summaryrefslogtreecommitdiff
path: root/ext/crypto/00_crypto.js
diff options
context:
space:
mode:
authorDivy Srivastava <dj.srivastava23@gmail.com>2021-10-12 19:18:08 +0530
committerGitHub <noreply@github.com>2021-10-12 15:48:08 +0200
commitb1e7452cd310ead7e6379f694d660e935641e596 (patch)
treec209f19a7734fcc0a390de759bea60deccaadd35 /ext/crypto/00_crypto.js
parentfef8b08614bf6075fbf265ea1a3dab3957d20c91 (diff)
feat(ext/crypto): support importing/exporting raw AES keys (#12392)
Diffstat (limited to 'ext/crypto/00_crypto.js')
-rw-r--r--ext/crypto/00_crypto.js278
1 files changed, 278 insertions, 0 deletions
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
index 5065df293..4c2f3e41c 100644
--- a/ext/crypto/00_crypto.js
+++ b/ext/crypto/00_crypto.js
@@ -110,6 +110,10 @@
"HMAC": "HmacImportParams",
"HKDF": null,
"PBKDF2": null,
+ "AES-CTR": null,
+ "AES-CBC": null,
+ "AES-GCM": null,
+ "AES-KW": null,
},
"deriveBits": {
"HKDF": "HkdfParams",
@@ -1370,6 +1374,228 @@
// 10.
return key;
}
+ case "AES-CTR": {
+ // 1.
+ if (
+ ArrayPrototypeFind(
+ keyUsages,
+ (u) =>
+ !ArrayPrototypeIncludes([
+ "encrypt",
+ "decrypt",
+ "wrapKey",
+ "unwrapKey",
+ ], u),
+ ) !== undefined
+ ) {
+ throw new DOMException("Invalid key usages", "SyntaxError");
+ }
+
+ // 2.
+ switch (format) {
+ case "raw": {
+ // 2.
+ if (
+ !ArrayPrototypeIncludes([128, 192, 256], keyData.byteLength * 8)
+ ) {
+ throw new DOMException("Invalid key length", "Datarror");
+ }
+
+ break;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+
+ const handle = {};
+ WeakMapPrototypeSet(KEY_STORE, handle, {
+ type: "raw",
+ data: keyData,
+ });
+
+ // 4-7.
+ const algorithm = {
+ name: "AES-CBC",
+ length: keyData.byteLength * 8,
+ };
+
+ const key = constructKey(
+ "secret",
+ false,
+ usageIntersection(keyUsages, recognisedUsages),
+ algorithm,
+ handle,
+ );
+
+ // 8.
+ return key;
+ }
+ case "AES-CBC": {
+ // 1.
+ if (
+ ArrayPrototypeFind(
+ keyUsages,
+ (u) =>
+ !ArrayPrototypeIncludes([
+ "encrypt",
+ "decrypt",
+ "wrapKey",
+ "unwrapKey",
+ ], u),
+ ) !== undefined
+ ) {
+ throw new DOMException("Invalid key usages", "SyntaxError");
+ }
+
+ // 2.
+ switch (format) {
+ case "raw": {
+ // 2.
+ if (
+ !ArrayPrototypeIncludes([128, 192, 256], keyData.byteLength * 8)
+ ) {
+ throw new DOMException("Invalid key length", "Datarror");
+ }
+
+ break;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+
+ const handle = {};
+ WeakMapPrototypeSet(KEY_STORE, handle, {
+ type: "raw",
+ data: keyData,
+ });
+
+ // 4-7.
+ const algorithm = {
+ name: "AES-CTR",
+ length: keyData.byteLength * 8,
+ };
+
+ const key = constructKey(
+ "secret",
+ false,
+ usageIntersection(keyUsages, recognisedUsages),
+ algorithm,
+ handle,
+ );
+
+ // 8.
+ return key;
+ }
+ case "AES-GCM": {
+ // 1.
+ if (
+ ArrayPrototypeFind(
+ keyUsages,
+ (u) =>
+ !ArrayPrototypeIncludes([
+ "encrypt",
+ "decrypt",
+ "wrapKey",
+ "unwrapKey",
+ ], u),
+ ) !== undefined
+ ) {
+ throw new DOMException("Invalid key usages", "SyntaxError");
+ }
+
+ // 2.
+ switch (format) {
+ case "raw": {
+ // 2.
+ if (
+ !ArrayPrototypeIncludes([128, 192, 256], keyData.byteLength * 8)
+ ) {
+ throw new DOMException("Invalid key length", "Datarror");
+ }
+
+ break;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+
+ const handle = {};
+ WeakMapPrototypeSet(KEY_STORE, handle, {
+ type: "raw",
+ data: keyData,
+ });
+
+ // 4-7.
+ const algorithm = {
+ name: "AES-GCM",
+ length: keyData.byteLength * 8,
+ };
+
+ const key = constructKey(
+ "secret",
+ false,
+ usageIntersection(keyUsages, recognisedUsages),
+ algorithm,
+ handle,
+ );
+
+ // 8.
+ return key;
+ }
+ case "AES-KW": {
+ // 1.
+ if (
+ ArrayPrototypeFind(
+ keyUsages,
+ (u) =>
+ !ArrayPrototypeIncludes([
+ "wrapKey",
+ "unwrapKey",
+ ], u),
+ ) !== undefined
+ ) {
+ throw new DOMException("Invalid key usages", "SyntaxError");
+ }
+
+ // 2.
+ switch (format) {
+ case "raw": {
+ // 2.
+ if (
+ !ArrayPrototypeIncludes([128, 192, 256], keyData.byteLength * 8)
+ ) {
+ throw new DOMException("Invalid key length", "Datarror");
+ }
+
+ break;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+
+ const handle = {};
+ WeakMapPrototypeSet(KEY_STORE, handle, {
+ type: "raw",
+ data: keyData,
+ });
+
+ // 4-7.
+ const algorithm = {
+ name: "AES-KW",
+ length: keyData.byteLength * 8,
+ };
+
+ const key = constructKey(
+ "secret",
+ false,
+ usageIntersection(keyUsages, recognisedUsages),
+ algorithm,
+ handle,
+ );
+
+ // 8.
+ return key;
+ }
default:
throw new DOMException("Not implemented", "NotSupportedError");
}
@@ -1609,6 +1835,58 @@
throw new DOMException("Not implemented", "NotSupportedError");
}
}
+ case "AES-CTR": {
+ switch (format) {
+ // 2.
+ case "raw": {
+ // 1.
+ const data = innerKey.data;
+ // 2.
+ return data.buffer;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+ }
+ case "AES-CBC": {
+ switch (format) {
+ // 2.
+ case "raw": {
+ // 1.
+ const data = innerKey.data;
+ // 2.
+ return data.buffer;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+ }
+ case "AES-GCM": {
+ switch (format) {
+ // 2.
+ case "raw": {
+ // 1.
+ const data = innerKey.data;
+ // 2.
+ return data.buffer;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+ }
+ case "AES-KW": {
+ switch (format) {
+ // 2.
+ case "raw": {
+ // 1.
+ const data = innerKey.data;
+ // 2.
+ return data.buffer;
+ }
+ default:
+ throw new DOMException("Not implemented", "NotSupportedError");
+ }
+ }
// TODO(@littledivy): ECDSA
default:
throw new DOMException("Not implemented", "NotSupportedError");
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-27 09:57:12 +0000