typescript/libcrypto
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

Allow to choose if extractable or not
ci/woodpecker/push/test Pipeline was successful
Details

Browse Source
This commit is contained in:
Pascal Perrenoud
2024-06-11 14:32:23 +02:00
parent 1e5bf39b4f
commit 5cc375bd5a
6 changed files with 26 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/private-wrap.ts
+2 -2
View File
@@ -17,11 +17,11 @@ export class PrivateWrap {
private readonly pubkey: CryptoKey,
) {}
public static gen_keypair() : Promise<CryptoKeyPair> {
public static gen_keypair(extractable : boolean = true) : Promise<CryptoKeyPair> {
log.trace("generate keypair")
return crypto.subtle.generateKey(
algorithm,
true,
extractable,
["deriveKey"],
)
}
src/secret-box.ts
+2 -2
View File
@@ -9,14 +9,14 @@ export class SecretBox {
private readonly cipher: Uint8Array,
) {}
public static gen_key() : Promise<CryptoKey> {
public static gen_key(extractable : boolean = true) : Promise<CryptoKey> {
log.trace("generate key")
return crypto.subtle.generateKey(
{
name: "AES-GCM",
length: 256,
},
true,
extractable,
["encrypt", "decrypt"],
)
}
src/secret-wrap.ts
+2 -2
View File
@@ -12,14 +12,14 @@ export class SecretWrap {
private readonly iv: Uint8Array,
) {}
public static gen_key() : Promise<CryptoKey> {
public static gen_key(extractable : boolean = true) : Promise<CryptoKey> {
log.trace("generate key")
return crypto.subtle.generateKey(
{
name: "AES-GCM",
length: 256,
},
true,
extractable,
["wrapKey", "unwrapKey"],
)
}
src/signature.ts
+2 -2
View File
@@ -1,13 +1,13 @@
import logger from 'log'
const log = logger('crypto:signature')
export async function gen_keypair() : Promise<CryptoKeyPair> {
export async function gen_keypair(extractable : boolean = true) : Promise<CryptoKeyPair> {
return crypto.subtle.generateKey(
{
name: "ECDSA",
namedCurve: "P-521",
},
true,
extractable,
["sign", "verify"]
)
}
test/kdf.test.ts
+2
View File
@@ -74,7 +74,9 @@ describe('ECDH', () => {
const k2 = await PrivateWrap.gen_keypair()
const kd1 = await ecdh(k1.privateKey, k2.publicKey)
expect(kd1.extractable).toBe(false)
const kd2 = await ecdh(k2.privateKey, k1.publicKey)
expect(kd2.extractable).toBe(false)
expect(kd1).toEqual(kd2)
})
test/signature.test.ts
+16
View File
@@ -5,6 +5,8 @@ import {derive_keypair, gen_keypair, sign, verify} from "../src/signature";
test('base case', async () => {
const keypair = await gen_keypair()
expect(keypair.privateKey.extractable).toBeTrue()
expect(keypair.publicKey.extractable).toBeTrue()
const data = new TextEncoder().encode("Message 123 !")
const sig = await sign(data, keypair.privateKey)
@@ -13,6 +15,20 @@ test('base case', async () => {
expect(verification).toBe(true)
})
test('extractable or not', async () => {
const kp1 = await gen_keypair()
const kp2 = await gen_keypair(true)
const kp3 = await gen_keypair(false)
expect(kp1.privateKey.extractable).toBeTrue()
expect(kp2.privateKey.extractable).toBeTrue()
expect(kp3.privateKey.extractable).toBeFalse()
expect(kp1.publicKey.extractable).toBeTrue()
expect(kp2.publicKey.extractable).toBeTrue()
expect(kp3.publicKey.extractable).toBeTrue()
})
test('inverted keys', async () => {
const keypair = await signature.gen_keypair()
const data = new TextEncoder().encode("Message 123 !")