@nfen/webcrypto-ts
Version:
Enforced Webcrypto wrapper
150 lines • 4.52 kB
JavaScript
import * as proxy from "../proxy.js";
import * as WebCrypto from "../webcrypto.js";
import { Alg, EcShared, } from "./shared.js";
const handlers = {
privHandler: {
get(target, prop) {
switch (prop) {
case "self":
return target;
case "sign":
return (algorithm, data) => sign(algorithm, target, data);
case "exportKey":
return (format) => exportKey(format, target);
}
return Reflect.get(target, prop);
},
},
pubHandler: {
get(target, prop) {
switch (prop) {
case "self":
return target;
case "verify":
return (algorithm, signature, data) => verify(algorithm, target, signature, data);
case "exportKey":
return (format) => exportKey(format, target);
}
return Reflect.get(target, prop);
},
},
};
/**
* Generate a new ECDSA keypair
* @example
* ```ts
* const keyPair = await ECDSA.generateKey();
* ```
* @example
* ```ts
* const keyPair = await ECDSA.generateKey({ namedCurve: "P-256" }, false);
* ```
* @example
* ```ts
* const keyPair = await ECDSA.generateKey({ namedCurve: "P-256" }, true, ['sign', 'verify']);
* ```
*/
export const generateKey = async (algorithm = {
namedCurve: Alg.Curve.P_521,
}, extractable, keyUsages) => {
const keyPair = (await EcShared.generateKey({ ...algorithm, name: Alg.Variant.ECDSA }, extractable, keyUsages));
return proxy.proxifyKeyPair(handlers)(keyPair);
};
/**
* Generate a new ECDSA keypair
* @alias generateKey
* @example
* ```ts
* const keyPair = await ECDSA.generateKeyPair();
* ```
* @example
* ```ts
* const keyPair = await ECDSA.generateKeyPair({ namedCurve: "P-256" }, false);
* ```
* @example
* ```ts
* const keyPair = await ECDSA.generateKeyPair({ namedCurve: "P-256" }, true, ['sign', 'verify']);
* ```
*/
export const generateKeyPair = generateKey;
/**
* Import an ECDSA public or private key
* @example
* ```ts
* const pubKey = await ECDSA.importKey("jwk", pubKeyJwk, { namedCurve: "P-521" }, true, ['verify']);
* ```
* @example
* ```ts
* const privKey = await ECDSA.importKey("jwk", privKeyJwk, { namedCurve: "P-521" }, true, ['sign']);
* ```
*/
export const importKey = async (format, key, algorithm = {
namedCurve: Alg.Curve.P_521,
}, extractable, keyUsages) => {
const importedKey = await EcShared.importKey(format, key, { ...algorithm, name: Alg.Variant.ECDSA }, extractable, keyUsages);
if (importedKey.type === "private") {
return proxy.proxifyKey(handlers.privHandler)(importedKey);
}
else {
return proxy.proxifyKey(handlers.pubHandler)(importedKey);
}
};
/**
* Export an ECDSA public or private key
* @example
* ```ts
* const pubKeyJwk = await ECDSA.exportKey("jwk", keyPair.publicKey.self);
* ```
* @example
* ```ts
* const privKeyJwk = await ECDSA.exportKey("jwk", keyPair.privateKey.self);
* ```
* @example
* ```ts
* const pubKeyJwk = await keyPair.publicKey.exportKey("jwk");
* ```
* @example
* ```ts
* const privKeyJwk = await keyPair.privateKey.exportKey("jwk");
* ```
*/
export const exportKey = async (format, key) => EcShared.exportKey(format, key);
/**
* Sign a given payload
* @example
* ```ts
* const message = new TextEncoder().encode("a message");
* const signature = await ECDSA.sign({hash: "SHA-512"}, keyPair.privateKey.self, message);
* ```
* @example
* ```ts
* const message = new TextEncoder().encode("a message");
* const signature = await keyPair.privateKey.sign({hash: "SHA-512"}, message);
* ```
*/
export async function sign(algorithm, key, data) {
return await WebCrypto.sign({
...algorithm,
name: Alg.Variant.ECDSA,
}, key, data);
}
/**
* Verify a given signature
* @example
* ```ts
* const message = new TextEncoder().encode("a message");
* const isVerified = await ECDSA.verify({hash: "SHA-512"}, keyPair.publicKey.self, signature, message);
* ```
* @example
* ```ts
* const message = new TextEncoder().encode("a message");
* const isVerified = await keyPair.publicKey.verify({hash: "SHA-512"}, signature, message);
* ```
*/
export async function verify(algorithm, key, signature, data) {
return await WebCrypto.verify({
...algorithm,
name: Alg.Variant.ECDSA,
}, key, signature, data);
}
//# sourceMappingURL=ecdsa.js.map