asmCrypto Lite
JavaScript implementation of popular cryptographic utilities with performance in mind. The lite version.This is a fork of asmcrypto.js that includes only a minimal subset of ciphers required for OpenPGP.js. Please refer to the main repository for contributions and feature requests.
Synopsis
Add<script src="path/to/asmcrypto.js"></script>
into your page.// Hash whole string at once
digest = asmCrypto.SHA256.hex("The quick brown fox jumps over the lazy dog");
Index
- Download (#download)
- Build & Test
- Performance
- API Reference
* [Message Digest](#sha256)
* [SHA1](#sha1)
* [SHA256](#sha256)
* [SHA512](#sha512)
* [Hash-based Message Authentication](#hmac)
* [HMAC-SHA1](#hmac_sha1)
* [HMAC-SHA256](#hmac_sha256)
* [HMAC-SHA512](#hmac_sha512)
* [Password-based Key Derivation](#pbkdf2)
* [PBKDF2-HMAC-SHA1](#pbkdf2_hmac_sha1)
* [PBKDF2-HMAC-SHA256](#pbkdf2_hmac_sha256)
* [PBKDF2-HMAC-SHA512](#pbkdf2_hmac_sha512)
* [Block Cipher](#aes)
* [AES-EBC](#aes_ecb)
* [AES-CBC](#aes_cbc)
* [AES-CFB](#aes_cfb)
* [AES-OFB](#aes_ofb)
* [AES-CTR](#aes_ctr)
* [AES-CCM](#aes_ccm)
* [AES-GCM](#aes_gcm)
* [Asymmetric encryption](#rsa)
* [RSA](#rsa)
* [RSA-OAEP-SHA1](#rsa_oaep_sha1)
* [RSA-OAEP-SHA256](#rsa_oaep_sha256)
* [RSA-OAEP-SHA512](#rsa_oaep_sha512)
* [RSA-PSS-SHA1](#rsa_pss_sha1)
* [RSA-PSS-SHA256](#rsa_pss_sha256)
* [RSA-PSS-SHA512](#rsa_pss_sha512)
* [Cryptographically secure pseudorandom number generator](#cryptographically-secure-pseudorandom-number-generator)
Download
- Minified JS file 130KB,
- Source Map file 530KB,
- All-in-One archive 216KB.
Build & Test
Before you start check that npm is installed:npm --version
Then download and build the stuff:git clone https://github.com/openpgpjs/asmcrypto-lite.git
cd asmcrypto.js/
npm install
Running tests is always a good idea:npm test
Congratulations! Now you have your asmcrypto.js
and asmcrypto.js.map
ready to use ☺Performance
In the development of this project, special attention was paid to the performance issues. In the result of all the optimizations made this stuff is pretty fast under Firefox and Chrome.My Intel® Core™ i7-3770 CPU @ 3.40GHz typical processing speeds are:
- Chrome/31.0
* SHA256: 51 MiB/s (**9 times faster** than *SJCL* and *CryptoJS*)
* AES-CBC: 47 MiB/s (**13 times faster** than *CryptoJS* and **20 times faster** than *SJCL*)
- Firefox/26.0
* SHA256: 144 MiB/s (**5 times faster** than *CryptoJS* and **20 times faster** than *SJCL*)
* AES-CBC: 81 MiB/s (**3 times faster** than *CryptoJS* and **8 times faster** than *SJCL*)
See benchmarks:API Reference
Message Digest
SHA1
Secure Hash Algorithm — a cryptographic hash function with 160-bit output.A cryptographic hash fuction with 256-bit output.
SHA1.BLOCKSIZE = 64
SHA1.HASHSIZE = 20
SHA1.bytes( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns raw message digest as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
SHA1.hex( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
SHA1.base64( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
SHA256
Secure Hash Algorithm — a cryptographic hash functions family.A cryptographic hash fuction with 256-bit output.
SHA256.BLOCKSIZE = 64
SHA256.HASHSIZE = 32
SHA256.bytes( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns raw message digest as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
SHA256.hex( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
SHA256.base64( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
SHA512
A cryptographic hash function with 512-bit output.SHA512.BLOCKSIZE = 128
SHA512.HASHSIZE = 64
SHA512.bytes( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns raw message digest as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
SHA512.hex( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
SHA512.base64( data )
Calculates message digest of the supplied inputdata
(can be a binary string or ArrayBuffer
/Uint8Array
object).Returns a string containing hex-encoded message digest.
Throws
TypeError
when something ridiculous is supplied as input data.
HMAC
Hash-based Message Authentication CodeUsed to calculate message authentication code with a cryptographic hash function in combination with a secret cryptographic key.
HMACSHA1
HMACSHA1.BLOCKSIZE = 64
HMACSHA1.HMACSIZE = 20
HMACSHA1.bytes( data, password )
Calculates HMAC-SHA1 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns araw message authentication code as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA1.hex( data, password )
Calculates HMAC-SHA1 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing hex-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA1.base64( data, password )
Calculates HMAC-SHA1 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing base64-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA256
HMACSHA256.BLOCKSIZE = 64
HMACSHA256.HMACSIZE = 32
HMACSHA256.bytes( data, password )
Calculates HMAC-SHA256 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns araw message authentication code as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA256.hex( data, password )
Calculates HMAC-SHA256 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing hex-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA256.base64( data, password )
Calculates HMAC-SHA256 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing base64-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA512
HMACSHA512.BLOCKSIZE = 128
HMACSHA512.HMACSIZE = 64
HMACSHA512.bytes( data, password )
Calculates HMAC-SHA512 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns araw message authentication code as an
Uint8Array
object.Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA512.hex( data, password )
Calculates HMAC-SHA512 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing hex-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
HMACSHA512.base64( data, password )
Calculates HMAC-SHA512 ofdata
with password
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Returns a string containing base64-encoded message authentication code.
Throws
TypeError
when something ridiculous is supplied as input data.
PBKDF2
Password-Based Key Derivation Function 2Applies a cryptographic hash function to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult.
PBKDF2HMACSHA1
PBKDF2HMACSHA1.bytes( password, salt, iterations, dklen )
Derive key from thepassword
with salt
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Optional
iterations
(number of key derivatoin rounds) and dklen
(desired key length) may be supplied.Throws
TypeError
.
PBKDF2HMACSHA1.hex( password, salt, iterations, dklen )
The same as above except returning value type.PBKDF2HMACSHA1.base64( password, salt, iterations, dklen )
The same as above except returning value type.PBKDF2HMACSHA256
PBKDF2HMACSHA256.bytes( password, salt, iterations, dklen )
Derive key from thepassword
with salt
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Optional
iterations
(number of key derivatoin rounds) and dklen
(desired key length) may be supplied.Throws
TypeError
.
PBKDF2HMACSHA256.hex( password, salt, iterations, dklen )
The same as above except returning value type.PBKDF2HMACSHA256.base64( password, salt, iterations, dklen )
The same as above except returning value type.PBKDF2HMACSHA512
PBKDF2HMACSHA512.bytes( password, salt, iterations, dklen )
Derive key from thepassword
with salt
. Both can be either binary strings or Uint8Array
/ArrayBuffer
objects.Optional
iterations
(number of key derivatoin rounds) and dklen
(desired key length) may be supplied.Throws
TypeError
.
PBKDF2HMACSHA512.hex( password, salt, iterations, dklen )
The same as above except returning value type.PBKDF2HMACSHA512.base64( password, salt, iterations, dklen )
The same as above except returning value type.AES
Advanced Encryption StandardAESECB
TODOAESCBC
Cipher Block Chaining Mode.AESCBC.encrypt( data, key, padding, iv )
Encrypts supplieddata
with key
in CBC mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
padding
and iv
may be passed to override default settings (PKCS#7 padding is on and iv is zero-vector).Returns encrypted data as
Uint8Array
.AESCBC.decrypt( data, key, padding, iv )
Decrypts supplieddata
with key
in CBC mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
padding
and iv
may be passed to override default settings (PKCS#7 padding is on and iv is zero-vector).Returns encrypted data as
Uint8Array
.AESCFB
Cipher Feedback Mode.AESCFB.encrypt( data, key, iv )
Encrypts supplieddata
with key
in CFB mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
iv
may be passed to override default settings (zero-vector iv
).Returns encrypted data as
Uint8Array
.AESCFB.decrypt( data, key, iv )
Decrypts supplieddata
with key
in CFB mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
iv
may be passed to override default settings (zero-vector iv
).Returns encrypted data as
Uint8Array
.AESOFB
Output Feedback Mode.AESOFB.encrypt( data, key, iv )
Encrypts supplieddata
with key
in OFB mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
iv
may be passed to override default settings (zero-vector iv
).Returns encrypted data as
Uint8Array
.AESOFB.decrypt( data, key, iv )
Decrypts supplieddata
with key
in OFB mode. Both can be either binary strings or Uint8Array
objects or ArrayBuffer
objects.Optional
iv
may be passed to override default settings (zero-vector iv
).Returns encrypted data as
Uint8Array
.AESCTR
TODOAESCCM
Counter with CBC-MAC mode.Due to JS limitations (counter is 32-bit unsigned) maximum encrypted message length is limited to near 64 GiB ( 2^36 - 16 ) per
nonce
-key
pair.Additional authenticated data
adata
maximum length is limited to 65279 bytes ( 2^16 - 2^8 ),
wich is considered enough for the most of use-cases.Optional
tagSize
, the size of the authentication tag, may be 4, 6, 8, 12, 16 (default).Keep in mind that same nonce must not be used more than once with the same key.
AESCCM.encrypt( data, key, nonce, adata, tagsize )
Encrypts supplieddata
with key
-nonce
in CCM mode.Returns encrypted data as
Uint8Array
.AESCCM.decrypt( data, key, nonce, adata, tagsize )
Decrypts supplieddata
with key
-nonce
in CCM mode.Returns encrypted data as
Uint8Array
.AESGCM
TODORSA
RSA.generateKey( bitlen, pubexp )
Generate RSA private key ofbitlen
length along with the public exponent pubexp
.RSAOAEPSHA1
RSAOAEPSHA1.encrypt( data, key, label )
TODORSAOAEPSHA1.decrypt( data, key, label )
TODORSAOAEPSHA256
RSAOAEPSHA256.encrypt( data, key, label )
TODORSAOAEPSHA256.decrypt( data, key, label )
TODORSAOAEPSHA512
RSAOAEPSHA512.encrypt( data, key, label )
TODORSAOAEPSHA512.decrypt( data, key, label )
TODORSAPSSSHA1
RSAPSSSHA1.sign( data, key, slen )
TODORSAPSSSHA1.verify( signature, data, key, slen )
TODORSAPSSSHA256
RSAPSSSHA256.sign( data, key, slen )
TODORSAPSSSHA256.verify( signature, data, key, slen )
TODORSAPSSSHA512
RSAPSSSHA512.sign( data, key, slen )
TODORSAPSSSHA512.verify( signature, data, key, slen )
TODOCryptographically secure pseudorandom number generator
ISAAC-based CSPRGrandom.getValues( buffer )
Drop-in replacement forwindow.crypto.getRandomValues
random.getValues.seed( seed )
Perform PRNG seeding.random.getValues.allowWeak = false
Allow implicitly-only seeded random output.random.getValues.skipSystemRNGWarning = false
Disable implicit seeding warning when it's not desirable, e.g. at a unit test run.Bugs & TODO
- Progressive operations are temporary fade out, they'll be back with WebCrypto API;
- Moar docs needed ☺
Not yet implemented:
- scrypt,
- dsa, ecdsa,
- rsa-pkcs-v1.5
Donate
If you like this stuff feel free to donate some funds to1CiGzP1EFLTftqkfvVtbwvZ9Koiuoc4FSC
☺