From 1611c59573f81914d290ad2e31de76640629b909 Mon Sep 17 00:00:00 2001 From: lucanicoladebiasi Date: Thu, 4 Apr 2024 11:53:53 +0100 Subject: [PATCH] refactor: #712 blake2b256.ts secured --- packages/core/src/hash/blake2b256.ts | 74 ++++++++++++---------------- 1 file changed, 32 insertions(+), 42 deletions(-) diff --git a/packages/core/src/hash/blake2b256.ts b/packages/core/src/hash/blake2b256.ts index cae4d7b86..ab1b573a5 100644 --- a/packages/core/src/hash/blake2b256.ts +++ b/packages/core/src/hash/blake2b256.ts @@ -1,75 +1,65 @@ -import blake from 'blakejs'; -import { type HashInput, type ReturnType } from './types'; -import { assertIsValidReturnType } from '../assertions'; import { Hex0x } from '../utils'; +import { assertIsValidReturnType } from '../assertions'; +import { blake2b } from '@noble/hashes/blake2b'; +import { type ReturnType } from './types'; /** - * Internal function to compute the blake2b256 256-bit hash of the given data. + * Internal function to calculates the BLAKE2B-256 hash of the input data. + * + * Secure audit function. + * * [blake2b](https://github.com/paulmillr/noble-hashes?tab=readme-ov-file#blake2b-blake2s-blake3) * - * This function allows hashing multiple data items (Buffers or strings) in a single hash context, - * aggregating the hash of all these items into a single result. + * @param {Array} data - The input data to be hashed. It accepts multiple arguments in the form of Buffers or strings. * - * @param data - One or more data items (either Buffer or string) to be hashed. - * @returns {Buffer} A Buffer containing the 256-bit blake2b256 hash of the provided data. + * @returns {Buffer} - The BLAKE2B-256 hash of the input data. */ function _blake2b256(...data: Array): Buffer { - const ctx = blake.blake2bInit(32); - data.forEach((d) => { - if (Buffer.isBuffer(d)) { - blake.blake2bUpdate(ctx, d); - } else { - blake.blake2bUpdate(ctx, Buffer.from(d, 'utf8')); - } + const ctx = blake2b.create({ dkLen: 32 }); + data.forEach((datum) => { + ctx.update(datum); }); - return Buffer.from(blake.blake2bFinal(ctx)); + return Buffer.from(ctx.digest()); } /* --- Overloaded functions start --- */ /** - * Computes the blake2b256 256-bit hash of the given data. - * Returns the hash as a Buffer. + * Calculates the Blake2b-256 hash of the given data. * - * @param data - The input data (either a Buffer or string) for which the hash needs to be computed. - * @returns A Buffer containing the 256-bit blake2b256 hash of the provided data. + * @param {string | Uint8Array} data - The data to hash. It can be either a string or a Uint8Array. + * @returns {Buffer} - The resulting hash as a Buffer object. */ -function blake2b256(data: HashInput): Buffer; +function blake2b256(data: string | Uint8Array): Buffer; /** - * Computes the blake2b256 256-bit hash of the given data. - * Returns the hash as a Buffer. + * Calculates the Blake2b256 hash of the given data. * - * @param data - The input data (either a Buffer or string) for which the hash needs to be computed. - * @param returnType - The format in which to return the hash. Either 'buffer' or 'hex'. - * @returns {Buffer} A Buffer containing the 256-bit blake2b256 hash of the provided data. + * @param {string | Uint8Array} data - The data to hash. It can be either a string or a Uint8Array. + * @param {string} returnType - The return type of the hash. Only 'buffer' is supported currently. + * @return {Buffer} - The Blake2b256 hash of the data as a Buffer object. */ -function blake2b256(data: HashInput, returnType: 'buffer'): Buffer; +function blake2b256(data: string | Uint8Array, returnType: 'buffer'): Buffer; /** - * Computes the blake2b256 256-bit hash of the given data. - * Returns the hash as a hex string, prefixed with `0x`. + * Calculates the Blake2b-256 hash of the provided data. * - * @param data - The input data (either a Buffer or string) for which the hash needs to be computed. - * @param returnType - The format in which to return the hash. Either 'hex' or 'buffer'. - * @returns {string} A string representing the hexadecimal format of the 256-bit blake2b256 hash, prefixed with `0x`. + * @param {string | Uint8Array} data - The data to calculate the hash from. Can be a string or a Uint8Array. + * @param {'hex'} returnType - The return type of the hash. Currently, only supports returning the hash as a hex string. + * @return {string} - The calculated hash as a hex string. */ -function blake2b256(data: HashInput, returnType: 'hex'): string; +function blake2b256(data: string | Uint8Array, returnType: 'hex'): string; /* --- Overloaded functions end --- */ /** - * Computes the blake2b256 256-bit hash of the given data and returns the hash based on the returnType specified. - * Defaults to returning a Buffer if returnType is not provided. + * Calculates the BLAKE2b-256 hash of the provided data. * - * @throws{InvalidDataReturnTypeError} - * @param data - The input data (either a Buffer or string) for which the hash needs to be computed. - * @param returnType - The format in which to return the hash. Either 'buffer' or 'hex'. - * Defaults to 'buffer' if not provided. - * @returns A Buffer or a string representing the 256-bit blake2b256 hash of the provided data, - * based on the returnType specified. + * @param {string | Uint8Array} data - The data to be hashed. + * @param {ReturnType} [returnType='buffer'] - The return type of the hash. 'buffer' returns a Buffer object, 'hex' returns a hexadecimal string. + * @returns {Buffer | string} - The hash value calculated from the data. */ function blake2b256( - data: HashInput, + data: string | Uint8Array, returnType: ReturnType = 'buffer' ): Buffer | string { // Assert that the returnType is valid