|||
|
|
export declare const unsafe: {
|
|||
|
|
expandKeyLE: typeof expandKeyLE;
|
|||
|
|
expandKeyDecLE: typeof expandKeyDecLE;
|
|||
|
|
encrypt: typeof encrypt;
|
|||
|
|
decrypt: typeof decrypt;
|
|||
|
|
encryptBlock: typeof encryptBlock;
|
|||
|
|
decryptBlock: typeof decryptBlock;
|
|||
|
|
ctrCounter: typeof ctrCounter;
|
|||
|
|
ctr32: typeof ctr32;
|
|||
|
|
};
|
|||
|
|
export {};
|
|||
|
|
//# sourceMappingURL=aes.d.ts.map
|