UNPKG

@veramo/did-comm

Version:

Veramo messaging plugin implementing DIDComm v2.

github.com/decentralized-identity/veramo

decentralized-identity/veramo

53 lines (45 loc) 1.78 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import type { Decrypter, Encrypter, EncryptionResult, ProtectedHeader } from 'did-jwt' import { AES } from '@stablelib/aes' import { GCM } from '@stablelib/gcm' import { randomBytes } from '@noble/hashes/utils' import { bytesToBase64url, encodeBase64url } from '@veramo/utils' import { fromString } from 'uint8arrays/from-string' function createA256GCMEncrypter( key: Uint8Array, ): (cleartext: Uint8Array, aad?: Uint8Array) => EncryptionResult { const blockcipher = new AES(key) const cipher = new GCM(blockcipher) return (cleartext: Uint8Array, aad?: Uint8Array) => { const iv = randomBytes(cipher.nonceLength) const sealed = cipher.seal(iv, cleartext, aad) return { ciphertext: sealed.subarray(0, sealed.length - cipher.tagLength), tag: sealed.subarray(sealed.length - cipher.tagLength), iv, } } } export function a256gcmDirEncrypter(key: Uint8Array): Encrypter { const enc = 'A256GCM' const alg = 'dir' async function encrypt( cleartext: Uint8Array, protectedHeader: ProtectedHeader = {}, aad?: Uint8Array, ): Promise<EncryptionResult> { const protHeader = encodeBase64url(JSON.stringify(Object.assign({ alg }, protectedHeader, { enc }))) const encodedAad = fromString(aad ? `${protHeader}.${bytesToBase64url(aad)}` : protHeader, 'utf-8') return { ...createA256GCMEncrypter(key)(cleartext, encodedAad), protectedHeader: protHeader, } } return { alg, enc, encrypt } } export function a256gcmDirDecrypter(key: Uint8Array): Decrypter { const cipher = new GCM(new AES(key)) async function decrypt(sealed: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Promise<Uint8Array | null> { return cipher.open(iv, sealed, aad) } return { alg: 'dir', enc: 'A256GCM', decrypt } }