-
-
Notifications
You must be signed in to change notification settings - Fork 303
/
encrypt.ts
118 lines (106 loc) · 2.73 KB
/
encrypt.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
import { concat, uint64be } from '../../lib/buffer_utils.js'
import type { EncryptFunction } from '../interfaces.d'
import checkIvLength from '../../lib/check_iv_length.js'
import crypto, { checkCryptoKey, isCryptoKey } from './webcrypto.js'
import invalidKeyInput from './invalid_key_input.js'
import { JOSENotSupported } from '../../util/errors.js'
async function cbcEncrypt(
enc: string,
plaintext: Uint8Array,
cek: Uint8Array | CryptoKey,
iv: Uint8Array,
aad: Uint8Array,
) {
if (!(cek instanceof Uint8Array)) {
throw new TypeError(invalidKeyInput(cek, 'Uint8Array'))
}
const keySize = parseInt(enc.substr(1, 3), 10)
const encKey = await crypto.subtle.importKey(
'raw',
cek.subarray(keySize >> 3),
'AES-CBC',
false,
['encrypt'],
)
const macKey = await crypto.subtle.importKey(
'raw',
cek.subarray(0, keySize >> 3),
{
hash: { name: `SHA-${keySize << 1}` },
name: 'HMAC',
},
false,
['sign'],
)
const ciphertext = new Uint8Array(
await crypto.subtle.encrypt(
{
iv,
name: 'AES-CBC',
},
encKey,
plaintext,
),
)
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3))
const tag = new Uint8Array(
(await crypto.subtle.sign('HMAC', macKey, macData)).slice(0, keySize >> 3),
)
return { ciphertext, tag }
}
async function gcmEncrypt(
enc: string,
plaintext: Uint8Array,
cek: Uint8Array | CryptoKey,
iv: Uint8Array,
aad: Uint8Array,
) {
let encKey: CryptoKey
if (cek instanceof Uint8Array) {
encKey = await crypto.subtle.importKey('raw', cek, 'AES-GCM', false, ['encrypt'])
} else {
checkCryptoKey(cek, enc, 'encrypt')
encKey = cek
}
const encrypted = new Uint8Array(
await crypto.subtle.encrypt(
{
// @deno-expect-error
additionalData: aad,
iv,
name: 'AES-GCM',
tagLength: 128,
},
encKey,
plaintext,
),
)
const tag = encrypted.slice(-16)
const ciphertext = encrypted.slice(0, -16)
return { ciphertext, tag }
}
const encrypt: EncryptFunction = async (
enc: string,
plaintext: Uint8Array,
cek: unknown,
iv: Uint8Array,
aad: Uint8Array,
) => {
if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
throw new TypeError(invalidKeyInput(cek, 'CryptoKey', 'Uint8Array'))
}
checkIvLength(enc, iv)
switch (enc) {
case 'A128CBC-HS256':
case 'A192CBC-HS384':
case 'A256CBC-HS512':
return cbcEncrypt(enc, plaintext, <Uint8Array>cek, iv, aad)
case 'A128GCM':
case 'A192GCM':
case 'A256GCM':
return gcmEncrypt(enc, plaintext, cek, iv, aad)
default:
throw new JOSENotSupported('Unsupported JWE Content Encryption Algorithm')
}
}
export default encrypt