LumeWeb
/
webcrypto
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

RSA: RSA-PKCS1 -> RSAES-PKCS1-v1_5

This commit is contained in:
microshine 2019-08-26 23:41:57 +03:00
parent 5c20f047d1
commit a9556f7885
5 changed files with 16 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -38,8 +38,8 @@ npm install @peculiar/webcrypto
| SHA-512 | | X | | | | | | | SHA-512 | | X | | | | | |
| HMAC | X | | X | X | | | | | HMAC | X | | X | X | | | |
| RSASSA-PKCS1-v1_5 | X | | X | X | | | | | RSASSA-PKCS1-v1_5 | X | | X | X | | | |
| RSAES-PKCS1-v1_5<sup>2</sup>| X | | X | | X | X | |
| RSA-PSS | X | | X | X | | | | | RSA-PSS | X | | X | X | | | |
| RSA-PKCS1<sup>2</sup>| X | | X | X | X | X | |
| RSA-OAEP | X | | X | | X | X | | | RSA-OAEP | X | | X | | X | X | |
| AES-CMAC | X | | X | X | | | | | AES-CMAC | X | | X | X | | | |
| AES-CBC | X | | X | | X | X | | | AES-CBC | X | | X | | X | X | |

2
src/mechs/rsa/index.ts
View File

@ -3,4 +3,4 @@ export * from "./public_key";
export * from "./rsa_ssa"; export * from "./rsa_ssa";
export * from "./rsa_pss"; export * from "./rsa_pss";
export * from "./rsa_oaep"; export * from "./rsa_oaep";
export * from "./rsa_pkcs1"; export * from "./rsa_es";

56
src/mechs/rsa/rsa_pkcs1.ts → src/mechs/rsa/rsa_es.ts
View File

@ -6,17 +6,13 @@ import { RsaCrypto } from "./crypto";
import { RsaPrivateKey } from "./private_key"; import { RsaPrivateKey } from "./private_key";
import { RsaPublicKey } from "./public_key"; import { RsaPublicKey } from "./public_key";
export type RsaPkcs1Params = Algorithm; export class RsaEsProvider extends core.ProviderCrypto {
export type RsaPkcs1SignParams = core.HashedAlgorithm;
export class RsaPkcs1Provider extends core.ProviderCrypto { public name = "RSAES-PKCS1-v1_5";
public name = "RSA-PKCS1";
public usages = { public usages = {
publicKey: ["encrypt", "wrapKey", "verify"] as core.KeyUsages, publicKey: ["encrypt", "wrapKey"] as core.KeyUsages,
privateKey: ["decrypt", "unwrapKey", "sign"] as core.KeyUsages, privateKey: ["decrypt", "unwrapKey"] as core.KeyUsages,
}; };
public hashAlgorithms = ["SHA-1", "SHA-256", "SHA-384", "SHA-512"];
public async onGenerateKey(algorithm: RsaKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> { public async onGenerateKey(algorithm: RsaKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
const key = await RsaCrypto.generateKey( const key = await RsaCrypto.generateKey(
@ -53,46 +49,13 @@ export class RsaPkcs1Provider extends core.ProviderCrypto {
} }
} }
public async onSign(algorithm: RsaPkcs1SignParams, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> { public async onEncrypt(algorithm: Algorithm, key: RsaPublicKey, data: ArrayBuffer): Promise<ArrayBuffer> {
const signature = crypto
.createSign((algorithm.hash as Algorithm).name.replace("-", ""))
.update(Buffer.from(data))
.sign(this.toCryptoOptions(key) as any);
return new Uint8Array(signature).buffer;
}
public checkSign(algorithm: RsaPkcs1SignParams, key: CryptoKey, data: ArrayBuffer) {
this.checkAlgorithmName(algorithm);
this.checkAlgorithmSignParams(algorithm);
this.checkCryptoKey(key, "sign");
}
public checkAlgorithmSignParams(algorithm: RsaPkcs1SignParams) {
this.checkRequiredProperty(algorithm, "hash");
this.checkHashAlgorithm(algorithm.hash as Algorithm, this.hashAlgorithms);
}
public async onVerify(algorithm: RsaPkcs1SignParams, key: RsaPublicKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
const ok = crypto
.createVerify((algorithm.hash as Algorithm).name.replace("-", ""))
.update(Buffer.from(data))
.verify(this.toCryptoOptions(key) as any, Buffer.from(signature));
return ok;
}
public checkVerify(algorithm: RsaPkcs1SignParams, key: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer) {
this.checkAlgorithmName(algorithm);
this.checkAlgorithmSignParams(algorithm);
this.checkCryptoKey(key, "verify");
}
public async onEncrypt(algorithm: RsaPkcs1Params, key: RsaPublicKey, data: ArrayBuffer): Promise<ArrayBuffer> {
const options = this.toCryptoOptions(key); const options = this.toCryptoOptions(key);
const enc = crypto.publicEncrypt(options, new Uint8Array(data)); const enc = crypto.publicEncrypt(options, new Uint8Array(data));
return new Uint8Array(enc).buffer; return new Uint8Array(enc).buffer;
} }
public async onDecrypt(algorithm: RsaPkcs1Params, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> { public async onDecrypt(algorithm: Algorithm, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
const options = this.toCryptoOptions(key); const options = this.toCryptoOptions(key);
const dec = crypto.privateDecrypt(options, new Uint8Array(data)); const dec = crypto.privateDecrypt(options, new Uint8Array(data));
return new Uint8Array(dec).buffer; return new Uint8Array(dec).buffer;
@ -124,11 +87,4 @@ export class RsaPkcs1Provider extends core.ProviderCrypto {
padding: crypto.constants.RSA_PKCS1_PADDING, padding: crypto.constants.RSA_PKCS1_PADDING,
}; };
} }
private prepareSignData(algorithm: RsaPkcs1SignParams, data: ArrayBuffer) {
return crypto
.createHash((algorithm.hash as Algorithm).name.replace("-", ""))
.update(Buffer.from(data))
.digest();
}
} }

4
src/subtle.ts
View File

@ -6,7 +6,7 @@ import {
EcdsaProvider, HkdfProvider, EcdsaProvider, HkdfProvider,
HmacProvider, HmacProvider,
Pbkdf2Provider, Pbkdf2Provider,
RsaOaepProvider, RsaPkcs1Provider, RsaPssProvider, RsaSsaProvider, RsaEsProvider, RsaOaepProvider, RsaPssProvider, RsaSsaProvider,
Sha1Provider, Sha256Provider, Sha384Provider, Sha512Provider, Sha1Provider, Sha256Provider, Sha384Provider, Sha512Provider,
} from "./mechs"; } from "./mechs";
@ -31,7 +31,7 @@ export class SubtleCrypto extends core.SubtleCrypto {
this.providers.set(new RsaSsaProvider()); this.providers.set(new RsaSsaProvider());
this.providers.set(new RsaPssProvider()); this.providers.set(new RsaPssProvider());
this.providers.set(new RsaOaepProvider()); this.providers.set(new RsaOaepProvider());
this.providers.set(new RsaPkcs1Provider()); this.providers.set(new RsaEsProvider());
//#endregion //#endregion
//#region EC //#region EC

58
test/rsa.ts
View File

@ -300,14 +300,14 @@ context("RSA", () => {
], ],
}, },
}, },
// RSA-PKCS1 // RSAES-PKCS1-v1_5
{ {
name: "RSA-PKCS1", name: "RSAES-PKCS1-v1_5",
actions: { actions: {
generateKey: [ generateKey: [
{ {
algorithm: { algorithm: {
name: "RSA-PKCS1", name: "RSAES-PKCS1-v1_5",
publicExponent: new Uint8Array([1, 0, 1]), publicExponent: new Uint8Array([1, 0, 1]),
modulusLength: 1024, modulusLength: 1024,
} as RsaKeyGenParams, } as RsaKeyGenParams,
@ -318,14 +318,14 @@ context("RSA", () => {
encrypt: [ encrypt: [
{ {
algorithm: { algorithm: {
name: "RSA-PKCS1", name: "RSAES-PKCS1-v1_5",
} as Algorithm, } as Algorithm,
data: Convert.FromHex("01435e62ad3ec4850720e34f8cab620e203749f2315b203d"), data: Convert.FromHex("01435e62ad3ec4850720e34f8cab620e203749f2315b203d"),
encData: Convert.FromHex("76e5ea6e1df52471454f790923f60e2baa7adf5017fe0a36c0af3e32f6390d570e1d592375ba6035fdf4ffa70764b797ab54d0ab1efe89cf31d7fc98240a4d08c2476b7eb4c2d92355b8bf60e3897c3fcbfe09f20c7b159d9a9c4a6b2ce5021dd313e492afa762c24930f97f03a429f7b2b1e1d6088651d60e323835807c6fefe7952f74e5da29e8e327ea46e69a0a6684272f022bf18ec602ffcd10a62666b35a51ec7c7d101096f663ddfa0924a86bdbcde0433b4f71dc42bfd9facf329558026f8667f1a71c3365e09843a12339d8aaf31987b0d800e53fd0835e990096cb145e278153faf1188cd5713c6fcd289cb77d80515e1d200139b8ccac4d3bcebc"), encData: Convert.FromHex("76e5ea6e1df52471454f790923f60e2baa7adf5017fe0a36c0af3e32f6390d570e1d592375ba6035fdf4ffa70764b797ab54d0ab1efe89cf31d7fc98240a4d08c2476b7eb4c2d92355b8bf60e3897c3fcbfe09f20c7b159d9a9c4a6b2ce5021dd313e492afa762c24930f97f03a429f7b2b1e1d6088651d60e323835807c6fefe7952f74e5da29e8e327ea46e69a0a6684272f022bf18ec602ffcd10a62666b35a51ec7c7d101096f663ddfa0924a86bdbcde0433b4f71dc42bfd9facf329558026f8667f1a71c3365e09843a12339d8aaf31987b0d800e53fd0835e990096cb145e278153faf1188cd5713c6fcd289cb77d80515e1d200139b8ccac4d3bcebc"),
key: { key: {
publicKey: { publicKey: {
format: "jwk" as KeyFormat, format: "jwk" as KeyFormat,
algorithm: { name: "RSA-PKCS1" } as Algorithm, algorithm: { name: "RSAES-PKCS1-v1_5" } as Algorithm,
data: { data: {
alg: "RS1", alg: "RS1",
e: "AQAB", e: "AQAB",
@ -339,7 +339,7 @@ context("RSA", () => {
}, },
privateKey: { privateKey: {
format: "jwk" as KeyFormat, format: "jwk" as KeyFormat,
algorithm: { name: "RSA-PKCS1"} as Algorithm, algorithm: { name: "RSAES-PKCS1-v1_5" } as Algorithm,
data: { data: {
kty: "RSA", kty: "RSA",
alg: "RS1", alg: "RS1",
@ -360,52 +360,6 @@ context("RSA", () => {
}, },
}, },
], ],
sign: [
{
algorithm: {
name: "RSA-PKCS1",
hash: "SHA-256",
} as Algorithm,
data: Convert.FromUtf8String("12345678901234567890"), // SHA-1 hash
signature: Convert.FromHex("3538e16a7181ea028f2bdb3e295e24b701635607c32802a3f8dfb7489f8469ddbf2095d221cf9aaeb7274c45e7e7fc127cc67d01d0954bf71a2b6c7e18f3449cf09ddb1eb85aea687e36ac4747deeb896583992d66216298b3ef85b799afec281298da777aa2eb0dbd71d80c0258be01566dd37f99022e98c7e59b8fb0e619b3990a7d120e31ac15ec39643f8f4ae3dd9282cb2c68ff9c364eb9a2caa28053e8008d531ba6c559187ebafd931554b94bb630ab96e0abffa824a10791eef3716fe1853260331173d3a1b04e5cd644423985b90d73828a7d7091519e9821eb12f2eb7d86bf6569f06cc6526931018b1deaba4e8b2dd8d02f7bdd8c53cef4f04a93"),
key: {
publicKey: {
format: "jwk" as KeyFormat,
algorithm: { name: "RSA-PKCS1" } as Algorithm,
data: {
alg: "RS1",
e: "AQAB",
ext: true,
key_ops: ["verify"],
kty: "RSA",
n: "xr8ELXq5dGFycys8jrc8vVPkWl2GzuRgyOxATtjcNIy5MD7j1XVsUH62VVdIVUUGt0IQ7K288ij3gkIPcIkRO6GmV0vbQAqHrjSHYUAtKQXbIgNRIuJGZvO5AXsxSo1X-tfhOxe140pseOkaehz1bGduhdcYWNR3xLmp7i-GQTRDo-v6CQXtFvSUwG_EIOXnl1trN2Q1Yw4wA1dbtY9FDz69uH-dEWTx7BFCAXVTQMjNe7BTvgGeQcX7XZIw5e2pd0pXjdIgb0xMgziwmc5bbABrGlhK7TmKqA47RlWzY_Lcj7VcTUfMfh7YKKichGTUbqxlgsRTma_e-0-vgDEz6w",
},
extractable: true,
keyUsages: ["verify"] as KeyUsage[],
},
privateKey: {
format: "jwk" as KeyFormat,
algorithm: { name: "RSA-PKCS1"} as Algorithm,
data: {
kty: "RSA",
alg: "RS1",
key_ops: ["sign"],
ext: true,
n: "xr8ELXq5dGFycys8jrc8vVPkWl2GzuRgyOxATtjcNIy5MD7j1XVsUH62VVdIVUUGt0IQ7K288ij3gkIPcIkRO6GmV0vbQAqHrjSHYUAtKQXbIgNRIuJGZvO5AXsxSo1X-tfhOxe140pseOkaehz1bGduhdcYWNR3xLmp7i-GQTRDo-v6CQXtFvSUwG_EIOXnl1trN2Q1Yw4wA1dbtY9FDz69uH-dEWTx7BFCAXVTQMjNe7BTvgGeQcX7XZIw5e2pd0pXjdIgb0xMgziwmc5bbABrGlhK7TmKqA47RlWzY_Lcj7VcTUfMfh7YKKichGTUbqxlgsRTma_e-0-vgDEz6w",
e: "AQAB",
d: "kZ2IoQ3G7UcshMdL8kC85vadW7wktldLtkqqf1qSVIo6cOfTJCWJe5yrWPG_VIJjfkeQgOh2hHKRjcV67HfwwWEZr-IrPMu6R1_DRPSxYdohiNUnUEi7TlkJ1tT882OF74rWQeaIZIS13wzjUk7_XjKWHsfO1d6t9dwWbiYx1nj4syQCcUrvHIgVXCfL85Tyu3NHqpxOdbzRb2OLmkv5ciHFExm4ai98xAgsEXbNvZQeSOOfKNsiCb-NjBXLYrbaDIsakAEV75893JubfeD51UHn7dPT8M8MmKEvrTOKCscShf01scTDHfx_hiOXK3XG4tVx9l2YGEkt3xCedljocQ",
p: "_dWMJ57SECcBbOjPRCvT97ypDyw9ydvnSZXTsn9c7ScxvUxBk6-wuMtgsLI8OWkhZGDBLyVrn-I3RMAN-A5QI_adoGdK7fq5lFWmQYvb1u1xUaGEInVFsM3BW7RBBF8N7OzHwULEQLTXb4jkpgwyCynsX0OEbVVvVerqrcr7osM",
q: "yHEjuQe9TNo-leMrL6cu-yDPfA85M8xQuBM59Cwz06-ggBRi9EOpbV-CrejGUbVlE9QmKGqIBT8C3NVBQwybzlgUihgIpnVgkb01lLEf13ohQ_GWV1mS8ybznjMgaVtVF5Lva4WixIDlXbOu4svVQpkr-KRpKvEMUCTsX-Sxx7k",
dp: "jMP4TaCN7dczuyoAh1Wm3yQIvRlTyrXgtbYZCEwJRJsPwmKfmz87Sb-_hz3QmCXtFrVxbKvb23agH8hB9uY5GziQgXvG2eLJN7Gn2YGuEKrsxNBFbraKR1pTeH-l7r6oAlPtEwfrvdaMApZv9oWc2wQMyWev8NIIRCVar7Z5hfE",
dq: "wi2g3sJZp9cRpGEDWFHM2KnrdxLEZqK7W-f8T8h2mM9eXFXjmyDlRLivP0zuuv9QoUn3gVXa2cI2QrsxUwQm-Fop47Hux1uUpvs2qgqBf1yoV0r2Sz7Sdk442fxLnOVG5OSKno5Cpbz89q54cOvoeHEswN59p4UHWai7eRZzB7k",
qi: "k9hlEyvZCWj8Fvxrknj5WHgaLrSqaVku3PVod2wUJox3aZ8vUsGmmD27lfiWwVKNRmgxLiazY40pLPu07SEmlJgF8QjzDb33k5Pcn9wRuezcCi-53LBRK6-EptZ-UjEINBlM_Cx_WOuxs7P77pwcCo2NV76ilxP5PP_34SUZ0ts",
},
extractable: true,
keyUsages: ["sign"] as KeyUsage[],
},
},
},
],
}, },
}, },
]); ]);