Add SHA512

src/hash.ts

@@ -1,20 +1,26 @@
 import { sha1 } from "https://denopkg.com/chiefbiiko/[email protected]/mod.ts";
 import { sha256 } from "https://denopkg.com/chiefbiiko/[email protected]/mod.ts";
+import { sha512 } from "https://denopkg.com/chiefbiiko/sha512/mod.ts";
+import { RSAHashAlgorithm } from "./rsa/common.ts";
 
 export function digest(
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
   m: Uint8Array,
 ): Uint8Array {
   if (algorithm === "sha1") {
     return sha1(m) as Uint8Array;
   } else if (algorithm === "sha256") {
     return sha256(m) as Uint8Array;
+  } else if (algorithm === "sha512") {
+    return sha512(m) as Uint8Array;
   }
 
   throw "Unsupport hash algorithm";
 }
 
-export function digestLength(algorithm: "sha1" | "sha256") {
+export function digestLength(algorithm: RSAHashAlgorithm) {
+  if (algorithm === "sha512") return 64;
   if (algorithm === "sha256") return 32;
+
   return 20;
 }

src/rsa/common.ts

@@ -1,3 +1,5 @@
+export type RSAHashAlgorithm = "sha1" | "sha256" | "sha512";
+
 export interface RSAKeyParams {
   n: bigint;
   e?: bigint;
@@ -11,12 +13,12 @@ export interface RSAKeyParams {
 }
 
 export interface RSAOption {
-  hash: "sha1" | "sha256";
+  hash: RSAHashAlgorithm;
   padding: "oaep" | "pkcs1";
 }
 
 export interface RSASignOption {
-  hash: "sha256";
+  hash: RSAHashAlgorithm;
   algorithm: "rsassa-pkcs1-v1_5" | "rsassa-pss";
 }
 

src/rsa/eme_oaep.ts

@@ -1,6 +1,7 @@
 import { digest } from "./../hash.ts";
 import { mgf1 } from "./primitives.ts";
 import { concat, random_bytes, xor } from "./../helper.ts";
+import { RSAHashAlgorithm } from "./common.ts";
 
 /**
  * https://tools.ietf.org/html/rfc3447#page-10
@@ -14,7 +15,7 @@ export function eme_oaep_encode(
   label: Uint8Array,
   m: Uint8Array,
   k: number,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ): Uint8Array {
   const labelHash = new Uint8Array(digest(algorithm, label));
   const ps = new Uint8Array(k - labelHash.length * 2 - 2 - m.length);
@@ -32,7 +33,7 @@ export function eme_oaep_decode(
   label: Uint8Array,
   c: Uint8Array,
   k: number,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ): Uint8Array {
   const labelHash = new Uint8Array(digest(algorithm, label));
   const maskedSeed = c.slice(1, 1 + labelHash.length);

src/rsa/emsa_pss.ts

@@ -1,12 +1,13 @@
 import { digest } from "../hash.ts";
 import { xor } from "../helper.ts";
+import { RSAHashAlgorithm } from "./common.ts";
 import { mgf1 } from "./primitives.ts";
 
 export function emsa_pss_encode(
   m: Uint8Array,
   emBits: number,
   sLen: number,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ) {
   const mHash = digest(algorithm, m);
   const hLen = mHash.length;
@@ -39,7 +40,7 @@ export function emsa_pss_verify(
   em: Uint8Array,
   emBits: number,
   sLen: number,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ): boolean {
   const mHash = digest(algorithm, m);
   const hLen = mHash.length;

src/rsa/primitives.ts

@@ -1,7 +1,5 @@
 import { digest } from "./../hash.ts";
-
-type HashFunction = (b: Uint8Array) => Uint8Array;
-type HashAlgorithm = "sha1" | "sha256";
+import { RSAHashAlgorithm } from "./common.ts";
 
 /**
  * I2OSP converts a nonnegative integer to an octet string of a specified length.
@@ -36,22 +34,17 @@ export function os2ip(m: Uint8Array): bigint {
 export function mgf1(
   seed: Uint8Array,
   length: number,
-  hash: HashFunction | HashAlgorithm,
+  hash: RSAHashAlgorithm,
 ): Uint8Array {
   let counter = 0n;
   let output: number[] = [];
 
   while (output.length < length) {
-    let h;
     const c = i2osp(counter, 4);
 
-    if (typeof hash === "function") {
-      h = hash(new Uint8Array([...seed, ...c]));
-    } else {
-      h = new Uint8Array(
-        digest(hash, new Uint8Array([...seed, ...c])),
-      );
-    }
+    const h = new Uint8Array(
+      digest(hash, new Uint8Array([...seed, ...c])),
+    );
 
     output = [...output, ...h];
     counter++;

src/rsa/rsa_internal.ts

@@ -5,6 +5,7 @@ import { concat, random_bytes } from "./../helper.ts";
 import { ber_decode, ber_simple } from "./basic_encoding_rule.ts";
 import { RawBinary } from "../binary.ts";
 import { RSAKey } from "./rsa_key.ts";
+import { RSAHashAlgorithm } from "./common.ts";
 
 /**
  * @param n public key modulus
@@ -46,7 +47,7 @@ export function rsa_oaep_encrypt(
   n: bigint,
   e: bigint,
   m: Uint8Array,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ) {
   const em = eme_oaep_encode(new Uint8Array(0), m, bytes, algorithm);
   const msg = os2ip(em);
@@ -57,7 +58,7 @@ export function rsa_oaep_encrypt(
 export function rsa_oaep_decrypt(
   key: RSAKey,
   c: Uint8Array,
-  algorithm: "sha1" | "sha256",
+  algorithm: RSAHashAlgorithm,
 ) {
   const em = rsadp(key, os2ip(c));
   const m = eme_oaep_decode(

src/rsa/rsassa_pss.ts

@@ -1,5 +1,6 @@
 import { RawBinary } from "../binary.ts";
 import { digestLength } from "../hash.ts";
+import { RSAHashAlgorithm } from "./common.ts";
 import { emsa_pss_encode, emsa_pss_verify } from "./emsa_pss.ts";
 import { i2osp, os2ip } from "./primitives.ts";
 import { rsaep } from "./rsa_internal.ts";
@@ -8,7 +9,7 @@ import { RSAKey } from "./rsa_key.ts";
 export function rsassa_pss_sign(
   key: RSAKey,
   m: Uint8Array,
-  algorithm: "sha256",
+  algorithm: RSAHashAlgorithm,
 ): RawBinary {
   if (!key.d) throw "Invalid RSA Key";
 
@@ -21,7 +22,7 @@ export function rsassa_pss_verify(
   key: RSAKey,
   m: Uint8Array,
   signature: Uint8Array,
-  algorithm: "sha256",
+  algorithm: RSAHashAlgorithm,
 ): boolean {
   if (!key.e) throw "Invalid RSA Key";