### Rabbit Cipher Initialization and IV Handling Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Provides examples for initializing and using the Rabbit stream cipher. It details that Rabbit accepts a 16-byte key and an optional 0 or 8-byte Initialization Vector (IV), with the 0-byte IV skipping the IV setup step. ```typescript const p = UTF8('mima-kit') const k = HEX('') const iv = new Uint8Array(8) const cipher = rabbit(k, iv) const c = cipher.encrypt(p) const m = cipher.decrypt(c) // skip iv setup const cipher = rabbit(k, new Uint8Array(0)) const c = cipher.encrypt(p) const m = cipher.decrypt(c) ``` -------------------------------- ### SM2-DSA Signature and Verification Example Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This example demonstrates how to perform digital signing and verification using the SM2-DSA algorithm from `mima-kit`. It shows the full flow from key generation and identity derivation to signing a message and verifying its signature, using SM3 as the default hash function. ```typescript const sm2ec = sm2() const ID = UTF8('alice@rabbit.panic') const KA = sm2ec.gen() const ZA = sm2ec.di(ID, KA) const M = UTF8('mima-kit') const signer = sm2ec.dsa() // using SM3 by default const signature = signer.sign(ZA, KA, M) signer.verify(ZA, KA, M, signature) // true ``` -------------------------------- ### Install mima-kit via npm Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This command installs the mima-kit cryptographic library using npm, making it available for use in your JavaScript/TypeScript projects. It's the standard way to add the package to your project's dependencies. ```bash npm install mima-kit ``` -------------------------------- ### SM2-ES Encryption and Decryption Example Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This example demonstrates the use of the SM2-ES encryption scheme from `mima-kit`. It illustrates the process of generating keys, encrypting a plaintext message, and then decrypting the resulting ciphertext back to the original message. ```typescript const sm2ec = sm2(curve) const M = UTF8('The king\'s ears are donkey ears') const key = sm2ec.gen() const cipher = sm2ec.es() const C = cipher.encrypt(key, M) cipher.decrypt(key, C) // M ``` -------------------------------- ### Basic Usage of Block Cipher Modes in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates the instantiation and basic encryption/decryption flow for various block cipher modes (ECB, CBC, PCBC, CFB, OFB, CTR) using SM4. Each example shows how to initialize the cipher with a key and an IV (if applicable), and then perform encryption and decryption operations. ```typescript // ECB Mode const k = HEX('') const m = HEX('') const c = HEX('') const CIPHER = ecb(sm4)(k) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` ```typescript // CBC Mode const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = cbc(sm4)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` ```typescript // PCBC Mode const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = pcbc(sm4)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` ```typescript // CFB Mode const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = cfb(sm4)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` ```typescript // OFB Mode const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = ofb(sm4)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` ```typescript // CTR Mode const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = ctr(sm4)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` -------------------------------- ### Implement RSASSA-PSS Signature Scheme with Hash, MGF, and Salt Length Options Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Illustrates the `RSASSA-PSS` signature scheme, which combines with a hash function, MGF function, and salt length. It provides examples of initializing the signer with default parameters (SHA-256, MGF1-SHA-256, digest size) and custom configurations for hash, MGF, and salt length, followed by signing and verification. ```typescript const p = UTF8('mima-kit') const key = rsa(2048) // using SHA-256, MGF1-SHA-256, and sha256.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key) // using SHA-1, MGF1-SHA-1, and sha1.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key, sha1) // using SHA-1, MGF1-SHA-256, and sha1.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key, sha1, mgf1(sha256)) // using SHA-1, MGF1-SHA-256, and 32 const cipher = pkcs1_ssa_pss(key, sha1, mgf1(sha256), 32) const s = cipher.sign(p) const v = cipher.verify(p, s) // v === true ``` -------------------------------- ### Perform XXTEA Encryption and Decryption with Custom Rounds Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This example demonstrates how to configure the XXTEA algorithm with a fixed number of encryption rounds using the `round` parameter in the configuration object. This overrides the default round calculation. ```typescript const config: XXTEAConfig = { round: 64, } xxtea(config)(k).encrypt(m) // c xxtea(config)(k).decrypt(m) // m ``` -------------------------------- ### X25519-DH Key Agreement Example Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This example demonstrates the X25519-DH (Diffie-Hellman) key agreement protocol. It shows how two parties, A and B, can independently generate their keys and then use the `dh` function to compute an identical shared secret, which can then be used for symmetric encryption. ```typescript const keyA = x25519.gen() const keyB = x25519.gen() const secretA = x25519.dh(keyA, keyB) const secretB = x25519.dh(keyB, keyA) // secretA === secretB ``` -------------------------------- ### X25519 Key Pair Generation Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This example demonstrates how to generate different types of X25519 keys using the `mima-kit` library. It shows the generation of a full key pair, a private key, and a public key derived from an existing private key. ```typescript // Generate key pair: X25519KeyPair const key = x25519.gen() const key = x25519.gen('key_pair') // Generate private key: X25519PrivateKey const s_key = x25519.gen('private_key') // Generate public key: X25519KeyPair const p_key = x25519.gen('public_key', s_key) ``` -------------------------------- ### Signing with RSASSA-PSS in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Shows how to use RSASSA-PSS, another PKCS#1 standard signature scheme. This scheme requires a Hash function, an MGF function, and a Salt Length. Examples demonstrate various configurations for these parameters. ```TypeScript const p = UTF8('mima-kit') const key = rsa(2048) // using SHA-256, MGF1-SHA-256, and sha256.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key) // using SHA-1, MGF1-SHA-1, and sha1.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key, sha1) // using SHA-1, MGF1-SHA-256, and sha1.DIGEST_SIZE const cipher = pkcs1_ssa_pss(key, sha1, mgf1(sha256)) // using SHA-1, MGF1-SHA-256, and 32 const cipher = pkcs1_ssa_pss(key, sha1, mgf1(sha256), 32) const s = cipher.sign(p) const v = cipher.verify(p, s) // v === true ``` -------------------------------- ### Apply and Remove Generic Padding in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates how to apply and remove padding using a generic padding function, illustrating the basic usage pattern with `PKCS7_PAD` as an example. It shows adding padding to a message `m` and then removing it from the padded message `p`. ```typescript let block_size: number let m = new Uint8Array() let p = new Uint8Array() // add padding p = PKCS7_PAD(m, block_size) // remove padding m = PKCS7_PAD(p) ``` -------------------------------- ### Encrypt/Decrypt with AES Block Cipher Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates the use of the Advanced Encryption Standard (AES) block cipher for encryption and decryption. Examples show usage with 128-bit, 192-bit, and 256-bit keys. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array aes(128)(k).encrypt(m) // c aes(128)(k).decrypt(c) // m aes(192)(k).encrypt(m) // c aes(192)(k).decrypt(c) // m aes(256)(k).encrypt(m) // c aes(256)(k).decrypt(c) // m ``` -------------------------------- ### Compute KMAC with various output lengths and customization Source: https://github.com/rsoram/mima-kit/blob/main/README.md Shows how to use KMAC (Keyed-Hash Message Authentication Code based on Keccak) functions, including KMAC128, KMAC256, and their XOF (eXtendable Output Function) variants. Examples demonstrate specifying output lengths and a customization string. ```typescript const s = UTF8('custom') const key = UTF8('password') const m = UTF8('mima-kit') kmac128(256, s)(key, m).to(HEX) kmac256(512, s)(key, m).to(HEX) kmac128XOF(256, s)(key, m).to(HEX) kmac256XOF(512, s)(key, m).to(HEX) ``` -------------------------------- ### Generic Stream Cipher Usage (Salsa20) in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Illustrates the typical usage pattern for stream ciphers, which generally require only a key and an IV. The example uses Salsa20 to encrypt and decrypt a message, demonstrating that the original plaintext is recovered. ```typescript const k = HEX('') const iv = HEX('') const cipher = salsa20(k, iv) const p = UTF8('mima-kit') const c = cipher.encrypt(p) const m = cipher.decrypt(c) // p === m ``` -------------------------------- ### Encrypting with RSAES-OAEP in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates the use of RSAES-OAEP, a PKCS#1 standard encryption scheme. It requires a combination of Hash function, MGF function, and Label data. Examples show default usage and custom configurations for hash functions and MGF. ```TypeScript const p = UTF8('mima-kit') const key = rsa(2048) // using SHA-256, MGF1-SHA-256, and empty label by default const cipher = pkcs1_es_oaep(key) // using SHA-1, MGF1-SHA-1, and empty label const cipher = pkcs1_es_oaep(key, sha1) // using SHA-1, MGF1-SHA-256, and label 'mima-kit' const cipher = pkcs1_es_oaep(key, sha1, mgf1(sha256), UTF8('mima-kit')) const c = cipher.encrypt(p) const m = cipher.decrypt(c) // p === m ``` -------------------------------- ### Perform XXTEA Encryption and Decryption with Custom Padding Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This snippet illustrates how to specify different padding modes for XXTEA using the `padding` parameter in the configuration. It shows examples for `X923_PAD` and `NO_PAD`, which can be used to skip padding if data length is already a multiple of 4 bytes. ```typescript // using X923_PAD const config: XXTEAConfig = { padding: X923_PAD, } // skip padding const config: XXTEAConfig = { padding: NO_PAD, } xxtea(config)(k).encrypt(m) // c xxtea(config)(k).decrypt(m) // m ``` -------------------------------- ### Advanced Cryptographic Hash Functions (cSHAKE, TupleHash, ParallelHash, TurboSHAKE, KangarooTwelve) Source: https://github.com/rsoram/mima-kit/blob/main/README.md Illustrates the usage of more advanced cryptographic hash functions from `mima-kit`, including cSHAKE (with optional function name and customization string), TupleHash (for hashing arrays of inputs), ParallelHash (with block size and customization), TurboSHAKE (with domain separator), and KangarooTwelve (with customization string). All examples show hashing and converting the output to hexadecimal. ```typescript // cSHAKE // optional function name const n = UTF8('name') // optional customization string const s = UTF8('custom') const m = UTF8('mima-kit') cshake128(256, n, s)(m).to(HEX) cshake256(512, n, s)(m).to(HEX) // TupleHash // optional customization string // const s = UTF8('custom') // already defined const mTuple = ['mima', '-', 'kit'].map(v => UTF8(v)) tuplehash128(256, s)(mTuple).to(HEX) tuplehash256(512, s)(mTuple).to(HEX) tuplehash128XOF(256, s)(mTuple).to(HEX) tuplehash256XOF(512, s)(mTuple).to(HEX) // ParallelHash // optional customization string // const s = UTF8('custom') // already defined // const m = UTF8('mima-kit') // already defined const blockSize = 1024 parallelhash128(blockSize, 256, s)(m).to(HEX) parallelhash256(blockSize, 512, s)(m).to(HEX) parallelhash128XOF(blockSize, 256, s)(m).to(HEX) parallelhash256XOF(blockSize, 512, s)(m).to(HEX) // TurboSHAKE // optional Domain Separator // range: 0x01 ~ 0x7F, default: 0x1F const D = 0x0 ``` -------------------------------- ### Implementing HMAC with mima-kit Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Provides examples of using the HMAC function from mima-kit with different underlying hash algorithms like SM3 and SHA1. It demonstrates how to specify key length and digest size for HMAC calculations, converting the result to hexadecimal. ```typescript const key = UTF8('password') const m = UTF8('mima-kit') // HMAC-SM3 hmac(sm3)(key, m).to(HEX) // HMAC-SHA1-80 with 80-bit digest and 160-bit key hmac(sha1, 80)(key, m).to(HEX) // HMAC-SHA1-160 with 160-bit digest and 80-bit key hmac(sha1, 160, 80)(key, m).to(HEX) ``` -------------------------------- ### Generate Time-based One-Time Passwords (TOTP) Source: https://github.com/rsoram/mima-kit/blob/main/README.md Illustrates the generation of TOTP codes, which extend HMAC by using the current timestamp as a counter. Examples include basic TOTP generation and advanced configuration with custom MAC algorithms, time steps, and digit counts. ```typescript const otp = totp(B32('4B7X5MEKEFIJMWWVBQMMCLY6JI3YOC7Y')) // '000000' const totp_256 = totp({ mac: hmac(sha256), step: 60_000, // 1 minute digits: 8, // 8 digits }) const otp = totp_256(B32('4B7X5MEKEFIJMWWVBQMMCLY6JI3YOC7Y')) // '00000000' ``` -------------------------------- ### Perform Elliptic Curve Menezes-Qu-Vanstone (ECMQV) Key Agreement in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Shows how to use the `mqv` method for ECMQV key agreement, a more complex key agreement protocol. This example involves two pairs of keys for each party (`u_k1, u_k2` and `v_k1, v_k2`) to derive a shared secret, demonstrating that both parties arrive at the same result. ```typescript const ec = FpECC(secp256r1) const u_k1 = ec.gen() const u_k2 = ec.gen() const v_k1 = ec.gen() v_k2 = ec.gen() const secretA = ec.mqv(u_k1, u_k2, v_k1, v_k2).x const secretB = ec.mqv(v_k1, v_k2, u_k1, u_k2).x // secretA === secretB ``` -------------------------------- ### Wrap custom cryptographic hash algorithms Source: https://github.com/rsoram/mima-kit/blob/main/README.md Provides an example of how to integrate a custom hash function into the 'mima-kit' framework using `createHash`. This allows custom algorithms to be used with higher-level functions like HMAC, ensuring type safety and proper integration. ```typescript const _greatHash: Digest = (M: Uint8Array) => new U8(M) const greatHashDescription: HashDescription = { ALGORITHM: 'GreatHash', BLOCK_SIZE: 64, DIGEST_SIZE: 64, } const greatHash = createHash(_greatHash, greatHashDescription) // HMAC-GreatHash const hmac_gh = hmac(greatHash) ``` -------------------------------- ### Calculate cSHAKE (Customizable SHAKE) Hash Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates how to use the cSHAKE customizable hash function, which allows for optional function names and customization strings as per NIST SP 800-185. It shows examples for cSHAKE128 and cSHAKE256, converting the output to hexadecimal. ```typescript // optional function name const n = UTF8('name') // optional customization string const s = UTF8('custom') const m = UTF8('mima-kit') cshake128(256, n, s)(m).to(HEX) cshake256(512, n, s)(m).to(HEX) ``` -------------------------------- ### Implement SM2-DH Key Agreement Protocol in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Provides a detailed example of the SM2-DH key agreement protocol between two parties (Alice and Bob). It covers the generation of public and temporary public keys, computation of distinguishing identifiers, and the final derivation of a shared secret key using a KDF. ```typescript const sm2ec = sm2() const kdf = x963kdf(sm3) // Initiator: Alice // Responder: Bob // Step 1: Alice const KA = sm2ec.gen() const KX = sm2ec.gen() const ka = { Q: KA.Q } // public key of Alice const kx = { Q: KX.Q } // temporary public key of Alice const ID_A = UTF8('alice@rabbit.panic') const ZA = sm2ec.di(ID_A, KA) // Alice's distinguishable identifier // send ZA, ka, kx to Bob // Step 2: Bob const KB = sm2ec.gen() const KY = sm2ec.gen() const kb = { Q: KB.Q } // public key of Bob const ky = { Q: KY.Q } // temporary public key of Bo const ID_B = UTF8('bob@rolling.stone') const ZB = sm2ec.di(ID_B, KB) // Bob's distinguishable identifier const SB = sm2ec.dh(KB, KY, ka, kx, ZA, ZB) // shared secret key const DKB = kdf(256, S) // derive key // send ZB, kb, ky to Alice // Step 3: Alice const SA = sm2ec.dh(KA, KX, kb, ky, ZA, ZB) // shared secret key const DKA = kdf(256, S) // derive key SA === SB DKA === DKB ``` -------------------------------- ### Encrypt and Decrypt Data using SM2 Encryption Scheme (ES) Source: https://github.com/rsoram/mima-kit/blob/main/README.md This example illustrates the usage of the SM2-ES algorithm for encryption and decryption. It initializes an SM2 elliptic curve instance, generates a key pair, and then uses the `encrypt` method to encrypt a plaintext message. The resulting ciphertext can then be decrypted back to the original message using the `decrypt` method. ```typescript const sm2ec = sm2(curve) const M = UTF8('The king\'s ears are donkey ears') const key = sm2ec.gen() const cipher = sm2ec.es() const C = cipher.encrypt(key, M) cipher.decrypt(key, C) // M ``` -------------------------------- ### Perform X25519 Diffie-Hellman Key Exchange Source: https://github.com/rsoram/mima-kit/blob/main/README.md This example demonstrates the X25519 Diffie-Hellman key exchange protocol. It generates two key pairs, `keyA` and `keyB`, and then uses the `x25519.dh()` function to compute the shared secret from each participant's perspective. The snippet verifies that both computed shared secrets are identical, as expected in a successful key exchange. ```typescript const keyA = x25519.gen() const keyB = x25519.gen() const secretA = x25519.dh(keyA, keyB) const secretB = x25519.dh(keyB, keyA) // secretA === secretB ``` -------------------------------- ### Perform Blowfish Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates basic encryption and decryption using the Blowfish algorithm. It shows how to initialize the Blowfish cipher with a key and then encrypt or decrypt a message. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array blowfish(k).encrypt(m) // c blowfish(k).decrypt(c) // m ``` -------------------------------- ### Perform DES Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates basic encryption and decryption using the DES algorithm as defined by FIPS PUB 46-3. It shows how to initialize the DES cipher with a key and then encrypt or decrypt a message. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array des(k).encrypt(m) // c des(k).decrypt(c) // m ``` -------------------------------- ### Initialize X9.63 Key Derivation Function with Hash Source: https://github.com/rsoram/mima-kit/blob/main/README.md This snippet demonstrates how to initialize the X9.63 Key Derivation Function (KDF). It shows that `X9.63KDF` requires a hash function, such as `sha256`, to be passed as a parameter during its instantiation, preparing it for subsequent key derivation operations. ```typescript const kdf = x963kdf(sha256) ``` -------------------------------- ### Perform ARC5 Encryption and Decryption with Configurable Parameters Source: https://github.com/rsoram/mima-kit/blob/main/README.md Shows how to use the ARC5 algorithm, which is parameterized by word length (w) and number of rounds (r). It demonstrates initializing ARC5 with various recommended configurations and performing encryption/decryption. The algorithm accepts keys with a length of 0 < k.byteLength < 256. ```typescript // 推荐的参数化配置 // +-----+----+ // | w | r | // +-----+----+ // | 8 | 8 | // | 16 | 12 | // | 32 | 16 | (default) // | 64 | 20 | // | 128 | 24 | // +-----+----+ let k: Uint8Array let m: Uint8Array let c: Uint8Array const spec8 = arc5(8, 8) // ARC5-8/8 const spec16 = arc5(16, 12) // ARC5-16/12 const spec32 = arc5(32, 16) // ARC5-32/16 (default) const spec64 = arc5(64, 20) // ARC5-64/20 const spec128 = arc5(128, 24) // ARC5-128/24 spec32(k).encrypt(m) // c spec32(k).decrypt(c) // m ``` -------------------------------- ### 3DES Block Cipher Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates the usage of the Triple DES (3DES) block cipher for encryption and decryption. Examples are provided for 128-bit and 192-bit key lengths, showcasing its application in cryptographic operations. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array t_des(128)(k).encrypt(m) // c t_des(128)(k).decrypt(c) // m t_des(192)(k).encrypt(m) // c t_des(192)(k).decrypt(c) // m ``` -------------------------------- ### Camellia Block Cipher Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Shows how to use the Camellia block cipher for encryption and decryption. Examples are provided for 128-bit, 192-bit, and 256-bit key lengths, demonstrating its application in cryptographic operations. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array camellia(128)(k).encrypt(m) // c camellia(128)(k).decrypt(c) // m camellia(192)(k).encrypt(m) // c camellia(192)(k).decrypt(c) // m camellia(256)(k).encrypt(m) // c camellia(256)(k).decrypt(c) // m ``` -------------------------------- ### XXTEA Configuration Interface (XXTEAConfig) Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This API documentation describes the `XXTEAConfig` interface, which allows customization of XXTEA behavior. It includes options for `BLOCK_SIZE` (for use with operation modes), `padding` method, and `round` count. ```APIDOC interface XXTEAConfig { /** * 分组大小 / Block size (default: 16) * * `XXTEA` 本身设计用于加密任意数量的数据块。单独使用 `XXTEA` 时,该选项不起作用。 * 但是,如果需要将 `XXTEA` 用作分组密码和 `工作模式` 一起使用,则可以通过此选项设置分组大小。 * * 注意: 这不是 `XXTEA` 的标准用法且缺乏相关的安全分析。 * * `XXTEA` is natively designed to encrypt arbitrary amounts of data blocks. * When used alone, this option does not take effect. * However, if you need to use `XXTEA` as a block cipher and use it with `Operation Mode`, * you can set the `BLOCK_SIZE` through this option. * * Note: This is not the standard usage of `XXTEA` and lacks relevant security analysis. */ BLOCK_SIZE?: number /** * 填充方式 / Padding method (default: PKCS7) * * 如果要像其他分组密码一样使用 `XXTEA`,例如使用 `CBC` 模式, * 应该将 `padding` 设置为 `NO_PAD` 并让 `工作模式` 处理填充。 * * If you want to use `XXTEA` like other block ciphers, such as with `CBC` mode, * you should set the `padding` to `NO_PAD` and let the `Operation Mode` handle the padding. */ padding?: Padding /** * 轮数 / Rounds (default: undefined) * * `XXTEA` 的轮数可以通过这个选项设置,如果不设置则使用默认的轮数计算方式。 * * The rounds of `XXTEA` can be set through this option, * if not set, the default round calculation method will be used. */ round?: number } ``` -------------------------------- ### Using KangarooTwelve functions in mima-kit Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Shows the application of KangarooTwelve functions (kt128, kt256) within the mima-kit library. It includes examples of providing an optional customization string and input data, with the output converted to hexadecimal. ```typescript // optional customization string const s = UTF8('custom') const m = UTF8('mima-kit') kt128(256, s)(m).to(HEX) kt256(512, s)(m).to(HEX) ``` -------------------------------- ### Wrapping Custom Symmetric Ciphers with createCipher Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates how to integrate a custom symmetric key algorithm into `mima-kit`'s framework using the `createCipher` utility. This allows custom ciphers to be used with advanced algorithms like GCM, by defining an encrypt/decrypt function and a `BlockCipherInfo` description. ```typescript const _greatCipher: Cipher = (k: Uint8Array) => { const cipher = { encrypt: (M: Uint8Array) => new U8(k.map((v, i) => v ^ M[i])), decrypt: (C: Uint8Array) => new U8(k.map((v, i) => v ^ C[i])), } return cipher } const greatCipherDescription: BlockCipherInfo = { ALGORITHM: 'GreatCipher', BLOCK_SIZE: 16, KEY_SIZE: 16, MIN_KEY_SIZE: 16, MAX_KEY_SIZE: 16, } const greatCipher = createCipher(_greatCipher, greatCipherDescription) // GCM-GreatCipher const gcm_gc = gcm(greatCipher) ``` -------------------------------- ### Initialize Password-Based Key Derivation Function 2 (PBKDF2) Source: https://github.com/rsoram/mima-kit/blob/main/README.md This snippet demonstrates the initialization of the Password-Based Key Derivation Function 2 (PBKDF2). It shows how to create an HMAC instance with `sha256` and then pass this HMAC along with a specified number of iterations (e.g., 1000) to the `pbkdf2` function, configuring it for secure password hashing. ```typescript const mac = hmac(sha256) const kdf = pbkdf2(mac, 1000) ``` -------------------------------- ### Implement RSAES-OAEP Encryption Scheme with Hash and MGF Options Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Illustrates the `RSAES-OAEP` encryption scheme, which requires combination with a hash function, MGF function, and an optional label. It shows various ways to initialize the cipher, including default settings (SHA-256, MGF1-SHA-256, empty label) and custom configurations for hash, MGF, and label, followed by encryption and decryption. ```typescript const p = UTF8('mima-kit') const key = rsa(2048) // using SHA-256, MGF1-SHA-256, and empty label by default const cipher = pkcs1_es_oaep(key) // using SHA-1, MGF1-SHA-1, and empty label const cipher = pkcs1_es_oaep(key, sha1) // using SHA-1, MGF1-SHA-256, and label 'mima-kit' const cipher = pkcs1_es_oaep(key, sha1, mgf1(sha256), UTF8('mima-kit')) const c = cipher.encrypt(p) const m = cipher.decrypt(c) // p === m ``` -------------------------------- ### ARIA Block Cipher Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Provides examples for using the ARIA block cipher, supporting 128-bit, 192-bit, and 256-bit key lengths. It illustrates the process of encrypting and decrypting data using ARIA with different key configurations. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array aria(128)(k).encrypt(m) // c aria(128)(k).decrypt(c) // m aria(192)(k).encrypt(m) // c aria(192)(k).decrypt(c) // m aria(256)(k).encrypt(m) // c aria(256)(k).decrypt(c) // m ``` -------------------------------- ### Initialize PBKDF2 with HMAC-SHA256 and Iterations Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Illustrates the initialization of PBKDF2 (Password-Based Key Derivation Function 2) from PKCS#5. It requires a KeyHash function (e.g., HMAC-SHA256), a specified number of iterations, and an optional salt. ```typescript const mac = hmac(sha256) const kdf = pbkdf2(mac, 1000) ``` -------------------------------- ### Encrypt and Decrypt Data with ECIES in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Illustrates the basic usage of ECIES for integrated encryption and decryption. It shows how to generate keys, create an ECIES cipher instance, encrypt plaintext, and then decrypt the resulting ciphertext using the `mima-kit` ECIES implementation. ```typescript const ec = FpECC(secp256r1) const key = ec.gen() const cipher = ec.ies() const p = UTF8('mima-kit') const c = cipher.encrypt(key, p) const m = cipher.decrypt(key, c) // p === m ``` -------------------------------- ### Calculate TupleHash Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Shows how to use the TupleHash function, which processes a tuple of inputs and supports optional customization strings, as defined in NIST SP 800-185. Examples include tuplehash128, tuplehash256, and their XOF (eXtendable Output Function) variants, with output converted to hexadecimal. ```typescript // optional customization string const s = UTF8('custom') const m = ['mima', '-', 'kit'].map(v => UTF8(v)) tuplehash128(256, s)(m).to(HEX) tuplehash256(512, s)(m).to(HEX) tuplehash128XOF(256, s)(m).to(HEX) tuplehash256XOF(512, s)(m).to(HEX) ``` -------------------------------- ### Perform Twofish Encryption and Decryption Source: https://github.com/rsoram/mima-kit/blob/main/README.md Illustrates the use of the Twofish algorithm for encryption and decryption, supporting 128-bit, 192-bit, and 256-bit key lengths. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array twofish(128)(k).encrypt(m) // c twofish(128)(k).decrypt(x) // m twofish(192)(k).encrypt(m) // c twofish(192)(k).decrypt(c) // m twofish(256)(k).encrypt(m) // c twofish(256)(k).decrypt(c) // m ``` -------------------------------- ### XXTEAConfig Interface for Advanced Configuration Source: https://github.com/rsoram/mima-kit/blob/main/README.md Defines the `XXTEAConfig` interface, detailing parameters for customizing XXTEA behavior. This includes `BLOCK_SIZE` for block cipher integration, `padding` method (e.g., PKCS7, NO_PAD), and `round` count for fixed round encryption. Note that using `BLOCK_SIZE` with XXTEA is a non-standard usage. ```APIDOC interface XXTEAConfig { /** * Block size (default: 16) * * `XXTEA` is natively designed to encrypt arbitrary amounts of data blocks. * When used alone, this option does not take effect. * However, if you need to use `XXTEA` as a block cipher and use it with `Operation Mode`, * you can set the `BLOCK_SIZE` through this option. * * Note: This is not the standard usage of `XXTEA` and lacks relevant security analysis. */ BLOCK_SIZE?: number /** * Padding method (default: PKCS7) * * If you want to use `XXTEA` like other block ciphers, such as with `CBC` mode, * you should set the `padding` to `NO_PAD` and let the `Operation Mode` handle the padding. */ padding?: Padding /** * Rounds (default: undefined) * * The rounds of `XXTEA` can be set through this option, * if not set, the default round calculation method will be used. */ round?: number } ``` -------------------------------- ### Implement RSAES-PKCS1-v1_5 Encryption Scheme Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates the usage of the `RSAES-PKCS1-v1_5` encryption scheme from PKCS#1. It shows how to initialize the cipher with an RSA key pair and then perform encryption and decryption operations, verifying that the original plaintext is recovered. ```typescript const p = UTF8('mima-kit') const key = rsa(2048) const cipher = pkcs1_es_1_5(key) const c = cipher.encrypt(p) const m = cipher.decrypt(c) // p === m ``` -------------------------------- ### Integrate XXTEA with GCM Operation Mode Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md This advanced example shows how to use XXTEA as a block cipher within a GCM (Galois/Counter Mode) operation. It requires setting `padding` to `NO_PAD` and configuring `BLOCK_SIZE` for the operation mode, ensuring it's a multiple of 4 and greater than 8. ```typescript const config: XXTEAConfig = { padding: NO_PAD, BLOCK_SIZE: 16, } const cipher = xxtea(config) const k = HEX('') const iv = HEX('') const m = HEX('') const c = HEX('') const CIPHER = gcm(cipher)(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m ``` -------------------------------- ### Implement RSASSA-PKCS1-v1_5 Signature Scheme with Hash Options Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates the `RSASSA-PKCS1-v1_5` signature scheme, which requires a hash function. It highlights the importance of setting the correct OID for the hash function and shows how to initialize the signer with default (SHA-256) or custom (SHA-1) hash functions, followed by signing and verification. ```typescript const p = UTF8('mima-kit') const key = rsa(2048) // check OID before using sha256.OID = '2.16.840.1.101.3.4.2.1' // using SHA-256 by default const cipher = pkcs1_ssa_1_5(key) // using SHA-1 const cipher = pkcs1_ssa_1_5(key, sha1) const s = cipher.sign(p) const v = cipher.verify(p, s) // v === true ``` -------------------------------- ### Perform Elliptic Curve Co-factor Diffie-Hellman (ECCDH) Key Agreement in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Illustrates the usage of the `cdh` method for ECCDH key agreement, which is a variant of ECDH. This example uses the `w25519` curve and demonstrates how two parties can derive the same shared secret using their respective key pairs. ```typescript const ec = FpECC(w25519) const keyA = ec.gen() const keyB = ec.gen() const secretAc = ec.cdh(keyA, keyB).x const secretBc = ec.cdh(keyB, keyA).x // secretAc === secretBc ``` -------------------------------- ### Key Derivation Function (KDF) Interface API Reference Source: https://github.com/rsoram/mima-kit/blob/main/README.md This API documentation defines the generic interface for Key Derivation Functions (KDFs). The `KDF` interface specifies a function that takes the desired output key length (`k_bit`), input keying material (`ikm`), and optional additional information (`info`) as parameters, returning the derived keying material as a `Uint8Array`. ```APIDOC interface KDF { /** * @param {number} k_bit - 期望的密钥长度 / output keying material length * @param {Uint8Array} ikm - 输入密钥材料 / input keying material * @param {Uint8Array} info - 附加信息 / optional context and application specific information */ (k_bit: number, ikm: Uint8Array, info?: Uint8Array): U8 } ``` -------------------------------- ### Initialize X9.63KDF with SHA256 Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md Demonstrates how to initialize the X9.63KDF (Key Derivation Function) from the ANSI-X9.63 standard. This KDF requires combination with a hash function, here exemplified with SHA256. ```typescript const kdf = x963kdf(sha256) ``` -------------------------------- ### Integrate Specific Padding Modes with CBC Cipher Source: https://github.com/rsoram/mima-kit/blob/main/README/README-en.md These examples show how various standard padding modes, including PKCS#7, ANSI X9.23, ISO/IEC 7816-4, and Zero Padding, are integrated with a block cipher like SM4 when used in CBC (Cipher Block Chaining) mode. ```typescript const cbc_sm4 = cbc(sm4, PKCS7_PAD) ``` ```typescript const cbc_sm4 = cbc(sm4, X923_PAD) ``` ```typescript const cbc_sm4 = cbc(sm4, ISO7816_PAD) ``` ```typescript const cbc_sm4 = cbc(sm4, ZERO_PAD) ``` -------------------------------- ### Perform XXTEA Encryption and Decryption with Default Settings Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates basic encryption and decryption using the XXTEA algorithm. XXTEA is designed to encrypt arbitrary numbers of 4-byte data blocks. By default, it calculates rounds based on data block count (6 + 52 / n) and uses PKCS7 padding. ```typescript let k: Uint8Array let m: Uint8Array let c: Uint8Array // using default config xxtea()(k).encrypt(m) // c xxtea()(k).decrypt(c) // m ``` -------------------------------- ### Use Symmetric Key Algorithms with Modes of Operation Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates the application of symmetric key algorithms like SM4 with common modes of operation such as CBC (Cipher Block Chaining) and CTR (Counter mode). It shows how block ciphers can be used for encryption and decryption, and how they can be converted to stream ciphers. ```typescript const k = HEX('') const iv = HEX('') const p = UTF8('mima-kit') // using SM4-CBC const cbc_sm4 = cbc(sm4)(k, iv) const c = cbc_sm4.encrypt(p) const m = cbc_sm4.decrypt(c) m.to(UTF8) // 'mima-kit' // using SM4-CTR in stream mode const ctr_sm4 = ctr(sm4, NO_PAD)(k, iv) const c = ctr_sm4.encrypt(p) const m = ctr_sm4.decrypt(c) m.to(UTF8) // 'mima-kit' ``` -------------------------------- ### GCM Mode Usage with Authentication in TypeScript Source: https://github.com/rsoram/mima-kit/blob/main/README.md Demonstrates the Galois/Counter Mode (GCM), an authenticated encryption mode. It shows how to initialize the cipher with a key and IV, perform encryption and decryption, and crucially, how to generate and verify an authentication tag (`AUTH_TAG`) for data integrity and authenticity. Notes on IV length and `AUTH_TAG` size are included. ```typescript const k = HEX('') const iv = HEX('') const m = HEX('') const a = HEX('') const c = HEX('') const t = HEX('') const CIPHER = gcm(aes(128))(k, iv) CIPHER.encrypt(m) // c CIPHER.decrypt(c) // m CIPHER.sign(c, a) // auth tag CIPHER.verify(t, c, a) // true or false ``` -------------------------------- ### mima-kit Codec and Base32 API Definitions and Usage Source: https://github.com/rsoram/mima-kit/blob/main/README.md Defines the `Codec` interface and the `B32Params` interface for configuring Base32 encoding. It then illustrates how to create and use a `B32` codec with different variants (e.g., RFC 4648-hex) and padding options, demonstrating encoding of UTF-8 strings. ```APIDOC interface Codec { /** * Parse encoded string to Uint8Array * * 将编码字符串解析为 Uint8Array */ (input: string): U8 /** * Stringify Uint8Array to encoded string * * 将 Uint8Array 编码为字符串 */ (input: Uint8Array): string FORMAT: string } interface B32Params { variant?: 'rfc4648' | 'rfc4648-hex' | 'crockford' padding?: boolean } interface B32Codec extends Codec { /** * 创建一个 base32 编解码器 * * Create a base32 codec */ (params: B32Params): Codec } ``` ```typescript // RFC 4648 Base32 with no padding by default B32(UTF8('cat, 猫, 🐱')) // MNQXILBA46GKWLBA6CPZBMI // using RFC 4648 Base32-hex with padding const B32HP = B32({ variant: 'rfc4648-hex', padding: true }) B32HP(UTF8('cat, 猫, 🐱')) // CDGN8B10SU6AMB10U2FP1C8= ```