UNPKG

jose

Version:

Universal 'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK with no dependencies

github.com/panva/jose

panva/jose

55 lines (54 loc) 1.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import { publicEncrypt, constants, privateDecrypt } from 'crypto'; import checkModulusLength from './check_modulus_length.js'; import { isCryptoKey, getKeyObject } from './webcrypto.js'; const checkKey = (key, alg) => { if (key.type === 'secret' || key.asymmetricKeyType !== 'rsa') { throw new TypeError('invalid key type or asymmetric key type for this operation'); } checkModulusLength(key, alg); }; const resolvePadding = (alg) => { switch (alg) { case 'RSA-OAEP': case 'RSA-OAEP-256': case 'RSA-OAEP-384': case 'RSA-OAEP-512': return constants.RSA_PKCS1_OAEP_PADDING; case 'RSA1_5': return constants.RSA_PKCS1_PADDING; default: return undefined; } }; const resolveOaepHash = (alg) => { switch (alg) { case 'RSA-OAEP': return 'sha1'; case 'RSA-OAEP-256': return 'sha256'; case 'RSA-OAEP-384': return 'sha384'; case 'RSA-OAEP-512': return 'sha512'; default: return undefined; } }; export const encrypt = async (alg, key, cek) => { const padding = resolvePadding(alg); const oaepHash = resolveOaepHash(alg); if (isCryptoKey(key)) { key = getKeyObject(key); } checkKey(key, alg); return publicEncrypt({ key, oaepHash, padding }, cek); }; export const decrypt = async (alg, key, encryptedKey) => { const padding = resolvePadding(alg); const oaepHash = resolveOaepHash(alg); if (isCryptoKey(key)) { key = getKeyObject(key); } checkKey(key, alg); return privateDecrypt({ key, oaepHash, padding }, encryptedKey); };