@meeco/cryppo/dist/src/key-derivation/derived-key.js

In-browser encryption and decryption. Clone of Ruby Cryppo

"use strict";
var __assign = (this && this.__assign) || function () {
    __assign = Object.assign || function(t) {
        for (var s, i = 1, n = arguments.length; i < n; i++) {
            s = arguments[i];
            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
                t[p] = s[p];
        }
        return t;
    };
    return __assign.apply(this, arguments);
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.DerivedKeyOptions = exports.KeyDerivationStrategy = void 0;
var node_forge_1 = require("node-forge");
var encoding_versions_1 = require("../encoding-versions");
var encryption_key_1 = require("../encryption-key");
var serialization_versions_1 = require("../serialization-versions");
var util_1 = require("../util");
/**
 * Most of these values are copied directly from the Ruby library
 */
var MIN_ITERATIONS = 20000;
var DEFAULT_LENGTH = 32;
var DEFAULT_ITERATION_VARIANCE = 10;
var DEFAULT_SALT_LENGTH = 20;
var KeyDerivationStrategy;
(function (KeyDerivationStrategy) {
    KeyDerivationStrategy["Pbkdf2Hmac"] = "Pbkdf2Hmac";
})(KeyDerivationStrategy = exports.KeyDerivationStrategy || (exports.KeyDerivationStrategy = {}));
/**
 * Store configuration used for password based key derivation and
 * serialize/de-serialize it.
 */
var DerivedKeyOptions = /** @class */ (function () {
    function DerivedKeyOptions(options) {
        this.salt = options.salt;
        this.iterations = options.iterations;
        this.length = options.length;
        this.strategy = options.strategy;
        this.hash = options.hash || 'SHA256';
    }
    DerivedKeyOptions.usesDerivedKey = function (serialized) {
        var parts = serialized.split('.');
        if (parts[parts.length - 2] === KeyDerivationStrategy.Pbkdf2Hmac) {
            return true;
        }
        return false;
    };
    DerivedKeyOptions.randomFromOptions = function (_a) {
        var _b = _a.iterationVariance, iterationVariance = _b === void 0 ? DEFAULT_ITERATION_VARIANCE : _b, _c = _a.length, length = _c === void 0 ? DEFAULT_LENGTH : _c, _d = _a.minIterations, minIterations = _d === void 0 ? MIN_ITERATIONS : _d, _e = _a.strategy, strategy = _e === void 0 ? KeyDerivationStrategy.Pbkdf2Hmac : _e, useSalt = _a.useSalt;
        var variance = Math.floor(minIterations * (iterationVariance / 100));
        var iterations = minIterations + Math.floor(Math.random() * variance);
        var salt = useSalt || node_forge_1.random.getBytesSync(DEFAULT_SALT_LENGTH);
        return new DerivedKeyOptions({
            strategy: strategy,
            iterations: iterations,
            salt: salt,
            length: length,
        });
    };
    // tslint:disable-next-line: max-line-length
    DerivedKeyOptions.fromSerialized = function (serialized) {
        // tslint:disable-next-line: max-line-length
        var _a = util_1.deSerializeDerivedKeyOptions(serialized), derivationStrategy = _a.derivationStrategy, serializationArtifacts = _a.serializationArtifacts;
        return new DerivedKeyOptions(__assign({ 
            // keys taken from ruby lib
            strategy: derivationStrategy, salt: util_1.bytesBufferToBinaryString(serializationArtifacts.iv), iterations: serializationArtifacts.i, length: serializationArtifacts.l, hash: serializationArtifacts.hash }, serializationArtifacts));
    };
    DerivedKeyOptions.prototype.serialize = function (serializationVersion) {
        if (serializationVersion === void 0) { serializationVersion = serialization_versions_1.SerializationFormat.latest_version; }
        // keys taken from ruby lib
        return util_1.serializeDerivedKeyOptions(this.strategy, {
            iv: util_1.binaryStringToBytesBuffer(this.salt),
            i: this.iterations,
            l: this.length,
            hash: this.hash,
        }, serializationVersion);
    };
    DerivedKeyOptions.prototype.deriveKey = function (key, encodingVersion) {
        var _this = this;
        if (encodingVersion === void 0) { encodingVersion = encoding_versions_1.EncodingVersions.latest_version; }
        var hash = this.hash.toLocaleLowerCase();
        var digest = node_forge_1.md[hash].create();
        key = encodingVersion === encoding_versions_1.EncodingVersions.legacy ? key : util_1.encodeUtf8(key);
        return new Promise(function (resolve, reject) {
            return node_forge_1.pkcs5.pbkdf2(key, _this.salt, _this.iterations, _this.length, digest, function (err, derivedKey) {
                if (err) {
                    return reject(err);
                }
                resolve(encryption_key_1.EncryptionKey.fromBytes(util_1.binaryStringToBytes(derivedKey)));
            });
        });
    };
    return DerivedKeyOptions;
}());
exports.DerivedKeyOptions = DerivedKeyOptions;