Home Explore Help
Register Sign In
chengnan
/
s202226701001
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c2a2f69537
Branches Tags
s202226701001
/
sever-test
/
node_modules
/
jose
/
dist
/
browser
/
runtime
/
pbes2kw.js

pbes2kw.js 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 
  1. import random from './random.js';
    2. 

  2. import { p2s as concatSalt } from '../lib/buffer_utils.js';
    3. 

  3. import { encode as base64url } from './base64url.js';
    4. 

  4. import { wrap, unwrap } from './aeskw.js';
    5. 

  5. import checkP2s from '../lib/check_p2s.js';
    6. 

  6. import crypto, { isCryptoKey } from './webcrypto.js';
    7. 

  7. import { checkEncCryptoKey } from '../lib/crypto_key.js';
    8. 

  8. import invalidKeyInput from '../lib/invalid_key_input.js';
    9. 

  9. import { types } from './is_key_like.js';
    10. 

  10. function getCryptoKey(key, alg) {
    11. 

  11.     if (key instanceof Uint8Array) {
    12. 

  12.         return crypto.subtle.importKey('raw', key, 'PBKDF2', false, ['deriveBits']);
    13. 

  13.     }
    14. 

  14.     if (isCryptoKey(key)) {
    15. 

  15.         checkEncCryptoKey(key, alg, 'deriveBits', 'deriveKey');
    16. 

  16.         return key;
    17. 

  17.     }
    18. 

  18.     throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array'));
    19. 

  19. }
    20. 

  20. async function deriveKey(p2s, alg, p2c, key) {
    21. 

  21.     checkP2s(p2s);
    22. 

  22.     const salt = concatSalt(alg, p2s);
    23. 

  23.     const keylen = parseInt(alg.slice(13, 16), 10);
    24. 

  24.     const subtleAlg = {
    25. 

  25.         hash: `SHA-${alg.slice(8, 11)}`,
    26. 

  26.         iterations: p2c,
    27. 

  27.         name: 'PBKDF2',
    28. 

  28.         salt,
    29. 

  29.     };
    30. 

  30.     const wrapAlg = {
    31. 

  31.         length: keylen,
    32. 

  32.         name: 'AES-KW',
    33. 

  33.     };
    34. 

  34.     const cryptoKey = await getCryptoKey(key, alg);
    35. 

  35.     if (cryptoKey.usages.includes('deriveBits')) {
    36. 

  36.         return new Uint8Array(await crypto.subtle.deriveBits(subtleAlg, cryptoKey, keylen));
    37. 

  37.     }
    38. 

  38.     if (cryptoKey.usages.includes('deriveKey')) {
    39. 

  39.         return crypto.subtle.deriveKey(subtleAlg, cryptoKey, wrapAlg, false, ['wrapKey', 'unwrapKey']);
    40. 

  40.     }
    41. 

  41.     throw new TypeError('PBKDF2 key "usages" must include "deriveBits" or "deriveKey"');
    42. 

  42. }
    43. 

  43. export const encrypt = async (alg, key, cek, p2c = 2048, p2s = random(new Uint8Array(16))) => {
    44. 

  44.     const derived = await deriveKey(p2s, alg, p2c, key);
    45. 

  45.     const encryptedKey = await wrap(alg.slice(-6), derived, cek);
    46. 

  46.     return { encryptedKey, p2c, p2s: base64url(p2s) };
    47. 

  47. };
    48. 

  48. export const decrypt = async (alg, key, encryptedKey, p2c, p2s) => {
    49. 

  49.     const derived = await deriveKey(p2s, alg, p2c, key);
    50. 

  50.     return unwrap(alg.slice(-6), derived, encryptedKey);
    51. 

  51. };
    52.