UNPKG

tidecloak-js

Version:

TideCloak client side JS SDK

tide.org

tide-foundation/tidecloak-js

117 lines (110 loc) 3.56 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
// // Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm // Copyright (C) 2022 Tide Foundation Ltd // // This program is free software and is subject to the terms of // the Tide Community Open Code License as published by the // Tide Foundation Limited. You may modify it and redistribute // it in accordance with and subject to the terms of that License. // This program is distributed WITHOUT WARRANTY of any kind, // including without any implied warranty of MERCHANTABILITY or // FITNESS FOR A PARTICULAR PURPOSE. // See the Tide Community Open Code License for more details. // You should have received a copy of the Tide Community Open // Code License along with this program. // If not, see https://tide.org/licenses_tcoc2-0-0-en // import { base64ToBytes, BigIntToByteArray, bytesToBase64, ConcatUint8Arrays } from "../Serialization.js"; const enc = new TextEncoder(); const dec = new TextDecoder(); /** * * @param {Uint8Array} rawKey * @param {Iterable} keyUsage * @returns */ export function createAESKey(rawKey, keyUsage) { return window.crypto.subtle.importKey( "raw", rawKey, "AES-GCM", true, keyUsage ); } /** * @param {string|Uint8Array} secretData * @param {Uint8Array|bigint|string} key * @returns */ export async function encryptData(secretData, key) { var aesKey; if (key instanceof Uint8Array) { aesKey = key; } else if(typeof(key) === 'string'){ aesKey = enc.encode(key); } else if(typeof(key) === 'bigint'){ aesKey = BigIntToByteArray(key); }else{ throw Error("Unsupported key type"); } const encoded = typeof (secretData) === 'string' ? enc.encode(secretData) : secretData; const encrypted = await encryptDataRawOutput(encoded, aesKey); return bytesToBase64(encrypted); } /** * @param {Uint8Array} encodedData * @param {Uint8Array} aesKey * @returns */ export async function encryptDataRawOutput(encodedData, aesKey){ const cryptoKey = await createAESKey(aesKey, ["encrypt"]); // iv will be needed for decryption const iv = window.crypto.getRandomValues(new Uint8Array(12)); const encryptedBuffer = await window.crypto.subtle.encrypt( { name: "AES-GCM", iv: iv }, cryptoKey, encodedData ); const buff = ConcatUint8Arrays([iv, new Uint8Array(encryptedBuffer)]); return buff; } /** * @param {string} encryptedData * @param {Uint8Array|bigint|string} key * @returns */ export async function decryptData(encryptedData, key) { var aesKey; if (key instanceof Uint8Array) { aesKey = key; } else if(typeof(key) === 'string'){ aesKey = enc.encode(key); } else if(typeof(key) === 'bigint'){ aesKey = BigIntToByteArray(key); } else{ throw Error("Unsupported key type"); } const encryptedDataBuff = base64ToBytes(encryptedData); const decryptedContent = await decryptDataRawOutput(encryptedDataBuff, aesKey) return dec.decode(decryptedContent); } /** * @param {Uint8Array} encryptedData * @param {Uint8Array} key 32 bytes */ export async function decryptDataRawOutput(encryptedData, key){ const aesKey = await createAESKey(key, ["decrypt"]); const iv = encryptedData.slice(0, 12); const data = encryptedData.slice(12); const decryptedContent = await window.crypto.subtle.decrypt( { name: "AES-GCM", iv: iv, }, aesKey, data ); return new Uint8Array(decryptedContent); }