@gjsify/webcrypto 0.3.20 → 0.3.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/esm/crypto-key.js +1 -1
- package/lib/esm/index.js +1 -1
- package/lib/esm/subtle.js +1 -1
- package/lib/esm/util.js +1 -1
- package/package.json +4 -4
package/lib/esm/crypto-key.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var CryptoKey=class{type;extractable;algorithm;usages;_handle;constructor(e,t,n,r,i){this.type=e,this.extractable=t,this.algorithm=Object.freeze({...n}),this.usages=Object.freeze([...r]),this._handle=i}get[Symbol.toStringTag](){return`CryptoKey`}};export{CryptoKey};
|
package/lib/esm/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{CryptoKey as e}from"./crypto-key.js";import{SubtleCrypto as t}from"./subtle.js";const n=globalThis.crypto===void 0?null:globalThis.crypto;var
|
|
1
|
+
import{CryptoKey as e}from"./crypto-key.js";import{SubtleCrypto as t}from"./subtle.js";const n=globalThis.crypto===void 0?null:globalThis.crypto;var CryptoPolyfill=class{subtle=new t;getRandomValues(e){if(!(e instanceof Int8Array||e instanceof Uint8Array||e instanceof Int16Array||e instanceof Uint16Array||e instanceof Int32Array||e instanceof Uint32Array||e instanceof Uint8ClampedArray||e instanceof BigInt64Array||e instanceof BigUint64Array))throw new DOMException(`The provided value is not of type '(Int8Array or Int16Array or Int32Array or Uint8Array or Uint8ClampedArray or Uint16Array or Uint32Array or BigInt64Array or BigUint64Array)'`,`TypeMismatchError`);if(e.byteLength>65536)throw new DOMException(`The ArrayBufferView's byte length exceeds the number of bytes of entropy available via this API (65536)`,`QuotaExceededError`);let t=new Uint8Array(e.buffer,e.byteOffset,e.byteLength);if(n&&typeof n.getRandomValues==`function`)n.getRandomValues(t);else for(let e=0;e<t.length;e++)t[e]=Math.floor(Math.random()*256);return e}randomUUID(){if(n&&typeof n.randomUUID==`function`)return n.randomUUID();let e=new Uint8Array(16);this.getRandomValues(e),e[6]=e[6]&15|64,e[8]=e[8]&63|128;let t=Array.from(e,e=>e.toString(16).padStart(2,`0`)).join(``);return`${t.slice(0,8)}-${t.slice(8,12)}-${t.slice(12,16)}-${t.slice(16,20)}-${t.slice(20)}`}};const r=n!==null&&n.subtle!==void 0&&typeof n.subtle.digest==`function`,i=r?n:new CryptoPolyfill,a=r?n.subtle:new t;export{CryptoPolyfill as Crypto,e as CryptoKey,t as SubtleCrypto,i as crypto,i as default,a as subtle};
|
package/lib/esm/subtle.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{CryptoKey as e}from"./crypto-key.js";import{base64urlDecode as t,base64urlEncode as n,checkUsage as r,hashSize as i,normalizeAlgorithm as a,toNodeCurveName as o,toNodeHashName as s,toUint8Array as c,validateUsages as l}from"./util.js";let u=!1,d,f,p,m,h,g,_,v,y,b,x,S,C,w,T,E;async function D(){if(u)return;let e=await import(`crypto`);d=e.createHash,f=e.createHmac,p=e.createCipheriv,m=e.createDecipheriv,h=e.createSign,g=e.createVerify,_=e.pbkdf2Sync,v=e.hkdfSync,y=e.createECDH,b=e.randomBytes,e.publicEncrypt,e.privateDecrypt,e.createPublicKey,e.createPrivateKey,x=e.ecdsaSign,S=e.ecdsaVerify,C=e.rsaPssSign,w=e.rsaPssVerify,T=e.rsaOaepEncrypt,E=e.rsaOaepDecrypt,u=!0}const O=D();var k=class{async digest(e,t){await O;let n=s(a(e).name),r=c(t),i=d(n);i.update(r);let o=i.digest();return o.buffer.slice(o.byteOffset,o.byteOffset+o.byteLength)}async generateKey(t,n,r){await O;let s=a(t);switch(s.name.toUpperCase()){case`AES-CBC`:case`AES-CTR`:case`AES-GCM`:{let i=t.length;if(![128,192,256].includes(i))throw new DOMException(`Invalid AES key length: ${i}`,`OperationError`);l(r,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]);let a=b(i/8);return new e(`secret`,n,{name:s.name,length:i},r,new Uint8Array(a))}case`HMAC`:{let o=t,s=a(o.hash),c=o.length||i(s.name)*8;l(r,[`sign`,`verify`]);let u=b(Math.ceil(c/8));return new e(`secret`,n,{name:`HMAC`,hash:{name:s.name},length:c},r,new Uint8Array(u))}case`ECDH`:{let i=t.namedCurve,a=o(i);l(r,[`deriveKey`,`deriveBits`]);let s=y(a);s.generateKeys();let c=new Uint8Array(s.getPublicKey()),u=new Uint8Array(s.getPrivateKey());return{publicKey:new e(`public`,!0,{name:`ECDH`,namedCurve:i},[],c),privateKey:new e(`private`,n,{name:`ECDH`,namedCurve:i},r,{pub:c,priv:u})}}case`ECDSA`:{let i=t.namedCurve,a=o(i);l(r,[`sign`,`verify`]);let s=y(a);s.generateKeys();let c=new Uint8Array(s.getPublicKey()),u=new Uint8Array(s.getPrivateKey());return{publicKey:new e(`public`,!0,{name:`ECDSA`,namedCurve:i},[`verify`],c),privateKey:new e(`private`,n,{name:`ECDSA`,namedCurve:i},[`sign`],{pub:c,priv:u})}}default:throw new DOMException(`Unsupported algorithm: ${s.name}`,`NotSupportedError`)}}async importKey(n,r,i,o,s){await O;let u=a(i),d=u.name.toUpperCase();switch(d){case`AES-CBC`:case`AES-CTR`:case`AES-GCM`:if(n===`raw`){let t=c(r);if(![16,24,32].includes(t.length))throw new DOMException(`Invalid AES key length: ${t.length*8}`,`DataError`);return l(s,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]),new e(`secret`,o,{name:u.name,length:t.length*8},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`oct`)throw new DOMException(`JWK kty must be "oct"`,`DataError`);let i=t(n.k);if(![16,24,32].includes(i.length))throw new DOMException(`Invalid AES key length: ${i.length*8}`,`DataError`);return l(s,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]),new e(`secret`,o,{name:u.name,length:i.length*8},s,i)}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`HMAC`:{let u=a(i.hash);if(n===`raw`){let t=c(r);return l(s,[`sign`,`verify`]),new e(`secret`,o,{name:`HMAC`,hash:{name:u.name},length:t.length*8},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`oct`)throw new DOMException(`JWK kty must be "oct"`,`DataError`);let i=t(n.k);return l(s,[`sign`,`verify`]),new e(`secret`,o,{name:`HMAC`,hash:{name:u.name},length:i.length*8},s,i)}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`)}case`PBKDF2`:if(n===`raw`){let t=c(r);return l(s,[`deriveKey`,`deriveBits`]),new e(`secret`,!1,{name:`PBKDF2`},s,new Uint8Array(t))}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`HKDF`:if(n===`raw`){let t=c(r);return l(s,[`deriveKey`,`deriveBits`]),new e(`secret`,!1,{name:`HKDF`},s,new Uint8Array(t))}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`ECDH`:case`ECDSA`:{let a=i.namedCurve;if(n===`raw`){let t=c(r);return d===`ECDH`?s.length>0&&l(s,[`deriveKey`,`deriveBits`]):l(s,[`verify`]),new e(`public`,o,{name:u.name,namedCurve:a},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`EC`)throw new DOMException(`JWK kty must be "EC"`,`DataError`);if(n.d){let r=t(n.d),i=t(n.x),c=t(n.y),f=new Uint8Array(1+i.length+c.length);return f[0]=4,f.set(i,1),f.set(c,1+i.length),l(s,d===`ECDH`?[`deriveKey`,`deriveBits`]:[`sign`]),new e(`private`,o,{name:u.name,namedCurve:a},s,{pub:f,priv:r})}else{let r=t(n.x),i=t(n.y),c=new Uint8Array(1+r.length+i.length);return c[0]=4,c.set(r,1),c.set(i,1+r.length),d===`ECDH`?s.length>0&&l(s,[`deriveKey`,`deriveBits`]):l(s,[`verify`]),new e(`public`,o,{name:u.name,namedCurve:a},s,c)}}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`)}default:throw new DOMException(`Unsupported algorithm: ${u.name}`,`NotSupportedError`)}}async exportKey(e,t){if(!t.extractable)throw new DOMException(`Key is not extractable`,`InvalidAccessError`);let r=t.algorithm.name.toUpperCase();if(e===`raw`){if(t.type===`secret`){let e=t._handle;return e.buffer.slice(e.byteOffset,e.byteOffset+e.byteLength)}if(t.type===`public`&&(r===`ECDH`||r===`ECDSA`)){let e=t._handle;return e.buffer.slice(e.byteOffset,e.byteOffset+e.byteLength)}throw new DOMException(`Cannot export in raw format`,`InvalidAccessError`)}if(e===`jwk`){if(t.type===`secret`){let e=t._handle,i={kty:`oct`,k:n(e),ext:t.extractable,key_ops:[...t.usages]};return r.startsWith(`AES-`)?i.alg=`A${t.algorithm.length}${r.replace(`AES-`,``)}`:r===`HMAC`&&(i.alg=`HS${t.algorithm.hash.name.replace(`SHA-`,``)}`),i}if((r===`ECDH`||r===`ECDSA`)&&(t.type===`public`||t.type===`private`)){let e=t.algorithm.namedCurve,r;r=t.type===`public`?t._handle:t._handle.pub;let i=(r.length-1)/2,a=r.slice(1,1+i),o=r.slice(1+i),s={kty:`EC`,crv:e,x:n(a),y:n(o),ext:t.extractable,key_ops:[...t.usages]};return t.type===`private`&&(s.d=n(t._handle.priv)),s}throw new DOMException(`JWK export not supported for ${r} ${t.type}`,`NotSupportedError`)}throw new DOMException(`Unsupported export format: ${e}`,`NotSupportedError`)}async encrypt(e,t,n){await O,r(t,`encrypt`);let i=a(e),o=i.name.toUpperCase(),l=c(n);switch(o){case`AES-CBC`:{let n=c(e.iv),r=t._handle,i=r.length*8,a=p(`aes-${i}-cbc`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-CTR`:{let n=c(e.counter),r=t._handle,i=r.length*8,a=p(`aes-${i}-ctr`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-GCM`:{let n=e,r=c(n.iv),i=n.additionalData?c(n.additionalData):void 0,a=t._handle,o=a.length*8,s=p(`aes-${o}-gcm`,a,r);i&&s.setAAD(i);let u=s.update(l),d=s.final(),f=s.getAuthTag(),m=new Uint8Array(u.length+d.length+f.length);return m.set(new Uint8Array(u),0),m.set(new Uint8Array(d),u.length),m.set(new Uint8Array(f),u.length+d.length),m.buffer}case`RSA-OAEP`:{let n=t.algorithm.hash.name,r=s(n),i=t._handle,a=e,o=a.label?c(a.label):void 0,u=T(r,i.pem,l,o);return u.buffer.slice(u.byteOffset,u.byteOffset+u.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${i.name}`,`NotSupportedError`)}}async decrypt(e,t,n){await O,r(t,`decrypt`);let i=a(e),o=i.name.toUpperCase(),l=c(n);switch(o){case`AES-CBC`:{let n=c(e.iv),r=t._handle,i=r.length*8,a=m(`aes-${i}-cbc`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-CTR`:{let n=c(e.counter),r=t._handle,i=r.length*8,a=m(`aes-${i}-ctr`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-GCM`:{let n=e,r=c(n.iv),i=(n.tagLength||128)/8,a=n.additionalData?c(n.additionalData):void 0,o=t._handle,s=o.length*8,u=l.slice(0,l.length-i),d=l.slice(l.length-i),f=m(`aes-${s}-gcm`,o,r);f.setAuthTag(d),a&&f.setAAD(a);let p=f.update(u),h=f.final(),g=new Uint8Array(p.length+h.length);return g.set(new Uint8Array(p),0),g.set(new Uint8Array(h),p.length),g.buffer}case`RSA-OAEP`:{let n=t.algorithm.hash.name,r=s(n),i=t._handle,a=e,o=a.label?c(a.label):void 0,u=E(r,i.pem,l,o);return u.buffer.slice(u.byteOffset,u.byteOffset+u.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${i.name}`,`NotSupportedError`)}}async sign(e,t,n){await O,r(t,`sign`);let o=a(e),l=o.name.toUpperCase(),u=c(n);switch(l){case`HMAC`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=f(n,r);i.update(u);let a=i.digest();return a.buffer.slice(a.byteOffset,a.byteOffset+a.byteLength)}case`RSASSA-PKCS1-V1_5`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=h(n);i.update(u);let a=i.sign(r.pem);return a.buffer.slice(a.byteOffset,a.byteOffset+a.byteLength)}case`ECDSA`:{let n=e,r=s(typeof n.hash==`string`?n.hash:n.hash.name),i=t.algorithm.namedCurve,a=t._handle,o=x(r,a.priv,u,i);return o.buffer.slice(o.byteOffset,o.byteOffset+o.byteLength)}case`RSA-PSS`:{let n=t.algorithm.hash.name,r=s(n),a=t._handle,o=e.saltLength??i(n),c=C(r,a.pem,u,o);return c.buffer.slice(c.byteOffset,c.byteOffset+c.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${o.name}`,`NotSupportedError`)}}async verify(e,t,n,o){await O,r(t,`verify`);let l=a(e),u=l.name.toUpperCase(),d=c(o),p=c(n);switch(u){case`HMAC`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=f(n,r);i.update(d);let a=new Uint8Array(i.digest());if(a.length!==p.length)return!1;let o=0;for(let e=0;e<a.length;e++)o|=a[e]^p[e];return o===0}case`RSASSA-PKCS1-V1_5`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=g(n);return i.update(d),i.verify(r.pem,p)}case`ECDSA`:{let n=e,r=s(typeof n.hash==`string`?n.hash:n.hash.name),i=t.algorithm.namedCurve,a=t._handle;return S(r,a,p,d,i)}case`RSA-PSS`:{let n=t.algorithm.hash.name,r=s(n),a=t._handle,o=e.saltLength??i(n);return w(r,a.pem,p,d,o)}default:throw new DOMException(`Unsupported algorithm: ${l.name}`,`NotSupportedError`)}}async _deriveBitsInternal(e,t,n){await O;let r=a(e);switch(r.name.toUpperCase()){case`PBKDF2`:{let r=e,i=s(a(r.hash).name),o=c(r.salt),l=r.iterations,u=t._handle,d=_(u,o,l,n/8,i);return d.buffer.slice(d.byteOffset,d.byteOffset+d.byteLength)}case`HKDF`:{let r=e,i=s(a(r.hash).name),o=c(r.salt),l=c(r.info),u=t._handle;return v(i,u,o,l,n/8)}case`ECDH`:{let r=e.public,i=t.algorithm.namedCurve,a=o(i),s=y(a),c=t._handle;s.setPrivateKey(c.priv);let l=r._handle instanceof Uint8Array?r._handle:r._handle.pub,u=s.computeSecret(l),d=new Uint8Array(u);return n?d.buffer.slice(0,n/8):d.buffer.slice(d.byteOffset,d.byteOffset+d.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${r.name}`,`NotSupportedError`)}}async deriveBits(e,t,n){return r(t,`deriveBits`),this._deriveBitsInternal(e,t,n)}async deriveKey(e,t,n,o,s){r(t,`deriveKey`);let c=a(n),l,u=c.name.toUpperCase();if(u===`AES-CBC`||u===`AES-CTR`||u===`AES-GCM`)l=n.length;else if(u===`HMAC`){let e=n,t=a(e.hash);l=e.length||i(t.name)*8}else throw new DOMException(`Unsupported derived key algorithm: ${c.name}`,`NotSupportedError`);let d=await this._deriveBitsInternal(e,t,l);return this.importKey(`raw`,d,n,o,s)}async wrapKey(e,t,n,r){throw new DOMException(`wrapKey not yet implemented`,`NotSupportedError`)}async unwrapKey(e,t,n,r,i,a,o){throw new DOMException(`unwrapKey not yet implemented`,`NotSupportedError`)}};export{k as SubtleCrypto};
|
|
1
|
+
import{CryptoKey as e}from"./crypto-key.js";import{base64urlDecode as t,base64urlEncode as n,checkUsage as r,hashSize as i,normalizeAlgorithm as a,toNodeCurveName as o,toNodeHashName as s,toUint8Array as c,validateUsages as l}from"./util.js";let u=!1,d,f,p,m,h,g,_,v,y,b,x,S,C,w,T,E;async function loadCrypto(){if(u)return;let e=await import(`crypto`);d=e.createHash,f=e.createHmac,p=e.createCipheriv,m=e.createDecipheriv,h=e.createSign,g=e.createVerify,_=e.pbkdf2Sync,v=e.hkdfSync,y=e.createECDH,b=e.randomBytes,e.publicEncrypt,e.privateDecrypt,e.createPublicKey,e.createPrivateKey,x=e.ecdsaSign,S=e.ecdsaVerify,C=e.rsaPssSign,w=e.rsaPssVerify,T=e.rsaOaepEncrypt,E=e.rsaOaepDecrypt,u=!0}const D=loadCrypto();var SubtleCrypto=class{async digest(e,t){await D;let n=s(a(e).name),r=c(t),i=d(n);i.update(r);let o=i.digest();return o.buffer.slice(o.byteOffset,o.byteOffset+o.byteLength)}async generateKey(t,n,r){await D;let s=a(t);switch(s.name.toUpperCase()){case`AES-CBC`:case`AES-CTR`:case`AES-GCM`:{let i=t.length;if(![128,192,256].includes(i))throw new DOMException(`Invalid AES key length: ${i}`,`OperationError`);l(r,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]);let a=b(i/8);return new e(`secret`,n,{name:s.name,length:i},r,new Uint8Array(a))}case`HMAC`:{let o=t,s=a(o.hash),c=o.length||i(s.name)*8;l(r,[`sign`,`verify`]);let u=b(Math.ceil(c/8));return new e(`secret`,n,{name:`HMAC`,hash:{name:s.name},length:c},r,new Uint8Array(u))}case`ECDH`:{let i=t.namedCurve,a=o(i);l(r,[`deriveKey`,`deriveBits`]);let s=y(a);s.generateKeys();let c=new Uint8Array(s.getPublicKey()),u=new Uint8Array(s.getPrivateKey());return{publicKey:new e(`public`,!0,{name:`ECDH`,namedCurve:i},[],c),privateKey:new e(`private`,n,{name:`ECDH`,namedCurve:i},r,{pub:c,priv:u})}}case`ECDSA`:{let i=t.namedCurve,a=o(i);l(r,[`sign`,`verify`]);let s=y(a);s.generateKeys();let c=new Uint8Array(s.getPublicKey()),u=new Uint8Array(s.getPrivateKey());return{publicKey:new e(`public`,!0,{name:`ECDSA`,namedCurve:i},[`verify`],c),privateKey:new e(`private`,n,{name:`ECDSA`,namedCurve:i},[`sign`],{pub:c,priv:u})}}default:throw new DOMException(`Unsupported algorithm: ${s.name}`,`NotSupportedError`)}}async importKey(n,r,i,o,s){await D;let u=a(i),d=u.name.toUpperCase();switch(d){case`AES-CBC`:case`AES-CTR`:case`AES-GCM`:if(n===`raw`){let t=c(r);if(![16,24,32].includes(t.length))throw new DOMException(`Invalid AES key length: ${t.length*8}`,`DataError`);return l(s,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]),new e(`secret`,o,{name:u.name,length:t.length*8},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`oct`)throw new DOMException(`JWK kty must be "oct"`,`DataError`);let i=t(n.k);if(![16,24,32].includes(i.length))throw new DOMException(`Invalid AES key length: ${i.length*8}`,`DataError`);return l(s,[`encrypt`,`decrypt`,`wrapKey`,`unwrapKey`]),new e(`secret`,o,{name:u.name,length:i.length*8},s,i)}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`HMAC`:{let u=a(i.hash);if(n===`raw`){let t=c(r);return l(s,[`sign`,`verify`]),new e(`secret`,o,{name:`HMAC`,hash:{name:u.name},length:t.length*8},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`oct`)throw new DOMException(`JWK kty must be "oct"`,`DataError`);let i=t(n.k);return l(s,[`sign`,`verify`]),new e(`secret`,o,{name:`HMAC`,hash:{name:u.name},length:i.length*8},s,i)}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`)}case`PBKDF2`:if(n===`raw`){let t=c(r);return l(s,[`deriveKey`,`deriveBits`]),new e(`secret`,!1,{name:`PBKDF2`},s,new Uint8Array(t))}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`HKDF`:if(n===`raw`){let t=c(r);return l(s,[`deriveKey`,`deriveBits`]),new e(`secret`,!1,{name:`HKDF`},s,new Uint8Array(t))}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`);case`ECDH`:case`ECDSA`:{let a=i.namedCurve;if(n===`raw`){let t=c(r);return d===`ECDH`?s.length>0&&l(s,[`deriveKey`,`deriveBits`]):l(s,[`verify`]),new e(`public`,o,{name:u.name,namedCurve:a},s,new Uint8Array(t))}if(n===`jwk`){let n=r;if(n.kty!==`EC`)throw new DOMException(`JWK kty must be "EC"`,`DataError`);if(n.d){let r=t(n.d),i=t(n.x),c=t(n.y),f=new Uint8Array(1+i.length+c.length);return f[0]=4,f.set(i,1),f.set(c,1+i.length),l(s,d===`ECDH`?[`deriveKey`,`deriveBits`]:[`sign`]),new e(`private`,o,{name:u.name,namedCurve:a},s,{pub:f,priv:r})}else{let r=t(n.x),i=t(n.y),c=new Uint8Array(1+r.length+i.length);return c[0]=4,c.set(r,1),c.set(i,1+r.length),d===`ECDH`?s.length>0&&l(s,[`deriveKey`,`deriveBits`]):l(s,[`verify`]),new e(`public`,o,{name:u.name,namedCurve:a},s,c)}}throw new DOMException(`Unsupported format: ${n}`,`NotSupportedError`)}default:throw new DOMException(`Unsupported algorithm: ${u.name}`,`NotSupportedError`)}}async exportKey(e,t){if(!t.extractable)throw new DOMException(`Key is not extractable`,`InvalidAccessError`);let r=t.algorithm.name.toUpperCase();if(e===`raw`){if(t.type===`secret`){let e=t._handle;return e.buffer.slice(e.byteOffset,e.byteOffset+e.byteLength)}if(t.type===`public`&&(r===`ECDH`||r===`ECDSA`)){let e=t._handle;return e.buffer.slice(e.byteOffset,e.byteOffset+e.byteLength)}throw new DOMException(`Cannot export in raw format`,`InvalidAccessError`)}if(e===`jwk`){if(t.type===`secret`){let e=t._handle,i={kty:`oct`,k:n(e),ext:t.extractable,key_ops:[...t.usages]};return r.startsWith(`AES-`)?i.alg=`A${t.algorithm.length}${r.replace(`AES-`,``)}`:r===`HMAC`&&(i.alg=`HS${t.algorithm.hash.name.replace(`SHA-`,``)}`),i}if((r===`ECDH`||r===`ECDSA`)&&(t.type===`public`||t.type===`private`)){let e=t.algorithm.namedCurve,r;r=t.type===`public`?t._handle:t._handle.pub;let i=(r.length-1)/2,a=r.slice(1,1+i),o=r.slice(1+i),s={kty:`EC`,crv:e,x:n(a),y:n(o),ext:t.extractable,key_ops:[...t.usages]};return t.type===`private`&&(s.d=n(t._handle.priv)),s}throw new DOMException(`JWK export not supported for ${r} ${t.type}`,`NotSupportedError`)}throw new DOMException(`Unsupported export format: ${e}`,`NotSupportedError`)}async encrypt(e,t,n){await D,r(t,`encrypt`);let i=a(e),o=i.name.toUpperCase(),l=c(n);switch(o){case`AES-CBC`:{let n=c(e.iv),r=t._handle,i=r.length*8,a=p(`aes-${i}-cbc`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-CTR`:{let n=c(e.counter),r=t._handle,i=r.length*8,a=p(`aes-${i}-ctr`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-GCM`:{let n=e,r=c(n.iv),i=n.additionalData?c(n.additionalData):void 0,a=t._handle,o=a.length*8,s=p(`aes-${o}-gcm`,a,r);i&&s.setAAD(i);let u=s.update(l),d=s.final(),f=s.getAuthTag(),m=new Uint8Array(u.length+d.length+f.length);return m.set(new Uint8Array(u),0),m.set(new Uint8Array(d),u.length),m.set(new Uint8Array(f),u.length+d.length),m.buffer}case`RSA-OAEP`:{let n=t.algorithm.hash.name,r=s(n),i=t._handle,a=e,o=a.label?c(a.label):void 0,u=T(r,i.pem,l,o);return u.buffer.slice(u.byteOffset,u.byteOffset+u.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${i.name}`,`NotSupportedError`)}}async decrypt(e,t,n){await D,r(t,`decrypt`);let i=a(e),o=i.name.toUpperCase(),l=c(n);switch(o){case`AES-CBC`:{let n=c(e.iv),r=t._handle,i=r.length*8,a=m(`aes-${i}-cbc`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-CTR`:{let n=c(e.counter),r=t._handle,i=r.length*8,a=m(`aes-${i}-ctr`,r,n),o=a.update(l),s=a.final(),u=new Uint8Array(o.length+s.length);return u.set(new Uint8Array(o),0),u.set(new Uint8Array(s),o.length),u.buffer}case`AES-GCM`:{let n=e,r=c(n.iv),i=(n.tagLength||128)/8,a=n.additionalData?c(n.additionalData):void 0,o=t._handle,s=o.length*8,u=l.slice(0,l.length-i),d=l.slice(l.length-i),f=m(`aes-${s}-gcm`,o,r);f.setAuthTag(d),a&&f.setAAD(a);let p=f.update(u),h=f.final(),g=new Uint8Array(p.length+h.length);return g.set(new Uint8Array(p),0),g.set(new Uint8Array(h),p.length),g.buffer}case`RSA-OAEP`:{let n=t.algorithm.hash.name,r=s(n),i=t._handle,a=e,o=a.label?c(a.label):void 0,u=E(r,i.pem,l,o);return u.buffer.slice(u.byteOffset,u.byteOffset+u.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${i.name}`,`NotSupportedError`)}}async sign(e,t,n){await D,r(t,`sign`);let o=a(e),l=o.name.toUpperCase(),u=c(n);switch(l){case`HMAC`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=f(n,r);i.update(u);let a=i.digest();return a.buffer.slice(a.byteOffset,a.byteOffset+a.byteLength)}case`RSASSA-PKCS1-V1_5`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=h(n);i.update(u);let a=i.sign(r.pem);return a.buffer.slice(a.byteOffset,a.byteOffset+a.byteLength)}case`ECDSA`:{let n=e,r=s(typeof n.hash==`string`?n.hash:n.hash.name),i=t.algorithm.namedCurve,a=t._handle,o=x(r,a.priv,u,i);return o.buffer.slice(o.byteOffset,o.byteOffset+o.byteLength)}case`RSA-PSS`:{let n=t.algorithm.hash.name,r=s(n),a=t._handle,o=e.saltLength??i(n),c=C(r,a.pem,u,o);return c.buffer.slice(c.byteOffset,c.byteOffset+c.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${o.name}`,`NotSupportedError`)}}async verify(e,t,n,o){await D,r(t,`verify`);let l=a(e),u=l.name.toUpperCase(),d=c(o),p=c(n);switch(u){case`HMAC`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=f(n,r);i.update(d);let a=new Uint8Array(i.digest());if(a.length!==p.length)return!1;let o=0;for(let e=0;e<a.length;e++)o|=a[e]^p[e];return o===0}case`RSASSA-PKCS1-V1_5`:{let e=t.algorithm.hash.name,n=s(e),r=t._handle,i=g(n);return i.update(d),i.verify(r.pem,p)}case`ECDSA`:{let n=e,r=s(typeof n.hash==`string`?n.hash:n.hash.name),i=t.algorithm.namedCurve,a=t._handle;return S(r,a,p,d,i)}case`RSA-PSS`:{let n=t.algorithm.hash.name,r=s(n),a=t._handle,o=e.saltLength??i(n);return w(r,a.pem,p,d,o)}default:throw new DOMException(`Unsupported algorithm: ${l.name}`,`NotSupportedError`)}}async _deriveBitsInternal(e,t,n){await D;let r=a(e);switch(r.name.toUpperCase()){case`PBKDF2`:{let r=e,i=s(a(r.hash).name),o=c(r.salt),l=r.iterations,u=t._handle,d=_(u,o,l,n/8,i);return d.buffer.slice(d.byteOffset,d.byteOffset+d.byteLength)}case`HKDF`:{let r=e,i=s(a(r.hash).name),o=c(r.salt),l=c(r.info),u=t._handle;return v(i,u,o,l,n/8)}case`ECDH`:{let r=e.public,i=t.algorithm.namedCurve,a=o(i),s=y(a),c=t._handle;s.setPrivateKey(c.priv);let l=r._handle instanceof Uint8Array?r._handle:r._handle.pub,u=s.computeSecret(l),d=new Uint8Array(u);return n?d.buffer.slice(0,n/8):d.buffer.slice(d.byteOffset,d.byteOffset+d.byteLength)}default:throw new DOMException(`Unsupported algorithm: ${r.name}`,`NotSupportedError`)}}async deriveBits(e,t,n){return r(t,`deriveBits`),this._deriveBitsInternal(e,t,n)}async deriveKey(e,t,n,o,s){r(t,`deriveKey`);let c=a(n),l,u=c.name.toUpperCase();if(u===`AES-CBC`||u===`AES-CTR`||u===`AES-GCM`)l=n.length;else if(u===`HMAC`){let e=n,t=a(e.hash);l=e.length||i(t.name)*8}else throw new DOMException(`Unsupported derived key algorithm: ${c.name}`,`NotSupportedError`);let d=await this._deriveBitsInternal(e,t,l);return this.importKey(`raw`,d,n,o,s)}async wrapKey(e,t,n,r){throw new DOMException(`wrapKey not yet implemented`,`NotSupportedError`)}async unwrapKey(e,t,n,r,i,a,o){throw new DOMException(`unwrapKey not yet implemented`,`NotSupportedError`)}};export{SubtleCrypto};
|
package/lib/esm/util.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{DOMException as e}from"@gjsify/dom-exception";function
|
|
1
|
+
import{DOMException as e}from"@gjsify/dom-exception";function normalizeAlgorithm(e){if(typeof e==`string`)return{name:e};if(!e||typeof e.name!=`string`)throw TypeError(`Algorithm must have a name property`);return e}const t={"SHA-1":`sha1`,"SHA-256":`sha256`,"SHA-384":`sha384`,"SHA-512":`sha512`};function toNodeHashName(n){let r=t[n.toUpperCase()]||t[n];if(!r)throw new e(`Unrecognized hash name: ${n}`,`NotSupportedError`);return r}function toWebCryptoHashName(n){let r=n.toUpperCase().replace(/[^A-Z0-9]/g,``);for(let[e,i]of Object.entries(t))if(i===n||r===e.replace(`-`,``))return e;throw new e(`Unrecognized hash name: ${n}`,`NotSupportedError`)}const n={"P-256":`prime256v1`,"P-384":`secp384r1`,"P-521":`secp521r1`};function toNodeCurveName(t){let r=n[t];if(!r)throw new e(`Unrecognized curve name: ${t}`,`NotSupportedError`);return r}function hashSize(t){switch(toNodeHashName(t)){case`sha1`:return 20;case`sha256`:return 32;case`sha384`:return 48;case`sha512`:return 64;default:throw new e(`Unsupported hash: ${t}`,`NotSupportedError`)}}function validateUsages(t,n){for(let r of t)if(!n.includes(r))throw new e(`Invalid key usage: ${r}`,`SyntaxError`);if(t.length===0)throw new e(`Key usages must not be empty`,`SyntaxError`)}function checkUsage(t,n){if(!t.usages.includes(n))throw new e(`Key does not support the '${n}' usage`,`InvalidAccessError`)}const r=`ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/`,i=new Uint8Array(128);for(let e=0;e<64;e++)i[r.charCodeAt(e)]=e;function bytesToBase64(e){let t=``,n=e.length;for(let i=0;i<n;i+=3){let a=e[i],o=i+1<n?e[i+1]:0,s=i+2<n?e[i+2]:0;t+=r[a>>2&63],t+=r[(a<<4|o>>4)&63],t+=i+1<n?r[(o<<2|s>>6)&63]:`=`,t+=i+2<n?r[s&63]:`=`}return t}function base64ToBytes(e){let t=e;for(;t.endsWith(`=`);)t=t.slice(0,-1);let n=[],r=0,a=0;for(let e=0;e<t.length;e++)a=a<<6|i[t.charCodeAt(e)],r+=6,r>=8&&(r-=8,n.push(a>>r&255));return new Uint8Array(n)}function base64urlEncode(e){return bytesToBase64(e).replace(/\+/g,`-`).replace(/\//g,`_`).replace(/=+$/,``)}function base64urlDecode(e){let t=e.replace(/-/g,`+`).replace(/_/g,`/`);for(;t.length%4;)t+=`=`;return base64ToBytes(t)}function toUint8Array(e){if(e instanceof Uint8Array)return e;if(e instanceof ArrayBuffer)return new Uint8Array(e);if(ArrayBuffer.isView(e))return new Uint8Array(e.buffer,e.byteOffset,e.byteLength);throw TypeError(`Expected BufferSource`)}export{base64urlDecode,base64urlEncode,checkUsage,hashSize,normalizeAlgorithm,toNodeCurveName,toNodeHashName,toUint8Array,toWebCryptoHashName,validateUsages};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gjsify/webcrypto",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.21",
|
|
4
4
|
"description": "W3C WebCrypto API (SubtleCrypto) for GJS using @gjsify/crypto primitives",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"module": "lib/esm/index.js",
|
|
@@ -41,11 +41,11 @@
|
|
|
41
41
|
"crypto"
|
|
42
42
|
],
|
|
43
43
|
"dependencies": {
|
|
44
|
-
"@gjsify/dom-exception": "^0.3.
|
|
44
|
+
"@gjsify/dom-exception": "^0.3.21"
|
|
45
45
|
},
|
|
46
46
|
"devDependencies": {
|
|
47
|
-
"@gjsify/cli": "^0.3.
|
|
48
|
-
"@gjsify/unit": "^0.3.
|
|
47
|
+
"@gjsify/cli": "^0.3.21",
|
|
48
|
+
"@gjsify/unit": "^0.3.21",
|
|
49
49
|
"@types/node": "^25.6.2",
|
|
50
50
|
"typescript": "^6.0.3"
|
|
51
51
|
}
|