@substrate-system/crypto-stream 0.0.33

package/dist/ece.cjs

@@ -0,0 +1,375 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var ece_exports = {};
+__export(ece_exports, {
+  KEY_LENGTH: () => KEY_LENGTH,
+  TAG_LENGTH: () => TAG_LENGTH,
+  decryptStream: () => decryptStream,
+  decryptStreamRange: () => decryptStreamRange,
+  encryptStream: () => encryptStream,
+  encryptedSize: () => encryptedSize,
+  plaintextSize: () => plaintextSize
+});
+module.exports = __toCommonJS(ece_exports);
+var import_concat_streams = require("./concat-streams.js");
+var import_transform_stream = require("./transform-stream.js");
+var import_slice_transformer = require("./slice-transformer.js");
+var import_one_webcrypto = require("@substrate-system/one-webcrypto");
+var import_extract_transformer = require("./extract-transformer.js");
+var import_util = require("./util.js");
+const MODE_ENCRYPT = "encrypt";
+const MODE_DECRYPT = "decrypt";
+const KEY_LENGTH = 16;
+const TAG_LENGTH = 16;
+const NONCE_LENGTH = 12;
+const RECORD_SIZE = 64 * 1024;
+const HEADER_LENGTH = KEY_LENGTH + 4 + 1;
+const encoder = new TextEncoder();
+class ECETransformer {
+  static {
+    __name(this, "ECETransformer");
+  }
+  mode;
+  secretKey;
+  rs;
+  salt;
+  seekOpts;
+  seq;
+  prevChunk;
+  nonceBase;
+  key;
+  constructor(mode, secretKey, rs, salt, seekOpts = {}) {
+    if (mode !== MODE_ENCRYPT && mode !== MODE_DECRYPT) {
+      throw new Error("mode must be either 'encrypt' or 'decrypt'");
+    }
+    checkSecretKey(secretKey);
+    if (salt != null && salt.byteLength !== KEY_LENGTH) {
+      throw new Error("Invalid salt length");
+    }
+    this.mode = mode;
+    this.secretKey = secretKey;
+    this.rs = rs;
+    this.salt = salt;
+    this.seekOpts = seekOpts;
+    this.seq = -1;
+    this.prevChunk = null;
+    this.nonceBase = null;
+    this.key = null;
+  }
+  async generateKey() {
+    return import_one_webcrypto.webcrypto.subtle.deriveKey(
+      {
+        name: "HKDF",
+        hash: "SHA-256",
+        salt: this.salt,
+        info: encoder.encode("Content-Encoding: aes128gcm\0")
+      },
+      this.secretKey,
+      {
+        name: "AES-GCM",
+        length: KEY_LENGTH * 8
+      },
+      false,
+      ["encrypt", "decrypt"]
+    );
+  }
+  async generateNonceBase() {
+    const nonceBaseBuf = await import_one_webcrypto.webcrypto.subtle.deriveBits(
+      {
+        name: "HKDF",
+        hash: "SHA-256",
+        salt: this.salt,
+        info: encoder.encode("Content-Encoding: nonce\0")
+      },
+      this.secretKey,
+      NONCE_LENGTH * 8
+    );
+    return new Uint8Array(nonceBaseBuf);
+  }
+  generateNonce(seq) {
+    if (seq > 4294967295) {
+      throw new Error("record sequence number exceeds limit");
+    }
+    if (!this.nonceBase) throw new Error("Not nonce base");
+    const nonce = this.nonceBase.slice();
+    const dv = new DataView(nonce.buffer, nonce.byteOffset, nonce.byteLength);
+    const m = dv.getUint32(nonce.byteLength - 4);
+    const xor = (m ^ seq) >>> 0;
+    dv.setUint32(nonce.byteLength - 4, xor);
+    return nonce;
+  }
+  pad(data, isLast) {
+    const len = data.byteLength;
+    if (len + TAG_LENGTH >= this.rs) {
+      throw new Error("data too large for record size");
+    }
+    let padding;
+    if (isLast) {
+      padding = Uint8Array.of(2);
+    } else {
+      padding = new Uint8Array(this.rs - len - TAG_LENGTH);
+      padding[0] = 1;
+    }
+    const result = new Uint8Array(data.byteLength + padding.byteLength);
+    result.set(data, 0);
+    result.set(padding, data.byteLength);
+    return result;
+  }
+  unpad(data, isLast) {
+    for (let i = data.byteLength - 1; i >= 0; i -= 1) {
+      if (data[i] !== 0) {
+        if (isLast) {
+          if (data[i] !== 2) {
+            throw new Error("delimiter of final record is not 2");
+          }
+        } else {
+          if (data[i] !== 1) {
+            throw new Error("delimiter of not final record is not 1");
+          }
+        }
+        return data.slice(0, i);
+      }
+    }
+    throw new Error("no delimiter found");
+  }
+  createHeader() {
+    if (!this.salt) throw new Error("Not salt");
+    const header = new Uint8Array(HEADER_LENGTH);
+    header.set(this.salt);
+    const dv = new DataView(header.buffer, header.byteOffset, header.byteLength);
+    dv.setUint32(KEY_LENGTH, this.rs);
+    return header;
+  }
+  readHeader(buffer) {
+    if (buffer.byteLength !== HEADER_LENGTH) {
+      throw new Error("chunk is not expected header length");
+    }
+    const header = { salt: null, rs: null };
+    const dv = new DataView(buffer.buffer, buffer.byteOffset, buffer.byteLength);
+    header.salt = buffer.slice(0, KEY_LENGTH);
+    header.rs = dv.getUint32(KEY_LENGTH);
+    const idlen = dv.getUint8(KEY_LENGTH + 4);
+    if (idlen !== 0) {
+      throw new Error("Implementation does not support non-zero idlen");
+    }
+    return header;
+  }
+  async encryptRecord(record, seq, isLast) {
+    const nonce = this.generateNonce(seq);
+    const paddedRecord = this.pad(record, isLast);
+    if (!this.key) throw new Error("not key");
+    const encryptedRecordBuf = await import_one_webcrypto.webcrypto.subtle.encrypt(
+      {
+        name: "AES-GCM",
+        iv: nonce,
+        tagLength: TAG_LENGTH * 8
+      },
+      this.key,
+      paddedRecord
+    );
+    return new Uint8Array(encryptedRecordBuf);
+  }
+  async decryptRecord(encryptedRecord, seq, isLast) {
+    if (!this.key) throw new Error("not key");
+    const nonce = this.generateNonce(seq);
+    const paddedRecordBuf = await import_one_webcrypto.webcrypto.subtle.decrypt(
+      {
+        name: "AES-GCM",
+        iv: nonce,
+        tagLength: TAG_LENGTH * 8
+      },
+      this.key,
+      (0, import_util.asBufferSource)(encryptedRecord)
+    );
+    const paddedRecord = new Uint8Array(paddedRecordBuf);
+    return this.unpad(paddedRecord, isLast);
+  }
+  async start(controller) {
+    if (this.mode === MODE_ENCRYPT) {
+      this.key = await this.generateKey();
+      this.nonceBase = await this.generateNonceBase();
+      controller.enqueue(this.createHeader());
+      this.seq += 1;
+    }
+  }
+  async transformPrevChunk(isLast, controller) {
+    if (!this.prevChunk) throw new Error("not this.prevChunk");
+    if (this.mode === MODE_ENCRYPT) {
+      controller.enqueue(
+        await this.encryptRecord(this.prevChunk, this.seq, isLast)
+      );
+    } else {
+      if (this.seq === -1) {
+        if (!this.prevChunk) throw new Error("not this.prevChunk");
+        const header = this.readHeader(this.prevChunk);
+        this.salt = (0, import_util.asBufferSource)(header.salt);
+        if (this.rs !== null && this.rs !== header.rs) {
+          throw new Error(
+            "Record size declared in constructor does not match record size in encrypted stream"
+          );
+        }
+        this.rs = header.rs;
+        this.key = await this.generateKey();
+        this.nonceBase = await this.generateNonceBase();
+        const startSeq = this.seekOpts.startSeq;
+        if (startSeq != null && startSeq > 0) {
+          this.seq += startSeq;
+        }
+      } else {
+        let expectEndPadding = false;
+        if (isLast) {
+          const endSeq = this.seekOpts.endSeq;
+          if (endSeq != null && endSeq !== this.seq + 1) {
+            throw new Error("Incorrect encrypted stream length");
+          }
+          expectEndPadding = !this.seekOpts.endsPrematurely;
+        }
+        controller.enqueue(
+          await this.decryptRecord(
+            this.prevChunk,
+            this.seq,
+            expectEndPadding
+          )
+        );
+      }
+    }
+    this.seq += 1;
+  }
+  async transform(chunk, controller) {
+    if (this.prevChunk) {
+      await this.transformPrevChunk(false, controller);
+    }
+    this.prevChunk = chunk;
+  }
+  async flush(controller) {
+    if (this.prevChunk) {
+      await this.transformPrevChunk(true, controller);
+    }
+  }
+}
+function encryptedSize(plaintextSize2, rs = RECORD_SIZE) {
+  if (!Number.isInteger(plaintextSize2)) {
+    throw new TypeError("plaintextSize");
+  }
+  if (!Number.isInteger(rs)) {
+    throw new TypeError("rs");
+  }
+  const chunkMetaLength = TAG_LENGTH + 1;
+  return HEADER_LENGTH + plaintextSize2 + chunkMetaLength * Math.ceil(plaintextSize2 / (rs - chunkMetaLength));
+}
+__name(encryptedSize, "encryptedSize");
+function plaintextSize(encryptedSize2, rs = RECORD_SIZE) {
+  if (!Number.isInteger(encryptedSize2)) {
+    throw new TypeError("encryptedSize");
+  }
+  if (!Number.isInteger(rs)) {
+    throw new TypeError("rs");
+  }
+  const chunkMetaLength = TAG_LENGTH + 1;
+  const encryptedRecordsSize = encryptedSize2 - HEADER_LENGTH;
+  return encryptedRecordsSize - chunkMetaLength * Math.ceil(encryptedRecordsSize / rs);
+}
+__name(plaintextSize, "plaintextSize");
+function encryptStream(input, secretKey, rs = RECORD_SIZE, salt = (0, import_util.generateSalt)(KEY_LENGTH)) {
+  const stream = (0, import_transform_stream.transformStream)(
+    input,
+    new import_slice_transformer.SliceTransformer(rs - TAG_LENGTH - 1)
+  ).readable;
+  return (0, import_transform_stream.transformStream)(
+    stream,
+    new ECETransformer(MODE_ENCRYPT, secretKey, rs, salt)
+  ).readable;
+}
+__name(encryptStream, "encryptStream");
+function decryptStream(input, secretKey, rs = RECORD_SIZE) {
+  const stream = (0, import_transform_stream.transformStream)(
+    input,
+    new import_slice_transformer.SliceTransformer(HEADER_LENGTH, rs)
+  ).readable;
+  return (0, import_transform_stream.transformStream)(
+    stream,
+    new ECETransformer(MODE_DECRYPT, secretKey, rs, null)
+  ).readable;
+}
+__name(decryptStream, "decryptStream");
+function decryptStreamRange(secretKey, offset, length, totalEncryptedLength, rs = RECORD_SIZE) {
+  if (!Number.isInteger(rs)) {
+    throw new TypeError("Missing record size (rs)");
+  }
+  const chunkMetaLength = TAG_LENGTH + 1;
+  const startRecord = Math.floor(offset / (rs - chunkMetaLength));
+  const offsetInStartRecord = offset % (rs - chunkMetaLength);
+  const endRecord = Math.ceil((offset + length) / (rs - chunkMetaLength));
+  const dataOffset = HEADER_LENGTH + startRecord * rs;
+  let dataEnd = HEADER_LENGTH + endRecord * rs;
+  const endsPrematurely = dataEnd < totalEncryptedLength;
+  if (!endsPrematurely) {
+    dataEnd = totalEncryptedLength;
+  }
+  return {
+    ranges: [
+      {
+        offset: 0,
+        length: HEADER_LENGTH
+      },
+      {
+        offset: dataOffset,
+        length: dataEnd - dataOffset
+      }
+    ],
+    decrypt: /* @__PURE__ */ __name((streams) => {
+      if (!streams.every((stream) => stream instanceof ReadableStream)) {
+        throw new TypeError("Stream is not a ReadableStream");
+      }
+      const encryptedStream = (0, import_transform_stream.transformStream)(
+        (0, import_concat_streams.concatStreams)(streams),
+        new import_slice_transformer.SliceTransformer(HEADER_LENGTH, rs)
+      ).readable;
+      const plaintextStream = (0, import_transform_stream.transformStream)(
+        encryptedStream,
+        new ECETransformer(MODE_DECRYPT, secretKey, rs, null, {
+          startSeq: startRecord,
+          endSeq: endRecord,
+          endsPrematurely
+        })
+      ).readable;
+      return (0, import_transform_stream.transformStream)(
+        plaintextStream,
+        new import_extract_transformer.ExtractTransformer(offsetInStartRecord, length)
+      ).readable;
+    }, "decrypt")
+  };
+}
+__name(decryptStreamRange, "decryptStreamRange");
+function checkSecretKey(secretKey) {
+  if (secretKey.type !== "secret") {
+    throw new Error('Invalid key: type must be "secret"');
+  }
+  if (secretKey.algorithm.name !== "HKDF") {
+    throw new Error("Invalid key: algorithm must be HKDF");
+  }
+  if (!secretKey.usages.includes("deriveKey")) {
+    throw new Error("Invalid key: usages must include deriveKey");
+  }
+  if (!secretKey.usages.includes("deriveBits")) {
+    throw new Error("Invalid key: usages must include deriveBits");
+  }
+}
+__name(checkSecretKey, "checkSecretKey");

package/dist/extract-transformer.cjs

@@ -0,0 +1,55 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var extract_transformer_exports = {};
+__export(extract_transformer_exports, {
+  ExtractTransformer: () => ExtractTransformer
+});
+module.exports = __toCommonJS(extract_transformer_exports);
+class ExtractTransformer {
+  static {
+    __name(this, "ExtractTransformer");
+  }
+  extractStart;
+  extractEnd;
+  offset;
+  constructor(offset, length) {
+    this.extractStart = offset;
+    this.extractEnd = offset + length;
+    this.offset = 0;
+  }
+  transform(chunk, controller) {
+    const chunkStart = this.offset;
+    const chunkEnd = this.offset + chunk.byteLength;
+    this.offset = chunkEnd;
+    const sliceStart = Math.max(this.extractStart - chunkStart, 0);
+    const sliceEnd = Math.min(this.extractEnd - chunkStart, chunk.byteLength);
+    if (sliceStart >= chunk.byteLength || sliceEnd <= 0) {
+      return;
+    }
+    controller.enqueue(chunk.subarray(sliceStart, sliceEnd));
+  }
+  flush(controller) {
+    if (this.offset < this.extractEnd) {
+      controller.error(
+        new Error("Stream passed through ExtractTransformer ended early")
+      );
+    }
+  }
+}

package/dist/index.cjs

@@ -0,0 +1,28 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var index_exports = {};
+__export(index_exports, {
+  Keychain: () => import_keychain.Keychain,
+  encryptedSize: () => import_keychain.encryptedSize,
+  plaintextSize: () => import_keychain.plaintextSize,
+  transformStream: () => import_transform_stream.transformStream
+});
+module.exports = __toCommonJS(index_exports);
+var import_keychain = require("./keychain.js");
+var import_transform_stream = require("./transform-stream.js");