js-crypto-utils/dist/pkcec.js

JavaScript cryptographic utilities for OpenSSL-WebCrypto compatibility including PEM/X509-JWK converter.

"use strict";
/**
 * pkcec.js
 */
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
    o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
var __generator = (this && this.__generator) || function (thisArg, body) {
    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
    function verb(n) { return function (v) { return step([n, v]); }; }
    function step(op) {
        if (f) throw new TypeError("Generator is already executing.");
        while (g && (g = 0, op[0] && (_ = 0)), _) try {
            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
            if (y = 0, t) op = [op[0] & 2, t.value];
            switch (op[0]) {
                case 0: case 1: t = op; break;
                case 4: _.label++; return { value: op[1], done: false };
                case 5: _.label++; y = op[1]; op = [0]; continue;
                case 7: op = _.ops.pop(); _.trys.pop(); continue;
                default:
                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
                    if (t[2]) _.ops.pop();
                    _.trys.pop(); continue;
            }
            op = body.call(thisArg, _);
        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
    }
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.decryptEc = exports.encryptEc = void 0;
var js_crypto_random_1 = __importDefault(require("js-crypto-random"));
var js_crypto_ec_1 = __importDefault(require("js-crypto-ec"));
var js_crypto_hkdf_1 = __importDefault(require("js-crypto-hkdf"));
var js_crypto_aes_1 = __importDefault(require("js-crypto-aes"));
var params = __importStar(require("./params"));
var encryptEc = function (msg, publicKey, _a) {
    var privateKey = _a.privateKey, _b = _a.hash, hash = _b === void 0 ? 'SHA-256' : _b, _c = _a.encrypt, encrypt = _c === void 0 ? 'AES-GCM' : _c, _d = _a.keyLength, keyLength = _d === void 0 ? 32 : _d, _e = _a.info, info = _e === void 0 ? '' : _e;
    return __awaiter(void 0, void 0, void 0, function () {
        var sharedSecret, hkdfOutput, data, iv;
        return __generator(this, function (_f) {
            switch (_f.label) {
                case 0: return [4 /*yield*/, js_crypto_ec_1.default.deriveSecret(publicKey, privateKey)];
                case 1:
                    sharedSecret = _f.sent();
                    return [4 /*yield*/, js_crypto_hkdf_1.default.compute(sharedSecret, hash, keyLength, info)];
                case 2:
                    hkdfOutput = _f.sent();
                    if (!(encrypt !== 'AES-KW')) return [3 /*break*/, 5];
                    return [4 /*yield*/, js_crypto_random_1.default.getRandomBytes(params.ciphers[encrypt].ivLength)];
                case 3:
                    iv = _f.sent();
                    return [4 /*yield*/, js_crypto_aes_1.default.encrypt(msg, hkdfOutput.key, { name: encrypt, iv: iv })];
                case 4:
                    data = _f.sent(); // no specification of tagLength and additionalData
                    return [2 /*return*/, { data: data, salt: hkdfOutput.salt, iv: iv }];
                case 5: return [4 /*yield*/, js_crypto_aes_1.default.wrapKey(msg, hkdfOutput.key, { name: encrypt })];
                case 6:
                    data = _f.sent();
                    return [2 /*return*/, { data: data, salt: hkdfOutput.salt }];
            }
        });
    });
};
exports.encryptEc = encryptEc;
var decryptEc = function (data, privateKey, _a) {
    var publicKey = _a.publicKey, _b = _a.hash, hash = _b === void 0 ? 'SHA-256' : _b, _c = _a.encrypt, encrypt = _c === void 0 ? 'AES-GCM' : _c, _d = _a.keyLength, keyLength = _d === void 0 ? 32 : _d, _e = _a.info, info = _e === void 0 ? '' : _e, salt = _a.salt, iv = _a.iv;
    return __awaiter(void 0, void 0, void 0, function () {
        var sharedSecret, hkdfOutput;
        return __generator(this, function (_f) {
            switch (_f.label) {
                case 0: return [4 /*yield*/, js_crypto_ec_1.default.deriveSecret(publicKey, privateKey)];
                case 1:
                    sharedSecret = _f.sent();
                    return [4 /*yield*/, js_crypto_hkdf_1.default.compute(sharedSecret, hash, keyLength, info, salt)];
                case 2:
                    hkdfOutput = _f.sent();
                    if (encrypt !== 'AES-KW') {
                        return [2 /*return*/, js_crypto_aes_1.default.decrypt(data, hkdfOutput.key, { name: encrypt, iv: iv })]; // no specification of tagLength and additionalData
                    }
                    else {
                        return [2 /*return*/, js_crypto_aes_1.default.unwrapKey(data, hkdfOutput.key, { name: encrypt })];
                    }
                    return [2 /*return*/];
            }
        });
    });
};
exports.decryptEc = decryptEc;
//# sourceMappingURL=pkcec.js.map