@lindorm/aes 0.6.4 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/README.md +126 -231
- package/__tests__/esm-smoke.test.ts +2 -1
- package/__tests__/fixtures/keys.ts +4 -4
- package/__tests__/helpers/index.ts +2 -2
- package/__tests__/helpers/jwe-adapter.ts +2 -2
- package/__tests__/jose-jwe.test.ts +9 -8
- package/__tests__/noble-ciphers.test.ts +6 -5
- package/dist/classes/AesKit.d.ts +4 -4
- package/dist/classes/AesKit.d.ts.map +1 -1
- package/dist/classes/AesKit.js +29 -33
- package/dist/classes/AesKit.js.map +1 -1
- package/dist/classes/index.d.ts +1 -1
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +1 -17
- package/dist/classes/index.js.map +1 -1
- package/dist/errors/AesError.js +2 -6
- package/dist/errors/AesError.js.map +1 -1
- package/dist/errors/index.d.ts +1 -1
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +1 -17
- package/dist/errors/index.js.map +1 -1
- package/dist/index.d.ts +5 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -22
- package/dist/index.js.map +1 -1
- package/dist/interfaces/AesKit.d.ts +3 -3
- package/dist/interfaces/AesKit.d.ts.map +1 -1
- package/dist/interfaces/AesKit.js +1 -2
- package/dist/interfaces/index.d.ts +1 -1
- package/dist/interfaces/index.d.ts.map +1 -1
- package/dist/interfaces/index.js +1 -17
- package/dist/interfaces/index.js.map +1 -1
- package/dist/internal/constants/version.js +3 -6
- package/dist/internal/constants/version.js.map +1 -1
- package/dist/internal/types/aes-data.d.ts +4 -4
- package/dist/internal/types/aes-data.d.ts.map +1 -1
- package/dist/internal/types/aes-data.js +1 -2
- package/dist/internal/types/aes-key-derivation.js +1 -2
- package/dist/internal/types/auth-tag.d.ts +2 -2
- package/dist/internal/types/auth-tag.d.ts.map +1 -1
- package/dist/internal/types/auth-tag.js +1 -2
- package/dist/internal/types/auth-tag.js.map +1 -1
- package/dist/internal/types/content-encryption-key.d.ts +2 -2
- package/dist/internal/types/content-encryption-key.d.ts.map +1 -1
- package/dist/internal/types/content-encryption-key.js +1 -2
- package/dist/internal/types/key-wrap.d.ts +1 -1
- package/dist/internal/types/key-wrap.d.ts.map +1 -1
- package/dist/internal/types/key-wrap.js +1 -2
- package/dist/internal/types/prepared-encryption.d.ts +3 -3
- package/dist/internal/types/prepared-encryption.d.ts.map +1 -1
- package/dist/internal/types/prepared-encryption.js +1 -2
- package/dist/internal/utils/aes-header.d.ts +3 -3
- package/dist/internal/utils/aes-header.d.ts.map +1 -1
- package/dist/internal/utils/aes-header.js +22 -30
- package/dist/internal/utils/aes-header.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-aes-encryption.d.ts +2 -2
- package/dist/internal/utils/calculate/calculate-aes-encryption.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-aes-encryption.js +4 -8
- package/dist/internal/utils/calculate/calculate-aes-encryption.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-content-encryption-key-size.d.ts +2 -2
- package/dist/internal/utils/calculate/calculate-content-encryption-key-size.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-content-encryption-key-size.js +4 -8
- package/dist/internal/utils/calculate/calculate-content-encryption-key-size.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-key-wrap-encryption.d.ts +1 -1
- package/dist/internal/utils/calculate/calculate-key-wrap-encryption.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-key-wrap-encryption.js +3 -7
- package/dist/internal/utils/calculate/calculate-key-wrap-encryption.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-key-wrap-size.d.ts +2 -2
- package/dist/internal/utils/calculate/calculate-key-wrap-size.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-key-wrap-size.js +3 -7
- package/dist/internal/utils/calculate/calculate-key-wrap-size.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-pbkdf-hash.d.ts +2 -2
- package/dist/internal/utils/calculate/calculate-pbkdf-hash.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-pbkdf-hash.js +3 -7
- package/dist/internal/utils/calculate/calculate-pbkdf-hash.js.map +1 -1
- package/dist/internal/utils/calculate/calculate-rsa-oaep-hash.d.ts +2 -2
- package/dist/internal/utils/calculate/calculate-rsa-oaep-hash.d.ts.map +1 -1
- package/dist/internal/utils/calculate/calculate-rsa-oaep-hash.js +3 -7
- package/dist/internal/utils/calculate/calculate-rsa-oaep-hash.js.map +1 -1
- package/dist/internal/utils/content.d.ts +1 -1
- package/dist/internal/utils/content.d.ts.map +1 -1
- package/dist/internal/utils/content.js +11 -17
- package/dist/internal/utils/content.js.map +1 -1
- package/dist/internal/utils/data/auth-tag-hmac.d.ts +1 -1
- package/dist/internal/utils/data/auth-tag-hmac.d.ts.map +1 -1
- package/dist/internal/utils/data/auth-tag-hmac.js +9 -14
- package/dist/internal/utils/data/auth-tag-hmac.js.map +1 -1
- package/dist/internal/utils/data/auth-tag.d.ts +1 -1
- package/dist/internal/utils/data/auth-tag.d.ts.map +1 -1
- package/dist/internal/utils/data/auth-tag.js +9 -14
- package/dist/internal/utils/data/auth-tag.js.map +1 -1
- package/dist/internal/utils/data/get-initialisation-vector.d.ts +1 -1
- package/dist/internal/utils/data/get-initialisation-vector.d.ts.map +1 -1
- package/dist/internal/utils/data/get-initialisation-vector.js +6 -10
- package/dist/internal/utils/data/get-initialisation-vector.js.map +1 -1
- package/dist/internal/utils/data/split-content-encryption-key.d.ts +1 -1
- package/dist/internal/utils/data/split-content-encryption-key.d.ts.map +1 -1
- package/dist/internal/utils/data/split-content-encryption-key.js +4 -8
- package/dist/internal/utils/data/split-content-encryption-key.js.map +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman-key-wrap.d.ts +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman-key-wrap.d.ts.map +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman-key-wrap.js +20 -25
- package/dist/internal/utils/diffie-hellman/diffie-hellman-key-wrap.js.map +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman.d.ts +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman.d.ts.map +1 -1
- package/dist/internal/utils/diffie-hellman/diffie-hellman.js +16 -21
- package/dist/internal/utils/diffie-hellman/diffie-hellman.js.map +1 -1
- package/dist/internal/utils/diffie-hellman/shared-secret.d.ts +3 -3
- package/dist/internal/utils/diffie-hellman/shared-secret.d.ts.map +1 -1
- package/dist/internal/utils/diffie-hellman/shared-secret.js +22 -27
- package/dist/internal/utils/diffie-hellman/shared-secret.js.map +1 -1
- package/dist/internal/utils/encoded-aes.d.ts +2 -2
- package/dist/internal/utils/encoded-aes.d.ts.map +1 -1
- package/dist/internal/utils/encoded-aes.js +18 -23
- package/dist/internal/utils/encoded-aes.js.map +1 -1
- package/dist/internal/utils/encrypt-content.d.ts +1 -1
- package/dist/internal/utils/encrypt-content.d.ts.map +1 -1
- package/dist/internal/utils/encrypt-content.js +14 -18
- package/dist/internal/utils/encrypt-content.js.map +1 -1
- package/dist/internal/utils/encrypt-encoded.d.ts +2 -2
- package/dist/internal/utils/encrypt-encoded.d.ts.map +1 -1
- package/dist/internal/utils/encrypt-encoded.js +15 -19
- package/dist/internal/utils/encrypt-encoded.js.map +1 -1
- package/dist/internal/utils/encrypt-serialised.d.ts +3 -3
- package/dist/internal/utils/encrypt-serialised.d.ts.map +1 -1
- package/dist/internal/utils/encrypt-serialised.js +20 -24
- package/dist/internal/utils/encrypt-serialised.js.map +1 -1
- package/dist/internal/utils/encrypt-tokenised.d.ts +2 -2
- package/dist/internal/utils/encrypt-tokenised.d.ts.map +1 -1
- package/dist/internal/utils/encrypt-tokenised.js +18 -22
- package/dist/internal/utils/encrypt-tokenised.js.map +1 -1
- package/dist/internal/utils/encryption.d.ts +3 -3
- package/dist/internal/utils/encryption.d.ts.map +1 -1
- package/dist/internal/utils/encryption.js +22 -27
- package/dist/internal/utils/encryption.js.map +1 -1
- package/dist/internal/utils/get-key/get-decryption-key.d.ts +1 -1
- package/dist/internal/utils/get-key/get-decryption-key.d.ts.map +1 -1
- package/dist/internal/utils/get-key/get-decryption-key.js +11 -15
- package/dist/internal/utils/get-key/get-decryption-key.js.map +1 -1
- package/dist/internal/utils/get-key/get-encryption-key.d.ts +1 -1
- package/dist/internal/utils/get-key/get-encryption-key.d.ts.map +1 -1
- package/dist/internal/utils/get-key/get-encryption-key.js +11 -15
- package/dist/internal/utils/get-key/get-encryption-key.js.map +1 -1
- package/dist/internal/utils/key-derivation/concat-kdf.d.ts +1 -1
- package/dist/internal/utils/key-derivation/concat-kdf.d.ts.map +1 -1
- package/dist/internal/utils/key-derivation/concat-kdf.js +3 -7
- package/dist/internal/utils/key-derivation/concat-kdf.js.map +1 -1
- package/dist/internal/utils/key-derivation/pbkdf.d.ts +1 -1
- package/dist/internal/utils/key-derivation/pbkdf.d.ts.map +1 -1
- package/dist/internal/utils/key-derivation/pbkdf.js +7 -11
- package/dist/internal/utils/key-derivation/pbkdf.js.map +1 -1
- package/dist/internal/utils/key-types/get-ec-keys.d.ts +1 -1
- package/dist/internal/utils/key-types/get-ec-keys.d.ts.map +1 -1
- package/dist/internal/utils/key-types/get-ec-keys.js +11 -16
- package/dist/internal/utils/key-types/get-ec-keys.js.map +1 -1
- package/dist/internal/utils/key-types/get-oct-keys.d.ts +1 -1
- package/dist/internal/utils/key-types/get-oct-keys.d.ts.map +1 -1
- package/dist/internal/utils/key-types/get-oct-keys.js +14 -19
- package/dist/internal/utils/key-types/get-oct-keys.js.map +1 -1
- package/dist/internal/utils/key-types/get-okp-keys.d.ts +1 -1
- package/dist/internal/utils/key-types/get-okp-keys.d.ts.map +1 -1
- package/dist/internal/utils/key-types/get-okp-keys.js +11 -16
- package/dist/internal/utils/key-types/get-okp-keys.js.map +1 -1
- package/dist/internal/utils/key-types/get-rsa-keys.d.ts +1 -1
- package/dist/internal/utils/key-types/get-rsa-keys.d.ts.map +1 -1
- package/dist/internal/utils/key-types/get-rsa-keys.js +24 -29
- package/dist/internal/utils/key-types/get-rsa-keys.js.map +1 -1
- package/dist/internal/utils/key-wrap/ecb-key-wrap.d.ts +1 -1
- package/dist/internal/utils/key-wrap/ecb-key-wrap.d.ts.map +1 -1
- package/dist/internal/utils/key-wrap/ecb-key-wrap.js +12 -17
- package/dist/internal/utils/key-wrap/ecb-key-wrap.js.map +1 -1
- package/dist/internal/utils/key-wrap/gcm-key-wrap.d.ts +1 -1
- package/dist/internal/utils/key-wrap/gcm-key-wrap.d.ts.map +1 -1
- package/dist/internal/utils/key-wrap/gcm-key-wrap.js +14 -19
- package/dist/internal/utils/key-wrap/gcm-key-wrap.js.map +1 -1
- package/dist/internal/utils/key-wrap/key-wrap.d.ts +1 -1
- package/dist/internal/utils/key-wrap/key-wrap.d.ts.map +1 -1
- package/dist/internal/utils/key-wrap/key-wrap.js +11 -16
- package/dist/internal/utils/key-wrap/key-wrap.js.map +1 -1
- package/dist/internal/utils/oct/get-oct-dir-keys.d.ts +1 -1
- package/dist/internal/utils/oct/get-oct-dir-keys.d.ts.map +1 -1
- package/dist/internal/utils/oct/get-oct-dir-keys.js +13 -18
- package/dist/internal/utils/oct/get-oct-dir-keys.js.map +1 -1
- package/dist/internal/utils/oct/get-oct-key-key-wrap.d.ts +1 -1
- package/dist/internal/utils/oct/get-oct-key-key-wrap.d.ts.map +1 -1
- package/dist/internal/utils/oct/get-oct-key-key-wrap.js +19 -24
- package/dist/internal/utils/oct/get-oct-key-key-wrap.js.map +1 -1
- package/dist/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.d.ts +1 -1
- package/dist/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.d.ts.map +1 -1
- package/dist/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.js +25 -30
- package/dist/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.js.map +1 -1
- package/dist/internal/utils/prepare-encryption.d.ts +1 -1
- package/dist/internal/utils/prepare-encryption.d.ts.map +1 -1
- package/dist/internal/utils/prepare-encryption.js +5 -9
- package/dist/internal/utils/prepare-encryption.js.map +1 -1
- package/dist/internal/utils/serialised-aes.d.ts +2 -2
- package/dist/internal/utils/serialised-aes.d.ts.map +1 -1
- package/dist/internal/utils/serialised-aes.js +19 -24
- package/dist/internal/utils/serialised-aes.js.map +1 -1
- package/dist/internal/utils/tokenised-aes.d.ts +2 -2
- package/dist/internal/utils/tokenised-aes.d.ts.map +1 -1
- package/dist/internal/utils/tokenised-aes.js +22 -27
- package/dist/internal/utils/tokenised-aes.js.map +1 -1
- package/dist/internal/utils/validate-version.js +8 -12
- package/dist/internal/utils/validate-version.js.map +1 -1
- package/dist/mocks/create-mock-aes-kit.d.ts +4 -0
- package/dist/mocks/create-mock-aes-kit.d.ts.map +1 -0
- package/dist/mocks/create-mock-aes-kit.js +81 -0
- package/dist/mocks/create-mock-aes-kit.js.map +1 -0
- package/dist/mocks/jest.d.ts +5 -0
- package/dist/mocks/jest.d.ts.map +1 -0
- package/dist/mocks/jest.js +4 -0
- package/dist/mocks/jest.js.map +1 -0
- package/dist/mocks/vitest.d.ts +6 -0
- package/dist/mocks/vitest.d.ts.map +1 -0
- package/dist/mocks/vitest.js +5 -0
- package/dist/mocks/vitest.js.map +1 -0
- package/dist/types/aes-decryption-data.d.ts +3 -3
- package/dist/types/aes-decryption-data.d.ts.map +1 -1
- package/dist/types/aes-decryption-data.js +1 -2
- package/dist/types/aes-encryption-data.d.ts +3 -3
- package/dist/types/aes-encryption-data.d.ts.map +1 -1
- package/dist/types/aes-encryption-data.js +1 -2
- package/dist/types/aes-kit.d.ts +1 -1
- package/dist/types/aes-kit.d.ts.map +1 -1
- package/dist/types/aes-kit.js +1 -2
- package/dist/types/content.d.ts +1 -1
- package/dist/types/content.d.ts.map +1 -1
- package/dist/types/content.js +1 -2
- package/dist/types/curve.js +1 -2
- package/dist/types/index.d.ts +7 -7
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +6 -22
- package/dist/types/index.js.map +1 -1
- package/dist/types/types.d.ts +1 -1
- package/dist/types/types.d.ts.map +1 -1
- package/dist/types/types.js +1 -2
- package/dist/utils/index.d.ts +2 -2
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +2 -18
- package/dist/utils/index.js.map +1 -1
- package/dist/utils/is-aes.d.ts +1 -1
- package/dist/utils/is-aes.d.ts.map +1 -1
- package/dist/utils/is-aes.js +4 -10
- package/dist/utils/is-aes.js.map +1 -1
- package/dist/utils/parse-aes.d.ts +1 -1
- package/dist/utils/parse-aes.d.ts.map +1 -1
- package/dist/utils/parse-aes.js +15 -19
- package/dist/utils/parse-aes.js.map +1 -1
- package/package.json +19 -26
- package/vitest.config.mjs +6 -0
- package/dist/mocks/index.d.ts +0 -2
- package/dist/mocks/index.d.ts.map +0 -1
- package/dist/mocks/index.js +0 -6
- package/dist/mocks/index.js.map +0 -1
- package/dist/mocks/mock-aes-kit.d.ts +0 -4
- package/dist/mocks/mock-aes-kit.d.ts.map +0 -1
- package/dist/mocks/mock-aes-kit.js +0 -74
- package/dist/mocks/mock-aes-kit.js.map +0 -1
- package/jest.config.interop.mjs +0 -24
- package/tsconfig.interop.json +0 -13
|
@@ -1,13 +1,10 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const
|
|
6
|
-
const
|
|
7
|
-
const
|
|
8
|
-
const algorithm = (0, calculate_key_wrap_encryption_1.calculateKeyWrapEncryption)(kryptos);
|
|
9
|
-
const publicEncryptionIv = (0, crypto_1.randomBytes)(12);
|
|
10
|
-
const cipher = (0, crypto_1.createCipheriv)(algorithm, keyEncryptionKey, publicEncryptionIv);
|
|
1
|
+
import { createCipheriv, createDecipheriv, randomBytes, } from "crypto";
|
|
2
|
+
import { AesError } from "../../../errors/index.js";
|
|
3
|
+
import { calculateKeyWrapEncryption } from "../calculate/calculate-key-wrap-encryption.js";
|
|
4
|
+
export const gcmKeyWrap = ({ contentEncryptionKey, keyEncryptionKey, kryptos, }) => {
|
|
5
|
+
const algorithm = calculateKeyWrapEncryption(kryptos);
|
|
6
|
+
const publicEncryptionIv = randomBytes(12);
|
|
7
|
+
const cipher = createCipheriv(algorithm, keyEncryptionKey, publicEncryptionIv);
|
|
11
8
|
const publicEncryptionKey = Buffer.concat([
|
|
12
9
|
cipher.update(contentEncryptionKey),
|
|
13
10
|
cipher.final(),
|
|
@@ -15,22 +12,21 @@ const gcmKeyWrap = ({ contentEncryptionKey, keyEncryptionKey, kryptos, }) => {
|
|
|
15
12
|
const publicEncryptionTag = cipher.getAuthTag();
|
|
16
13
|
return { publicEncryptionKey, publicEncryptionIv, publicEncryptionTag };
|
|
17
14
|
};
|
|
18
|
-
|
|
19
|
-
const gcmKeyUnwrap = ({ keyEncryptionKey, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }) => {
|
|
15
|
+
export const gcmKeyUnwrap = ({ keyEncryptionKey, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }) => {
|
|
20
16
|
if (!publicEncryptionIv) {
|
|
21
|
-
throw new
|
|
17
|
+
throw new AesError("Invalid public encryption iv");
|
|
22
18
|
}
|
|
23
19
|
if (!publicEncryptionTag) {
|
|
24
|
-
throw new
|
|
20
|
+
throw new AesError("Invalid public encryption tag");
|
|
25
21
|
}
|
|
26
22
|
if (publicEncryptionIv.length !== 12) {
|
|
27
|
-
throw new
|
|
23
|
+
throw new AesError("Invalid GCM key wrap IV length");
|
|
28
24
|
}
|
|
29
25
|
if (publicEncryptionTag.length !== 16) {
|
|
30
|
-
throw new
|
|
26
|
+
throw new AesError("Invalid GCM key wrap auth tag length");
|
|
31
27
|
}
|
|
32
|
-
const algorithm =
|
|
33
|
-
const decipher =
|
|
28
|
+
const algorithm = calculateKeyWrapEncryption(kryptos);
|
|
29
|
+
const decipher = createDecipheriv(algorithm, keyEncryptionKey, publicEncryptionIv);
|
|
34
30
|
decipher.setAuthTag(publicEncryptionTag);
|
|
35
31
|
const contentEncryptionKey = Buffer.concat([
|
|
36
32
|
decipher.update(publicEncryptionKey),
|
|
@@ -38,5 +34,4 @@ const gcmKeyUnwrap = ({ keyEncryptionKey, kryptos, publicEncryptionIv, publicEnc
|
|
|
38
34
|
]);
|
|
39
35
|
return { contentEncryptionKey };
|
|
40
36
|
};
|
|
41
|
-
exports.gcmKeyUnwrap = gcmKeyUnwrap;
|
|
42
37
|
//# sourceMappingURL=gcm-key-wrap.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gcm-key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/gcm-key-wrap.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"gcm-key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/gcm-key-wrap.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,cAAc,EACd,gBAAgB,EAChB,WAAW,GACZ,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAOpD,OAAO,EAAE,0BAA0B,EAAE,MAAM,+CAA+C,CAAC;AAE3F,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,EACzB,oBAAoB,EACpB,gBAAgB,EAChB,OAAO,GACQ,EAAiB,EAAE;IAClC,MAAM,SAAS,GAAG,0BAA0B,CAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,kBAAkB,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,cAAc,CAC3B,SAAS,EACT,gBAAgB,EAChB,kBAAkB,CACN,CAAC;IAEf,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACnC,MAAM,CAAC,KAAK,EAAE;KACf,CAAC,CAAC;IAEH,MAAM,mBAAmB,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAEhD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,CAAC;AAC1E,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,EAC3B,gBAAgB,EAChB,OAAO,EACP,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,GACF,EAAmB,EAAE;IACtC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,QAAQ,CAAC,8BAA8B,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,QAAQ,CAAC,+BAA+B,CAAC,CAAC;IACtD,CAAC;IACD,IAAI,kBAAkB,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACrC,MAAM,IAAI,QAAQ,CAAC,gCAAgC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,mBAAmB,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,QAAQ,CAAC,sCAAsC,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,SAAS,GAAG,0BAA0B,CAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,QAAQ,GAAG,gBAAgB,CAC/B,SAAS,EACT,gBAAgB,EAChB,kBAAkB,CACJ,CAAC;IAEjB,QAAQ,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;IAEzC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC;QACzC,QAAQ,CAAC,MAAM,CAAC,mBAAmB,CAAC;QACpC,QAAQ,CAAC,KAAK,EAAE;KACjB,CAAC,CAAC;IAEH,OAAO,EAAE,oBAAoB,EAAE,CAAC;AAClC,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { KeyUnwrapOptions, KeyUnwrapResult, KeyWrapOptions, KeyWrapResult } from "
|
|
1
|
+
import type { KeyUnwrapOptions, KeyUnwrapResult, KeyWrapOptions, KeyWrapResult } from "../../types/key-wrap.js";
|
|
2
2
|
export declare const keyWrap: (options: KeyWrapOptions) => KeyWrapResult;
|
|
3
3
|
export declare const keyUnwrap: (options: KeyUnwrapOptions) => KeyUnwrapResult;
|
|
4
4
|
//# sourceMappingURL=key-wrap.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/key-wrap.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/key-wrap.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,aAAa,EACd,MAAM,yBAAyB,CAAC;AAIjC,eAAO,MAAM,OAAO,GAAI,SAAS,cAAc,KAAG,aAqBjD,CAAC;AAEF,eAAO,MAAM,SAAS,GAAI,SAAS,gBAAgB,KAAG,eAqBrD,CAAC"}
|
|
@@ -1,10 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const ecb_key_wrap_1 = require("./ecb-key-wrap");
|
|
6
|
-
const gcm_key_wrap_1 = require("./gcm-key-wrap");
|
|
7
|
-
const keyWrap = (options) => {
|
|
1
|
+
import { AesError } from "../../../errors/index.js";
|
|
2
|
+
import { ecbKeyUnwrap, ecbKeyWrap } from "./ecb-key-wrap.js";
|
|
3
|
+
import { gcmKeyUnwrap, gcmKeyWrap } from "./gcm-key-wrap.js";
|
|
4
|
+
export const keyWrap = (options) => {
|
|
8
5
|
switch (options.kryptos.algorithm) {
|
|
9
6
|
case "A128KW":
|
|
10
7
|
case "A192KW":
|
|
@@ -12,20 +9,19 @@ const keyWrap = (options) => {
|
|
|
12
9
|
case "ECDH-ES+A128KW":
|
|
13
10
|
case "ECDH-ES+A192KW":
|
|
14
11
|
case "ECDH-ES+A256KW":
|
|
15
|
-
return
|
|
12
|
+
return ecbKeyWrap(options);
|
|
16
13
|
case "A128GCMKW":
|
|
17
14
|
case "A192GCMKW":
|
|
18
15
|
case "A256GCMKW":
|
|
19
16
|
case "ECDH-ES+A128GCMKW":
|
|
20
17
|
case "ECDH-ES+A192GCMKW":
|
|
21
18
|
case "ECDH-ES+A256GCMKW":
|
|
22
|
-
return
|
|
19
|
+
return gcmKeyWrap(options);
|
|
23
20
|
default:
|
|
24
|
-
throw new
|
|
21
|
+
throw new AesError("Unsupported key wrap algorithm");
|
|
25
22
|
}
|
|
26
23
|
};
|
|
27
|
-
|
|
28
|
-
const keyUnwrap = (options) => {
|
|
24
|
+
export const keyUnwrap = (options) => {
|
|
29
25
|
switch (options.kryptos.algorithm) {
|
|
30
26
|
case "A128KW":
|
|
31
27
|
case "A192KW":
|
|
@@ -33,17 +29,16 @@ const keyUnwrap = (options) => {
|
|
|
33
29
|
case "ECDH-ES+A128KW":
|
|
34
30
|
case "ECDH-ES+A192KW":
|
|
35
31
|
case "ECDH-ES+A256KW":
|
|
36
|
-
return
|
|
32
|
+
return ecbKeyUnwrap(options);
|
|
37
33
|
case "A128GCMKW":
|
|
38
34
|
case "A192GCMKW":
|
|
39
35
|
case "A256GCMKW":
|
|
40
36
|
case "ECDH-ES+A128GCMKW":
|
|
41
37
|
case "ECDH-ES+A192GCMKW":
|
|
42
38
|
case "ECDH-ES+A256GCMKW":
|
|
43
|
-
return
|
|
39
|
+
return gcmKeyUnwrap(options);
|
|
44
40
|
default:
|
|
45
|
-
throw new
|
|
41
|
+
throw new AesError("Unsupported key wrap algorithm");
|
|
46
42
|
}
|
|
47
43
|
};
|
|
48
|
-
exports.keyUnwrap = keyUnwrap;
|
|
49
44
|
//# sourceMappingURL=key-wrap.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/key-wrap.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/key-wrap/key-wrap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAOpD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE7D,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,OAAuB,EAAiB,EAAE;IAChE,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B;YACE,MAAM,IAAI,QAAQ,CAAC,gCAAgC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAyB,EAAmB,EAAE;IACtE,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QAE/B,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QAE/B;YACE,MAAM,IAAI,QAAQ,CAAC,gCAAgC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "
|
|
1
|
+
import type { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../types/content-encryption-key.js";
|
|
2
2
|
export declare const getOctDirEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
|
|
3
3
|
export declare const getOctDirDecryptionKey: ({ encryption, kryptos, }: DecryptCekOptions) => DecryptCekResult;
|
|
4
4
|
//# sourceMappingURL=get-oct-dir-keys.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-dir-keys.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"get-oct-dir-keys.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,uCAAuC,CAAC;AAG/C,eAAO,MAAM,sBAAsB,GAAI,0BAGpC,gBAAgB,KAAG,eAerB,CAAC;AAEF,eAAO,MAAM,sBAAsB,GAAI,0BAGpC,iBAAiB,KAAG,gBAetB,CAAC"}
|
|
@@ -1,35 +1,30 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const getOctDirEncryptionKey = ({ encryption, kryptos, }) => {
|
|
8
|
-
if (!kryptos_1.KryptosKit.isOct(kryptos)) {
|
|
9
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
1
|
+
import { KryptosKit } from "@lindorm/kryptos";
|
|
2
|
+
import { AesError } from "../../../errors/index.js";
|
|
3
|
+
import { calculateContentEncryptionKeySize } from "../calculate/calculate-content-encryption-key-size.js";
|
|
4
|
+
export const getOctDirEncryptionKey = ({ encryption, kryptos, }) => {
|
|
5
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
6
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
10
7
|
}
|
|
11
8
|
const der = kryptos.export("der");
|
|
12
|
-
const keyLength =
|
|
9
|
+
const keyLength = calculateContentEncryptionKeySize(encryption);
|
|
13
10
|
if (der.privateKey.length !== keyLength) {
|
|
14
|
-
throw new
|
|
11
|
+
throw new AesError("Invalid key length", {
|
|
15
12
|
debug: { keyLength, privateKeyLength: der.privateKey.length },
|
|
16
13
|
});
|
|
17
14
|
}
|
|
18
15
|
return { contentEncryptionKey: der.privateKey };
|
|
19
16
|
};
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
17
|
+
export const getOctDirDecryptionKey = ({ encryption, kryptos, }) => {
|
|
18
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
19
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
24
20
|
}
|
|
25
21
|
const der = kryptos.export("der");
|
|
26
|
-
const keyLength =
|
|
22
|
+
const keyLength = calculateContentEncryptionKeySize(encryption);
|
|
27
23
|
if (der.privateKey.length !== keyLength) {
|
|
28
|
-
throw new
|
|
24
|
+
throw new AesError("Invalid key length", {
|
|
29
25
|
debug: { keyLength, privateKeyLength: der.privateKey.length },
|
|
30
26
|
});
|
|
31
27
|
}
|
|
32
28
|
return { contentEncryptionKey: der.privateKey };
|
|
33
29
|
};
|
|
34
|
-
exports.getOctDirDecryptionKey = getOctDirDecryptionKey;
|
|
35
30
|
//# sourceMappingURL=get-oct-dir-keys.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-dir-keys.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"get-oct-dir-keys.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAOpD,OAAO,EAAE,iCAAiC,EAAE,MAAM,uDAAuD,CAAC;AAE1G,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,EACrC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,iCAAiC,CAAC,UAAU,CAAC,CAAC;IAEhE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,EACrC,UAAU,EACV,OAAO,GACW,EAAoB,EAAE;IACxC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,iCAAiC,CAAC,UAAU,CAAC,CAAC;IAEhE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "
|
|
1
|
+
import type { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../types/content-encryption-key.js";
|
|
2
2
|
export declare const getOctKeyWrapEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
|
|
3
3
|
export declare const getOctKeyWrapDecryptionKey: ({ kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }: DecryptCekOptions) => DecryptCekResult;
|
|
4
4
|
//# sourceMappingURL=get-oct-key-key-wrap.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-key-key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"get-oct-key-key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,uCAAuC,CAAC;AAK/C,eAAO,MAAM,0BAA0B,GAAI,0BAGxC,gBAAgB,KAAG,eAyBrB,CAAC;AAEF,eAAO,MAAM,0BAA0B,GAAI,4EAKxC,iBAAiB,KAAG,gBAoBtB,CAAC"}
|
|
@@ -1,22 +1,19 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
const getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
11
|
-
if (!kryptos_1.KryptosKit.isOct(kryptos)) {
|
|
12
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
1
|
+
import { KryptosKit } from "@lindorm/kryptos";
|
|
2
|
+
import { randomBytes } from "crypto";
|
|
3
|
+
import { AesError } from "../../../errors/index.js";
|
|
4
|
+
import { calculateContentEncryptionKeySize } from "../calculate/calculate-content-encryption-key-size.js";
|
|
5
|
+
import { calculateKeyWrapSize } from "../calculate/calculate-key-wrap-size.js";
|
|
6
|
+
import { keyUnwrap, keyWrap } from "../key-wrap/key-wrap.js";
|
|
7
|
+
export const getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
8
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
9
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
13
10
|
}
|
|
14
11
|
const der = kryptos.export("der");
|
|
15
|
-
const cekSize =
|
|
16
|
-
const contentEncryptionKey =
|
|
17
|
-
const keyWrapSize =
|
|
12
|
+
const cekSize = calculateContentEncryptionKeySize(encryption);
|
|
13
|
+
const contentEncryptionKey = randomBytes(cekSize);
|
|
14
|
+
const keyWrapSize = calculateKeyWrapSize(kryptos.algorithm);
|
|
18
15
|
const keyEncryptionKey = der.privateKey.subarray(0, keyWrapSize);
|
|
19
|
-
const { publicEncryptionKey, publicEncryptionIv, publicEncryptionTag } =
|
|
16
|
+
const { publicEncryptionKey, publicEncryptionIv, publicEncryptionTag } = keyWrap({
|
|
20
17
|
contentEncryptionKey,
|
|
21
18
|
kryptos,
|
|
22
19
|
keyEncryptionKey,
|
|
@@ -28,18 +25,17 @@ const getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
|
28
25
|
publicEncryptionTag,
|
|
29
26
|
};
|
|
30
27
|
};
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
28
|
+
export const getOctKeyWrapDecryptionKey = ({ kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }) => {
|
|
29
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
30
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
35
31
|
}
|
|
36
32
|
if (!publicEncryptionKey) {
|
|
37
|
-
throw new
|
|
33
|
+
throw new AesError("Missing publicEncryptionKey");
|
|
38
34
|
}
|
|
39
35
|
const der = kryptos.export("der");
|
|
40
|
-
const keyWrapSize =
|
|
36
|
+
const keyWrapSize = calculateKeyWrapSize(kryptos.algorithm);
|
|
41
37
|
const keyEncryptionKey = der.privateKey.subarray(0, keyWrapSize);
|
|
42
|
-
return
|
|
38
|
+
return keyUnwrap({
|
|
43
39
|
keyEncryptionKey,
|
|
44
40
|
kryptos,
|
|
45
41
|
publicEncryptionIv,
|
|
@@ -47,5 +43,4 @@ const getOctKeyWrapDecryptionKey = ({ kryptos, publicEncryptionIv, publicEncrypt
|
|
|
47
43
|
publicEncryptionTag,
|
|
48
44
|
});
|
|
49
45
|
};
|
|
50
|
-
exports.getOctKeyWrapDecryptionKey = getOctKeyWrapDecryptionKey;
|
|
51
46
|
//# sourceMappingURL=get-oct-key-key-wrap.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-key-key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"get-oct-key-key-wrap.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAOpD,OAAO,EAAE,iCAAiC,EAAE,MAAM,uDAAuD,CAAC;AAC1G,OAAO,EAAE,oBAAoB,EAAE,MAAM,yCAAyC,CAAC;AAC/E,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAE7D,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,EACzC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,OAAO,GAAG,iCAAiC,CAAC,UAAU,CAAC,CAAC;IAC9D,MAAM,oBAAoB,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAElD,MAAM,WAAW,GAAG,oBAAoB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,gBAAgB,GAAG,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAEjE,MAAM,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAAG,OAAO,CAAC;QAC/E,oBAAoB;QACpB,OAAO;QACP,gBAAgB;KACjB,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,mBAAmB;QACnB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,EACzC,OAAO,EACP,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,GACD,EAAoB,EAAE;IACxC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,WAAW,GAAG,oBAAoB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,gBAAgB,GAAG,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAEjE,OAAO,SAAS,CAAC;QACf,gBAAgB;QAChB,OAAO;QACP,kBAAkB;QAClB,mBAAmB;QACnB,mBAAmB;KACpB,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "
|
|
1
|
+
import type { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../types/content-encryption-key.js";
|
|
2
2
|
export declare const getOctPbkdfKeyWrapEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
|
|
3
3
|
export declare const getOctPbkdfKeyWrapDecryptionKey: ({ kryptos, pbkdfIterations, pbkdfSalt, publicEncryptionKey, }: DecryptCekOptions) => DecryptCekResult;
|
|
4
4
|
//# sourceMappingURL=get-oct-pbkdf-key-wrap-keys.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.d.ts","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,uCAAuC,CAAC;AAO/C,eAAO,MAAM,+BAA+B,GAAI,0BAG7C,gBAAgB,KAAG,eA6BrB,CAAC;AAEF,eAAO,MAAM,+BAA+B,GAAI,+DAK7C,iBAAiB,KAAG,gBAwBtB,CAAC"}
|
|
@@ -1,28 +1,25 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
const
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
const getOctPbkdfKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
13
|
-
if (!kryptos_1.KryptosKit.isOct(kryptos)) {
|
|
14
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
1
|
+
import { KryptosKit } from "@lindorm/kryptos";
|
|
2
|
+
import { randomBytes } from "crypto";
|
|
3
|
+
import { AesError } from "../../../errors/index.js";
|
|
4
|
+
import { calculateContentEncryptionKeySize } from "../calculate/calculate-content-encryption-key-size.js";
|
|
5
|
+
import { calculateKeyWrapSize } from "../calculate/calculate-key-wrap-size.js";
|
|
6
|
+
import { calculatePbkdfAlgorithm } from "../calculate/calculate-pbkdf-hash.js";
|
|
7
|
+
import { pbkdf } from "../key-derivation/pbkdf.js";
|
|
8
|
+
import { ecbKeyUnwrap, ecbKeyWrap } from "../key-wrap/ecb-key-wrap.js";
|
|
9
|
+
export const getOctPbkdfKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
10
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
11
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
15
12
|
}
|
|
16
13
|
const der = kryptos.export("der");
|
|
17
|
-
const cekSize =
|
|
18
|
-
const contentEncryptionKey =
|
|
19
|
-
const { derivedKey, pbkdfIterations, pbkdfSalt } =
|
|
14
|
+
const cekSize = calculateContentEncryptionKeySize(encryption);
|
|
15
|
+
const contentEncryptionKey = randomBytes(cekSize);
|
|
16
|
+
const { derivedKey, pbkdfIterations, pbkdfSalt } = pbkdf({
|
|
20
17
|
derivationKey: der.privateKey,
|
|
21
|
-
keyLength:
|
|
22
|
-
algorithm:
|
|
18
|
+
keyLength: calculateKeyWrapSize(kryptos.algorithm),
|
|
19
|
+
algorithm: calculatePbkdfAlgorithm(kryptos),
|
|
23
20
|
kryptosAlgorithm: kryptos.algorithm,
|
|
24
21
|
});
|
|
25
|
-
const { publicEncryptionKey } =
|
|
22
|
+
const { publicEncryptionKey } = ecbKeyWrap({
|
|
26
23
|
contentEncryptionKey,
|
|
27
24
|
kryptos,
|
|
28
25
|
keyEncryptionKey: derivedKey,
|
|
@@ -34,28 +31,26 @@ const getOctPbkdfKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
|
|
|
34
31
|
publicEncryptionKey,
|
|
35
32
|
};
|
|
36
33
|
};
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
34
|
+
export const getOctPbkdfKeyWrapDecryptionKey = ({ kryptos, pbkdfIterations, pbkdfSalt, publicEncryptionKey, }) => {
|
|
35
|
+
if (!KryptosKit.isOct(kryptos)) {
|
|
36
|
+
throw new AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
|
|
41
37
|
}
|
|
42
38
|
if (!publicEncryptionKey) {
|
|
43
|
-
throw new
|
|
39
|
+
throw new AesError("Missing publicEncryptionKey");
|
|
44
40
|
}
|
|
45
41
|
const der = kryptos.export("der");
|
|
46
|
-
const { derivedKey } =
|
|
42
|
+
const { derivedKey } = pbkdf({
|
|
47
43
|
derivationKey: der.privateKey,
|
|
48
|
-
keyLength:
|
|
49
|
-
algorithm:
|
|
44
|
+
keyLength: calculateKeyWrapSize(kryptos.algorithm),
|
|
45
|
+
algorithm: calculatePbkdfAlgorithm(kryptos),
|
|
50
46
|
kryptosAlgorithm: kryptos.algorithm,
|
|
51
47
|
pbkdfIterations,
|
|
52
48
|
pbkdfSalt,
|
|
53
49
|
});
|
|
54
|
-
return
|
|
50
|
+
return ecbKeyUnwrap({
|
|
55
51
|
keyEncryptionKey: derivedKey,
|
|
56
52
|
kryptos,
|
|
57
53
|
publicEncryptionKey,
|
|
58
54
|
});
|
|
59
55
|
};
|
|
60
|
-
exports.getOctPbkdfKeyWrapDecryptionKey = getOctPbkdfKeyWrapDecryptionKey;
|
|
61
56
|
//# sourceMappingURL=get-oct-pbkdf-key-wrap-keys.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.js","sourceRoot":"","sources":["../../../../src/internal/utils/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAOpD,OAAO,EAAE,iCAAiC,EAAE,MAAM,uDAAuD,CAAC;AAC1G,OAAO,EAAE,oBAAoB,EAAE,MAAM,yCAAyC,CAAC;AAC/E,OAAO,EAAE,uBAAuB,EAAE,MAAM,sCAAsC,CAAC;AAC/E,OAAO,EAAE,KAAK,EAAE,MAAM,4BAA4B,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEvE,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,EAC9C,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,OAAO,GAAG,iCAAiC,CAAC,UAAU,CAAC,CAAC;IAC9D,MAAM,oBAAoB,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAElD,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC;QACvD,aAAa,EAAE,GAAG,CAAC,UAAU;QAC7B,SAAS,EAAE,oBAAoB,CAAC,OAAO,CAAC,SAAS,CAAC;QAClD,SAAS,EAAE,uBAAuB,CAAC,OAAO,CAAC;QAC3C,gBAAgB,EAAE,OAAO,CAAC,SAAS;KACpC,CAAC,CAAC;IAEH,MAAM,EAAE,mBAAmB,EAAE,GAAG,UAAU,CAAC;QACzC,oBAAoB;QACpB,OAAO;QACP,gBAAgB,EAAE,UAAU;KAC7B,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,eAAe;QACf,SAAS;QACT,mBAAmB;KACpB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,EAC9C,OAAO,EACP,eAAe,EACf,SAAS,EACT,mBAAmB,GACD,EAAoB,EAAE;IACxC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,QAAQ,CAAC,6BAA6B,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC;QAC3B,aAAa,EAAE,GAAG,CAAC,UAAU;QAC7B,SAAS,EAAE,oBAAoB,CAAC,OAAO,CAAC,SAAS,CAAC;QAClD,SAAS,EAAE,uBAAuB,CAAC,OAAO,CAAC;QAC3C,gBAAgB,EAAE,OAAO,CAAC,SAAS;QACnC,eAAe;QACf,SAAS;KACV,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC;QAClB,gBAAgB,EAAE,UAAU;QAC5B,OAAO;QACP,mBAAmB;KACpB,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import { PrepareEncryptionOptions, PreparedEncryption } from "
|
|
1
|
+
import type { PrepareEncryptionOptions, PreparedEncryption } from "../types/prepared-encryption.js";
|
|
2
2
|
export declare const prepareAesEncryption: (options: PrepareEncryptionOptions) => PreparedEncryption;
|
|
3
3
|
//# sourceMappingURL=prepare-encryption.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prepare-encryption.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/prepare-encryption.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"prepare-encryption.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/prepare-encryption.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,wBAAwB,EACxB,kBAAkB,EACnB,MAAM,iCAAiC,CAAC;AAIzC,eAAO,MAAM,oBAAoB,GAC/B,SAAS,wBAAwB,KAChC,kBA8BF,CAAC"}
|
|
@@ -1,11 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const encrypt_content_1 = require("#internal/utils/encrypt-content");
|
|
5
|
-
const get_encryption_key_1 = require("#internal/utils/get-key/get-encryption-key");
|
|
6
|
-
const prepareAesEncryption = (options) => {
|
|
1
|
+
import { encryptAesContent } from "./encrypt-content.js";
|
|
2
|
+
import { getEncryptionKey } from "./get-key/get-encryption-key.js";
|
|
3
|
+
export const prepareAesEncryption = (options) => {
|
|
7
4
|
const { encryption = "A256GCM", kryptos } = options;
|
|
8
|
-
const { contentEncryptionKey, pbkdfIterations, pbkdfSalt, publicEncryptionIv, publicEncryptionJwk, publicEncryptionKey, publicEncryptionTag, } =
|
|
5
|
+
const { contentEncryptionKey, pbkdfIterations, pbkdfSalt, publicEncryptionIv, publicEncryptionJwk, publicEncryptionKey, publicEncryptionTag, } = getEncryptionKey({ encryption, kryptos });
|
|
9
6
|
return {
|
|
10
7
|
headerParams: {
|
|
11
8
|
publicEncryptionJwk,
|
|
@@ -15,7 +12,7 @@ const prepareAesEncryption = (options) => {
|
|
|
15
12
|
publicEncryptionTag,
|
|
16
13
|
},
|
|
17
14
|
publicEncryptionKey,
|
|
18
|
-
encrypt: (data, opts) =>
|
|
15
|
+
encrypt: (data, opts) => encryptAesContent({
|
|
19
16
|
aad: opts?.aad,
|
|
20
17
|
contentEncryptionKey,
|
|
21
18
|
data,
|
|
@@ -23,5 +20,4 @@ const prepareAesEncryption = (options) => {
|
|
|
23
20
|
}),
|
|
24
21
|
};
|
|
25
22
|
};
|
|
26
|
-
exports.prepareAesEncryption = prepareAesEncryption;
|
|
27
23
|
//# sourceMappingURL=prepare-encryption.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prepare-encryption.js","sourceRoot":"","sources":["../../../src/internal/utils/prepare-encryption.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"prepare-encryption.js","sourceRoot":"","sources":["../../../src/internal/utils/prepare-encryption.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAEnE,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAClC,OAAiC,EACb,EAAE;IACtB,MAAM,EAAE,UAAU,GAAG,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAEpD,MAAM,EACJ,oBAAoB,EACpB,eAAe,EACf,SAAS,EACT,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,GAAG,gBAAgB,CAAC,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,CAAC;IAE9C,OAAO;QACL,YAAY,EAAE;YACZ,mBAAmB;YACnB,eAAe;YACf,SAAS;YACT,kBAAkB;YAClB,mBAAmB;SACpB;QACD,mBAAmB;QACnB,OAAO,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CACtB,iBAAiB,CAAC;YAChB,GAAG,EAAE,IAAI,EAAE,GAAG;YACd,oBAAoB;YACpB,IAAI;YACJ,UAAU;SACX,CAAC;KACL,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { ParsedAesDecryptionRecord, SerialisedAesDecryption } from "../../types/aes-decryption-data";
|
|
2
|
-
import { AesEncryptionRecord, SerialisedAesEncryption } from "../../types/aes-encryption-data";
|
|
1
|
+
import type { ParsedAesDecryptionRecord, SerialisedAesDecryption } from "../../types/aes-decryption-data.js";
|
|
2
|
+
import type { AesEncryptionRecord, SerialisedAesEncryption } from "../../types/aes-encryption-data.js";
|
|
3
3
|
export declare const createSerialisedAesRecord: (data: AesEncryptionRecord) => SerialisedAesEncryption;
|
|
4
4
|
export declare const parseSerialisedAesRecord: (options: SerialisedAesDecryption) => ParsedAesDecryptionRecord;
|
|
5
5
|
//# sourceMappingURL=serialised-aes.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serialised-aes.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/serialised-aes.ts"],"names":[],"mappings":"AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"serialised-aes.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/serialised-aes.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,yBAAyB,EACzB,uBAAuB,EACxB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,KAAK,EACV,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,oCAAoC,CAAC;AAwB5C,eAAO,MAAM,yBAAyB,GACpC,MAAM,mBAAmB,KACxB,uBAuBF,CAAC;AAEF,eAAO,MAAM,wBAAwB,GACnC,SAAS,uBAAuB,KAC/B,yBAaF,CAAC"}
|
|
@@ -1,11 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const
|
|
5
|
-
const
|
|
6
|
-
const aes_header_1 = require("#internal/utils/aes-header");
|
|
7
|
-
const createSerialisedAesRecord = (data) => {
|
|
8
|
-
const header = (0, aes_header_1.buildAesHeader)({
|
|
1
|
+
import { B64 } from "@lindorm/b64";
|
|
2
|
+
import { AES_FORMAT_VERSION } from "../constants/version.js";
|
|
3
|
+
import { buildAesHeader, computeAad, decodeAesHeader, encodeAesHeader, headerToDecryptionParams, } from "./aes-header.js";
|
|
4
|
+
export const createSerialisedAesRecord = (data) => {
|
|
5
|
+
const header = buildAesHeader({
|
|
9
6
|
algorithm: data.algorithm,
|
|
10
7
|
contentType: data.contentType,
|
|
11
8
|
encryption: data.encryption,
|
|
@@ -18,28 +15,26 @@ const createSerialisedAesRecord = (data) => {
|
|
|
18
15
|
});
|
|
19
16
|
return {
|
|
20
17
|
cek: data.publicEncryptionKey
|
|
21
|
-
?
|
|
18
|
+
? B64.encode(data.publicEncryptionKey, "b64u")
|
|
22
19
|
: undefined,
|
|
23
|
-
ciphertext:
|
|
24
|
-
header:
|
|
25
|
-
iv:
|
|
26
|
-
tag:
|
|
27
|
-
v:
|
|
20
|
+
ciphertext: B64.encode(data.content, "b64u"),
|
|
21
|
+
header: encodeAesHeader(header),
|
|
22
|
+
iv: B64.encode(data.initialisationVector, "b64u"),
|
|
23
|
+
tag: B64.encode(data.authTag, "b64u"),
|
|
24
|
+
v: AES_FORMAT_VERSION,
|
|
28
25
|
};
|
|
29
26
|
};
|
|
30
|
-
|
|
31
|
-
const
|
|
32
|
-
const
|
|
33
|
-
const
|
|
34
|
-
const aad = (0, aes_header_1.computeAad)(options.header);
|
|
27
|
+
export const parseSerialisedAesRecord = (options) => {
|
|
28
|
+
const header = decodeAesHeader(options.header);
|
|
29
|
+
const params = headerToDecryptionParams(header);
|
|
30
|
+
const aad = computeAad(options.header);
|
|
35
31
|
return {
|
|
36
32
|
...params,
|
|
37
33
|
aad,
|
|
38
|
-
authTag:
|
|
39
|
-
content:
|
|
40
|
-
initialisationVector:
|
|
41
|
-
publicEncryptionKey: options.cek ?
|
|
34
|
+
authTag: B64.toBuffer(options.tag, "b64u"),
|
|
35
|
+
content: B64.toBuffer(options.ciphertext, "b64u"),
|
|
36
|
+
initialisationVector: B64.toBuffer(options.iv, "b64u"),
|
|
37
|
+
publicEncryptionKey: options.cek ? B64.toBuffer(options.cek, "b64u") : undefined,
|
|
42
38
|
};
|
|
43
39
|
};
|
|
44
|
-
exports.parseSerialisedAesRecord = parseSerialisedAesRecord;
|
|
45
40
|
//# sourceMappingURL=serialised-aes.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serialised-aes.js","sourceRoot":"","sources":["../../../src/internal/utils/serialised-aes.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"serialised-aes.js","sourceRoot":"","sources":["../../../src/internal/utils/serialised-aes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAS7D,OAAO,EACL,cAAc,EACd,UAAU,EACV,eAAe,EACf,eAAe,EACf,wBAAwB,GACzB,MAAM,iBAAiB,CAAC;AAiBzB,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACvC,IAAyB,EACA,EAAE;IAC3B,MAAM,MAAM,GAAG,cAAc,CAAC;QAC5B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;QAC3C,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;QAC7C,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;KAC9C,CAAC,CAAC;IAEH,OAAO;QACL,GAAG,EAAE,IAAI,CAAC,mBAAmB;YAC3B,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,MAAM,CAAC;YAC9C,CAAC,CAAC,SAAS;QACb,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;QAC5C,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC;QAC/B,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,MAAM,CAAC;QACjD,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;QACrC,CAAC,EAAE,kBAAkB;KACtB,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG,CACtC,OAAgC,EACL,EAAE;IAC7B,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvC,OAAO;QACL,GAAG,MAAM;QACT,GAAG;QACH,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC;QAC1C,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC;QACjD,oBAAoB,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC;QACtD,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;KACjF,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { ParsedAesDecryptionRecord } from "../../types/aes-decryption-data";
|
|
2
|
-
import { AesEncryptionRecord } from "../../types/aes-encryption-data";
|
|
1
|
+
import type { ParsedAesDecryptionRecord } from "../../types/aes-decryption-data.js";
|
|
2
|
+
import type { AesEncryptionRecord } from "../../types/aes-encryption-data.js";
|
|
3
3
|
export declare const createTokenisedAesString: (data: AesEncryptionRecord) => string;
|
|
4
4
|
export declare const parseTokenisedAesString: (data: string) => ParsedAesDecryptionRecord;
|
|
5
5
|
//# sourceMappingURL=tokenised-aes.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tokenised-aes.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/tokenised-aes.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,yBAAyB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"tokenised-aes.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/tokenised-aes.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAsB9E,eAAO,MAAM,wBAAwB,GAAI,MAAM,mBAAmB,KAAG,MAwBpE,CAAC;AAEF,eAAO,MAAM,uBAAuB,GAAI,MAAM,MAAM,KAAG,yBAqEtD,CAAC"}
|