@microsoft/ccf-app 3.0.0-dev5 → 3.0.0-rc0

package/converters.js

@@ -19,8 +19,29 @@
  * @module
  */
 import { ccf } from "./global.js";
+function checkBoolean(val) {
+    if (typeof val !== "boolean") {
+        throw new TypeError(`Value ${val} is not a boolean`);
+    }
+}
+function checkNumber(val) {
+    if (typeof val !== "number") {
+        throw new TypeError(`Value ${val} is not a number`);
+    }
+}
+function checkBigInt(val) {
+    if (typeof val !== "bigint") {
+        throw new TypeError(`Value ${val} is not a bigint`);
+    }
+}
+function checkString(val) {
+    if (typeof val !== "string") {
+        throw new TypeError(`Value ${val} is not a string`);
+    }
+}
 class BoolConverter {
     encode(val) {
+        checkBoolean(val);
         const buf = new ArrayBuffer(1);
         new DataView(buf).setUint8(0, val ? 1 : 0);
         return buf;
@@ -31,6 +52,7 @@ class BoolConverter {
 }
 class Int8Converter {
     encode(val) {
+        checkNumber(val);
         if (val < -128 || val > 127) {
             throw new RangeError("value is not within int8 range");
         }
@@ -44,6 +66,7 @@ class Int8Converter {
 }
 class Uint8Converter {
     encode(val) {
+        checkNumber(val);
         if (val < 0 || val > 255) {
             throw new RangeError("value is not within uint8 range");
         }
@@ -57,6 +80,7 @@ class Uint8Converter {
 }
 class Int16Converter {
     encode(val) {
+        checkNumber(val);
         if (val < -32768 || val > 32767) {
             throw new RangeError("value is not within int16 range");
         }
@@ -70,6 +94,7 @@ class Int16Converter {
 }
 class Uint16Converter {
     encode(val) {
+        checkNumber(val);
         if (val < 0 || val > 65535) {
             throw new RangeError("value is not within uint16 range");
         }
@@ -83,6 +108,7 @@ class Uint16Converter {
 }
 class Int32Converter {
     encode(val) {
+        checkNumber(val);
         if (val < -2147483648 || val > 2147483647) {
             throw new RangeError("value is not within int32 range");
         }
@@ -96,6 +122,7 @@ class Int32Converter {
 }
 class Uint32Converter {
     encode(val) {
+        checkNumber(val);
         if (val < 0 || val > 4294967295) {
             throw new RangeError("value is not within uint32 range");
         }
@@ -109,6 +136,7 @@ class Uint32Converter {
 }
 class Int64Converter {
     encode(val) {
+        checkBigInt(val);
         const buf = new ArrayBuffer(8);
         new DataView(buf).setBigInt64(0, val, true);
         return buf;
@@ -119,6 +147,7 @@ class Int64Converter {
 }
 class Uint64Converter {
     encode(val) {
+        checkBigInt(val);
         const buf = new ArrayBuffer(8);
         new DataView(buf).setBigUint64(0, val, true);
         return buf;
@@ -129,6 +158,7 @@ class Uint64Converter {
 }
 class Float32Converter {
     encode(val) {
+        checkNumber(val);
         const buf = new ArrayBuffer(4);
         new DataView(buf).setFloat32(0, val, true);
         return buf;
@@ -139,6 +169,7 @@ class Float32Converter {
 }
 class Float64Converter {
     encode(val) {
+        checkNumber(val);
         const buf = new ArrayBuffer(8);
         new DataView(buf).setFloat64(0, val, true);
         return buf;
@@ -149,6 +180,7 @@ class Float64Converter {
 }
 class StringConverter {
     encode(val) {
+        checkString(val);
         return ccf.strToBuf(val);
     }
     decode(buf) {

package/crypto.d.ts

@@ -10,6 +10,10 @@ export declare const generateRsaKeyPair: (size: number, exponent?: number | unde
  * @inheritDoc CCF.generateEcdsaKeyPair
  */
 export declare const generateEcdsaKeyPair: (curve: string) => import("./global.js").CryptoKeyPair;
+/**
+ * @inheritDoc CCFCrypto.generateEcdsaKeyPair
+ */
+export declare const generateEddsaKeyPair: (curve: string) => import("./global.js").CryptoKeyPair;
 /**
  * @inheritDoc CCF.wrapKey
  */
@@ -30,4 +34,20 @@ export declare const isValidX509CertBundle: (pem: string) => boolean;
  * @inheritDoc CCF.isValidX509CertChain
  */
 export declare const isValidX509CertChain: (chain: string, trusted: string) => boolean;
+/**
+ * @inheritDoc CCF.pubPemToJwk
+ */
+export declare const pubPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyECPublic;
+/**
+ * @inheritDoc CCF.pemToJwk
+ */
+export declare const pemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyECPrivate;
+/**
+ * @inheritDoc CCF.pubRsaPemToJwk
+ */
+export declare const pubRsaPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyRSAPublic;
+/**
+ * @inheritDoc CCF.rsaPemToJwk
+ */
+export declare const rsaPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyRSAPrivate;
 export { WrapAlgoParams, AesKwpParams, RsaOaepParams, RsaOaepAesKwpParams, CryptoKeyPair, DigestAlgorithm, SigningAlgorithm, RsaPkcsParams, EcdsaParams, } from "./global";

package/crypto.js

@@ -17,19 +17,23 @@ import { ccf } from "./global.js";
 /**
  * @inheritDoc CCF.generateAesKey
  */
-export const generateAesKey = ccf.generateAesKey;
+export const generateAesKey = ccf.crypto.generateAesKey;
 /**
  * @inheritDoc CCF.generateRsaKeyPair
  */
-export const generateRsaKeyPair = ccf.generateRsaKeyPair;
+export const generateRsaKeyPair = ccf.crypto.generateRsaKeyPair;
 /**
  * @inheritDoc CCF.generateEcdsaKeyPair
  */
-export const generateEcdsaKeyPair = ccf.generateEcdsaKeyPair;
+export const generateEcdsaKeyPair = ccf.crypto.generateEcdsaKeyPair;
+/**
+ * @inheritDoc CCFCrypto.generateEcdsaKeyPair
+ */
+export const generateEddsaKeyPair = ccf.crypto.generateEddsaKeyPair;
 /**
  * @inheritDoc CCF.wrapKey
  */
-export const wrapKey = ccf.wrapKey;
+export const wrapKey = ccf.crypto.wrapKey;
 /**
  * @inheritDoc CCFCrypto.verifySignature
  */
@@ -37,12 +41,28 @@ export const verifySignature = ccf.crypto.verifySignature;
 /**
  * @inheritDoc CCF.digest
  */
-export const digest = ccf.digest;
+export const digest = ccf.crypto.digest;
 /**
  * @inheritDoc CCF.isValidX509CertBundle
  */
-export const isValidX509CertBundle = ccf.isValidX509CertBundle;
+export const isValidX509CertBundle = ccf.crypto.isValidX509CertBundle;
 /**
  * @inheritDoc CCF.isValidX509CertChain
  */
-export const isValidX509CertChain = ccf.isValidX509CertChain;
+export const isValidX509CertChain = ccf.crypto.isValidX509CertChain;
+/**
+ * @inheritDoc CCF.pubPemToJwk
+ */
+export const pubPemToJwk = ccf.crypto.pubPemToJwk;
+/**
+ * @inheritDoc CCF.pemToJwk
+ */
+export const pemToJwk = ccf.crypto.pemToJwk;
+/**
+ * @inheritDoc CCF.pubRsaPemToJwk
+ */
+export const pubRsaPemToJwk = ccf.crypto.pubRsaPemToJwk;
+/**
+ * @inheritDoc CCF.rsaPemToJwk
+ */
+export const rsaPemToJwk = ccf.crypto.rsaPemToJwk;

package/global.d.ts

@@ -164,11 +164,11 @@ export interface RsaOaepAesKwpParams {
 export declare type WrapAlgoParams = RsaOaepParams | AesKwpParams | RsaOaepAesKwpParams;
 export interface CryptoKeyPair {
     /**
-     * RSA private key in PEM encoding.
+     * Private key in PEM encoding.
      */
     privateKey: string;
     /**
-     * RSA public key in PEM encoding.
+     * Public key in PEM encoding.
      */
     publicKey: string;
 }
@@ -193,6 +193,63 @@ export interface EcdsaParams {
 }
 export declare type SigningAlgorithm = RsaPkcsParams | EcdsaParams;
 export declare type DigestAlgorithm = "SHA-256";
+/**
+ * Interfaces for JSON Web Key objects, as per [RFC7517](https://www.rfc-editor.org/rfc/rfc751).
+ */
+export interface JsonWebKey {
+    /**
+     * Key type.
+     */
+    kty: string;
+    /**
+     * Key ID.
+     */
+    kid?: string;
+}
+export interface JsonWebKeyECPublic extends JsonWebKey {
+    /**
+     * Elliptic curve identifier.
+     */
+    crv: string;
+    /**
+     * Base64url-encoded x coordinate.
+     */
+    x: string;
+    /**
+     * Base64url-encoded y coordinate.
+     */
+    y: string;
+}
+export interface JsonWebKeyECPrivate extends JsonWebKeyECPublic {
+    /**
+     * Base64url-encoded d coordinate.
+     */
+    d: string;
+}
+export interface JsonWebKeyRSAPublic extends JsonWebKey {
+    /**
+     * Base64url-encoded modulus.
+     */
+    n: string;
+    /**
+     * Base64url-encoded exponent.
+     */
+    e: string;
+}
+export interface JsonWebKeyRSAPrivate extends JsonWebKeyRSAPublic {
+    /**
+     * Private exponent.
+     */
+    d: string;
+    /**
+     * Additional exponents.
+     */
+    p: string;
+    q: string;
+    dp: string;
+    dq: string;
+    qi: string;
+}
 export interface CCFCrypto {
     /**
      * Returns whether digital signature is valid.
@@ -205,6 +262,83 @@ export interface CCFCrypto {
      *  signing algorithm or if an unknown algorithm is used.
      */
     verifySignature(algorithm: SigningAlgorithm, key: string, signature: ArrayBuffer, data: ArrayBuffer): boolean;
+    /**
+     * Generate an AES key.
+     *
+     * @param size The length in bits of the key to generate. 128, 192, or 256.
+     */
+    generateAesKey(size: number): ArrayBuffer;
+    /**
+     * Generate an RSA key pair.
+     *
+     * @param size The length in bits of the RSA modulus. Minimum: 2048.
+     * @param exponent The public exponent. Default: 65537.
+     */
+    generateRsaKeyPair(size: number, exponent?: number): CryptoKeyPair;
+    /**
+     * Generate an ECDSA key pair.
+     *
+     * @param curve The name of the curve, one of "secp256r1", "secp256k1", "secp384r1".
+     */
+    generateEcdsaKeyPair(curve: string): CryptoKeyPair;
+    /**
+     * Generate an EdDSA key pair.
+     *
+     * @param curve The name of the curve. Currently only "curve25519" is supported.
+     */
+    generateEddsaKeyPair(curve: string): CryptoKeyPair;
+    /**
+     * Wraps a key using a wrapping key.
+     *
+     * Constraints on the `key` and `wrappingKey` parameters depend
+     * on the wrapping algorithm that is used (`wrapAlgo`).
+     */
+    wrapKey(key: ArrayBuffer, wrappingKey: ArrayBuffer, wrapAlgo: WrapAlgoParams): ArrayBuffer;
+    /**
+     * Generate a digest (hash) of the given data.
+     */
+    digest(algorithm: DigestAlgorithm, data: ArrayBuffer): ArrayBuffer;
+    /**
+     * Returns whether a string is a PEM-encoded bundle of X.509 certificates.
+     *
+     * A bundle consists of one or more certificates.
+     * Certificates in the bundle do not have to be related to each other.
+     * Validation is only syntactical, properties like validity dates are not evaluated.
+     */
+    isValidX509CertBundle(pem: string): boolean;
+    /**
+     * Returns whether a certificate chain is valid given a set of trusted certificates.
+     * The chain and trusted certificates are PEM-encoded bundles of X.509 certificates.
+     */
+    isValidX509CertChain(chain: string, trusted: string): boolean;
+    /**
+     * Converts an elliptic curve public key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem Elliptic curve public key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pubPemToJwk(pem: string, kid?: string): JsonWebKeyECPublic;
+    /**
+     * Converts an elliptic curve private key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem Elliptic curve private key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pemToJwk(pem: string, kid?: string): JsonWebKeyECPrivate;
+    /**
+     * Converts an RSA public key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem RSA public key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pubRsaPemToJwk(pem: string, kid?: string): JsonWebKeyRSAPublic;
+    /**
+     * Converts an RSA private key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem RSA private key as PEM
+     * @param kid Key identifier (optional)
+     */
+    rsaPemToJwk(pem: string, kid?: string): JsonWebKeyRSAPrivate;
 }
 export interface CCFRpc {
     /**
@@ -309,46 +443,38 @@ export interface CCF {
      */
     bufToJsonCompatible<T extends JsonCompatible<T>>(v: ArrayBuffer): T;
     /**
-     * Generate an AES key.
-     *
-     * @param size The length in bits of the key to generate. 128, 192, or 256.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateAesKey
      */
     generateAesKey(size: number): ArrayBuffer;
     /**
-     * Generate an RSA key pair.
-     *
-     * @param size The length in bits of the RSA modulus. Minimum: 2048.
-     * @param exponent The public exponent. Default: 65537.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateRsaKeyPair
      */
     generateRsaKeyPair(size: number, exponent?: number): CryptoKeyPair;
     /**
-     * Generate an ECDSA key pair.
-     *
-     * @param curve The name of the curve, one of "secp256r1", "secp384r1".
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateEcdsaKeyPair
      */
     generateEcdsaKeyPair(curve: string): CryptoKeyPair;
     /**
-     * Wraps a key using a wrapping key.
-     *
-     * Constraints on the `key` and `wrappingKey` parameters depend
-     * on the wrapping algorithm that is used (`wrapAlgo`).
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.wrapKey
      */
     wrapKey(key: ArrayBuffer, wrappingKey: ArrayBuffer, wrapAlgo: WrapAlgoParams): ArrayBuffer;
     /**
-     * Generate a digest (hash) of the given data.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.digest
      */
     digest(algorithm: DigestAlgorithm, data: ArrayBuffer): ArrayBuffer;
     /**
-     * Returns whether a string is a PEM-encoded bundle of X.509 certificates.
-     *
-     * A bundle consists of one or more certificates.
-     * Certificates in the bundle do not have to be related to each other.
-     * Validation is only syntactical, properties like validity dates are not evaluated.
+     * @deprecated
+     * @see crypto.isValidX509CertBundle
      */
     isValidX509CertBundle(pem: string): boolean;
     /**
-     * Returns whether a certificate chain is valid given a set of trusted certificates.
-     * The chain and trusted certificates are PEM-encoded bundles of X.509 certificates.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.isValidX509CertChain
      */
     isValidX509CertChain(chain: string, trusted: string): boolean;
     crypto: CCFCrypto;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/ccf-app",
-  "version": "3.0.0-dev5",
+  "version": "3.0.0-rc0",
   "description": "CCF app support package",
   "main": "index.js",
   "files": [
@@ -19,12 +19,14 @@
   "license": "Apache-2.0",
   "devDependencies": {
     "@types/chai": "^4.2.15",
+    "@types/jsrsasign": "^10.5.4",
     "@types/mocha": "^10.0.0",
     "@types/node": "^18.0.0",
     "@types/node-forge": "^1.0.0",
     "chai": "^4.3.4",
     "colors": "1.4.0",
     "cross-env": "^7.0.3",
+    "jsrsasign": "^10.5.27",
     "mocha": "^10.0.0",
     "node-forge": "^1.2.0",
     "ts-node": "^10.4.0",

package/polyfill.js

@@ -14,8 +14,9 @@
  *
  * @module
  */
-import * as crypto from "crypto";
+import * as jscrypto from "crypto";
 import { TextEncoder, TextDecoder } from "util";
+import * as rs from "jsrsasign";
 // JavaScript's Map uses reference equality for non-primitive types,
 // whereas CCF compares the content of the ArrayBuffer.
 // To achieve CCF's semantics, all keys are base64-encoded.
@@ -93,10 +94,10 @@ class CCFPolyfill {
         this.crypto = {
             verifySignature(algorithm, key, signature, data) {
                 let padding = undefined;
-                const pubKey = crypto.createPublicKey(key);
+                const pubKey = jscrypto.createPublicKey(key);
                 if (pubKey.asymmetricKeyType == "rsa") {
                     if (algorithm.name === "RSASSA-PKCS1-v1_5") {
-                        padding = crypto.constants.RSA_PKCS1_PADDING;
+                        padding = jscrypto.constants.RSA_PKCS1_PADDING;
                     }
                     else {
                         throw new Error("incompatible signing algorithm for given key type");
@@ -111,7 +112,7 @@ class CCFPolyfill {
                     throw new Error("unrecognized signing algorithm");
                 }
                 const hashAlg = algorithm.hash.replace("-", "").toLowerCase();
-                const verifier = crypto.createVerify(hashAlg);
+                const verifier = jscrypto.createVerify(hashAlg);
                 verifier.update(new Uint8Array(data));
                 return verifier.verify({
                     key: pubKey,
@@ -119,6 +120,189 @@ class CCFPolyfill {
                     padding: padding,
                 }, new Uint8Array(signature));
             },
+            generateAesKey(size) {
+                return nodeBufToArrBuf(jscrypto.randomBytes(size / 8));
+            },
+            generateRsaKeyPair(size, exponent) {
+                const rsaKeyPair = jscrypto.generateKeyPairSync("rsa", {
+                    modulusLength: size,
+                    publicExponent: exponent,
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return rsaKeyPair;
+            },
+            generateEcdsaKeyPair(curve) {
+                var curve_name = curve;
+                if (curve == "secp256r1")
+                    curve_name = "prime256v1";
+                const ecdsaKeyPair = jscrypto.generateKeyPairSync("ec", {
+                    namedCurve: curve_name,
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return ecdsaKeyPair;
+            },
+            generateEddsaKeyPair(curve) {
+                // `type` is always "ed25519" because currently only "curve25519" is supported for `curve`.
+                const type = "ed25519";
+                const ecdsaKeyPair = jscrypto.generateKeyPairSync(type, {
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return ecdsaKeyPair;
+            },
+            wrapKey(key, wrappingKey, parameters) {
+                if (parameters.name === "RSA-OAEP") {
+                    return nodeBufToArrBuf(jscrypto.publicEncrypt({
+                        key: Buffer.from(wrappingKey),
+                        oaepHash: "sha256",
+                        oaepLabel: parameters.label
+                            ? new Uint8Array(parameters.label)
+                            : undefined,
+                        padding: jscrypto.constants.RSA_PKCS1_OAEP_PADDING,
+                    }, new Uint8Array(key)));
+                }
+                else if (parameters.name === "AES-KWP") {
+                    const iv = Buffer.from("A65959A6", "hex"); // defined in RFC 5649
+                    const cipher = jscrypto.createCipheriv("id-aes256-wrap-pad", new Uint8Array(wrappingKey), iv);
+                    return nodeBufToArrBuf(Buffer.concat([cipher.update(new Uint8Array(key)), cipher.final()]));
+                }
+                else if (parameters.name === "RSA-OAEP-AES-KWP") {
+                    const randomAesKey = this.generateAesKey(parameters.aesKeySize);
+                    const wrap1 = this.wrapKey(randomAesKey, wrappingKey, {
+                        name: "RSA-OAEP",
+                        label: parameters.label,
+                    });
+                    const wrap2 = this.wrapKey(key, randomAesKey, {
+                        name: "AES-KWP",
+                    });
+                    return nodeBufToArrBuf(Buffer.concat([Buffer.from(wrap1), Buffer.from(wrap2)]));
+                }
+                else {
+                    throw new Error("unsupported wrapAlgo.name");
+                }
+            },
+            digest(algorithm, data) {
+                if (algorithm === "SHA-256") {
+                    return nodeBufToArrBuf(jscrypto.createHash("sha256").update(new Uint8Array(data)).digest());
+                }
+                else {
+                    throw new Error("unsupported algorithm");
+                }
+            },
+            isValidX509CertBundle(pem) {
+                if ("X509Certificate" in jscrypto) {
+                    const sep = "-----END CERTIFICATE-----";
+                    const items = pem.split(sep);
+                    if (items.length === 1) {
+                        return false;
+                    }
+                    const pems = items.slice(0, -1).map((p) => p + sep);
+                    for (const [i, p] of pems.entries()) {
+                        try {
+                            new jscrypto.X509Certificate(p);
+                        }
+                        catch (e) {
+                            console.error(`cert ${i} is not valid: ${e.message}`);
+                            console.error(p);
+                            return false;
+                        }
+                    }
+                    return true;
+                }
+                else {
+                    throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
+                }
+            },
+            isValidX509CertChain(chain, trusted) {
+                if (!("X509Certificate" in jscrypto)) {
+                    throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
+                }
+                try {
+                    const toX509Array = (pem) => {
+                        const sep = "-----END CERTIFICATE-----";
+                        const items = pem.split(sep);
+                        if (items.length === 1) {
+                            return [];
+                        }
+                        const pems = items.slice(0, -1).map((p) => p + sep);
+                        const arr = pems.map((pem) => new jscrypto.X509Certificate(pem));
+                        return arr;
+                    };
+                    const certsChain = toX509Array(chain);
+                    const certsTrusted = toX509Array(trusted);
+                    if (certsChain.length === 0) {
+                        throw new Error("chain cannot be empty");
+                    }
+                    for (let i = 0; i < certsChain.length - 1; i++) {
+                        if (!certsChain[i].checkIssued(certsChain[i + 1])) {
+                            throw new Error(`chain[${i}] is not issued by chain[${i + 1}]`);
+                        }
+                    }
+                    for (const certChain of certsChain) {
+                        for (const certTrusted of certsTrusted) {
+                            if (certChain.fingerprint === certTrusted.fingerprint) {
+                                return true;
+                            }
+                            if (certChain.verify(certTrusted.publicKey)) {
+                                return true;
+                            }
+                        }
+                    }
+                    throw new Error("none of the chain certificates are identical to or issued by a trusted certificate");
+                }
+                catch (e) {
+                    console.error(`certificate chain validation failed: ${e.message}`);
+                    return false;
+                }
+            },
+            pubPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            pemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            pubRsaPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            rsaPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
         };
     }
     strToBuf(s) {
@@ -134,144 +318,25 @@ class CCFPolyfill {
         return JSON.parse(this.bufToStr(v));
     }
     generateAesKey(size) {
-        return nodeBufToArrBuf(crypto.randomBytes(size / 8));
+        return this.crypto.generateAesKey(size);
     }
     generateRsaKeyPair(size, exponent) {
-        const rsaKeyPair = crypto.generateKeyPairSync("rsa", {
-            modulusLength: size,
-            publicExponent: exponent,
-            publicKeyEncoding: {
-                type: "spki",
-                format: "pem",
-            },
-            privateKeyEncoding: {
-                type: "pkcs8",
-                format: "pem",
-            },
-        });
-        return rsaKeyPair;
+        return this.crypto.generateRsaKeyPair(size, exponent);
     }
     generateEcdsaKeyPair(curve) {
-        var curve_name = curve;
-        if (curve == "secp256r1")
-            curve_name = "prime256v1";
-        const ecdsaKeyPair = crypto.generateKeyPairSync("ec", {
-            namedCurve: curve_name,
-            publicKeyEncoding: {
-                type: "spki",
-                format: "pem",
-            },
-            privateKeyEncoding: {
-                type: "pkcs8",
-                format: "pem",
-            },
-        });
-        return ecdsaKeyPair;
+        return this.crypto.generateEcdsaKeyPair(curve);
     }
     wrapKey(key, wrappingKey, parameters) {
-        if (parameters.name === "RSA-OAEP") {
-            return nodeBufToArrBuf(crypto.publicEncrypt({
-                key: Buffer.from(wrappingKey),
-                oaepHash: "sha256",
-                oaepLabel: parameters.label
-                    ? new Uint8Array(parameters.label)
-                    : undefined,
-                padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
-            }, new Uint8Array(key)));
-        }
-        else if (parameters.name === "AES-KWP") {
-            const iv = Buffer.from("A65959A6", "hex"); // defined in RFC 5649
-            const cipher = crypto.createCipheriv("id-aes256-wrap-pad", new Uint8Array(wrappingKey), iv);
-            return nodeBufToArrBuf(Buffer.concat([cipher.update(new Uint8Array(key)), cipher.final()]));
-        }
-        else if (parameters.name === "RSA-OAEP-AES-KWP") {
-            const randomAesKey = this.generateAesKey(parameters.aesKeySize);
-            const wrap1 = this.wrapKey(randomAesKey, wrappingKey, {
-                name: "RSA-OAEP",
-                label: parameters.label,
-            });
-            const wrap2 = this.wrapKey(key, randomAesKey, {
-                name: "AES-KWP",
-            });
-            return nodeBufToArrBuf(Buffer.concat([Buffer.from(wrap1), Buffer.from(wrap2)]));
-        }
-        else {
-            throw new Error("unsupported wrapAlgo.name");
-        }
+        return this.crypto.wrapKey(key, wrappingKey, parameters);
     }
     digest(algorithm, data) {
-        if (algorithm === "SHA-256") {
-            return nodeBufToArrBuf(crypto.createHash("sha256").update(new Uint8Array(data)).digest());
-        }
-        else {
-            throw new Error("unsupported algorithm");
-        }
+        return this.crypto.digest(algorithm, data);
     }
     isValidX509CertBundle(pem) {
-        if ("X509Certificate" in crypto) {
-            const sep = "-----END CERTIFICATE-----";
-            const items = pem.split(sep);
-            if (items.length === 1) {
-                return false;
-            }
-            const pems = items.slice(0, -1).map((p) => p + sep);
-            for (const [i, p] of pems.entries()) {
-                try {
-                    new crypto.X509Certificate(p);
-                }
-                catch (e) {
-                    console.error(`cert ${i} is not valid: ${e.message}`);
-                    console.error(p);
-                    return false;
-                }
-            }
-            return true;
-        }
-        else {
-            throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
-        }
+        return this.crypto.isValidX509CertBundle(pem);
     }
     isValidX509CertChain(chain, trusted) {
-        if (!("X509Certificate" in crypto)) {
-            throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
-        }
-        try {
-            const toX509Array = (pem) => {
-                const sep = "-----END CERTIFICATE-----";
-                const items = pem.split(sep);
-                if (items.length === 1) {
-                    return [];
-                }
-                const pems = items.slice(0, -1).map((p) => p + sep);
-                const arr = pems.map((pem) => new crypto.X509Certificate(pem));
-                return arr;
-            };
-            const certsChain = toX509Array(chain);
-            const certsTrusted = toX509Array(trusted);
-            if (certsChain.length === 0) {
-                throw new Error("chain cannot be empty");
-            }
-            for (let i = 0; i < certsChain.length - 1; i++) {
-                if (!certsChain[i].checkIssued(certsChain[i + 1])) {
-                    throw new Error(`chain[${i}] is not issued by chain[${i + 1}]`);
-                }
-            }
-            for (const certChain of certsChain) {
-                for (const certTrusted of certsTrusted) {
-                    if (certChain.fingerprint === certTrusted.fingerprint) {
-                        return true;
-                    }
-                    if (certChain.verify(certTrusted.publicKey)) {
-                        return true;
-                    }
-                }
-            }
-            throw new Error("none of the chain certificates are identical to or issued by a trusted certificate");
-        }
-        catch (e) {
-            console.error(`certificate chain validation failed: ${e.message}`);
-            return false;
-        }
+        return this.crypto.isValidX509CertChain(chain, trusted);
     }
 }
 globalThis.ccf = new CCFPolyfill();