cloudworker-proxy
Version:
An api gateway for cloudflare workers
83 lines (82 loc) • 3.13 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
const Core = require("webcrypto-core");
const key_1 = require("../key");
const native = require("../native");
const aes_1 = require("./aes");
const hmac_1 = require("./hmac");
function b64_decode(b64url) {
return Buffer.from(Core.Base64Url.decode(b64url));
}
class Pbkdf2Crypto extends Core.BaseCrypto {
static importKey(format, keyData, algorithm, extractable, keyUsages) {
return new Promise((resolve, reject) => {
const formatLC = format.toLocaleLowerCase();
const alg = algorithm;
alg.name = alg.name.toUpperCase();
let raw;
switch (formatLC) {
case "jwk":
raw = b64_decode(keyData.k);
break;
case "raw":
raw = keyData;
break;
default:
throw new Core.WebCryptoError(`ImportKey: Wrong format value '${format}'`);
}
alg.length = raw.byteLength * 8;
native.Pbkdf2Key.importKey(raw, (err, key) => {
if (err) {
reject(err);
}
else {
resolve(new key_1.CryptoKey(key, algorithm, "secret", extractable, keyUsages));
}
});
});
}
static deriveKey(algorithm, baseKey, derivedKeyType, extractable, keyUsages) {
return Promise.resolve()
.then(() => {
return this.deriveBits(algorithm, baseKey, derivedKeyType.length);
})
.then((raw) => {
let CryptoClass;
switch (derivedKeyType.name.toUpperCase()) {
case Core.AlgorithmNames.AesCBC:
case Core.AlgorithmNames.AesGCM:
case Core.AlgorithmNames.AesKW:
CryptoClass = aes_1.AesCrypto;
break;
case Core.AlgorithmNames.Hmac:
CryptoClass = hmac_1.HmacCrypto;
break;
default:
throw new Core.AlgorithmError(Core.AlgorithmError.UNSUPPORTED_ALGORITHM, algorithm.name);
}
return CryptoClass.importKey("raw", Buffer.from(raw), derivedKeyType, extractable, keyUsages);
});
}
static deriveBits(algorithm, baseKey, length) {
return new Promise((resolve, reject) => {
const alg = algorithm;
const nativeKey = baseKey.native;
const hash = Core.PrepareAlgorithm(alg.hash);
const salt = Buffer.from(Core.PrepareData(alg.salt, "salt"));
nativeKey.deriveBits(this.wc2ssl(hash), salt, alg.iterations, length, (err, raw) => {
if (err) {
reject(err);
}
else {
resolve(raw.buffer);
}
});
});
}
static wc2ssl(algorithm) {
const alg = algorithm.name.toUpperCase().replace("-", "");
return alg;
}
}
exports.Pbkdf2Crypto = Pbkdf2Crypto;