UNPKG

cose-kit

Version:

**DEPRECATED:** Use [@auth0/cose](https://www.npmjs.com/package/@auth0/cose).

github.com/jfromaniello/cose-kit

jfromaniello/cose-kit

118 lines (117 loc) 5.59 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.Encrypt0 = void 0; const decrypt_js_1 = __importDefault(require("#runtime/decrypt.js")); const encrypt_js_1 = __importDefault(require("#runtime/encrypt.js")); const buffer_utils_js_1 = require("../lib/buffer_utils.js"); const cbor_js_1 = require("../cbor.js"); const COSEBase_js_1 = require("./COSEBase.js"); const errors = __importStar(require("../util/errors.js")); const validate_algorithms_js_1 = __importDefault(require("../lib/validate_algorithms.js")); const iv_js_1 = __importDefault(require("../lib/iv.js")); const headers_js_1 = require("../headers.js"); const decode_js_1 = require("./decode.js"); class Encrypt0 extends COSEBase_js_1.COSEBase { constructor(protectedHeaders, unprotectedHeaders, ciphertext) { super(protectedHeaders, unprotectedHeaders); this.ciphertext = ciphertext; } static createEncrypt0AAD(protectedHeaders, externalAAD) { return cbor_js_1.encoder.encode([ 'Encrypt0', protectedHeaders, externalAAD ]); } getContentForEncoding() { return [ this.encodedProtectedHeaders, this.unprotectedHeaders, this.ciphertext, ]; } static decode(cose) { return (0, decode_js_1.decode)(cose, Encrypt0); } async decrypt(key, options) { var _a, _b, _c; const ciphertextWithTag = (_a = options === null || options === void 0 ? void 0 : options.detachedPayload) !== null && _a !== void 0 ? _a : this.ciphertext; const aad = Encrypt0.createEncrypt0AAD((_b = this.encodedProtectedHeaders) !== null && _b !== void 0 ? _b : new Uint8Array(), (_c = options === null || options === void 0 ? void 0 : options.externalAAD) !== null && _c !== void 0 ? _c : new Uint8Array()); if (!this.alg || !this.algName || !headers_js_1.EncryptionAlgorithmNames.has(this.alg)) { throw new errors.COSEInvalid(`Unsupported encryption algorithm ${this.alg}`); } const algorithms = options && (0, validate_algorithms_js_1.default)('algorithms', options.algorithms); if (algorithms && !algorithms.has(this.alg)) { throw new errors.COSEAlgNotAllowed(`[${headers_js_1.Headers.Algorithm}] (algorithm) Header Parameter not allowed`); } const iv = this.unprotectedHeaders.get(headers_js_1.Headers.IV); const tag = ciphertextWithTag.slice(-16); const ciphertext = ciphertextWithTag.slice(0, -16); return (0, decrypt_js_1.default)(this.algName, key, ciphertext, iv, tag, aad); } get alg() { return this.protectedHeaders.get(headers_js_1.Headers.Algorithm) || this.unprotectedHeaders.get(headers_js_1.Headers.Algorithm); } get algName() { return this.alg ? headers_js_1.EncryptionAlgorithmNames.get(this.alg) : undefined; } hasSupportedAlg() { return !!this.algName; } static async encrypt(protectedHeaders, unprotectedHeaders, content, key, externalAAD = new Uint8Array()) { const wProtectedHeaders = headers_js_1.EncryptProtectedHeaders.wrap(protectedHeaders); const alg = headers_js_1.EncryptionAlgorithmNames.get(wProtectedHeaders.get(headers_js_1.Headers.Algorithm)); if (!alg) { throw new Error(`The protected header [${headers_js_1.Headers.Algorithm}] (Algorithm) must be valid.`); } const wUnprotectedHeaders = headers_js_1.UnprotectedHeaders.wrap([...(unprotectedHeaders || [])]); let iv = wUnprotectedHeaders.get(headers_js_1.Headers.IV); if (!iv) { iv = (0, iv_js_1.default)(alg); wUnprotectedHeaders.set(headers_js_1.Headers.IV, iv); } const aad = Encrypt0.createEncrypt0AAD(cbor_js_1.encoder.encode(wProtectedHeaders.esMap), externalAAD); const { ciphertext, tag } = await (0, encrypt_js_1.default)(alg, content, key, iv, aad); const r = (0, buffer_utils_js_1.concat)(ciphertext, tag); return new Encrypt0(wProtectedHeaders.esMap, wUnprotectedHeaders.esMap, r); } } exports.Encrypt0 = Encrypt0; Encrypt0.tag = 16; (0, cbor_js_1.addExtension)({ Class: Encrypt0, tag: Encrypt0.tag, encode(instance, encodeFn) { return encodeFn(instance.getContentForEncoding()); }, decode: (data) => { return new Encrypt0(...data); } });