@tstdl/base 0.93.177 → 0.93.178
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/utils/cryptography.d.ts +15 -0
- package/utils/cryptography.js +22 -0
package/package.json
CHANGED
package/utils/cryptography.d.ts
CHANGED
|
@@ -86,6 +86,12 @@ export declare function importSymmetricKey(algorithm: SymmetricAlgorithm, length
|
|
|
86
86
|
* @param extractable whether the key can be used for exportKey
|
|
87
87
|
*/
|
|
88
88
|
export declare function importEcdsaKey(curve: EcdsaCurve, key: Key | string, extractable?: boolean): Promise<CryptoKey>;
|
|
89
|
+
/**
|
|
90
|
+
* Import a HKDF CryptoKey
|
|
91
|
+
* @param key binary key
|
|
92
|
+
* @param extractable whether the key can be used for exportKey
|
|
93
|
+
*/
|
|
94
|
+
export declare function importHkdfKey(key: BinaryData<ArrayBuffer> | string, extractable?: boolean): Promise<CryptoKey>;
|
|
89
95
|
/**
|
|
90
96
|
* Import a pbkdf2 CryptoKey
|
|
91
97
|
* @param key binary key
|
|
@@ -99,6 +105,15 @@ export declare function importPbkdf2Key(key: BinaryData<ArrayBuffer> | string, e
|
|
|
99
105
|
* @param usages whether to generate a key for signing, verifiying or both. Defaults to both
|
|
100
106
|
*/
|
|
101
107
|
export declare function generateEcdsaKey(curve: EcdsaCurve, extractable?: boolean, usages?: TypedExtract<KeyUsage, 'sign' | 'verify'>[]): Promise<CryptoKeyPair>;
|
|
108
|
+
/**
|
|
109
|
+
* Convenience wrapper for HKDF derivation
|
|
110
|
+
* @param baseKey The imported HKDF key
|
|
111
|
+
* @param lengths Array of lengths for each derived secret
|
|
112
|
+
* @param info Contextual string to prevent different apps from deriving the same keys
|
|
113
|
+
* @param salt Optional salt (usually empty if the input key is high-entropy)
|
|
114
|
+
* @param hash Hash algorithm to use
|
|
115
|
+
*/
|
|
116
|
+
export declare function deriveHkdfSecrets<const Lengths extends readonly number[]>(baseKey: CryptoKey, lengths: Lengths, info?: string | BinaryData<ArrayBuffer>, salt?: BinaryData<ArrayBuffer>, hash?: HashAlgorithm): Promise<Readonly<import("type-fest").If<import("type-fest").IsAny<Lengths["length"]>, Uint8Array<ArrayBuffer>[], import("type-fest").If<import("type-fest").IsNever<Lengths["length"]>, [], number extends import("type-fest").If<import("type-fest").IsNegative<Lengths["length"]>, 0, Lengths["length"]> ? Uint8Array<ArrayBuffer>[] : import("type-fest").If<import("type-fest").IsNegative<Lengths["length"]>, 0, Lengths["length"]> extends infer T ? T extends import("type-fest").If<import("type-fest").IsNegative<Lengths["length"]>, 0, Lengths["length"]> ? T extends 0 ? [] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 1 ? [Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 2 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 3 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 4 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 5 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 6 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 7 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 8 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 9 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : number extends T ? Uint8Array<ArrayBuffer>[] : T extends 10 ? [Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>] : /*elided*/ any : never : never>>>>;
|
|
102
117
|
/**
|
|
103
118
|
* Generates a pbkdf2 CryptoKey
|
|
104
119
|
* @param extractable whether the key can be used for exportKey
|
package/utils/cryptography.js
CHANGED
|
@@ -125,6 +125,15 @@ export async function importEcdsaKey(curve, key, extractable = false) {
|
|
|
125
125
|
}
|
|
126
126
|
return await globalThis.crypto.subtle.importKey('jwk', binaryKey, { name: 'ECDSA', namedCurve: curve }, extractable, ['verify']);
|
|
127
127
|
}
|
|
128
|
+
/**
|
|
129
|
+
* Import a HKDF CryptoKey
|
|
130
|
+
* @param key binary key
|
|
131
|
+
* @param extractable whether the key can be used for exportKey
|
|
132
|
+
*/
|
|
133
|
+
export async function importHkdfKey(key, extractable = false) {
|
|
134
|
+
const binaryKey = isString(key) ? encodeUtf8(key) : key;
|
|
135
|
+
return await globalThis.crypto.subtle.importKey('raw', binaryKey, { name: 'HKDF' }, extractable, ['deriveKey', 'deriveBits']);
|
|
136
|
+
}
|
|
128
137
|
/**
|
|
129
138
|
* Import a pbkdf2 CryptoKey
|
|
130
139
|
* @param key binary key
|
|
@@ -143,6 +152,19 @@ export async function importPbkdf2Key(key, extractable = false) {
|
|
|
143
152
|
export async function generateEcdsaKey(curve, extractable = false, usages = ['sign', 'verify']) {
|
|
144
153
|
return await globalThis.crypto.subtle.generateKey({ name: 'ECDSA', namedCurve: curve }, extractable, usages);
|
|
145
154
|
}
|
|
155
|
+
/**
|
|
156
|
+
* Convenience wrapper for HKDF derivation
|
|
157
|
+
* @param baseKey The imported HKDF key
|
|
158
|
+
* @param lengths Array of lengths for each derived secret
|
|
159
|
+
* @param info Contextual string to prevent different apps from deriving the same keys
|
|
160
|
+
* @param salt Optional salt (usually empty if the input key is high-entropy)
|
|
161
|
+
* @param hash Hash algorithm to use
|
|
162
|
+
*/
|
|
163
|
+
export async function deriveHkdfSecrets(baseKey, lengths, info = '', salt = new Uint8Array(), hash = 'SHA-512') {
|
|
164
|
+
const infoBytes = isString(info) ? encodeUtf8(info) : info;
|
|
165
|
+
const algorithm = { name: 'HKDF', hash, salt, info: infoBytes };
|
|
166
|
+
return await deriveBytesMultiple(algorithm, baseKey, lengths);
|
|
167
|
+
}
|
|
146
168
|
/**
|
|
147
169
|
* Generates a pbkdf2 CryptoKey
|
|
148
170
|
* @param extractable whether the key can be used for exportKey
|