UNPKG

@walletconnect/browser-crypto

Version:

Browser Crypto for WalletConnect

github.com/WalletConnect/walletconnect-monorepo/

walletconnect/walletconnect-monorepo

142 lines 5.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const tslib_1 = require("tslib"); const utils_1 = require("@walletconnect/utils"); const AES_ALGORITHM = "AES-CBC"; const AES_LENGTH = 256; const HMAC_ALGORITHM = "SHA-256"; function exportKey(cryptoKey) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const browserCrypto = utils_1.getCrypto(); const buffer = yield browserCrypto.subtle.exportKey("raw", cryptoKey); return buffer; }); } exports.exportKey = exportKey; function importKey(buffer, type = AES_ALGORITHM) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const aesParams = { length: AES_LENGTH, name: AES_ALGORITHM }; const hmacParams = { hash: { name: HMAC_ALGORITHM }, name: "HMAC", }; const algoParams = type === AES_ALGORITHM ? aesParams : hmacParams; const usages = type === AES_ALGORITHM ? ["encrypt", "decrypt"] : ["sign", "verify"]; const browserCrypto = utils_1.getCrypto(); const cryptoKey = yield browserCrypto.subtle.importKey("raw", buffer, algoParams, true, usages); return cryptoKey; }); } exports.importKey = importKey; function generateKey(length) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const _length = length || 256; const browserCrypto = utils_1.getCrypto(); const cryptoKey = yield browserCrypto.subtle.generateKey({ length: _length, name: AES_ALGORITHM, }, true, ["encrypt", "decrypt"]); const key = yield exportKey(cryptoKey); return key; }); } exports.generateKey = generateKey; function createHmac(data, key) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const cryptoKey = yield importKey(key, "HMAC"); const browserCrypto = utils_1.getCrypto(); const signature = yield browserCrypto.subtle.sign({ length: 256, name: "HMAC", }, cryptoKey, data); return signature; }); } exports.createHmac = createHmac; function verifyHmac(payload, key) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const cipherText = utils_1.convertHexToArrayBuffer(payload.data); const iv = utils_1.convertHexToArrayBuffer(payload.iv); const hmac = utils_1.convertHexToArrayBuffer(payload.hmac); const hmacHex = utils_1.convertArrayBufferToHex(hmac, true); const unsigned = utils_1.concatArrayBuffers(cipherText, iv); const chmac = yield createHmac(unsigned, key); const chmacHex = utils_1.convertArrayBufferToHex(chmac, true); if (utils_1.removeHexPrefix(hmacHex) === utils_1.removeHexPrefix(chmacHex)) { return true; } return false; }); } exports.verifyHmac = verifyHmac; function aesCbcEncrypt(data, key, iv) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const cryptoKey = yield importKey(key, AES_ALGORITHM); const browserCrypto = utils_1.getCrypto(); const result = yield browserCrypto.subtle.encrypt({ iv, name: AES_ALGORITHM, }, cryptoKey, data); return result; }); } exports.aesCbcEncrypt = aesCbcEncrypt; function aesCbcDecrypt(data, key, iv) { return tslib_1.__awaiter(this, void 0, void 0, function* () { const cryptoKey = yield importKey(key, AES_ALGORITHM); const browserCrypto = utils_1.getCrypto(); const result = yield browserCrypto.subtle.decrypt({ iv, name: AES_ALGORITHM, }, cryptoKey, data); return result; }); } exports.aesCbcDecrypt = aesCbcDecrypt; function encrypt(data, key, providedIv) { return tslib_1.__awaiter(this, void 0, void 0, function* () { if (!key) { throw new Error("Missing key: required for encryption"); } const iv = providedIv || (yield generateKey(128)); const ivHex = utils_1.convertArrayBufferToHex(iv, true); const contentString = JSON.stringify(data); const content = utils_1.convertUtf8ToArrayBuffer(contentString); const cipherText = yield aesCbcEncrypt(content, key, iv); const cipherTextHex = utils_1.convertArrayBufferToHex(cipherText, true); const unsigned = utils_1.concatArrayBuffers(cipherText, iv); const hmac = yield createHmac(unsigned, key); const hmacHex = utils_1.convertArrayBufferToHex(hmac, true); return { data: cipherTextHex, hmac: hmacHex, iv: ivHex, }; }); } exports.encrypt = encrypt; function decrypt(payload, key) { return tslib_1.__awaiter(this, void 0, void 0, function* () { if (!key) { throw new Error("Missing key: required for decryption"); } const verified = yield verifyHmac(payload, key); if (!verified) { return null; } const cipherText = utils_1.convertHexToArrayBuffer(payload.data); const iv = utils_1.convertHexToArrayBuffer(payload.iv); const buffer = yield aesCbcDecrypt(cipherText, key, iv); const utf8 = utils_1.convertArrayBufferToUtf8(buffer); let data; try { data = JSON.parse(utf8); } catch (error) { return null; } return data; }); } exports.decrypt = decrypt; //# sourceMappingURL=index.js.map