UNPKG

tink-crypto

Version:

A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

github.com/google/tink

97 lines • 10.5 kB

JavaScript

/** * @license * Copyright 2020 Google LLC * SPDX-License-Identifier: Apache-2.0 */ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; import { InvalidArgumentsException } from '../exception/invalid_arguments_exception'; import { Mac } from '../mac/internal/mac'; import * as Bytes from './bytes'; import * as Validators from './validators'; /** * The minimum tag size. * */ const MIN_TAG_SIZE_IN_BYTES = 10; /** * Implementation of HMAC. * * @final */ export class Hmac extends Mac { /** * @param hash accepted names are SHA-1, SHA-256 and SHA-512 * @param tagSize the size of the tag */ constructor(hash, key, tagSize) { super(); this.hash = hash; this.key = key; this.tagSize = tagSize; } /** */ computeMac(data) { return __awaiter(this, void 0, void 0, function* () { Validators.requireUint8Array(data); const tag = yield self.crypto.subtle.sign({ 'name': 'HMAC', 'hash': { 'name': this.hash } }, this.key, data); return new Uint8Array(tag.slice(0, this.tagSize)); }); } /** */ verifyMac(tag, data) { return __awaiter(this, void 0, void 0, function* () { Validators.requireUint8Array(tag); Validators.requireUint8Array(data); const computedTag = yield this.computeMac(data); return Bytes.isEqual(tag, computedTag); }); } } /** * @param hash accepted names are SHA-1, SHA-256 and SHA-512 * @param tagSize the size of the tag */ export function fromRawKey(hash, key, tagSize) { return __awaiter(this, void 0, void 0, function* () { Validators.requireUint8Array(key); if (!Number.isInteger(tagSize)) { throw new InvalidArgumentsException('invalid tag size, must be an integer'); } if (tagSize < MIN_TAG_SIZE_IN_BYTES) { throw new InvalidArgumentsException('tag too short, must be at least ' + MIN_TAG_SIZE_IN_BYTES + ' bytes'); } switch (hash) { case 'SHA-1': if (tagSize > 20) { throw new InvalidArgumentsException('tag too long, must not be larger than 20 bytes'); } break; case 'SHA-256': if (tagSize > 32) { throw new InvalidArgumentsException('tag too long, must not be larger than 32 bytes'); } break; case 'SHA-512': if (tagSize > 64) { throw new InvalidArgumentsException('tag too long, must not be larger than 64 bytes'); } break; default: throw new InvalidArgumentsException(hash + ' is not supported'); } // TODO(b/115974209): Add check that key.length > 16. const cryptoKey = yield self.crypto.subtle.importKey('raw', key, { 'name': 'HMAC', 'hash': { 'name': hash }, 'length': key.length * 8 }, false, ['sign', 'verify']); return new Hmac(hash, cryptoKey, tagSize); }); } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaG1hYy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3N1YnRsZS9obWFjLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7O0dBSUc7Ozs7Ozs7Ozs7QUFFSCxPQUFPLEVBQUMseUJBQXlCLEVBQUMsTUFBTSwwQ0FBMEMsQ0FBQztBQUNuRixPQUFPLEVBQUMsR0FBRyxFQUFDLE1BQU0scUJBQXFCLENBQUM7QUFFeEMsT0FBTyxLQUFLLEtBQUssTUFBTSxTQUFTLENBQUM7QUFDakMsT0FBTyxLQUFLLFVBQVUsTUFBTSxjQUFjLENBQUM7QUFFM0M7OztHQUdHO0FBQ0gsTUFBTSxxQkFBcUIsR0FBVyxFQUFFLENBQUM7QUFFekM7Ozs7R0FJRztBQUNILE1BQU0sT0FBTyxJQUFLLFNBQVEsR0FBRztJQUMzQjs7O09BR0c7SUFDSCxZQUNxQixJQUFZLEVBQW1CLEdBQWMsRUFDN0MsT0FBZTtRQUNsQyxLQUFLLEVBQUUsQ0FBQztRQUZXLFNBQUksR0FBSixJQUFJLENBQVE7UUFBbUIsUUFBRyxHQUFILEdBQUcsQ0FBVztRQUM3QyxZQUFPLEdBQVAsT0FBTyxDQUFRO0lBRXBDLENBQUM7SUFFRDtPQUNHO0lBQ0csVUFBVSxDQUFDLElBQWdCOztZQUMvQixVQUFVLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDbkMsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ3JDLEVBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsRUFBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBQyxFQUFDLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsQ0FBQztZQUNuRSxPQUFPLElBQUksVUFBVSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBQ3BELENBQUM7S0FBQTtJQUVEO09BQ0c7SUFDRyxTQUFTLENBQUMsR0FBZSxFQUFFLElBQWdCOztZQUMvQyxVQUFVLENBQUMsaUJBQWlCLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDbEMsVUFBVSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ25DLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUNoRCxPQUFPLEtBQUssQ0FBQyxPQUFPLENBQUMsR0FBRyxFQUFFLFdBQVcsQ0FBQyxDQUFDO1FBQ3pDLENBQUM7S0FBQTtDQUNGO0FBRUQ7OztHQUdHO0FBQ0gsTUFBTSxVQUFnQixVQUFVLENBQzVCLElBQVksRUFBRSxHQUFlLEVBQUUsT0FBZTs7UUFDaEQsVUFBVSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQzlCLE1BQU0sSUFBSSx5QkFBeUIsQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO1NBQzdFO1FBQ0QsSUFBSSxPQUFPLEdBQUcscUJBQXFCLEVBQUU7WUFDbkMsTUFBTSxJQUFJLHlCQUF5QixDQUMvQixrQ0FBa0MsR0FBRyxxQkFBcUIsR0FBRyxRQUFRLENBQUMsQ0FBQztTQUM1RTtRQUNELFFBQVEsSUFBSSxFQUFFO1lBQ1osS0FBSyxPQUFPO2dCQUNWLElBQUksT0FBTyxHQUFHLEVBQUUsRUFBRTtvQkFDaEIsTUFBTSxJQUFJLHlCQUF5QixDQUMvQixnREFBZ0QsQ0FBQyxDQUFDO2lCQUN2RDtnQkFDRCxNQUFNO1lBQ1IsS0FBSyxTQUFTO2dCQUNaLElBQUksT0FBTyxHQUFHLEVBQUUsRUFBRTtvQkFDaEIsTUFBTSxJQUFJLHlCQUF5QixDQUMvQixnREFBZ0QsQ0FBQyxDQUFDO2lCQUN2RDtnQkFDRCxNQUFNO1lBQ1IsS0FBSyxTQUFTO2dCQUNaLElBQUksT0FBTyxHQUFHLEVBQUUsRUFBRTtvQkFDaEIsTUFBTSxJQUFJLHlCQUF5QixDQUMvQixnREFBZ0QsQ0FBQyxDQUFDO2lCQUN2RDtnQkFDRCxNQUFNO1lBQ1I7Z0JBQ0UsTUFBTSxJQUFJLHlCQUF5QixDQUFDLElBQUksR0FBRyxtQkFBbUIsQ0FBQyxDQUFDO1NBQ25FO1FBRUQscURBQXFEO1FBQ3JELE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUNoRCxLQUFLLEVBQUUsR0FBRyxFQUNWLEVBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsRUFBQyxNQUFNLEVBQUUsSUFBSSxFQUFDLEVBQUUsUUFBUSxFQUFFLEdBQUcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFDLEVBQUUsS0FBSyxFQUN6RSxDQUFDLE1BQU0sRUFBRSxRQUFRLENBQUMsQ0FBQyxDQUFDO1FBQ3hCLE9BQU8sSUFBSSxJQUFJLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUM1QyxDQUFDO0NBQUEiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIEBsaWNlbnNlXG4gKiBDb3B5cmlnaHQgMjAyMCBHb29nbGUgTExDXG4gKiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuICovXG5cbmltcG9ydCB7SW52YWxpZEFyZ3VtZW50c0V4Y2VwdGlvbn0gZnJvbSAnLi4vZXhjZXB0aW9uL2ludmFsaWRfYXJndW1lbnRzX2V4Y2VwdGlvbic7XG5pbXBvcnQge01hY30gZnJvbSAnLi4vbWFjL2ludGVybmFsL21hYyc7XG5cbmltcG9ydCAqIGFzIEJ5dGVzIGZyb20gJy4vYnl0ZXMnO1xuaW1wb3J0ICogYXMgVmFsaWRhdG9ycyBmcm9tICcuL3ZhbGlkYXRvcnMnO1xuXG4vKipcbiAqIFRoZSBtaW5pbXVtIHRhZyBzaXplLlxuICpcbiAqL1xuY29uc3QgTUlOX1RBR19TSVpFX0lOX0JZVEVTOiBudW1iZXIgPSAxMDtcblxuLyoqXG4gKiBJbXBsZW1lbnRhdGlvbiBvZiBITUFDLlxuICpcbiAqIEBmaW5hbFxuICovXG5leHBvcnQgY2xhc3MgSG1hYyBleHRlbmRzIE1hYyB7XG4gIC8qKlxuICAgKiBAcGFyYW0gaGFzaCBhY2NlcHRlZCBuYW1lcyBhcmUgU0hBLTEsIFNIQS0yNTYgYW5kIFNIQS01MTJcbiAgICogQHBhcmFtIHRhZ1NpemUgdGhlIHNpemUgb2YgdGhlIHRhZ1xuICAgKi9cbiAgY29uc3RydWN0b3IoXG4gICAgICBwcml2YXRlIHJlYWRvbmx5IGhhc2g6IHN0cmluZywgcHJpdmF0ZSByZWFkb25seSBrZXk6IENyeXB0b0tleSxcbiAgICAgIHByaXZhdGUgcmVhZG9ubHkgdGFnU2l6ZTogbnVtYmVyKSB7XG4gICAgc3VwZXIoKTtcbiAgfVxuXG4gIC8qKlxuICAgKi9cbiAgYXN5bmMgY29tcHV0ZU1hYyhkYXRhOiBVaW50OEFycmF5KTogUHJvbWlzZTxVaW50OEFycmF5PiB7XG4gICAgVmFsaWRhdG9ycy5yZXF1aXJlVWludDhBcnJheShkYXRhKTtcbiAgICBjb25zdCB0YWcgPSBhd2FpdCBzZWxmLmNyeXB0by5zdWJ0bGUuc2lnbihcbiAgICAgICAgeyduYW1lJzogJ0hNQUMnLCAnaGFzaCc6IHsnbmFtZSc6IHRoaXMuaGFzaH19LCB0aGlzLmtleSwgZGF0YSk7XG4gICAgcmV0dXJuIG5ldyBVaW50OEFycmF5KHRhZy5zbGljZSgwLCB0aGlzLnRhZ1NpemUpKTtcbiAgfVxuXG4gIC8qKlxuICAgKi9cbiAgYXN5bmMgdmVyaWZ5TWFjKHRhZzogVWludDhBcnJheSwgZGF0YTogVWludDhBcnJheSk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICAgIFZhbGlkYXRvcnMucmVxdWlyZVVpbnQ4QXJyYXkodGFnKTtcbiAgICBWYWxpZGF0b3JzLnJlcXVpcmVVaW50OEFycmF5KGRhdGEpO1xuICAgIGNvbnN0IGNvbXB1dGVkVGFnID0gYXdhaXQgdGhpcy5jb21wdXRlTWFjKGRhdGEpO1xuICAgIHJldHVybiBCeXRlcy5pc0VxdWFsKHRhZywgY29tcHV0ZWRUYWcpO1xuICB9XG59XG5cbi8qKlxuICogQHBhcmFtIGhhc2ggYWNjZXB0ZWQgbmFtZXMgYXJlIFNIQS0xLCBTSEEtMjU2IGFuZCBTSEEtNTEyXG4gKiBAcGFyYW0gdGFnU2l6ZSB0aGUgc2l6ZSBvZiB0aGUgdGFnXG4gKi9cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBmcm9tUmF3S2V5KFxuICAgIGhhc2g6IHN0cmluZywga2V5OiBVaW50OEFycmF5LCB0YWdTaXplOiBudW1iZXIpOiBQcm9taXNlPE1hYz4ge1xuICBWYWxpZGF0b3JzLnJlcXVpcmVVaW50OEFycmF5KGtleSk7XG4gIGlmICghTnVtYmVyLmlzSW50ZWdlcih0YWdTaXplKSkge1xuICAgIHRocm93IG5ldyBJbnZhbGlkQXJndW1lbnRzRXhjZXB0aW9uKCdpbnZhbGlkIHRhZyBzaXplLCBtdXN0IGJlIGFuIGludGVnZXInKTtcbiAgfVxuICBpZiAodGFnU2l6ZSA8IE1JTl9UQUdfU0laRV9JTl9CWVRFUykge1xuICAgIHRocm93IG5ldyBJbnZhbGlkQXJndW1lbnRzRXhjZXB0aW9uKFxuICAgICAgICAndGFnIHRvbyBzaG9ydCwgbXVzdCBiZSBhdCBsZWFzdCAnICsgTUlOX1RBR19TSVpFX0lOX0JZVEVTICsgJyBieXRlcycpO1xuICB9XG4gIHN3aXRjaCAoaGFzaCkge1xuICAgIGNhc2UgJ1NIQS0xJzpcbiAgICAgIGlmICh0YWdTaXplID4gMjApIHtcbiAgICAgICAgdGhyb3cgbmV3IEludmFsaWRBcmd1bWVudHNFeGNlcHRpb24oXG4gICAgICAgICAgICAndGFnIHRvbyBsb25nLCBtdXN0IG5vdCBiZSBsYXJnZXIgdGhhbiAyMCBieXRlcycpO1xuICAgICAgfVxuICAgICAgYnJlYWs7XG4gICAgY2FzZSAnU0hBLTI1Nic6XG4gICAgICBpZiAodGFnU2l6ZSA+IDMyKSB7XG4gICAgICAgIHRocm93IG5ldyBJbnZhbGlkQXJndW1lbnRzRXhjZXB0aW9uKFxuICAgICAgICAgICAgJ3RhZyB0b28gbG9uZywgbXVzdCBub3QgYmUgbGFyZ2VyIHRoYW4gMzIgYnl0ZXMnKTtcbiAgICAgIH1cbiAgICAgIGJyZWFrO1xuICAgIGNhc2UgJ1NIQS01MTInOlxuICAgICAgaWYgKHRhZ1NpemUgPiA2NCkge1xuICAgICAgICB0aHJvdyBuZXcgSW52YWxpZEFyZ3VtZW50c0V4Y2VwdGlvbihcbiAgICAgICAgICAgICd0YWcgdG9vIGxvbmcsIG11c3Qgbm90IGJlIGxhcmdlciB0aGFuIDY0IGJ5dGVzJyk7XG4gICAgICB9XG4gICAgICBicmVhaztcbiAgICBkZWZhdWx0OlxuICAgICAgdGhyb3cgbmV3IEludmFsaWRBcmd1bWVudHNFeGNlcHRpb24oaGFzaCArICcgaXMgbm90IHN1cHBvcnRlZCcpO1xuICB9XG5cbiAgLy8gVE9ETyhiLzExNTk3NDIwOSk6IEFkZCBjaGVjayB0aGF0IGtleS5sZW5ndGggPiAxNi5cbiAgY29uc3QgY3J5cHRvS2V5ID0gYXdhaXQgc2VsZi5jcnlwdG8uc3VidGxlLmltcG9ydEtleShcbiAgICAgICdyYXcnLCBrZXksXG4gICAgICB7J25hbWUnOiAnSE1BQycsICdoYXNoJzogeyduYW1lJzogaGFzaH0sICdsZW5ndGgnOiBrZXkubGVuZ3RoICogOH0sIGZhbHNlLFxuICAgICAgWydzaWduJywgJ3ZlcmlmeSddKTtcbiAgcmV0dXJuIG5ldyBIbWFjKGhhc2gsIGNyeXB0b0tleSwgdGFnU2l6ZSk7XG59XG4iXX0=