@meeco/cryppo/dist/cjs/encryption/encryption.js

In-browser encryption and decryption. Clone of Ruby Cryppo

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.encryptWithGeneratedKey = encryptWithGeneratedKey;
exports.encryptWithKeyDerivedFromString = encryptWithKeyDerivedFromString;
exports.encryptWithKey = encryptWithKey;
exports.encryptWithKeyUsingArtefacts = encryptWithKeyUsingArtefacts;
const node_forge_1 = __importDefault(require("node-forge"));
const encryption_key_js_1 = require("../encryption-key.js");
const pbkdf2_hmac_js_1 = require("../key-derivation/pbkdf2-hmac.js");
const serialization_versions_js_1 = require("../serialization-versions.js");
const util_js_1 = require("../util.js");
const { cipher: forgeCipher, random, util } = node_forge_1.default;
async function encryptWithGeneratedKey({ data, strategy, keyLength, iv }, serializationVersion = serialization_versions_js_1.SerializationFormat.latest_version) {
    const key = encryption_key_js_1.EncryptionKey.generateRandom(keyLength || 32);
    const result = await encryptWithKey({ key, data, strategy, iv }, serializationVersion);
    return {
        ...result,
        generatedKey: key,
    };
}
async function encryptWithKeyDerivedFromString({ passphrase, data, strategy, iv, serializationVersion = serialization_versions_js_1.SerializationFormat.latest_version, }) {
    const derived = await (0, pbkdf2_hmac_js_1.generateDerivedKey)({ passphrase });
    const result = await encryptWithKey({
        key: derived.key,
        data,
        strategy,
        iv,
    }, serializationVersion);
    const serializedKey = derived.options.serialize(serializationVersion);
    result.serialized = `${result.serialized}.${serializedKey}`;
    return {
        ...result,
        ...derived,
    };
}
async function encryptWithKey({ key, data, strategy, iv }, serializationVersion = serialization_versions_js_1.SerializationFormat.latest_version) {
    if (!data || data.length === 0) {
        return {
            encrypted: null,
            serialized: null,
        };
    }
    const output = encryptWithKeyUsingArtefacts({ key, data, strategy, iv });
    const { encrypted, artifacts } = output;
    const keyLengthBits = key.bytes.length * 8;
    const [cipher, mode] = strategy.split('-').map(upperWords);
    const serialized = (0, util_js_1.serialize)(`${cipher}${keyLengthBits}${mode}`, encrypted || '', artifacts, serializationVersion);
    return {
        encrypted,
        serialized,
    };
}
/**
 * UpperCamelCase helper
 */
const upperWords = (val) => val.slice(0, 1).toUpperCase() + val.slice(1).toLowerCase();
function encryptWithKeyUsingArtefacts({ key, data, strategy, iv }) {
    if (data.length === 0) {
        return { encrypted: null };
    }
    // @ts-expect-error node-forge createBuffer accepts Uint8Array at runtime
    const cipher = forgeCipher.createCipher(strategy, util.createBuffer(key.bytes));
    iv = iv || random.getBytesSync(12);
    cipher.start({ iv: util.createBuffer(iv), additionalData: 'none', tagLength: 128 });
    // @ts-expect-error node-forge createBuffer accepts Uint8Array at runtime
    cipher.update(util.createBuffer(data));
    cipher.finish();
    const artifacts = {
        iv: (0, util_js_1.binaryStringToBytesBuffer)(iv),
    };
    if (cipher.mode.tag) {
        artifacts.at = (0, util_js_1.binaryStringToBytesBuffer)(cipher.mode.tag.data);
    }
    artifacts.ad = 'none';
    return {
        encrypted: cipher.output.data,
        artifacts,
    };
}
//# sourceMappingURL=encryption.js.map