UNPKG

libp2p-crypto

Version:

Crypto primitives for libp2p

github.com/libp2p/js-libp2p-crypto

libp2p/js-libp2p-crypto

122 lines (104 loc) 3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
'use strict' const errcode = require('err-code') const webcrypto = require('../webcrypto') const { base64urlToBuffer } = require('../util') const validateCurveType = require('./validate-curve-type') const { toString: uint8ArrayToString } = require('uint8arrays/to-string') const { concat: uint8ArrayConcat } = require('uint8arrays/concat') const { equals: uint8ArrayEquals } = require('uint8arrays/equals') const bits = { 'P-256': 256, 'P-384': 384, 'P-521': 521 } exports.generateEphmeralKeyPair = async function (curve) { validateCurveType(Object.keys(bits), curve) const pair = await webcrypto.get().subtle.generateKey( { name: 'ECDH', namedCurve: curve }, true, ['deriveBits'] ) // forcePrivate is used for testing only const genSharedKey = async (theirPub, forcePrivate) => { let privateKey if (forcePrivate) { privateKey = await webcrypto.get().subtle.importKey( 'jwk', unmarshalPrivateKey(curve, forcePrivate), { name: 'ECDH', namedCurve: curve }, false, ['deriveBits'] ) } else { privateKey = pair.privateKey } const keys = [ await webcrypto.get().subtle.importKey( 'jwk', unmarshalPublicKey(curve, theirPub), { name: 'ECDH', namedCurve: curve }, false, [] ), privateKey ] const buffer = await webcrypto.get().subtle.deriveBits( { name: 'ECDH', namedCurve: curve, public: keys[0] }, keys[1], bits[curve] ) return new Uint8Array(buffer, buffer.byteOffset, buffer.byteLength) } const publicKey = await webcrypto.get().subtle.exportKey('jwk', pair.publicKey) return { key: marshalPublicKey(publicKey), genSharedKey } } const curveLengths = { 'P-256': 32, 'P-384': 48, 'P-521': 66 } // Marshal converts a jwk encodec ECDH public key into the // form specified in section 4.3.6 of ANSI X9.62. (This is the format // go-ipfs uses) function marshalPublicKey (jwk) { const byteLen = curveLengths[jwk.crv] return uint8ArrayConcat([ Uint8Array.from([4]), // uncompressed point base64urlToBuffer(jwk.x, byteLen), base64urlToBuffer(jwk.y, byteLen) ], 1 + byteLen * 2) } // Unmarshal converts a point, serialized by Marshal, into an jwk encoded key function unmarshalPublicKey (curve, key) { const byteLen = curveLengths[curve] if (uint8ArrayEquals(!key.slice(0, 1), Uint8Array.from([4]))) { throw errcode(new Error('Cannot unmarshal public key - invalid key format'), 'ERR_INVALID_KEY_FORMAT') } return { kty: 'EC', crv: curve, x: uint8ArrayToString(key.slice(1, byteLen + 1), 'base64url'), y: uint8ArrayToString(key.slice(1 + byteLen), 'base64url'), ext: true } } const unmarshalPrivateKey = (curve, key) => ({ ...unmarshalPublicKey(curve, key.public), d: uint8ArrayToString(key.private, 'base64url') })