smesh_lol_web_common_crypto_nip44.mjs raw
1 // Package smesh.lol/web/common/crypto/nip44
2 // Generated by MoxieJS — Moxie JavaScript backend
3
4 import * as $rt from './$runtime/index.mjs';
5
6 import * as smesh$lol$web$common$crypto$chacha20 from './smesh_lol_web_common_crypto_chacha20.mjs';
7 import * as smesh$lol$web$common$crypto$hkdf from './smesh_lol_web_common_crypto_hkdf.mjs';
8 import * as smesh$lol$web$common$crypto$hmac from './smesh_lol_web_common_crypto_hmac.mjs';
9 import * as smesh$lol$web$common$helpers from './smesh_lol_web_common_helpers.mjs';
10 import * as smesh$lol$web$common$jsbridge$schnorr from './smesh_lol_web_common_jsbridge_schnorr.mjs';
11
12 // Package-level variables
13
14 export function init() {
15 return;
16 }
17
18 export function ConversationKey(seckey, pubkey) {
19 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9;
20 let $block = 0;
21 while (true) {
22 switch ($block) {
23 case 0: {
24 $t0_1 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
25 $t0_1.$set($rt.builtin.cloneValue(seckey));
26 $t1_2 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
27 $t1_2.$set($rt.builtin.cloneValue(pubkey));
28 $t2_3 = $rt.builtin.sliceSlice($t0_1.$get(), undefined, undefined, undefined);
29 $t3_4 = $rt.builtin.sliceSlice($t1_2.$get(), undefined, undefined, undefined);
30 $t4_5 = smesh$lol$web$common$jsbridge$schnorr.ECDH($t2_3, $t3_4);
31 $t5_6 = $t4_5[0];
32 $t6_7 = $t4_5[1];
33 if ($t6_7) {
34 $block = 2; break;
35 }
36 else {
37 $block = 1; break;
38 }
39 break;
40 }
41 case 1: {
42 return [$rt.builtin.makeSlice(32, 32, 0), false];
43 break;
44 }
45 case 2: {
46 $t7_8 = $rt.builtin.stringToBytes('nip44-v2');
47 $t8_9 = smesh$lol$web$common$crypto$hkdf.Extract($t7_8, $t5_6);
48 return [$t8_9, true];
49 break;
50 }
51 }
52 }
53 }
54
55 export function Encrypt(plaintext, conversationKey, nonce) {
56 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9, $t9_10, $t10_11, $t11_12, $t12_13, $t13_14, $t14_15, $t15_16, $t16_17, $t17_18, $t18_19, $t19_20, $t20_21, $t21_22, $t22_23, $t23_24, $t24_25, $t25_26, $t26_27, $t27_28, $t28_29, $t29_30, $t30_31, $t31_32, $t32_33, $t33_34, $t34_35, $t35_36, $t36_37, $t37_38, $t38_39, $t39_40, $t40_41, $t41_42;
57 $t0_1 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
58 $t0_1.$set($rt.builtin.cloneValue(conversationKey));
59 $t1_2 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
60 $t1_2.$set($rt.builtin.cloneValue(nonce));
61 $t2_3 = $rt.builtin.sliceSlice($t0_1.$get(), undefined, undefined, undefined);
62 $t3_4 = $rt.builtin.sliceSlice($t1_2.$get(), undefined, undefined, undefined);
63 $t4_5 = smesh$lol$web$common$crypto$hkdf.Expand($t2_3, $t3_4, 76);
64 $t5_6 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
65 $t6_7 = { $value: $rt.builtin.makeSlice(12, 12, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
66 $t7_8 = $rt.builtin.sliceSlice($t5_6.$get(), undefined, undefined, undefined);
67 $t8_9 = $rt.builtin.sliceSlice($t4_5, undefined, 32, undefined);
68 $t9_10 = $rt.builtin.copy($t7_8, $t8_9);
69 $t10_11 = $rt.builtin.sliceSlice($t6_7.$get(), undefined, undefined, undefined);
70 $t11_12 = $rt.builtin.sliceSlice($t4_5, 32, 44, undefined);
71 $t12_13 = $rt.builtin.copy($t10_11, $t11_12);
72 $t13_14 = $rt.builtin.sliceSlice($t4_5, 44, 76, undefined);
73 $t14_15 = $rt.builtin.stringToBytes(plaintext);
74 $t15_16 = pad($t14_15);
75 $t16_17 = $t5_6.$get();
76 $t17_18 = $t6_7.$get();
77 $t18_19 = smesh$lol$web$common$crypto$chacha20.XOR($t16_17, $t17_18, $t15_16);
78 $t19_20 = $rt.builtin.len($t18_19);
79 $t20_21 = (32 + $t19_20);
80 $t21_22 = $rt.builtin.makeSlice($t20_21, $t20_21, 0);
81 $t22_23 = $rt.builtin.sliceSlice($t1_2.$get(), undefined, undefined, undefined);
82 $t23_24 = $rt.builtin.copy($t21_22, $t22_23);
83 $t24_25 = $rt.builtin.sliceSlice($t21_22, 32, undefined, undefined);
84 $t25_26 = $rt.builtin.copy($t24_25, $t18_19);
85 $t26_27 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
86 $t27_28 = smesh$lol$web$common$crypto$hmac.Sum($t13_14, $t21_22);
87 $t26_27.$set($rt.builtin.cloneValue($t27_28));
88 $t28_29 = $rt.builtin.len($t18_19);
89 $t29_30 = (33 + $t28_29);
90 $t30_31 = ($t29_30 + 32);
91 $t31_32 = $rt.builtin.makeSlice(0, $t30_31, 0);
92 $t32_33 = { $value: $rt.builtin.makeSlice(1, 1, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
93 $t33_34 = $t32_33.$get().addr(0);
94 $t33_34.$set(2);
95 $t34_35 = $rt.builtin.sliceSlice($t32_33.$get(), undefined, undefined, undefined);
96 $t35_36 = $rt.builtin.appendSlice($t31_32, $t34_35);
97 $t36_37 = $rt.builtin.sliceSlice($t1_2.$get(), undefined, undefined, undefined);
98 $t37_38 = $rt.builtin.appendSlice($t35_36, $t36_37);
99 $t38_39 = $rt.builtin.appendSlice($t37_38, $t18_19);
100 $t39_40 = $rt.builtin.sliceSlice($t26_27.$get(), undefined, undefined, undefined);
101 $t40_41 = $rt.builtin.appendSlice($t38_39, $t39_40);
102 $t41_42 = smesh$lol$web$common$helpers.Base64Encode($t40_41);
103 return $t41_42;
104 }
105
106 export function Decrypt(b64payload, conversationKey) {
107 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9, $t9_10, $t10_11, $t11_12, $t12_13, $t13_14, $t14_15, $t15_16, $t16_17, $t17_18, $t18_19, $t19_20, $t20_21, $t21_22, $t22_23, $t23_24, $t24_25, $t25_26, $t26_27, $t27_28, $t28_29, $t29_30, $t30_31, $t31_32, $t32_33, $t33_34, $t34_35, $t35_36, $t36_37, $t37_38, $t38_39, $t39_40, $t40_41, $t41_42, $t42_43, $t43_44, $t44_45, $t45_46, $t46_47, $t47_48, $t48_49, $t49_50, $t50_51;
108 let $block = 0;
109 while (true) {
110 switch ($block) {
111 case 0: {
112 $t0_1 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
113 $t0_1.$set($rt.builtin.cloneValue(conversationKey));
114 $t1_2 = smesh$lol$web$common$helpers.Base64Decode(b64payload);
115 $t2_3 = $rt.builtin.len($t1_2);
116 $t3_4 = ($t2_3 < 99);
117 if ($t3_4) {
118 $block = 1; break;
119 }
120 else {
121 $block = 2; break;
122 }
123 break;
124 }
125 case 1: {
126 return ['', false];
127 break;
128 }
129 case 2: {
130 $t4_5 = $t1_2.addr(0);
131 $t5_6 = $t4_5.$get();
132 $t6_7 = ($t5_6 !== 2);
133 if ($t6_7) {
134 $block = 3; break;
135 }
136 else {
137 $block = 4; break;
138 }
139 break;
140 }
141 case 3: {
142 return ['', false];
143 break;
144 }
145 case 4: {
146 $t7_8 = $rt.builtin.sliceSlice($t1_2, 1, 33, undefined);
147 $t8_9 = $rt.builtin.len($t1_2);
148 $t9_10 = ($t8_9 - 32);
149 $t10_11 = $rt.builtin.sliceSlice($t1_2, 33, $t9_10, undefined);
150 $t11_12 = $rt.builtin.len($t1_2);
151 $t12_13 = ($t11_12 - 32);
152 $t13_14 = $rt.builtin.sliceSlice($t1_2, $t12_13, undefined, undefined);
153 $t14_15 = $rt.builtin.sliceSlice($t0_1.$get(), undefined, undefined, undefined);
154 $t15_16 = smesh$lol$web$common$crypto$hkdf.Expand($t14_15, $t7_8, 76);
155 $t16_17 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
156 $t17_18 = { $value: $rt.builtin.makeSlice(12, 12, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
157 $t18_19 = $rt.builtin.sliceSlice($t16_17.$get(), undefined, undefined, undefined);
158 $t19_20 = $rt.builtin.sliceSlice($t15_16, undefined, 32, undefined);
159 $t20_21 = $rt.builtin.copy($t18_19, $t19_20);
160 $t21_22 = $rt.builtin.sliceSlice($t17_18.$get(), undefined, undefined, undefined);
161 $t22_23 = $rt.builtin.sliceSlice($t15_16, 32, 44, undefined);
162 $t23_24 = $rt.builtin.copy($t21_22, $t22_23);
163 $t24_25 = $rt.builtin.sliceSlice($t15_16, 44, 76, undefined);
164 $t25_26 = $rt.builtin.len($t10_11);
165 $t26_27 = (32 + $t25_26);
166 $t27_28 = $rt.builtin.makeSlice($t26_27, $t26_27, 0);
167 $t28_29 = $rt.builtin.copy($t27_28, $t7_8);
168 $t29_30 = $rt.builtin.sliceSlice($t27_28, 32, undefined, undefined);
169 $t30_31 = $rt.builtin.copy($t29_30, $t10_11);
170 $t31_32 = { $value: $rt.builtin.makeSlice(32, 32, 0), $get() { return this.$value; }, $set(v) { this.$value = v; } };
171 $t32_33 = smesh$lol$web$common$crypto$hmac.Sum($t24_25, $t27_28);
172 $t31_32.$set($rt.builtin.cloneValue($t32_33));
173 $t33_34 = (0 < 32);
174 if ($t33_34) {
175 $t34_35 = true;
176 $t35_36 = 0;
177 $block = 5; break;
178 }
179 else {
180 $t41_42 = true;
181 $block = 6; break;
182 }
183 break;
184 }
185 case 5: {
186 $t36_37 = $t13_14.addr($t35_36);
187 $t37_38 = $t36_37.$get();
188 $t38_39 = $t31_32.$get().addr($t35_36);
189 $t39_40 = $t38_39.$get();
190 $t40_41 = ($t37_38 !== $t39_40);
191 if ($t40_41) {
192 $block = 7; break;
193 }
194 else {
195 $t42_43 = $t34_35;
196 $block = 8; break;
197 }
198 break;
199 }
200 case 6: {
201 if ($t41_42) {
202 $block = 10; break;
203 }
204 else {
205 $block = 9; break;
206 }
207 break;
208 }
209 case 7: {
210 $t42_43 = false;
211 $block = 8; break;
212 break;
213 }
214 case 8: {
215 $t43_44 = ($t35_36 + 1);
216 $t44_45 = ($t43_44 < 32);
217 if ($t44_45) {
218 $t34_35 = $t42_43;
219 $t35_36 = $t43_44;
220 $block = 5; break;
221 }
222 else {
223 $t41_42 = $t42_43;
224 $block = 6; break;
225 }
226 break;
227 }
228 case 9: {
229 return ['', false];
230 break;
231 }
232 case 10: {
233 $t45_46 = $t16_17.$get();
234 $t46_47 = $t17_18.$get();
235 $t47_48 = smesh$lol$web$common$crypto$chacha20.XOR($t45_46, $t46_47, $t10_11);
236 $t48_49 = unpad($t47_48);
237 $t49_50 = $t48_49[0];
238 $t50_51 = $t48_49[1];
239 return [$t49_50, $t50_51];
240 break;
241 }
242 }
243 }
244 }
245
246 export function calcPadding(length) {
247 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9, $t9_10, $t10_11, $t11_12, $t12_13, $t13_14;
248 let $block = 0;
249 while (true) {
250 switch ($block) {
251 case 0: {
252 $t0_1 = (length <= 32);
253 if ($t0_1) {
254 $block = 1; break;
255 }
256 else {
257 $block = 2; break;
258 }
259 break;
260 }
261 case 1: {
262 return 32;
263 break;
264 }
265 case 2: {
266 $t1_2 = (length - 1);
267 $t11_12 = 0;
268 $t12_13 = $t1_2;
269 $block = 5; break;
270 break;
271 }
272 case 3: {
273 $t2_3 = ($t12_13 >> 1);
274 $t3_4 = ($t11_12 + 1);
275 $t11_12 = $t3_4;
276 $t12_13 = $t2_3;
277 $block = 5; break;
278 break;
279 }
280 case 4: {
281 $t4_5 = (1 << $t11_12);
282 $t5_6 = Math.trunc($t4_5 / 8);
283 $t6_7 = Math.max($t5_6, 32);
284 $t7_8 = (length - 1);
285 $t8_9 = Math.trunc($t7_8 / $t6_7);
286 $t9_10 = ($t8_9 + 1);
287 $t10_11 = ($t6_7 * $t9_10);
288 return $t10_11;
289 break;
290 }
291 case 5: {
292 $t13_14 = ($t12_13 > 0);
293 if ($t13_14) {
294 $block = 3; break;
295 }
296 else {
297 $block = 4; break;
298 }
299 break;
300 }
301 }
302 }
303 }
304
305 export function pad(plaintext) {
306 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9, $t9_10, $t10_11;
307 $t0_1 = $rt.builtin.len(plaintext);
308 $t1_2 = calcPadding($t0_1);
309 $t2_3 = (2 + $t1_2);
310 $t3_4 = $rt.builtin.makeSlice($t2_3, $t2_3, 0);
311 $t4_5 = ($t0_1 >> 8);
312 $t5_6 = ($t4_5 & 0xFF);
313 $t6_7 = $t3_4.addr(0);
314 $t6_7.$set($t5_6);
315 $t7_8 = ($t0_1 & 0xFF);
316 $t8_9 = $t3_4.addr(1);
317 $t8_9.$set($t7_8);
318 $t9_10 = $rt.builtin.sliceSlice($t3_4, 2, undefined, undefined);
319 $t10_11 = $rt.builtin.copy($t9_10, plaintext);
320 return $t3_4;
321 }
322
323 export function unpad(padded) {
324 let $t0_1, $t1_2, $t2_3, $t3_4, $t4_5, $t5_6, $t6_7, $t7_8, $t8_9, $t9_10, $t10_11, $t11_12, $t12_13, $t13_14, $t14_15, $t15_16, $t16_17, $t17_18, $t18_19, $t19_20, $t20_21, $t21_22, $t22_23, $t23_24, $t24_25;
325 let $block = 0;
326 while (true) {
327 switch ($block) {
328 case 0: {
329 $t0_1 = $rt.builtin.len(padded);
330 $t1_2 = ($t0_1 < 2);
331 if ($t1_2) {
332 $block = 1; break;
333 }
334 else {
335 $block = 2; break;
336 }
337 break;
338 }
339 case 1: {
340 return ['', false];
341 break;
342 }
343 case 2: {
344 $t2_3 = padded.addr(0);
345 $t3_4 = $t2_3.$get();
346 $t4_5 = $t3_4;
347 $t5_6 = ($t4_5 << 8);
348 $t6_7 = padded.addr(1);
349 $t7_8 = $t6_7.$get();
350 $t8_9 = $t7_8;
351 $t9_10 = ($t5_6 | $t8_9);
352 $t10_11 = ($t9_10 < 1);
353 if ($t10_11) {
354 $block = 3; break;
355 }
356 else {
357 $block = 5; break;
358 }
359 break;
360 }
361 case 3: {
362 return ['', false];
363 break;
364 }
365 case 4: {
366 $t11_12 = (2 + $t9_10);
367 $t15_16 = $t11_12;
368 $block = 6; break;
369 break;
370 }
371 case 5: {
372 $t12_13 = $rt.builtin.len(padded);
373 $t13_14 = ($t12_13 - 2);
374 $t14_15 = ($t9_10 > $t13_14);
375 if ($t14_15) {
376 $block = 3; break;
377 }
378 else {
379 $block = 4; break;
380 }
381 break;
382 }
383 case 6: {
384 $t16_17 = $rt.builtin.len(padded);
385 $t17_18 = ($t15_16 < $t16_17);
386 if ($t17_18) {
387 $block = 7; break;
388 }
389 else {
390 $block = 8; break;
391 }
392 break;
393 }
394 case 7: {
395 $t18_19 = padded.addr($t15_16);
396 $t19_20 = $t18_19.$get();
397 $t20_21 = ($t19_20 !== 0);
398 if ($t20_21) {
399 $block = 9; break;
400 }
401 else {
402 $block = 10; break;
403 }
404 break;
405 }
406 case 8: {
407 $t21_22 = (2 + $t9_10);
408 $t22_23 = $rt.builtin.sliceSlice(padded, 2, $t21_22, undefined);
409 $t23_24 = $rt.builtin.bytesToString($t22_23);
410 return [$t23_24, true];
411 break;
412 }
413 case 9: {
414 return ['', false];
415 break;
416 }
417 case 10: {
418 $t24_25 = ($t15_16 + 1);
419 $t15_16 = $t24_25;
420 $block = 6; break;
421 break;
422 }
423 }
424 }
425 }
426
427