deno.land / x / jose@v5.2.4 / runtime / decrypt.ts
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145import { concat, uint64be } from '../lib/buffer_utils.ts'
import type { DecryptFunction } from './interfaces.d.ts'import checkIvLength from '../lib/check_iv_length.ts'import checkCekLength from './check_cek_length.ts'import timingSafeEqual from './timing_safe_equal.ts'import { JOSENotSupported, JWEDecryptionFailed, JWEInvalid } from '../util/errors.ts'import crypto, { isCryptoKey } from './webcrypto.ts'import { checkEncCryptoKey } from '../lib/crypto_key.ts'import invalidKeyInput from '../lib/invalid_key_input.ts'import { types } from './is_key_like.ts'
async function cbcDecrypt( enc: string, cek: Uint8Array | CryptoKey, ciphertext: Uint8Array, iv: Uint8Array, tag: Uint8Array, aad: Uint8Array,) { if (!(cek instanceof Uint8Array)) { throw new TypeError(invalidKeyInput(cek, 'Uint8Array')) } const keySize = parseInt(enc.slice(1, 4), 10) const encKey = await crypto.subtle.importKey( 'raw', cek.subarray(keySize >> 3), 'AES-CBC', false, ['decrypt'], ) const macKey = await crypto.subtle.importKey( 'raw', cek.subarray(0, keySize >> 3), { hash: `SHA-${keySize << 1}`, name: 'HMAC', }, false, ['sign'], )
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3)) const expectedTag = new Uint8Array( (await crypto.subtle.sign('HMAC', macKey, macData)).slice(0, keySize >> 3), )
let macCheckPassed!: boolean try { macCheckPassed = timingSafeEqual(tag, expectedTag) } catch { // } if (!macCheckPassed) { throw new JWEDecryptionFailed() }
let plaintext!: Uint8Array try { plaintext = new Uint8Array( await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext), ) } catch { // } if (!plaintext) { throw new JWEDecryptionFailed() }
return plaintext}
async function gcmDecrypt( enc: string, cek: Uint8Array | CryptoKey, ciphertext: Uint8Array, iv: Uint8Array, tag: Uint8Array, aad: Uint8Array,) { let encKey: CryptoKey if (cek instanceof Uint8Array) { encKey = await crypto.subtle.importKey('raw', cek, 'AES-GCM', false, ['decrypt']) } else { checkEncCryptoKey(cek, enc, 'decrypt') encKey = cek }
try { return new Uint8Array( await crypto.subtle.decrypt( { additionalData: aad, iv, name: 'AES-GCM', tagLength: 128, }, encKey, concat(ciphertext, tag), ), ) } catch { throw new JWEDecryptionFailed() }}
const decrypt: DecryptFunction = async ( enc: string, cek: unknown, ciphertext: Uint8Array, iv: Uint8Array | undefined, tag: Uint8Array | undefined, aad: Uint8Array,) => { if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) { throw new TypeError(invalidKeyInput(cek, ...types, 'Uint8Array')) }
if (!iv) { throw new JWEInvalid('JWE Initialization Vector missing') } if (!tag) { throw new JWEInvalid('JWE Authentication Tag missing') }
checkIvLength(enc, iv)
switch (enc) { case 'A128CBC-HS256': case 'A192CBC-HS384': case 'A256CBC-HS512': if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(-3), 10)) return cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) case 'A128GCM': case 'A192GCM': case 'A256GCM': if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(1, 4), 10)) return gcmDecrypt(enc, cek, ciphertext, iv, tag, aad) default: throw new JOSENotSupported('Unsupported JWE Content Encryption Algorithm') }}
export default decrypt
Version Info