use native base64url encoding, remove external dependency

[squeep-mystery-box] / lib / version-parameters.js

diff --git a/lib/version-parameters.js b/lib/version-parameters.js
index 80a09356c28c3a3bb7cc1afbeb2b570d68e133a2..5f449a75b934beebe51084bdb348ba7a22524d2a 100644 (file)
--- a/lib/version-parameters.js
+++ b/lib/version-parameters.js
@@ -1,5 +1,17 @@
 'use strict';
 
+const ALG = {
+  AES_256_GCM: 'aes-256-gcm',
+  CHACHA20_POLY1305: 'chacha20-poly1305',
+  XCHACHA20_POLY1305: 'xchacha20-poly1305',
+};
+
+const KD = {
+  SCRYPT: 'scrypt',
+  SHAKE256: 'shake256',
+  BLAKE2B512: 'blake2b512',
+};
+
 /**
  * Supported packings/cipher types.
  * To be useful, any cipher included here must be Authenticated Encryption with Additional Data (AEAD).
@@ -8,18 +20,19 @@
 const allVersions = {
   1: {
     version: 1,
-    algorithm: 'aes-256-gcm',
+    algorithm: ALG.AES_256_GCM,
     algOptions: {},
     versionBytes: 1,
     flagsBytes: 1,
     ivBytes: 12,
     saltBytes: 16,
     tagBytes: 16,
+    keyDeriver: KD.SCRYPT,
     keyBytes: 32,
   },
   2: {
     version: 2,
-    algorithm: 'chacha20-poly1305', // Prefer this over NIST because we stan djb
+    algorithm: ALG.CHACHA20_POLY1305, // Prefer this over NIST because we stan djb
     algOptions: {
       authTagLength: 16,
     },
@@ -28,11 +41,92 @@ const allVersions = {
     ivBytes: 12,
     saltBytes: 16,
     tagBytes: 16,
+    keyDeriver: KD.SCRYPT,
     keyBytes: 32,
   },
   3: {
     version: 3,
-    algorithm: 'xchacha20-poly1305', // Not yet available...
+    algorithm: ALG.XCHACHA20_POLY1305, // Not yet available, but would prefer even more...
+    algOptions: {
+      authTagLength: 16,
+    },
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 24,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.SCRYPT,
+    keyBytes: 32,
+  },
+  4: {
+    version: 4,
+    algorithm: ALG.AES_256_GCM,
+    algOptions: {},
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 12,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.SHAKE256,
+    keyBytes: 32,
+  },
+  5: {
+    version: 5,
+    algorithm: ALG.CHACHA20_POLY1305,
+    algOptions: {
+      authTagLength: 16,
+    },
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 12,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.SHAKE256,
+    keyBytes: 32,
+  },
+  6: {
+    version: 6,
+    algorithm: ALG.XCHACHA20_POLY1305, // Not yet available, but would prefer even more...
+    algOptions: {
+      authTagLength: 16,
+    },
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 24,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.SHAKE256,
+    keyBytes: 32,
+  },
+  7: {
+    version: 7,
+    algorithm: ALG.AES_256_GCM,
+    algOptions: {},
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 12,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.BLAKE2B512,
+    keyBytes: 32,
+  },
+  8: {
+    version: 8,
+    algorithm: ALG.CHACHA20_POLY1305,
+    algOptions: {
+      authTagLength: 16,
+    },
+    versionBytes: 1,
+    flagsBytes: 1,
+    ivBytes: 12,
+    saltBytes: 16,
+    tagBytes: 16,
+    keyDeriver: KD.BLAKE2B512,
+    keyBytes: 32,
+  },
+  9: {
+    version: 9,
+    algorithm: ALG.XCHACHA20_POLY1305, // Not yet available, but would prefer even more...
     algOptions: {
       authTagLength: 16,
     },
@@ -41,6 +135,7 @@ const allVersions = {
     ivBytes: 24,
     saltBytes: 16,
     tagBytes: 16,
+    keyDeriver: KD.BLAKE2B512,
     keyBytes: 32,
   },
 };