webcrypto/src/mechs/hmac/hmac.ts

import crypto from "crypto";
import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
import * as core from "webcrypto-core";
import { setCryptoKey, getCryptoKey } from "../storage";
import { HmacCryptoKey } from "./key";

export class HmacProvider extends core.HmacProvider {

  public async onGenerateKey(algorithm: HmacKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
    const length = (algorithm.length || this.getDefaultLength((algorithm.hash as Algorithm).name)) >> 3 << 3;
    const key = new HmacCryptoKey();
    key.algorithm = {
      ...algorithm as any,
      length,
      name: this.name,
    };
    key.extractable = extractable;
    key.usages = keyUsages;
    key.data = crypto.randomBytes(length >> 3);

    return setCryptoKey(key);
  }

  public override async onSign(algorithm: Algorithm, key: HmacCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
    const hash = key.algorithm.hash.name.replace("-", "");
    const hmac = crypto.createHmac(hash, getCryptoKey(key).data)
      .update(Buffer.from(data)).digest();

    return new Uint8Array(hmac).buffer;
  }

  public override async onVerify(algorithm: Algorithm, key: HmacCryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
    const hash = key.algorithm.hash.name.replace("-", "");
    const hmac = crypto.createHmac(hash, getCryptoKey(key).data)
      .update(Buffer.from(data)).digest();

    return hmac.compare(Buffer.from(signature)) === 0;
  }

  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
    let key: HmacCryptoKey;

    switch (format.toLowerCase()) {
      case "jwk":
        key = JsonParser.fromJSON(keyData, { targetSchema: HmacCryptoKey });
        break;
      case "raw":
        key = new HmacCryptoKey();
        key.data = Buffer.from(keyData as ArrayBuffer);
        break;
      default:
        throw new core.OperationError("format: Must be 'jwk' or 'raw'");
    }

    key.algorithm = {
      hash: { name: (algorithm.hash as Algorithm).name },
      name: this.name,
      length: key.data.length << 3,
    };
    key.extractable = extractable;
    key.usages = keyUsages;

    return setCryptoKey(key);
  }

  public async onExportKey(format: KeyFormat, key: HmacCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
    switch (format.toLowerCase()) {
      case "jwk":
        return JsonSerializer.toJSON(getCryptoKey(key));
      case "raw":
        return new Uint8Array(getCryptoKey(key).data).buffer;
      default:
        throw new core.OperationError("format: Must be 'jwk' or 'raw'");
    }
  }

  public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
    super.checkCryptoKey(key, keyUsage);
    if (!(getCryptoKey(key) instanceof HmacCryptoKey)) {
      throw new TypeError("key: Is not HMAC CryptoKey");
    }
  }

}
Add files 2019-01-25 10:43:13 +00:00			`import crypto from "crypto";`
tslint -> eslint 2020-03-13 11:06:53 +00:00			`import { JsonParser, JsonSerializer } from "@peculiar/json-schema";`
Add files 2019-01-25 10:43:13 +00:00			`import * as core from "webcrypto-core";`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`import { setCryptoKey, getCryptoKey } from "../storage";`
Add files 2019-01-25 10:43:13 +00:00			`import { HmacCryptoKey } from "./key";`

			`export class HmacProvider extends core.HmacProvider {`

			`public async onGenerateKey(algorithm: HmacKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {`
hmac: round generate algorithm length 2020-04-18 20:17:36 +00:00			`const length = (algorithm.length \|\| this.getDefaultLength((algorithm.hash as Algorithm).name)) >> 3 << 3;`
Add files 2019-01-25 10:43:13 +00:00			`const key = new HmacCryptoKey();`
			`key.algorithm = {`
			`...algorithm as any,`
fix hmac generate length param assignment 2020-04-18 19:51:51 +00:00			`length,`
Add files 2019-01-25 10:43:13 +00:00			`name: this.name,`
			`};`
			`key.extractable = extractable;`
			`key.usages = keyUsages;`
			`key.data = crypto.randomBytes(length >> 3);`

Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`return setCryptoKey(key);`
Add files 2019-01-25 10:43:13 +00:00			`}`

refactor: use TS override option 2022-03-02 18:35:31 +00:00			`public override async onSign(algorithm: Algorithm, key: HmacCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {`
Add files 2019-01-25 10:43:13 +00:00			`const hash = key.algorithm.hash.name.replace("-", "");`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`const hmac = crypto.createHmac(hash, getCryptoKey(key).data)`
Add files 2019-01-25 10:43:13 +00:00			`.update(Buffer.from(data)).digest();`

			`return new Uint8Array(hmac).buffer;`
			`}`

refactor: use TS override option 2022-03-02 18:35:31 +00:00			`public override async onVerify(algorithm: Algorithm, key: HmacCryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {`
Add files 2019-01-25 10:43:13 +00:00			`const hash = key.algorithm.hash.name.replace("-", "");`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`const hmac = crypto.createHmac(hash, getCryptoKey(key).data)`
Add files 2019-01-25 10:43:13 +00:00			`.update(Buffer.from(data)).digest();`

			`return hmac.compare(Buffer.from(signature)) === 0;`
			`}`

			`public async onImportKey(format: KeyFormat, keyData: JsonWebKey \| ArrayBuffer, algorithm: HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {`
			`let key: HmacCryptoKey;`

			`switch (format.toLowerCase()) {`
			`case "jwk":`
Update json-schema version 2019-01-25 12:48:21 +00:00			`key = JsonParser.fromJSON(keyData, { targetSchema: HmacCryptoKey });`
Add files 2019-01-25 10:43:13 +00:00			`break;`
			`case "raw":`
			`key = new HmacCryptoKey();`
			`key.data = Buffer.from(keyData as ArrayBuffer);`
			`break;`
			`default:`
			`throw new core.OperationError("format: Must be 'jwk' or 'raw'");`
			`}`

			`key.algorithm = {`
			`hash: { name: (algorithm.hash as Algorithm).name },`
			`name: this.name,`
			`length: key.data.length << 3,`
			`};`
			`key.extractable = extractable;`
			`key.usages = keyUsages;`

Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`return setCryptoKey(key);`
Add files 2019-01-25 10:43:13 +00:00			`}`

			`public async onExportKey(format: KeyFormat, key: HmacCryptoKey): Promise<JsonWebKey \| ArrayBuffer> {`
			`switch (format.toLowerCase()) {`
			`case "jwk":`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`return JsonSerializer.toJSON(getCryptoKey(key));`
Add files 2019-01-25 10:43:13 +00:00			`case "raw":`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`return new Uint8Array(getCryptoKey(key).data).buffer;`
Add files 2019-01-25 10:43:13 +00:00			`default:`
			`throw new core.OperationError("format: Must be 'jwk' or 'raw'");`
			`}`
			`}`

refactor: use TS override option 2022-03-02 18:35:31 +00:00			`public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {`
Add files 2019-01-25 10:43:13 +00:00			`super.checkCryptoKey(key, keyUsage);`
Use WeakMap to protect private data 2020-03-13 15:20:02 +00:00			`if (!(getCryptoKey(key) instanceof HmacCryptoKey)) {`
Add files 2019-01-25 10:43:13 +00:00			`throw new TypeError("key: Is not HMAC CryptoKey");`
			`}`
			`}`

			`}`