dchest · ikhemissi · Oct 27, 2019 · Oct 27, 2019
diff --git a/.eslintrc b/.eslintrc
@@ -1,8 +1,13 @@
 {
+  'root': true,
+  'parserOptions': {
+    'ecmaVersion': 2017
+  },
   'env': {                           // http://eslint.org/docs/user-guide/configuring.html#specifying-environments
     'node': true,
     'browser': true,
-    'shared-node-browser': true
+    'shared-node-browser': true,
+    'es6': true
   },
   'globals': {
     'Uint8Array': true,

diff --git a/AUTHORS.md b/AUTHORS.md
@@ -6,6 +6,7 @@ List of TweetNaCl.js authors
 * Dmitry Chestnykh (@dchest)
 * Devi Mandiri (@devi)
 * AndSDev (@AndSDev)
+* Iheb Khemissi (@ikhemissi)
 
 List of authors of third-party public domain code from which TweetNaCl.js code was derived
 ==========================================================================================

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,31 @@
 TweetNaCl.js Changelog
 ======================
 
+v2.0.0
+------
+
+Make `randomBytes` and its dependant functions `async`.
+This will allow using the library with custom secure random number generators (e.g. mobile) via `setPRNG`.
+
+Example:
+```javascript
+tweetnacl.setPRNG(async (uint8Array, randomBytesLength) => {
+  const randomBytesBuffer = await myNativeRandomBytesGenerator(randomBytesLength);
+
+  // Copy randomBytesBuffer to uint8Array
+  // Cleanup
+});
+```
+
+The signature of the following public methods have changed to make them `async` (return a Promise):
+- nacl.randomBytes()
+- nacl.box.keyPair()
+- nacl.sign.keyPair()
+- nacl.sign.keyPair.fromSeed()
+
+As a result, the library will now require ECMAScript 2017, and IE11 support is dropped in this version.
+
+
 v1.0.0
 ------
 

diff --git a/README.md b/README.md
@@ -87,6 +87,27 @@ You can install TweetNaCl.js via a package manager:
 or [download source code](https://github.com/dchest/tweetnacl-js/releases).
 
 
+
+Migration from tweetnacl@1
+--------
+In this version 2, the signature of the following methods have changed 
+to become `async function` (they return a `Promise`).
+Please make sure to add an `await` before you call any of them in order 
+to get the key pair or the `Uint8Array`:
+
+- `nacl.randomBytes()`
+- `nacl.box.keyPair()`
+- `nacl.sign.keyPair()`
+- `nacl.sign.keyPair.fromSeed()`
+
+The signature of `nacl.setPRNG` also changed to allow passing either 
+a regular function (like in tweetnacl@1) or a function that returns a Promise like async functions.
+
+Please make sure your runtime environment supports `async/await` (introduced in ES2017):
+- Browsers: https://caniuse.com/#feat=async-functions
+- NodeJS: https://node.green/#ES2017-features-async-functions
+
+
 Examples
 --------
 You can find usage examples in our [wiki](https://github.com/dchest/tweetnacl-js/wiki/Examples).
@@ -103,9 +124,8 @@ packages.
 In Node.js v4 and later `Buffer` objects are backed by `Uint8Array`s, so you
 can freely pass them to TweetNaCl.js functions as arguments. The returned
 objects are still `Uint8Array`s, so if you need `Buffer`s, you'll have to
-convert them manually; make sure to convert using copying: `Buffer.from(array)`
-(or `new Buffer(array)` in Node.js v4 or earlier), instead of sharing:
-`Buffer.from(array.buffer)` (or `new Buffer(array.buffer)` Node 4 or earlier),
+convert them manually; make sure to convert using copying: `Buffer.from(array)`, 
+instead of sharing: `Buffer.from(array.buffer)`,
 because some functions return subarrays of their buffers.
 
 
@@ -115,8 +135,8 @@ Implements *x25519-xsalsa20-poly1305*.
 
 #### nacl.box.keyPair()
 
-Generates a new random key pair for box and returns it as an object with
-`publicKey` and `secretKey` members:
+Generates a new random key pair for box and returns it as an object (wrapped 
+within a Promise) with `publicKey` and `secretKey` members:
 
     {
        publicKey: ...,  // Uint8Array with 32-byte public key
@@ -244,8 +264,8 @@ Implements [ed25519](http://ed25519.cr.yp.to).
 
 #### nacl.sign.keyPair()
 
-Generates new random key pair for signing and returns it as an object with
-`publicKey` and `secretKey` members:
+Generates new random key pair for signing and returns it as an object (wrapped 
+within a Promise) with `publicKey` and `secretKey` members:
 
     {
        publicKey: ...,  // Uint8Array with 32-byte public key
@@ -260,7 +280,8 @@ Returns a signing key pair with public key corresponding to the given
 
 #### nacl.sign.keyPair.fromSeed(seed)
 
-Returns a new signing key pair generated deterministically from a 32-byte seed.
+Returns a new signing key pair generated deterministically from a 32-byte seed,
+the key pair will be wrapped within a Promise.
 The seed must contain enough entropy to be secure. This method is not
 recommended for general use: instead, use `nacl.sign.keyPair` to generate a new
 key pair from a random seed.
@@ -322,8 +343,8 @@ Length of hash in bytes.
 
 #### nacl.randomBytes(length)
 
-Returns a `Uint8Array` of the given length containing random bytes of
-cryptographic quality.
+Returns a Promise that resolves to a `Uint8Array` of the given length 
+containing random bytes of cryptographic quality.
 
 **Implementation note**
 
@@ -354,6 +375,8 @@ TweetNaCl.js like this:
 
 Note that `nacl.setPRNG` *completely replaces* internal random byte generator
 with the one provided.
+If the function you passed to `nacl.setPRNG` returns a Promise, `nacl.randomBytes`
+will wait for it to resolve before using its value (the random bytes).
 
 
 ### Constant-time comparison

diff --git a/nacl-fast.js b/nacl-fast.js
@@ -1378,8 +1378,8 @@ function crypto_scalarmult_base(q, n) {
   return crypto_scalarmult(q, n, _9);
 }
 
-function crypto_box_keypair(y, x) {
-  randombytes(x, 32);
+async function crypto_box_keypair(y, x) {
+  await Promise.resolve(randombytes(x, 32));
   return crypto_scalarmult_base(y, x);
 }
 
@@ -1914,12 +1914,12 @@ function scalarbase(p, s) {
   scalarmult(p, q, s);
 }
 
-function crypto_sign_keypair(pk, sk, seeded) {
+async function crypto_sign_keypair(pk, sk, seeded) {
   var d = new Uint8Array(64);
   var p = [gf(), gf(), gf(), gf()];
   var i;
 
-  if (!seeded) randombytes(sk, 32);
+  if (!seeded) await Promise.resolve(randombytes(sk, 32));
   crypto_hash(d, sk, 32);
   d[0] &= 248;
   d[31] &= 127;
@@ -2154,9 +2154,9 @@ function cleanup(arr) {
   for (var i = 0; i < arr.length; i++) arr[i] = 0;
 }
 
-nacl.randomBytes = function(n) {
+nacl.randomBytes = async function(n) {
   var b = new Uint8Array(n);
-  randombytes(b, n);
+  await Promise.resolve(randombytes(b, n));
   return b;
 };
 
@@ -2227,10 +2227,10 @@ nacl.box.open = function(msg, nonce, publicKey, secretKey) {
 
 nacl.box.open.after = nacl.secretbox.open;
 
-nacl.box.keyPair = function() {
+nacl.box.keyPair = async function() {
   var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);
-  crypto_box_keypair(pk, sk);
+  await crypto_box_keypair(pk, sk);
   return {publicKey: pk, secretKey: sk};
 };
 
@@ -2291,10 +2291,10 @@ nacl.sign.detached.verify = function(msg, sig, publicKey) {
   return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);
 };
 
-nacl.sign.keyPair = function() {
+nacl.sign.keyPair = async function() {
   var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
-  crypto_sign_keypair(pk, sk);
+  await crypto_sign_keypair(pk, sk);
   return {publicKey: pk, secretKey: sk};
 };
 
@@ -2307,14 +2307,14 @@ nacl.sign.keyPair.fromSecretKey = function(secretKey) {
   return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
 };
 
-nacl.sign.keyPair.fromSeed = function(seed) {
+nacl.sign.keyPair.fromSeed = async function(seed) {
   checkArrayTypes(seed);
   if (seed.length !== crypto_sign_SEEDBYTES)
     throw new Error('bad seed size');
   var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
   for (var i = 0; i < 32; i++) sk[i] = seed[i];
-  crypto_sign_keypair(pk, sk, true);
+  await crypto_sign_keypair(pk, sk, true);
   return {publicKey: pk, secretKey: sk};
 };
 

diff --git a/nacl-fast.min.js b/nacl-fast.min.js
diff --git a/nacl.d.ts b/nacl.d.ts
@@ -38,7 +38,7 @@ declare namespace nacl {
         }
 
         export interface keyPair {
-            (): BoxKeyPair;
+            (): Promise<BoxKeyPair>;
             fromSecretKey(secretKey: Uint8Array): BoxKeyPair;
         }
     }
@@ -63,9 +63,9 @@ declare namespace nacl {
         }
 
         export interface keyPair {
-            (): SignKeyPair;
+            (): Promise<SignKeyPair>;
             fromSecretKey(secretKey: Uint8Array): SignKeyPair;
-            fromSeed(secretKey: Uint8Array): SignKeyPair;
+            fromSeed(secretKey: Uint8Array): Promise<SignKeyPair>;
         }
     }
 
@@ -87,12 +87,12 @@ declare namespace nacl {
 }
 
 declare interface nacl {
-    randomBytes(n: number): Uint8Array;
+    randomBytes(n: number): Promise<Uint8Array>;
     secretbox: nacl.secretbox;
     scalarMult: nacl.scalarMult;
     box: nacl.box;
     sign: nacl.sign;
     hash: nacl.hash;
     verify(x: Uint8Array, y: Uint8Array): boolean;
-    setPRNG(fn: (x: Uint8Array, n: number) => void): void;
+    setPRNG(fn: (x: Uint8Array, n: number) => void | Promise<void>): void;
 }
diff --git a/nacl.js b/nacl.js
@@ -440,8 +440,8 @@ function crypto_scalarmult_base(q, n) {
   return crypto_scalarmult(q, n, _9);
 }
 
-function crypto_box_keypair(y, x) {
-  randombytes(x, 32);
+async function crypto_box_keypair(y, x) {
+  await Promise.resolve(randombytes(x, 32));
   return crypto_scalarmult_base(y, x);
 }
 
@@ -701,12 +701,12 @@ function scalarbase(p, s) {
   scalarmult(p, q, s);
 }
 
-function crypto_sign_keypair(pk, sk, seeded) {
+async function crypto_sign_keypair(pk, sk, seeded) {
   var d = new Uint8Array(64);
   var p = [gf(), gf(), gf(), gf()];
   var i;
 
-  if (!seeded) randombytes(sk, 32);
+  if (!seeded) await Promise.resolve(randombytes(sk, 32));
   crypto_hash(d, sk, 32);
   d[0] &= 248;
   d[31] &= 127;
@@ -941,9 +941,9 @@ function cleanup(arr) {
   for (var i = 0; i < arr.length; i++) arr[i] = 0;
 }
 
-nacl.randomBytes = function(n) {
+nacl.randomBytes = async function(n) {
   var b = new Uint8Array(n);
-  randombytes(b, n);
+  await Promise.resolve(randombytes(b, n));
   return b;
 };
 
@@ -1014,10 +1014,10 @@ nacl.box.open = function(msg, nonce, publicKey, secretKey) {
 
 nacl.box.open.after = nacl.secretbox.open;
 
-nacl.box.keyPair = function() {
+nacl.box.keyPair = async function() {
   var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);
-  crypto_box_keypair(pk, sk);
+  await crypto_box_keypair(pk, sk);
   return {publicKey: pk, secretKey: sk};
 };
 
@@ -1078,10 +1078,10 @@ nacl.sign.detached.verify = function(msg, sig, publicKey) {
   return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);
 };
 
-nacl.sign.keyPair = function() {
+nacl.sign.keyPair = async function() {
   var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
-  crypto_sign_keypair(pk, sk);
+  await crypto_sign_keypair(pk, sk);
   return {publicKey: pk, secretKey: sk};
 };
 
@@ -1094,14 +1094,14 @@ nacl.sign.keyPair.fromSecretKey = function(secretKey) {
   return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
 };
 
-nacl.sign.keyPair.fromSeed = function(seed) {
+nacl.sign.keyPair.fromSeed = async function(seed) {
   checkArrayTypes(seed);
   if (seed.length !== crypto_sign_SEEDBYTES)
     throw new Error('bad seed size');
   var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
   var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
   for (var i = 0; i < 32; i++) sk[i] = seed[i];
-  crypto_sign_keypair(pk, sk, true);
+  await crypto_sign_keypair(pk, sk, true);
   return {publicKey: pk, secretKey: sk};
 };
 

diff --git a/nacl.min.js b/nacl.min.js