Home Explore Help
Register Sign In
nuclearkev
/
kmc
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
kmc
/
webcrypto.js

webcrypto.js 8.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. "use strict";
    2. 

  2. /*
    3. 

  3. Copyright 2021-2022 The Matrix.org Foundation C.I.C.
    4. 

  4. 

  5. Licensed under the Apache License, Version 2.0 (the "License");
    6. 

  6. you may not use this file except in compliance with the License.
    7. 

  7. You may obtain a copy of the License at
    8. 

  8. 

  9.     http://www.apache.org/licenses/LICENSE-2.0
    10. 

  10. 

  11. Unless required by applicable law or agreed to in writing, software
    12. 

  12. distributed under the License is distributed on an "AS IS" BASIS,
    13. 

  13. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14. 

  14. See the License for the specific language governing permissions and
    15. 

  15. limitations under the License.
    16. 

  16. */
    17. 

  17. var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    18. 

  18.     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    19. 

  19.     return new (P || (P = Promise))(function (resolve, reject) {
    20. 

  20.         function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
    21. 

  21.         function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
    22. 

  22.         function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
    23. 

  23.         step((generator = generator.apply(thisArg, _arguments || [])).next());
    24. 

  24.     });
    25. 

  25. };
    26. 

  26. var __generator = (this && this.__generator) || function (thisArg, body) {
    27. 

  27.     var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
    28. 

  28.     return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
    29. 

  29.     function verb(n) { return function (v) { return step([n, v]); }; }
    30. 

  30.     function step(op) {
    31. 

  31.         if (f) throw new TypeError("Generator is already executing.");
    32. 

  32.         while (_) try {
    33. 

  33.             if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
    34. 

  34.             if (y = 0, t) op = [op[0] & 2, t.value];
    35. 

  35.             switch (op[0]) {
    36. 

  36.                 case 0: case 1: t = op; break;
    37. 

  37.                 case 4: _.label++; return { value: op[1], done: false };
    38. 

  38.                 case 5: _.label++; y = op[1]; op = [0]; continue;
    39. 

  39.                 case 7: op = _.ops.pop(); _.trys.pop(); continue;
    40. 

  40.                 default:
    41. 

  41.                     if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
    42. 

  42.                     if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
    43. 

  43.                     if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
    44. 

  44.                     if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
    45. 

  45.                     if (t[2]) _.ops.pop();
    46. 

  46.                     _.trys.pop(); continue;
    47. 

  47.             }
    48. 

  48.             op = body.call(thisArg, _);
    49. 

  49.         } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
    50. 

  50.         if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
    51. 

  51.     }
    52. 

  52. };
    53. 

  53. // Object.defineProperty(exports, "__esModule", { value: true });
    54. 

  54. // exports.decodeBase64 = exports.encodeBase64 = exports.decryptAttachment = exports.encryptAttachment = void 0;
    55. 

  55. function encryptAttachment(plaintextBuffer) {
    56. 

  56.     return __awaiter(this, void 0, void 0, function () {
    57. 

  57.         var ivArray, cryptoKey, exportedKey, ciphertextBuffer, sha256Buffer;
    58. 

  58.         return __generator(this, function (_a) {
    59. 

  59.             switch (_a.label) {
    60. 

  60.                 case 0:
    61. 

  61.                     ivArray = new Uint8Array(16);
    62. 

  62.                     window.crypto.getRandomValues(ivArray.subarray(0, 8));
    63. 

  63.                     return [4 /*yield*/, window.crypto.subtle.generateKey({ 'name': 'AES-CTR', 'length': 256 }, true, ['encrypt', 'decrypt'])];
    64. 

  64.                 case 1:
    65. 

  65.                     cryptoKey = _a.sent();
    66. 

  66.                     return [4 /*yield*/, window.crypto.subtle.exportKey('jwk', cryptoKey)];
    67. 

  67.                 case 2:
    68. 

  68.                     exportedKey = _a.sent();
    69. 

  69.                     return [4 /*yield*/, window.crypto.subtle.encrypt({ name: 'AES-CTR', counter: ivArray, length: 64 }, cryptoKey, plaintextBuffer)];
    70. 

  70.                 case 3:
    71. 

  71.                     ciphertextBuffer = _a.sent();
    72. 

  72.                     return [4 /*yield*/, window.crypto.subtle.digest('SHA-256', ciphertextBuffer)];
    73. 

  73.                 case 4:
    74. 

  74.                     sha256Buffer = _a.sent();
    75. 

  75.                     return [2 /*return*/, {
    76. 

  76.                             data: ciphertextBuffer,
    77. 

  77.                             info: {
    78. 

  78.                                 v: 'v2',
    79. 

  79.                                 key: exportedKey,
    80. 

  80.                                 iv: encodeBase64(ivArray),
    81. 

  81.                                 hashes: {
    82. 

  82.                                     sha256: encodeBase64(new Uint8Array(sha256Buffer)),
    83. 

  83.                                 },
    84. 

  84.                             },
    85. 

  85.                         }];
    86. 

  86.             }
    87. 

  87.         });
    88. 

  88.     });
    89. 

  89. }
    90. 

  90. // exports.encryptAttachment = encryptAttachment;
    91. 

  91. function decryptAttachment(ciphertextBuffer, info) {
    92. 

  92.     return __awaiter(this, void 0, void 0, function () {
    93. 

  93.         var ivArray, expectedSha256base64, cryptoKey, digestResult, counterLength;
    94. 

  94.         return __generator(this, function (_a) {
    95. 

  95.             switch (_a.label) {
    96. 

  96.                 case 0:
    97. 

  97.                     if (info === undefined || info.key === undefined || info.iv === undefined
    98. 

  98.                         || info.hashes === undefined || info.hashes.sha256 === undefined) {
    99. 

  99.                         throw new Error('Invalid info. Missing info.key, info.iv or info.hashes.sha256 key');
    100. 

  100.                     }
    101. 

  101.                     if (info.v && !info.v.match(/^v[1-2]$/)) {
    102. 

  102.                         throw new Error("Unsupported protocol version: " + info.v);
    103. 

  103.                     }
    104. 

  104.                     ivArray = decodeBase64(info.iv);
    105. 

  105.                     expectedSha256base64 = info.hashes.sha256;
    106. 

  106.                     return [4 /*yield*/, window.crypto.subtle.importKey('jwk', info.key, { 'name': 'AES-CTR' }, false, ['encrypt', 'decrypt'])];
    107. 

  107.                 case 1:
    108. 

  108.                     cryptoKey = _a.sent();
    109. 

  109.                     return [4 /*yield*/, window.crypto.subtle.digest('SHA-256', ciphertextBuffer)];
    110. 

  110.                 case 2:
    111. 

  111.                     digestResult = _a.sent();
    112. 

  112.                     if (encodeBase64(new Uint8Array(digestResult)) != expectedSha256base64) {
    113. 

  113.                         throw new Error('Mismatched SHA-256 digest');
    114. 

  114.                     }
    115. 

  115.                     if (info.v == 'v1' || info.v == 'v2') {
    116. 

  116.                         // Version 1 and 2 use a 64 bit counter.
    117. 

  117.                         counterLength = 64;
    118. 

  118.                     }
    119. 

  119.                     else {
    120. 

  120.                         // Version 0 uses a 128 bit counter.
    121. 

  121.                         counterLength = 128;
    122. 

  122.                     }
    123. 

  123.                     return [2 /*return*/, window.crypto.subtle.decrypt({ name: 'AES-CTR', counter: ivArray, length: counterLength }, cryptoKey, ciphertextBuffer)];
    124. 

  124.             }
    125. 

  125.         });
    126. 

  126.     });
    127. 

  127. }
    128. 

  128. // exports.decryptAttachment = decryptAttachment;
    129. 

  129. function encodeBase64(uint8Array) {
    130. 

  130.     // Misinterpt the Uint8Array as Latin-1.
    131. 

  131.     // window.btoa expects a unicode string with codepoints in the range 0-255.
    132. 

  132.     var latin1String = String.fromCharCode.apply(null, uint8Array);
    133. 

  133.     // Use the builtin base64 encoder.
    134. 

  134.     var paddedBase64 = window.btoa(latin1String);
    135. 

  135.     // Calculate the unpadded length.
    136. 

  136.     var inputLength = uint8Array.length;
    137. 

  137.     var outputLength = 4 * Math.floor((inputLength + 2) / 3) + (inputLength + 2) % 3 - 2;
    138. 

  138.     // Return the unpadded base64.
    139. 

  139.     return paddedBase64.slice(0, outputLength);
    140. 

  140. }
    141. 

  141. // exports.encodeBase64 = encodeBase64;
    142. 

  142. function decodeBase64(base64) {
    143. 

  143.     // Pad the base64 up to the next multiple of 4.
    144. 

  144.     var paddedBase64 = base64 + '==='.slice(0, (4 - base64.length % 4) % 4);
    145. 

  145.     // Decode the base64 as a misinterpreted Latin-1 string.
    146. 

  146.     // window.atob returns a unicode string with codepoints in the range 0-255.
    147. 

  147.     var latin1String = window.atob(paddedBase64);
    148. 

  148.     // Encode the string as a Uint8Array as Latin-1.
    149. 

  149.     var uint8Array = new Uint8Array(latin1String.length);
    150. 

  150.     for (var i = 0; i < latin1String.length; i++) {
    151. 

  151.         uint8Array[i] = latin1String.charCodeAt(i);
    152. 

  152.     }
    153. 

  153.     return uint8Array;
    154. 

  154. }
    155. 

  155. // exports.decodeBase64 = decodeBase64;
    156. 

  156. // exports.default = {
    157. 

  157. //     encryptAttachment: encryptAttachment,
    158. 

  158. //     decryptAttachment: decryptAttachment,
    159. 

  159. //     encodeBase64: encodeBase64,
    160. 

  160. //     decodeBase64: decodeBase64,
    161. 

  161. // }
    162. 

  162. ;
    163. 

  163. //# sourceMappingURL=webcrypto.js.map
    164. 

  164.