UNPKG

jose

Version:

Universal 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies

github.com/panva/jose

panva/jose

51 lines (50 loc) 1.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import { createDecipheriv, createCipheriv, getCiphers } from 'crypto'; import { JOSENotSupported } from '../util/errors.js'; import { concat } from '../lib/buffer_utils.js'; import getSecretKey from './secret_key.js'; import { isCryptoKey, getKeyObject } from './webcrypto.js'; function checkKeySize(key, alg) { if (key.symmetricKeySize << 3 !== parseInt(alg.substr(1, 3), 10)) { throw new TypeError(`invalid key size for alg: ${alg}`); } } export const wrap = async (alg, key, cek) => { const size = parseInt(alg.substr(1, 3), 10); const algorithm = `aes${size}-wrap`; if (!getCiphers().includes(algorithm)) { throw new JOSENotSupported(`alg ${alg} is unsupported either by JOSE or your javascript runtime`); } let keyObject; if (key instanceof Uint8Array) { keyObject = getSecretKey(key); } else if (isCryptoKey(key)) { keyObject = getKeyObject(key); } else { keyObject = key; } checkKeySize(keyObject, alg); const cipher = createCipheriv(algorithm, keyObject, Buffer.alloc(8, 0xa6)); return concat(cipher.update(cek), cipher.final()); }; export const unwrap = async (alg, key, encryptedKey) => { const size = parseInt(alg.substr(1, 3), 10); const algorithm = `aes${size}-wrap`; if (!getCiphers().includes(algorithm)) { throw new JOSENotSupported(`alg ${alg} is unsupported either by JOSE or your javascript runtime`); } let keyObject; if (key instanceof Uint8Array) { keyObject = getSecretKey(key); } else if (isCryptoKey(key)) { keyObject = getKeyObject(key); } else { keyObject = key; } checkKeySize(keyObject, alg); const cipher = createDecipheriv(algorithm, keyObject, Buffer.alloc(8, 0xa6)); return concat(cipher.update(encryptedKey), cipher.final()); };