*add build

fix: type declaration for Crypto

.github/workflows/test.yml

@@ -16,7 +16,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [14.x, 16.x]
+        node-version: [14.x, 16.x, 18.x]
 
     steps:
       - uses: actions/checkout@v2
@@ -39,7 +39,7 @@ jobs:
             ${{ runner.os }}-
 
       - name: Install global dependencies
-        run: npm i yarn -g
+        run: npm i yarn nyc coveralls -g
 
       - name: Install dependencies
         run: yarn

CHANGELOG.md

@@ -2,6 +2,22 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.4.3](https://github.com/PeculiarVentures/webcrypto/compare/v1.4.2...v1.4.3) (2023-03-24)
+
+
+### Bug Fixes
+
+* type declaration for Crypto ([335c2cb](https://github.com/PeculiarVentures/webcrypto/commit/335c2cb45236a4832b4b5cccb869f19f458bfc2b))
+
+### [1.4.2](https://github.com/PeculiarVentures/webcrypto/compare/v1.4.0...v1.4.2) (2023-03-21)
+
+
+### Bug Fixes
+
+* disable DES-CBC for Node v18 ([1ebf900](https://github.com/PeculiarVentures/webcrypto/commit/1ebf9006e67102b16aada2e54d5a32419d8cc3b8))
+* ECDH with null length ([48f5a8c](https://github.com/PeculiarVentures/webcrypto/commit/48f5a8c19d81732a89b897fad0e6ac0e084c6333))
+* publish ([e2f61b8](https://github.com/PeculiarVentures/webcrypto/commit/e2f61b8b5619767a4bd82d91631a4a15e4e5de92))
+
 ## [1.4.0](https://github.com/PeculiarVentures/webcrypto/compare/v1.3.3...v1.4.0) (2022-05-12)
 
 

index.d.ts

@@ -1,7 +1,7 @@
 export declare class Crypto implements globalThis.Crypto {
   public subtle: SubtleCrypto;
   public getRandomValues<T extends ArrayBufferView | null>(array: T): T;
-  public randomUUID(): string;
+  randomUUID(): `${string}-${string}-${string}-${string}-${string}`;
 }
 
 export declare class CryptoKey implements globalThis.CryptoKey {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@peculiar/webcrypto",
-  "version": "1.4.0",
+  "version": "1.4.3",
   "description": "A WebCrypto Polyfill for NodeJS",
   "repository": {
     "type": "git",
@@ -54,27 +54,27 @@
   "homepage": "https://github.com/PeculiarVentures/webcrypto#readme",
   "devDependencies": {
     "@peculiar/webcrypto-test": "^1.0.7",
-    "@types/mocha": "^9.1.1",
-    "@types/node": "^17.0.32",
-    "@typescript-eslint/eslint-plugin": "^5.23.0",
-    "@typescript-eslint/parser": "^5.23.0",
-    "coveralls": "^3.1.1",
-    "eslint": "^8.15.0",
-    "eslint-plugin-import": "^2.26.0",
-    "mocha": "^10.0.0",
-    "nyc": "^15.1.0",
-    "rimraf": "^3.0.2",
-    "rollup": "^2.72.1",
-    "rollup-plugin-typescript2": "^0.31.2",
-    "ts-node": "^10.7.0",
-    "typescript": "^4.6.4"
+    "@types/mocha": "^10.0.1",
+    "@types/node": "^18.15.5",
+    "@typescript-eslint/eslint-plugin": "^5.56.0",
+    "@typescript-eslint/parser": "^5.56.0",
+    "eslint": "^8.36.0",
+    "eslint-plugin-import": "^2.27.5",
+    "mocha": "^10.2.0",
+    "prettier": "^2.8.7",
+    "rimraf": "^4.4.0",
+    "rollup": "^3.20.0",
+    "rollup-plugin-typescript2": "^0.34.1",
+    "ts-node": "^10.9.1",
+    "typescript": "^5.0.2"
   },
   "dependencies": {
-    "@peculiar/asn1-schema": "^2.1.6",
+    "@peculiar/asn1-schema": "^2.3.6",
     "@peculiar/json-schema": "^1.1.12",
+    "buffer": "^6.0.3",
     "pvtsutils": "^1.3.2",
-    "tslib": "^2.4.0",
-    "webcrypto-core": "^1.7.4"
+    "tslib": "^2.5.0",
+    "webcrypto-core": "^1.7.7"
   },
   "nyc": {
     "extension": [

rollup.config.mjs

@@ -1,5 +1,5 @@
 import typescript from "rollup-plugin-typescript2";
-import pkg from "./package.json";
+import pkg from "./package.json" assert { type: "json" };
 
 const banner = [
   "/*!",

src/converters/base64_url.ts

@@ -1,3 +1,4 @@
+import { Buffer } from "buffer";
 import { IJsonConverter } from "@peculiar/json-schema";
 import { Convert } from "pvtsutils";
 

src/crypto.ts

@@ -1,18 +1,23 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import * as core from "webcrypto-core";
 import { SubtleCrypto } from "./subtle";
 
 export class Crypto extends core.Crypto {
-
   public subtle = new SubtleCrypto();
 
   public getRandomValues<T extends ArrayBufferView | null>(array: T): T {
     if (!ArrayBuffer.isView(array)) {
-      throw new TypeError("Failed to execute 'getRandomValues' on 'Crypto': parameter 1 is not of type 'ArrayBufferView'");
+      throw new TypeError(
+        "Failed to execute 'getRandomValues' on 'Crypto': parameter 1 is not of type 'ArrayBufferView'"
+      );
     }
-    const buffer = Buffer.from(array.buffer, array.byteOffset, array.byteLength);
+    const buffer = Buffer.from(
+      array.buffer,
+      array.byteOffset,
+      array.byteLength
+    );
     crypto.randomFillSync(buffer);
     return array;
   }
-
 }

src/keys/asymmetric.ts

@@ -1,8 +1,6 @@
 import { CryptoKey } from "./key";
 
 export abstract class AsymmetricKey extends CryptoKey {
-
   public abstract override type: "public" | "private";
   public pem?: string;
-
 }

src/keys/key.ts

@@ -1,3 +1,4 @@
+import { Buffer } from "buffer";
 import { JsonProp, JsonPropTypes } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
 
@@ -11,7 +12,12 @@ export class CryptoKey extends core.CryptoKey {
 
   public override type: KeyType = "secret";
 
-  @JsonProp({ name: "key_ops", type: JsonPropTypes.String, repeated: true, optional: true })
+  @JsonProp({
+    name: "key_ops",
+    type: JsonPropTypes.String,
+    repeated: true,
+    optional: true,
+  })
   public override usages: KeyUsage[] = [];
 
   @JsonProp({ type: JsonPropTypes.String })

src/keys/symmetric.ts

@@ -1,8 +1,6 @@
 import { CryptoKey } from "./key";
 
 export class SymmetricKey extends CryptoKey {
-
   public override readonly kty = "oct";
-  public override readonly type: "secret" = "secret";
-
+  public override readonly type = "secret" as const;
 }

src/mechs/aes/aes_cbc.ts

@@ -1,36 +1,71 @@
 import * as core from "webcrypto-core";
-import { getCryptoKey, setCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { getCryptoKey, setCryptoKey } from "../storage";
 
 export class AesCbcProvider extends core.AesCbcProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const key = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.encrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.decrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 

src/mechs/aes/aes_cmac.ts

@@ -1,8 +1,9 @@
+import { Buffer } from "buffer";
 import * as crypto from "crypto";
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 /**
  * AES-CMAC implementation source code from https://github.com/allan-stewart/node-aes-cmac
@@ -90,14 +91,17 @@ function aesCmac(key: Buffer, message: Buffer) {
     blockCount = 1;
     lastBlockCompleteFlag = false;
   } else {
-    lastBlockCompleteFlag = (message.length % blockSize === 0);
+    lastBlockCompleteFlag = message.length % blockSize === 0;
   }
   const lastBlockIndex = blockCount - 1;
 
   if (lastBlockCompleteFlag) {
     lastBlock = xor(getMessageBlock(message, lastBlockIndex), subkeys.subkey1);
   } else {
-    lastBlock = xor(getPaddedMessageBlock(message, lastBlockIndex), subkeys.subkey2);
+    lastBlock = xor(
+      getPaddedMessageBlock(message, lastBlockIndex),
+      subkeys.subkey2
+    );
   }
 
   let x = zero;
@@ -112,35 +116,63 @@ function aesCmac(key: Buffer, message: Buffer) {
 }
 
 export class AesCmacProvider extends core.AesCmacProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const key = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onSign(algorithm: core.AesCmacParams, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public async onSign(
+    algorithm: core.AesCmacParams,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const result = aesCmac(getCryptoKey(key).data, Buffer.from(data));
     return new Uint8Array(result).buffer;
   }
 
-  public async onVerify(algorithm: core.AesCmacParams, key: AesCryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
+  public async onVerify(
+    algorithm: core.AesCmacParams,
+    key: AesCryptoKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
     const signature2 = await this.sign(algorithm, key, data);
     return Buffer.from(signature).compare(Buffer.from(signature2)) === 0;
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const res = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const res = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(res);
   }
 

src/mechs/aes/aes_ctr.ts

@@ -1,36 +1,71 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class AesCtrProvider extends core.AesCtrProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const key = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: AesCtrParams, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.encrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: AesCtrParams,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: AesCtrParams, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.decrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: AesCtrParams,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const res = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const res = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(res);
   }
 

src/mechs/aes/aes_ecb.ts

@@ -1,36 +1,71 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class AesEcbProvider extends core.AesEcbProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const key = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.encrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.decrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const res = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const res = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(res);
   }
 

src/mechs/aes/aes_gcm.ts

@@ -1,36 +1,71 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class AesGcmProvider extends core.AesGcmProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const key = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: AesGcmParams, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.encrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: AesGcmParams,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: AesGcmParams, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.decrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: AesGcmParams,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const res = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const res = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(res);
   }
 

src/mechs/aes/aes_kw.ts

@@ -1,37 +1,71 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { AesCrypto } from "./crypto";
 import { AesCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class AesKwProvider extends core.AesKwProvider {
-
-  public async onGenerateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onGenerateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     const res = await AesCrypto.generateKey(
       {
         name: this.name,
         length: algorithm.length,
       },
       extractable,
-      keyUsages,
+      keyUsages
     );
     return setCryptoKey(res);
   }
 
-  public async onExportKey(format: KeyFormat, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return AesCrypto.exportKey(format, getCryptoKey(key) as AesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const res = await AesCrypto.importKey(format, keyData, { name: algorithm.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const res = await AesCrypto.importKey(
+      format,
+      keyData,
+      { name: algorithm.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(res);
   }
 
-  public override async onEncrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.encrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public override async onEncrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public override async onDecrypt(algorithm: Algorithm, key: AesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return AesCrypto.decrypt(algorithm, getCryptoKey(key) as AesCryptoKey, new Uint8Array(data));
+  public override async onDecrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return AesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as AesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {

src/mechs/aes/crypto.ts

@@ -1,14 +1,18 @@
+import { Buffer } from "buffer";
 import crypto, { CipherGCM, DecipherGCM } from "crypto";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
 import { AesCryptoKey } from "./key";
+import { CryptoKey } from "../../keys";
 
 export class AesCrypto {
-
   public static AES_KW_IV = Buffer.from("A6A6A6A6A6A6A6A6", "hex");
 
-  public static async generateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<AesCryptoKey> {
+  public static async generateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<AesCryptoKey> {
     const key = new AesCryptoKey();
     key.algorithm = algorithm;
     key.extractable = extractable;
@@ -18,7 +22,10 @@ export class AesCrypto {
     return key;
   }
 
-  public static async exportKey(format: string, key: AesCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public static async exportKey(
+    format: string,
+    key: AesCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     if (!(key instanceof AesCryptoKey)) {
       throw new Error("key: Is not AesCryptoKey");
     }
@@ -33,7 +40,13 @@ export class AesCrypto {
     }
   }
 
-  public static async importKey(format: string, keyData: JsonWebKey | ArrayBuffer, algorithm: any, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public static async importKey(
+    format: string,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: any,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     let key: AesCryptoKey;
 
     switch (format.toLowerCase()) {
@@ -66,78 +79,167 @@ export class AesCrypto {
     return key;
   }
 
-  public static async encrypt(algorithm: Algorithm, key: AesCryptoKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async encrypt(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     switch (algorithm.name.toUpperCase()) {
       case "AES-CBC":
-        return this.encryptAesCBC(algorithm as AesCbcParams, key, Buffer.from(data));
+        return this.encryptAesCBC(
+          algorithm as AesCbcParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-CTR":
-        return this.encryptAesCTR(algorithm as AesCtrParams, key, Buffer.from(data));
+        return this.encryptAesCTR(
+          algorithm as AesCtrParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-GCM":
-        return this.encryptAesGCM(algorithm as AesGcmParams, key, Buffer.from(data));
+        return this.encryptAesGCM(
+          algorithm as AesGcmParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-KW":
-        return this.encryptAesKW(algorithm as AesKeyAlgorithm, key, Buffer.from(data));
+        return this.encryptAesKW(
+          algorithm as AesKeyAlgorithm,
+          key,
+          Buffer.from(data)
+        );
       case "AES-ECB":
-        return this.encryptAesECB(algorithm as AesKeyAlgorithm, key, Buffer.from(data));
+        return this.encryptAesECB(
+          algorithm as AesKeyAlgorithm,
+          key,
+          Buffer.from(data)
+        );
       default:
         throw new core.OperationError("algorithm: Is not recognized");
     }
   }
 
-  public static async decrypt(algorithm: Algorithm, key: CryptoKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async decrypt(
+    algorithm: Algorithm,
+    key: CryptoKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     if (!(key instanceof AesCryptoKey)) {
       throw new Error("key: Is not AesCryptoKey");
     }
 
     switch (algorithm.name.toUpperCase()) {
       case "AES-CBC":
-        return this.decryptAesCBC(algorithm as AesCbcParams, key, Buffer.from(data));
+        return this.decryptAesCBC(
+          algorithm as AesCbcParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-CTR":
-        return this.decryptAesCTR(algorithm as AesCtrParams, key, Buffer.from(data));
+        return this.decryptAesCTR(
+          algorithm as AesCtrParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-GCM":
-        return this.decryptAesGCM(algorithm as AesGcmParams, key, Buffer.from(data));
+        return this.decryptAesGCM(
+          algorithm as AesGcmParams,
+          key,
+          Buffer.from(data)
+        );
       case "AES-KW":
-        return this.decryptAesKW(algorithm as AesKeyAlgorithm, key, Buffer.from(data));
+        return this.decryptAesKW(
+          algorithm as AesKeyAlgorithm,
+          key,
+          Buffer.from(data)
+        );
       case "AES-ECB":
-        return this.decryptAesECB(algorithm as AesKeyAlgorithm, key, Buffer.from(data));
+        return this.decryptAesECB(
+          algorithm as AesKeyAlgorithm,
+          key,
+          Buffer.from(data)
+        );
       default:
         throw new core.OperationError("algorithm: Is not recognized");
     }
   }
 
-  public static async encryptAesCBC(algorithm: AesCbcParams, key: AesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`aes-${key.algorithm.length}-cbc`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer));
+  public static async encryptAesCBC(
+    algorithm: AesCbcParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `aes-${key.algorithm.length}-cbc`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     const res = new Uint8Array(enc).buffer;
     return res;
   }
 
-  public static async decryptAesCBC(algorithm: AesCbcParams, key: AesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`aes-${key.algorithm.length}-cbc`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer));
+  public static async decryptAesCBC(
+    algorithm: AesCbcParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `aes-${key.algorithm.length}-cbc`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;
   }
 
-  public static async encryptAesCTR(algorithm: AesCtrParams, key: AesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`aes-${key.algorithm.length}-ctr`, key.data, Buffer.from(algorithm.counter as ArrayBuffer));
+  public static async encryptAesCTR(
+    algorithm: AesCtrParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `aes-${key.algorithm.length}-ctr`,
+      key.data,
+      Buffer.from(algorithm.counter as ArrayBuffer)
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     const res = new Uint8Array(enc).buffer;
     return res;
   }
 
-  public static async decryptAesCTR(algorithm: AesCtrParams, key: AesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`aes-${key.algorithm.length}-ctr`, key.data, new Uint8Array(algorithm.counter as ArrayBuffer));
+  public static async decryptAesCTR(
+    algorithm: AesCtrParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `aes-${key.algorithm.length}-ctr`,
+      key.data,
+      new Uint8Array(algorithm.counter as ArrayBuffer)
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;
   }
 
-  public static async encryptAesGCM(algorithm: AesGcmParams, key: AesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`aes-${key.algorithm.length}-gcm`, key.data, Buffer.from(algorithm.iv as ArrayBuffer), {
+  public static async encryptAesGCM(
+    algorithm: AesGcmParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `aes-${key.algorithm.length}-gcm`,
+      key.data,
+      Buffer.from(algorithm.iv as ArrayBuffer),
+      {
         authTagLength: (algorithm.tagLength || 128) >> 3,
-    } as any) as CipherGCM; // NodeJs d.ts doesn't support CipherGCMOptions for createCipheriv
+      } as any
+    ) as CipherGCM; // NodeJs d.ts doesn't support CipherGCMOptions for createCipheriv
     if (algorithm.additionalData) {
       cipher.setAAD(Buffer.from(algorithm.additionalData as ArrayBuffer));
     }
@@ -147,8 +249,16 @@ export class AesCrypto {
     return res;
   }
 
-  public static async decryptAesGCM(algorithm: AesGcmParams, key: AesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`aes-${key.algorithm.length}-gcm`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer)) as DecipherGCM;
+  public static async decryptAesGCM(
+    algorithm: AesGcmParams,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `aes-${key.algorithm.length}-gcm`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    ) as DecipherGCM;
     const tagLength = (algorithm.tagLength || 128) >> 3;
     const enc = data.slice(0, data.length - tagLength);
     const tag = data.slice(data.length - tagLength);
@@ -161,30 +271,62 @@ export class AesCrypto {
     return new Uint8Array(dec).buffer;
   }
 
-  public static async encryptAesKW(algorithm: Algorithm, key: AesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`id-aes${key.algorithm.length}-wrap`, key.data, this.AES_KW_IV);
+  public static async encryptAesKW(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `id-aes${key.algorithm.length}-wrap`,
+      key.data,
+      this.AES_KW_IV
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     return new Uint8Array(enc).buffer;
   }
 
-  public static async decryptAesKW(algorithm: Algorithm, key: AesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`id-aes${key.algorithm.length}-wrap`, key.data, this.AES_KW_IV);
+  public static async decryptAesKW(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `id-aes${key.algorithm.length}-wrap`,
+      key.data,
+      this.AES_KW_IV
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;
   }
 
-  public static async encryptAesECB(algorithm: Algorithm, key: AesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`aes-${key.algorithm.length}-ecb`, key.data, new Uint8Array(0));
+  public static async encryptAesECB(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `aes-${key.algorithm.length}-ecb`,
+      key.data,
+      new Uint8Array(0)
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     const res = new Uint8Array(enc).buffer;
     return res;
   }
 
-  public static async decryptAesECB(algorithm: Algorithm, key: AesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`aes-${key.algorithm.length}-ecb`, key.data, new Uint8Array(0));
+  public static async decryptAesECB(
+    algorithm: Algorithm,
+    key: AesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `aes-${key.algorithm.length}-ecb`,
+      key.data,
+      new Uint8Array(0)
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;

src/mechs/aes/key.ts

@@ -4,10 +4,9 @@ import { JsonBase64UrlConverter } from "../../converters";
 import { SymmetricKey } from "../../keys";
 
 export class AesCryptoKey extends SymmetricKey {
-
   public override algorithm!: AesKeyAlgorithm;
 
-  @JsonProp({name: "k", converter: JsonBase64UrlConverter})
+  @JsonProp({ name: "k", converter: JsonBase64UrlConverter })
   public override data!: Buffer;
 
   // eslint-disable-next-line @typescript-eslint/ban-ts-comment
@@ -34,5 +33,4 @@ export class AesCryptoKey extends SymmetricKey {
   public override set alg(value: string) {
     // nothing, cause set is needed for json-schema, but is not used by module
   }
-
 }

src/mechs/des/crypto.ts

@@ -1,13 +1,17 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
 import { DesParams } from "webcrypto-core";
-import { CryptoKey } from "../../keys";
 import { DesCryptoKey } from "./key";
+import { CryptoKey } from "../../keys";
 
 export class DesCrypto {
-
-  public static async generateKey(algorithm: AesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<DesCryptoKey> {
+  public static async generateKey(
+    algorithm: AesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<DesCryptoKey> {
     const key = new DesCryptoKey();
     key.algorithm = algorithm;
     key.extractable = extractable;
@@ -17,7 +21,10 @@ export class DesCrypto {
     return key;
   }
 
-  public static async exportKey(format: string, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public static async exportKey(
+    format: string,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     switch (format.toLowerCase()) {
       case "jwk":
         return JsonSerializer.toJSON(key);
@@ -28,7 +35,13 @@ export class DesCrypto {
     }
   }
 
-  public static async importKey(format: string, keyData: JsonWebKey | ArrayBuffer, algorithm: any, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public static async importKey(
+    format: string,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: any,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     let key: DesCryptoKey;
 
     switch (format.toLowerCase()) {
@@ -50,7 +63,11 @@ export class DesCrypto {
     return key;
   }
 
-  public static async encrypt(algorithm: DesParams, key: DesCryptoKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async encrypt(
+    algorithm: DesParams,
+    key: DesCryptoKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     switch (algorithm.name.toUpperCase()) {
       case "DES-CBC":
         return this.encryptDesCBC(algorithm, key, Buffer.from(data));
@@ -61,7 +78,11 @@ export class DesCrypto {
     }
   }
 
-  public static async decrypt(algorithm: DesParams, key: CryptoKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async decrypt(
+    algorithm: DesParams,
+    key: CryptoKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     if (!(key instanceof DesCryptoKey)) {
       throw new Error("key: Is not DesCryptoKey");
     }
@@ -76,34 +97,65 @@ export class DesCrypto {
     }
   }
 
-  public static async encryptDesCBC(algorithm: DesParams, key: DesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`des-cbc`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer));
+  public static async encryptDesCBC(
+    algorithm: DesParams,
+    key: DesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `des-cbc`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     const res = new Uint8Array(enc).buffer;
     return res;
   }
 
-  public static async decryptDesCBC(algorithm: DesParams, key: DesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`des-cbc`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer));
+  public static async decryptDesCBC(
+    algorithm: DesParams,
+    key: DesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `des-cbc`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;
   }
 
-  public static async encryptDesEDE3CBC(algorithm: DesParams, key: DesCryptoKey, data: Buffer) {
-    const cipher = crypto.createCipheriv(`des-ede3-cbc`, key.data, Buffer.from(algorithm.iv as ArrayBuffer));
+  public static async encryptDesEDE3CBC(
+    algorithm: DesParams,
+    key: DesCryptoKey,
+    data: Buffer
+  ) {
+    const cipher = crypto.createCipheriv(
+      `des-ede3-cbc`,
+      key.data,
+      Buffer.from(algorithm.iv as ArrayBuffer)
+    );
     let enc = cipher.update(data);
     enc = Buffer.concat([enc, cipher.final()]);
     const res = new Uint8Array(enc).buffer;
     return res;
   }
 
-  public static async decryptDesEDE3CBC(algorithm: DesParams, key: DesCryptoKey, data: Buffer) {
-    const decipher = crypto.createDecipheriv(`des-ede3-cbc`, key.data, new Uint8Array(algorithm.iv as ArrayBuffer));
+  public static async decryptDesEDE3CBC(
+    algorithm: DesParams,
+    key: DesCryptoKey,
+    data: Buffer
+  ) {
+    const decipher = crypto.createDecipheriv(
+      `des-ede3-cbc`,
+      key.data,
+      new Uint8Array(algorithm.iv as ArrayBuffer)
+    );
     let dec = decipher.update(data);
     dec = Buffer.concat([dec, decipher.final()]);
     return new Uint8Array(dec).buffer;
   }
-
 }

src/mechs/des/des_cbc.ts

@@ -1,44 +1,79 @@
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { DesCrypto } from "./crypto";
 import { DesCryptoKey } from "./key";
+import { CryptoKey } from "../../keys";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export type DesCbcParams = core.DesParams;
 
 export class DesCbcProvider extends core.DesProvider {
-
   public keySizeBits = 64;
   public ivSize = 8;
   public name = "DES-CBC";
 
-  public async onGenerateKey(algorithm: core.DesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
+  public async onGenerateKey(
+    algorithm: core.DesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
     const key = await DesCrypto.generateKey(
       {
         name: this.name,
         length: this.keySizeBits,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: DesCbcParams, key: DesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return DesCrypto.encrypt(algorithm, getCryptoKey(key) as DesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: DesCbcParams,
+    key: DesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return DesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as DesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: DesCbcParams, key: DesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return DesCrypto.decrypt(algorithm, getCryptoKey(key) as DesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: DesCbcParams,
+    key: DesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return DesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as DesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return DesCrypto.exportKey(format, getCryptoKey(key) as DesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
-    const key = await DesCrypto.importKey(format, keyData, { name: this.name, length: this.keySizeBits }, extractable, keyUsages);
-    if (key.data.length !== (this.keySizeBits >> 3)) {
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
+    const key = await DesCrypto.importKey(
+      format,
+      keyData,
+      { name: this.name, length: this.keySizeBits },
+      extractable,
+      keyUsages
+    );
+    if (key.data.length !== this.keySizeBits >> 3) {
       throw new core.OperationError("keyData: Wrong key size");
     }
     return setCryptoKey(key);
@@ -50,5 +85,4 @@ export class DesCbcProvider extends core.DesProvider {
       throw new TypeError("key: Is not a DesCryptoKey");
     }
   }
-
 }

src/mechs/des/des_ede3_cbc.ts

@@ -1,44 +1,79 @@
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { DesCrypto } from "./crypto";
 import { DesCryptoKey } from "./key";
+import { CryptoKey } from "../../keys";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export type DesEde3CbcParams = core.DesParams;
 
 export class DesEde3CbcProvider extends core.DesProvider {
-
   public keySizeBits = 192;
   public ivSize = 8;
   public name = "DES-EDE3-CBC";
 
-  public async onGenerateKey(algorithm: core.DesKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
+  public async onGenerateKey(
+    algorithm: core.DesKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
     const key = await DesCrypto.generateKey(
       {
         name: this.name,
         length: this.keySizeBits,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return setCryptoKey(key);
   }
 
-  public async onEncrypt(algorithm: DesEde3CbcParams, key: DesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return DesCrypto.encrypt(algorithm, getCryptoKey(key) as DesCryptoKey, new Uint8Array(data));
+  public async onEncrypt(
+    algorithm: DesEde3CbcParams,
+    key: DesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return DesCrypto.encrypt(
+      algorithm,
+      getCryptoKey(key) as DesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onDecrypt(algorithm: DesEde3CbcParams, key: DesCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return DesCrypto.decrypt(algorithm, getCryptoKey(key) as DesCryptoKey, new Uint8Array(data));
+  public async onDecrypt(
+    algorithm: DesEde3CbcParams,
+    key: DesCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return DesCrypto.decrypt(
+      algorithm,
+      getCryptoKey(key) as DesCryptoKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return DesCrypto.exportKey(format, getCryptoKey(key) as DesCryptoKey);
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
-    const key = await DesCrypto.importKey(format, keyData, { name: this.name, length: this.keySizeBits }, extractable, keyUsages);
-    if (key.data.length !== (this.keySizeBits >> 3)) {
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
+    const key = await DesCrypto.importKey(
+      format,
+      keyData,
+      { name: this.name, length: this.keySizeBits },
+      extractable,
+      keyUsages
+    );
+    if (key.data.length !== this.keySizeBits >> 3) {
       throw new core.OperationError("keyData: Wrong key size");
     }
     return setCryptoKey(key);
@@ -50,5 +85,4 @@ export class DesEde3CbcProvider extends core.DesProvider {
       throw new TypeError("key: Is not a DesCryptoKey");
     }
   }
-
 }

src/mechs/des/key.ts

@@ -4,10 +4,9 @@ import { JsonBase64UrlConverter } from "../../converters";
 import { SymmetricKey } from "../../keys";
 
 export class DesCryptoKey extends SymmetricKey {
-
   public override algorithm!: core.DesKeyAlgorithm;
 
-  @JsonProp({name: "k", converter: JsonBase64UrlConverter})
+  @JsonProp({ name: "k", converter: JsonBase64UrlConverter })
   public override data!: Buffer;
 
   // eslint-disable-next-line @typescript-eslint/ban-ts-comment
@@ -26,5 +25,4 @@ export class DesCryptoKey extends SymmetricKey {
   public override set alg(value: string) {
     // nothing, cause set is needed for json-schema, but is not used by module
   }
-
 }

src/mechs/ec/crypto.ts

@@ -1,29 +1,37 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import { BufferSourceConverter } from "pvtsutils";
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
-import { ShaCrypto } from "../sha";
 import { getOidByNamedCurve } from "./helper";
 import { EcPrivateKey } from "./private_key";
 import { EcPublicKey } from "./public_key";
+import { CryptoKey } from "../../keys";
+import { ShaCrypto } from "../sha";
 
 export class EcCrypto {
-
   public static publicKeyUsages = ["verify"];
   public static privateKeyUsages = ["sign", "deriveKey", "deriveBits"];
 
-  public static async generateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public static async generateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const privateKey = new EcPrivateKey();
     privateKey.algorithm = algorithm;
     privateKey.extractable = extractable;
-    privateKey.usages = keyUsages.filter((usage) => this.privateKeyUsages.indexOf(usage) !== -1);
+    privateKey.usages = keyUsages.filter(
+      (usage) => this.privateKeyUsages.indexOf(usage) !== -1
+    );
 
     const publicKey = new EcPublicKey();
     publicKey.algorithm = algorithm;
     publicKey.extractable = true;
-    publicKey.usages = keyUsages.filter((usage) => this.publicKeyUsages.indexOf(usage) !== -1);
+    publicKey.usages = keyUsages.filter(
+      (usage) => this.publicKeyUsages.indexOf(usage) !== -1
+    );
 
     const keys = crypto.generateKeyPairSync("ec", {
       namedCurve: this.getOpenSSLNamedCurve(algorithm.namedCurve),
@@ -48,13 +56,19 @@ export class EcCrypto {
     return res;
   }
 
-  public static async sign(algorithm: EcdsaParams, key: EcPrivateKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async sign(
+    algorithm: EcdsaParams,
+    key: EcPrivateKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     const cryptoAlg = ShaCrypto.getAlgorithmName(algorithm.hash as Algorithm);
     const signer = crypto.createSign(cryptoAlg);
     signer.update(Buffer.from(data));
 
     if (!key.pem) {
-      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString("base64")}\n-----END PRIVATE KEY-----`;
+      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PRIVATE KEY-----`;
     }
     const options = {
       key: key.pem,
@@ -63,18 +77,28 @@ export class EcCrypto {
     const signature = signer.sign(options);
     const ecSignature = AsnParser.parse(signature, core.asn1.EcDsaSignature);
 
-    const signatureRaw = core.EcUtils.encodeSignature(ecSignature, core.EcCurves.get(key.algorithm.namedCurve).size);
+    const signatureRaw = core.EcUtils.encodeSignature(
+      ecSignature,
+      core.EcCurves.get(key.algorithm.namedCurve).size
+    );
 
     return signatureRaw.buffer;
   }
 
-  public static async verify(algorithm: EcdsaParams, key: EcPublicKey, signature: Uint8Array, data: Uint8Array): Promise<boolean> {
+  public static async verify(
+    algorithm: EcdsaParams,
+    key: EcPublicKey,
+    signature: Uint8Array,
+    data: Uint8Array
+  ): Promise<boolean> {
     const cryptoAlg = ShaCrypto.getAlgorithmName(algorithm.hash as Algorithm);
     const signer = crypto.createVerify(cryptoAlg);
     signer.update(Buffer.from(data));
 
     if (!key.pem) {
-      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString("base64")}\n-----END PUBLIC KEY-----`;
+      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PUBLIC KEY-----`;
     }
     const options = {
       key: key.pem,
@@ -82,7 +106,10 @@ export class EcCrypto {
 
     const ecSignature = new core.asn1.EcDsaSignature();
     const namedCurve = core.EcCurves.get(key.algorithm.namedCurve);
-    const signaturePoint = core.EcUtils.decodeSignature(signature, namedCurve.size);
+    const signaturePoint = core.EcUtils.decodeSignature(
+      signature,
+      namedCurve.size
+    );
     ecSignature.r = BufferSourceConverter.toArrayBuffer(signaturePoint.r);
     ecSignature.s = BufferSourceConverter.toArrayBuffer(signaturePoint.s);
 
@@ -91,21 +118,43 @@ export class EcCrypto {
     return ok;
   }
 
-  public static async deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number): Promise<ArrayBuffer> {
-    const cryptoAlg = this.getOpenSSLNamedCurve((baseKey.algorithm as EcKeyAlgorithm).namedCurve);
+  public static async deriveBits(
+    algorithm: EcdhKeyDeriveParams,
+    baseKey: CryptoKey,
+    length: number | null
+  ): Promise<ArrayBuffer> {
+    const cryptoAlg = this.getOpenSSLNamedCurve(
+      (baseKey.algorithm as EcKeyAlgorithm).namedCurve
+    );
 
     const ecdh = crypto.createECDH(cryptoAlg);
-    const asnPrivateKey = AsnParser.parse(baseKey.data, core.asn1.PrivateKeyInfo);
-    const asnEcPrivateKey = AsnParser.parse(asnPrivateKey.privateKey, core.asn1.EcPrivateKey);
+    const asnPrivateKey = AsnParser.parse(
+      baseKey.data,
+      core.asn1.PrivateKeyInfo
+    );
+    const asnEcPrivateKey = AsnParser.parse(
+      asnPrivateKey.privateKey,
+      core.asn1.EcPrivateKey
+    );
     ecdh.setPrivateKey(Buffer.from(asnEcPrivateKey.privateKey));
 
-    const asnPublicKey = AsnParser.parse((algorithm.public as CryptoKey).data, core.asn1.PublicKeyInfo);
+    const asnPublicKey = AsnParser.parse(
+      (algorithm.public as CryptoKey).data,
+      core.asn1.PublicKeyInfo
+    );
     const bits = ecdh.computeSecret(Buffer.from(asnPublicKey.publicKey));
 
+    if (length === null) {
+      return bits;
+    }
+
     return new Uint8Array(bits).buffer.slice(0, length >> 3);
   }
 
-  public static async exportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public static async exportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     switch (format.toLowerCase()) {
       case "jwk":
         return JsonSerializer.toJSON(key);
@@ -113,24 +162,49 @@ export class EcCrypto {
       case "spki":
         return new Uint8Array(key.data).buffer;
       case "raw": {
-        const publicKeyInfo = AsnParser.parse(key.data, core.asn1.PublicKeyInfo);
+        const publicKeyInfo = AsnParser.parse(
+          key.data,
+          core.asn1.PublicKeyInfo
+        );
         return publicKeyInfo.publicKey;
       }
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'raw', pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'raw', pkcs8' or 'spki'"
+        );
     }
   }
 
-  public static async importKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public static async importKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     switch (format.toLowerCase()) {
       case "jwk": {
         const jwk = keyData as JsonWebKey;
         if (jwk.d) {
-          const asnKey = JsonParser.fromJSON(keyData, { targetSchema: core.asn1.EcPrivateKey });
-          return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
+          const asnKey = JsonParser.fromJSON(keyData, {
+            targetSchema: core.asn1.EcPrivateKey,
+          });
+          return this.importPrivateKey(
+            asnKey,
+            algorithm,
+            extractable,
+            keyUsages
+          );
         } else {
-          const asnKey = JsonParser.fromJSON(keyData, { targetSchema: core.asn1.EcPublicKey });
-          return this.importPublicKey(asnKey, algorithm, extractable, keyUsages);
+          const asnKey = JsonParser.fromJSON(keyData, {
+            targetSchema: core.asn1.EcPublicKey,
+          });
+          return this.importPublicKey(
+            asnKey,
+            algorithm,
+            extractable,
+            keyUsages
+          );
         }
       }
       case "raw": {
@@ -138,43 +212,75 @@ export class EcCrypto {
         return this.importPublicKey(asnKey, algorithm, extractable, keyUsages);
       }
       case "spki": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PublicKeyInfo);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PublicKeyInfo
+        );
         const asnKey = new core.asn1.EcPublicKey(keyInfo.publicKey);
-        this.assertKeyParameters(keyInfo.publicKeyAlgorithm.parameters, algorithm.namedCurve);
+        this.assertKeyParameters(
+          keyInfo.publicKeyAlgorithm.parameters,
+          algorithm.namedCurve
+        );
         return this.importPublicKey(asnKey, algorithm, extractable, keyUsages);
       }
       case "pkcs8": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PrivateKeyInfo);
-        const asnKey = AsnParser.parse(keyInfo.privateKey, core.asn1.EcPrivateKey);
-        this.assertKeyParameters(keyInfo.privateKeyAlgorithm.parameters, algorithm.namedCurve);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PrivateKeyInfo
+        );
+        const asnKey = AsnParser.parse(
+          keyInfo.privateKey,
+          core.asn1.EcPrivateKey
+        );
+        this.assertKeyParameters(
+          keyInfo.privateKeyAlgorithm.parameters,
+          algorithm.namedCurve
+        );
         return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
       }
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'raw', 'pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'raw', 'pkcs8' or 'spki'"
+        );
     }
   }
 
-  protected static assertKeyParameters(parameters: ArrayBuffer | null | undefined, namedCurve: string) {
+  protected static assertKeyParameters(
+    parameters: ArrayBuffer | null | undefined,
+    namedCurve: string
+  ) {
     if (!parameters) {
       throw new core.CryptoError("Key info doesn't have required parameters");
     }
 
     let namedCurveIdentifier = "";
     try {
-      namedCurveIdentifier = AsnParser.parse(parameters, core.asn1.ObjectIdentifier).value;
+      namedCurveIdentifier = AsnParser.parse(
+        parameters,
+        core.asn1.ObjectIdentifier
+      ).value;
     } catch (e) {
       throw new core.CryptoError("Cannot read key info parameters");
     }
 
     if (getOidByNamedCurve(namedCurve) !== namedCurveIdentifier) {
-      throw new core.CryptoError("Key info parameter doesn't match to named curve");
+      throw new core.CryptoError(
+        "Key info parameter doesn't match to named curve"
+      );
     }
   }
 
-  protected static async importPrivateKey(asnKey: core.asn1.EcPrivateKey, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static async importPrivateKey(
+    asnKey: core.asn1.EcPrivateKey,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const keyInfo = new core.asn1.PrivateKeyInfo();
     keyInfo.privateKeyAlgorithm.algorithm = "1.2.840.10045.2.1";
-    keyInfo.privateKeyAlgorithm.parameters = AsnSerializer.serialize(new core.asn1.ObjectIdentifier(getOidByNamedCurve(algorithm.namedCurve)));
+    keyInfo.privateKeyAlgorithm.parameters = AsnSerializer.serialize(
+      new core.asn1.ObjectIdentifier(getOidByNamedCurve(algorithm.namedCurve))
+    );
     keyInfo.privateKey = AsnSerializer.serialize(asnKey);
 
     const key = new EcPrivateKey();
@@ -187,11 +293,18 @@ export class EcCrypto {
     return key;
   }
 
-  protected static async importPublicKey(asnKey: core.asn1.EcPublicKey, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static async importPublicKey(
+    asnKey: core.asn1.EcPublicKey,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const keyInfo = new core.asn1.PublicKeyInfo();
     keyInfo.publicKeyAlgorithm.algorithm = "1.2.840.10045.2.1";
     const namedCurve = getOidByNamedCurve(algorithm.namedCurve);
-    keyInfo.publicKeyAlgorithm.parameters = AsnSerializer.serialize(new core.asn1.ObjectIdentifier(namedCurve));
+    keyInfo.publicKeyAlgorithm.parameters = AsnSerializer.serialize(
+      new core.asn1.ObjectIdentifier(namedCurve)
+    );
     keyInfo.publicKey = asnKey.value;
 
     const key = new EcPublicKey();
@@ -218,5 +331,4 @@ export class EcCrypto {
         return curve;
     }
   }
-
 }

src/mechs/ec/ec_dh.ts

@@ -1,22 +1,26 @@
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { EcCrypto } from "./crypto";
 import { EcPrivateKey } from "./private_key";
 import { EcPublicKey } from "./public_key";
+import { CryptoKey } from "../../keys";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class EcdhProvider extends core.EcdhProvider {
-
   public override namedCurves = core.EcCurves.names;
 
-  public async onGenerateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await EcCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as CryptoKey),
@@ -24,26 +28,53 @@ export class EcdhProvider extends core.EcdhProvider {
     };
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return EcCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
-    const key = await EcCrypto.importKey(format, keyData, {...algorithm, name: this.name}, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
+    const key = await EcCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof EcPrivateKey || internalKey instanceof EcPublicKey)) {
+    if (
+      !(
+        internalKey instanceof EcPrivateKey ||
+        internalKey instanceof EcPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not EC CryptoKey");
     }
   }
 
-  public async onDeriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number): Promise<ArrayBuffer> {
-    const bits = await EcCrypto.deriveBits({...algorithm, public: getCryptoKey(algorithm.public)}, getCryptoKey(baseKey), length);
+  public async onDeriveBits(
+    algorithm: EcdhKeyDeriveParams,
+    baseKey: CryptoKey,
+    length: number
+  ): Promise<ArrayBuffer> {
+    const bits = await EcCrypto.deriveBits(
+      { ...algorithm, public: getCryptoKey(algorithm.public) },
+      getCryptoKey(baseKey),
+      length
+    );
     return bits;
   }
-
 }

src/mechs/ec/ec_dsa.ts

@@ -1,26 +1,37 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { EcCrypto } from "./crypto";
 import { EcPrivateKey } from "./private_key";
 import { EcPublicKey } from "./public_key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class EcdsaProvider extends core.EcdsaProvider {
-
   public override namedCurves = core.EcCurves.names;
 
   public override hashAlgorithms = [
-    "SHA-1", "SHA-256", "SHA-384", "SHA-512", 
-    "shake128", "shake256", 
-    "SHA3-256", "SHA3-384", "SHA3-512"];
+    "SHA-1",
+    "SHA-256",
+    "SHA-384",
+    "SHA-512",
+    "shake128",
+    "shake256",
+    "SHA3-256",
+    "SHA3-384",
+    "SHA3-512",
+  ];
 
-  public async onGenerateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await EcCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as EcPrivateKey),
@@ -28,29 +39,66 @@ export class EcdsaProvider extends core.EcdsaProvider {
     };
   }
 
-  public async onSign(algorithm: EcdsaParams, key: EcPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return EcCrypto.sign(algorithm, getCryptoKey(key) as EcPrivateKey, new Uint8Array(data));
+  public async onSign(
+    algorithm: EcdsaParams,
+    key: EcPrivateKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return EcCrypto.sign(
+      algorithm,
+      getCryptoKey(key) as EcPrivateKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onVerify(algorithm: EcdsaParams, key: EcPublicKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
-    return EcCrypto.verify(algorithm, getCryptoKey(key) as EcPublicKey, new Uint8Array(signature), new Uint8Array(data));
+  public async onVerify(
+    algorithm: EcdsaParams,
+    key: EcPublicKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
+    return EcCrypto.verify(
+      algorithm,
+      getCryptoKey(key) as EcPublicKey,
+      new Uint8Array(signature),
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return EcCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await EcCrypto.importKey(format, keyData, { ...algorithm, name: this.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await EcCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof EcPrivateKey || internalKey instanceof EcPublicKey)) {
+    if (
+      !(
+        internalKey instanceof EcPrivateKey ||
+        internalKey instanceof EcPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not EC CryptoKey");
     }
   }
-
 }

src/mechs/ec/helper.ts

@@ -15,40 +15,42 @@ const namedOIDs: { [key: string]: string } = {
   "K-256": "1.3.132.0.10",
 
   // brainpool
-  "brainpoolP160r1": "1.3.36.3.3.2.8.1.1.1",
+  brainpoolP160r1: "1.3.36.3.3.2.8.1.1.1",
   "1.3.36.3.3.2.8.1.1.1": "brainpoolP160r1",
-  "brainpoolP160t1": "1.3.36.3.3.2.8.1.1.2",
+  brainpoolP160t1: "1.3.36.3.3.2.8.1.1.2",
   "1.3.36.3.3.2.8.1.1.2": "brainpoolP160t1",
-  "brainpoolP192r1": "1.3.36.3.3.2.8.1.1.3",
+  brainpoolP192r1: "1.3.36.3.3.2.8.1.1.3",
   "1.3.36.3.3.2.8.1.1.3": "brainpoolP192r1",
-  "brainpoolP192t1": "1.3.36.3.3.2.8.1.1.4",
+  brainpoolP192t1: "1.3.36.3.3.2.8.1.1.4",
   "1.3.36.3.3.2.8.1.1.4": "brainpoolP192t1",
-  "brainpoolP224r1": "1.3.36.3.3.2.8.1.1.5",
+  brainpoolP224r1: "1.3.36.3.3.2.8.1.1.5",
   "1.3.36.3.3.2.8.1.1.5": "brainpoolP224r1",
-  "brainpoolP224t1": "1.3.36.3.3.2.8.1.1.6",
+  brainpoolP224t1: "1.3.36.3.3.2.8.1.1.6",
   "1.3.36.3.3.2.8.1.1.6": "brainpoolP224t1",
-  "brainpoolP256r1": "1.3.36.3.3.2.8.1.1.7",
+  brainpoolP256r1: "1.3.36.3.3.2.8.1.1.7",
   "1.3.36.3.3.2.8.1.1.7": "brainpoolP256r1",
-  "brainpoolP256t1": "1.3.36.3.3.2.8.1.1.8",
+  brainpoolP256t1: "1.3.36.3.3.2.8.1.1.8",
   "1.3.36.3.3.2.8.1.1.8": "brainpoolP256t1",
-  "brainpoolP320r1": "1.3.36.3.3.2.8.1.1.9",
+  brainpoolP320r1: "1.3.36.3.3.2.8.1.1.9",
   "1.3.36.3.3.2.8.1.1.9": "brainpoolP320r1",
-  "brainpoolP320t1": "1.3.36.3.3.2.8.1.1.10",
+  brainpoolP320t1: "1.3.36.3.3.2.8.1.1.10",
   "1.3.36.3.3.2.8.1.1.10": "brainpoolP320t1",
-  "brainpoolP384r1": "1.3.36.3.3.2.8.1.1.11",
+  brainpoolP384r1: "1.3.36.3.3.2.8.1.1.11",
   "1.3.36.3.3.2.8.1.1.11": "brainpoolP384r1",
-  "brainpoolP384t1": "1.3.36.3.3.2.8.1.1.12",
+  brainpoolP384t1: "1.3.36.3.3.2.8.1.1.12",
   "1.3.36.3.3.2.8.1.1.12": "brainpoolP384t1",
-  "brainpoolP512r1": "1.3.36.3.3.2.8.1.1.13",
+  brainpoolP512r1: "1.3.36.3.3.2.8.1.1.13",
   "1.3.36.3.3.2.8.1.1.13": "brainpoolP512r1",
-  "brainpoolP512t1": "1.3.36.3.3.2.8.1.1.14",
+  brainpoolP512t1: "1.3.36.3.3.2.8.1.1.14",
   "1.3.36.3.3.2.8.1.1.14": "brainpoolP512t1",
 };
 
 export function getNamedCurveByOid(oid: string) {
   const namedCurve = namedOIDs[oid];
   if (!namedCurve) {
-    throw new core.OperationError(`Cannot convert OID(${oid}) to WebCrypto named curve`);
+    throw new core.OperationError(
+      `Cannot convert OID(${oid}) to WebCrypto named curve`
+    );
   }
   return namedCurve;
 }
@@ -56,7 +58,9 @@ export function getNamedCurveByOid(oid: string) {
 export function getOidByNamedCurve(namedCurve: string) {
   const oid = namedOIDs[namedCurve];
   if (!oid) {
-    throw new core.OperationError(`Cannot convert WebCrypto named curve '${namedCurve}' to OID`);
+    throw new core.OperationError(
+      `Cannot convert WebCrypto named curve '${namedCurve}' to OID`
+    );
   }
   return oid;
 }

src/mechs/ec/private_key.ts

@@ -1,11 +1,16 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
-import { IJsonConvertible, JsonParser, JsonSerializer } from "@peculiar/json-schema";
+import {
+  IJsonConvertible,
+  JsonParser,
+  JsonSerializer,
+} from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys";
 import { getOidByNamedCurve } from "./helper";
+import { AsymmetricKey } from "../../keys";
 
 export class EcPrivateKey extends AsymmetricKey implements IJsonConvertible {
-  public readonly type: "private" = "private";
+  public readonly type = "private" as const;
   public override algorithm!: EcKeyAlgorithm;
 
   public getKey() {
@@ -28,20 +33,23 @@ export class EcPrivateKey extends AsymmetricKey implements IJsonConvertible {
 
   public fromJSON(json: JsonWebKey) {
     if (!json.crv) {
-      throw new core.OperationError(`Cannot get named curve from JWK. Property 'crv' is required`);
+      throw new core.OperationError(
+        `Cannot get named curve from JWK. Property 'crv' is required`
+      );
     }
 
     const keyInfo = new core.asn1.PrivateKeyInfo();
     keyInfo.privateKeyAlgorithm.algorithm = "1.2.840.10045.2.1";
     keyInfo.privateKeyAlgorithm.parameters = AsnSerializer.serialize(
-      new core.asn1.ObjectIdentifier(getOidByNamedCurve(json.crv)),
+      new core.asn1.ObjectIdentifier(getOidByNamedCurve(json.crv))
     );
-    const key = JsonParser.fromJSON(json, { targetSchema: core.asn1.EcPrivateKey });
+    const key = JsonParser.fromJSON(json, {
+      targetSchema: core.asn1.EcPrivateKey,
+    });
     keyInfo.privateKey = AsnSerializer.serialize(key);
 
     this.data = Buffer.from(AsnSerializer.serialize(keyInfo));
 
     return this;
   }
-
 }

src/mechs/ec/public_key.ts

@@ -1,12 +1,16 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
-import { IJsonConvertible, JsonParser, JsonSerializer } from "@peculiar/json-schema";
+import {
+  IJsonConvertible,
+  JsonParser,
+  JsonSerializer,
+} from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys/asymmetric";
 import { getOidByNamedCurve } from "./helper";
+import { AsymmetricKey } from "../../keys/asymmetric";
 
 export class EcPublicKey extends AsymmetricKey implements IJsonConvertible {
-
-  public readonly type: "public" = "public";
+  public readonly type = "public" as const;
   public override algorithm!: EcKeyAlgorithm;
 
   public getKey() {
@@ -29,17 +33,21 @@ export class EcPublicKey extends AsymmetricKey implements IJsonConvertible {
 
   public fromJSON(json: JsonWebKey) {
     if (!json.crv) {
-      throw new core.OperationError(`Cannot get named curve from JWK. Property 'crv' is required`);
+      throw new core.OperationError(
+        `Cannot get named curve from JWK. Property 'crv' is required`
+      );
     }
 
-    const key = JsonParser.fromJSON(json, { targetSchema: core.asn1.EcPublicKey });
+    const key = JsonParser.fromJSON(json, {
+      targetSchema: core.asn1.EcPublicKey,
+    });
 
     const keyInfo = new core.asn1.PublicKeyInfo();
     keyInfo.publicKeyAlgorithm.algorithm = "1.2.840.10045.2.1";
     keyInfo.publicKeyAlgorithm.parameters = AsnSerializer.serialize(
-      new core.asn1.ObjectIdentifier(getOidByNamedCurve(json.crv)),
+      new core.asn1.ObjectIdentifier(getOidByNamedCurve(json.crv))
     );
-    keyInfo.publicKey = AsnSerializer.toASN(key).valueHex;
+    keyInfo.publicKey = (AsnSerializer.toASN(key) as any).valueHex;
 
     this.data = Buffer.from(AsnSerializer.serialize(keyInfo));
 

src/mechs/ed/crypto.ts

@@ -1,27 +1,35 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import { AsnParser } from "@peculiar/asn1-schema";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import { Convert } from "pvtsutils";
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
 import { EdPrivateKey } from "./private_key";
 import { EdPublicKey } from "./public_key";
+import { CryptoKey } from "../../keys";
 
 export class EdCrypto {
-
   public static publicKeyUsages = ["verify"];
   public static privateKeyUsages = ["sign", "deriveKey", "deriveBits"];
 
-  public static async generateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public static async generateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const privateKey = new EdPrivateKey();
     privateKey.algorithm = algorithm;
     privateKey.extractable = extractable;
-    privateKey.usages = keyUsages.filter((usage) => this.privateKeyUsages.indexOf(usage) !== -1);
+    privateKey.usages = keyUsages.filter(
+      (usage) => this.privateKeyUsages.indexOf(usage) !== -1
+    );
 
     const publicKey = new EdPublicKey();
     publicKey.algorithm = algorithm;
     publicKey.extractable = true;
-    publicKey.usages = keyUsages.filter((usage) => this.publicKeyUsages.indexOf(usage) !== -1);
+    publicKey.usages = keyUsages.filter(
+      (usage) => this.publicKeyUsages.indexOf(usage) !== -1
+    );
 
     const type = algorithm.namedCurve.toLowerCase() as "x448"; // "x448" | "ed448" | "x25519" | "ed25519"
     const keys = crypto.generateKeyPairSync(type, {
@@ -46,9 +54,15 @@ export class EdCrypto {
     return res;
   }
 
-  public static async sign(algorithm: Algorithm, key: EdPrivateKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async sign(
+    algorithm: Algorithm,
+    key: EdPrivateKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     if (!key.pem) {
-      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString("base64")}\n-----END PRIVATE KEY-----`;
+      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PRIVATE KEY-----`;
     }
     const options = {
       key: key.pem,
@@ -58,18 +72,34 @@ export class EdCrypto {
     return core.BufferSourceConverter.toArrayBuffer(signature);
   }
 
-  public static async verify(algorithm: EcdsaParams, key: EdPublicKey, signature: Uint8Array, data: Uint8Array): Promise<boolean> {
+  public static async verify(
+    algorithm: EcdsaParams,
+    key: EdPublicKey,
+    signature: Uint8Array,
+    data: Uint8Array
+  ): Promise<boolean> {
     if (!key.pem) {
-      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString("base64")}\n-----END PUBLIC KEY-----`;
+      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PUBLIC KEY-----`;
     }
     const options = {
       key: key.pem,
     };
-    const ok = crypto.verify(null, Buffer.from(data), options, Buffer.from(signature));
+    const ok = crypto.verify(
+      null,
+      Buffer.from(data),
+      options,
+      Buffer.from(signature)
+    );
     return ok;
   }
 
-  public static async deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number): Promise<ArrayBuffer> {
+  public static async deriveBits(
+    algorithm: EcdhKeyDeriveParams,
+    baseKey: CryptoKey,
+    length: number
+  ): Promise<ArrayBuffer> {
     const publicKey = crypto.createPublicKey({
       key: (algorithm.public as CryptoKey).data,
       format: "der",
@@ -88,7 +118,10 @@ export class EdCrypto {
     return new Uint8Array(bits).buffer.slice(0, length >> 3);
   }
 
-  public static async exportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public static async exportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     switch (format.toLowerCase()) {
       case "jwk":
         return JsonSerializer.toJSON(key);
@@ -96,46 +129,95 @@ export class EdCrypto {
       case "spki":
         return new Uint8Array(key.data).buffer;
       case "raw": {
-        const publicKeyInfo = AsnParser.parse(key.data, core.asn1.PublicKeyInfo);
+        const publicKeyInfo = AsnParser.parse(
+          key.data,
+          core.asn1.PublicKeyInfo
+        );
         return publicKeyInfo.publicKey;
       }
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'raw', pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'raw', pkcs8' or 'spki'"
+        );
     }
   }
 
-  public static async importKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public static async importKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     switch (format.toLowerCase()) {
       case "jwk": {
         const jwk = keyData as JsonWebKey;
         if (jwk.d) {
-          const asnKey = JsonParser.fromJSON(keyData, { targetSchema: core.asn1.CurvePrivateKey });
-          return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
+          const asnKey = JsonParser.fromJSON(keyData, {
+            targetSchema: core.asn1.CurvePrivateKey,
+          });
+          return this.importPrivateKey(
+            asnKey,
+            algorithm,
+            extractable,
+            keyUsages
+          );
         } else {
           if (!jwk.x) {
             throw new TypeError("keyData: Cannot get required 'x' filed");
           }
-          return this.importPublicKey(Convert.FromBase64Url(jwk.x), algorithm, extractable, keyUsages);
+          return this.importPublicKey(
+            Convert.FromBase64Url(jwk.x),
+            algorithm,
+            extractable,
+            keyUsages
+          );
         }
       }
       case "raw": {
-        return this.importPublicKey(keyData as ArrayBuffer, algorithm, extractable, keyUsages);
+        return this.importPublicKey(
+          keyData as ArrayBuffer,
+          algorithm,
+          extractable,
+          keyUsages
+        );
       }
       case "spki": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PublicKeyInfo);
-        return this.importPublicKey(keyInfo.publicKey, algorithm, extractable, keyUsages);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PublicKeyInfo
+        );
+        return this.importPublicKey(
+          keyInfo.publicKey,
+          algorithm,
+          extractable,
+          keyUsages
+        );
       }
       case "pkcs8": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PrivateKeyInfo);
-        const asnKey = AsnParser.parse(keyInfo.privateKey, core.asn1.CurvePrivateKey);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PrivateKeyInfo
+        );
+        const asnKey = AsnParser.parse(
+          keyInfo.privateKey,
+          core.asn1.CurvePrivateKey
+        );
         return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
       }
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'raw', 'pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'raw', 'pkcs8' or 'spki'"
+        );
     }
   }
 
-  protected static importPrivateKey(asnKey: core.asn1.CurvePrivateKey, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static importPrivateKey(
+    asnKey: core.asn1.CurvePrivateKey,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const key = new EdPrivateKey();
     key.fromJSON({
       crv: algorithm.namedCurve,
@@ -149,7 +231,12 @@ export class EdCrypto {
     return key;
   }
 
-  protected static async importPublicKey(asnKey: ArrayBuffer, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static async importPublicKey(
+    asnKey: ArrayBuffer,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const key = new EdPublicKey();
     key.fromJSON({
       crv: algorithm.namedCurve,
@@ -162,5 +249,4 @@ export class EdCrypto {
 
     return key;
   }
-
 }

src/mechs/ed/ecdh_es.ts

@@ -1,18 +1,22 @@
 import * as core from "webcrypto-core";
+import { EdCrypto } from "./crypto";
 import { CryptoKey } from "../../keys";
 import { getCryptoKey, setCryptoKey } from "../storage";
-import { EdCrypto } from "./crypto";
 
 export class EcdhEsProvider extends core.EcdhEsProvider {
-  
-  public async onGenerateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await EdCrypto.generateKey(
       {
         name: this.name,
         namedCurve: algorithm.namedCurve.toUpperCase(),
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as CryptoKey),
@@ -20,18 +24,40 @@ export class EcdhEsProvider extends core.EcdhEsProvider {
     };
   }
 
-  public async onDeriveBits(algorithm: EcdhKeyDeriveParams, baseKey: core.CryptoKey, length: number): Promise<ArrayBuffer> {
-    const bits = await EdCrypto.deriveBits({...algorithm, public: getCryptoKey(algorithm.public)}, getCryptoKey(baseKey), length);
+  public async onDeriveBits(
+    algorithm: EcdhKeyDeriveParams,
+    baseKey: core.CryptoKey,
+    length: number
+  ): Promise<ArrayBuffer> {
+    const bits = await EdCrypto.deriveBits(
+      { ...algorithm, public: getCryptoKey(algorithm.public) },
+      getCryptoKey(baseKey),
+      length
+    );
     return bits;
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<ArrayBuffer | JsonWebKey> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<ArrayBuffer | JsonWebKey> {
     return EdCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: ArrayBuffer | JsonWebKey, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
-    const key = await EdCrypto.importKey(format, keyData, { ...algorithm, name: this.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: ArrayBuffer | JsonWebKey,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
+    const key = await EdCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
-
 }

src/mechs/ed/eddsa.ts

@@ -1,20 +1,24 @@
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
-import { getCryptoKey, setCryptoKey } from "../storage";
 import { EdCrypto } from "./crypto";
 import { EdPrivateKey } from "./private_key";
 import { EdPublicKey } from "./public_key";
+import { CryptoKey } from "../../keys";
+import { getCryptoKey, setCryptoKey } from "../storage";
 
 export class EdDsaProvider extends core.EdDsaProvider {
-
-  public async onGenerateKey(algorithm: EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: EcKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await EdCrypto.generateKey(
       {
         name: this.name,
         namedCurve: algorithm.namedCurve.replace(/^ed/i, "Ed"),
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as CryptoKey),
@@ -22,21 +26,53 @@ export class EdDsaProvider extends core.EdDsaProvider {
     };
   }
 
-  public async onSign(algorithm: EcdsaParams, key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return EdCrypto.sign(algorithm, getCryptoKey(key) as EdPrivateKey, new Uint8Array(data));
+  public async onSign(
+    algorithm: EcdsaParams,
+    key: CryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return EdCrypto.sign(
+      algorithm,
+      getCryptoKey(key) as EdPrivateKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onVerify(algorithm: EcdsaParams, key: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
-    return EdCrypto.verify(algorithm, getCryptoKey(key) as EdPublicKey, new Uint8Array(signature), new Uint8Array(data));
+  public async onVerify(
+    algorithm: EcdsaParams,
+    key: CryptoKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
+    return EdCrypto.verify(
+      algorithm,
+      getCryptoKey(key) as EdPublicKey,
+      new Uint8Array(signature),
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<ArrayBuffer | JsonWebKey> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<ArrayBuffer | JsonWebKey> {
     return EdCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: ArrayBuffer | JsonWebKey, algorithm: EcKeyImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<core.CryptoKey> {
-    const key = await EdCrypto.importKey(format, keyData, { ...algorithm, name: this.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: ArrayBuffer | JsonWebKey,
+    algorithm: EcKeyImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<core.CryptoKey> {
+    const key = await EdCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
-
 }

src/mechs/ed/helper.ts

@@ -3,22 +3,24 @@ import * as core from "webcrypto-core";
 const edOIDs: { [key: string]: string } = {
   // Ed448
   [core.asn1.idEd448]: "Ed448",
-  "ed448": core.asn1.idEd448,
+  ed448: core.asn1.idEd448,
   // X448
   [core.asn1.idX448]: "X448",
-  "x448": core.asn1.idX448,
+  x448: core.asn1.idX448,
   // Ed25519
   [core.asn1.idEd25519]: "Ed25519",
-  "ed25519": core.asn1.idEd25519,
+  ed25519: core.asn1.idEd25519,
   // X25519
   [core.asn1.idX25519]: "X25519",
-  "x25519": core.asn1.idX25519,
+  x25519: core.asn1.idX25519,
 };
 
 export function getNamedCurveByOid(oid: string) {
   const namedCurve = edOIDs[oid];
   if (!namedCurve) {
-    throw new core.OperationError(`Cannot convert OID(${oid}) to WebCrypto named curve`);
+    throw new core.OperationError(
+      `Cannot convert OID(${oid}) to WebCrypto named curve`
+    );
   }
   return namedCurve;
 }
@@ -26,7 +28,9 @@ export function getNamedCurveByOid(oid: string) {
 export function getOidByNamedCurve(namedCurve: string) {
   const oid = edOIDs[namedCurve.toLowerCase()];
   if (!oid) {
-    throw new core.OperationError(`Cannot convert WebCrypto named curve '${namedCurve}' to OID`);
+    throw new core.OperationError(
+      `Cannot convert WebCrypto named curve '${namedCurve}' to OID`
+    );
   }
   return oid;
 }

src/mechs/ed/private_key.ts

@@ -1,11 +1,16 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
-import { IJsonConvertible, JsonParser, JsonSerializer } from "@peculiar/json-schema";
+import {
+  IJsonConvertible,
+  JsonParser,
+  JsonSerializer,
+} from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys";
 import { getOidByNamedCurve } from "./helper";
+import { AsymmetricKey } from "../../keys";
 
 export class EdPrivateKey extends AsymmetricKey implements IJsonConvertible {
-  public readonly type: "private" = "private";
+  public readonly type = "private" as const;
   public override algorithm!: EcKeyAlgorithm;
 
   public getKey() {
@@ -28,17 +33,20 @@ export class EdPrivateKey extends AsymmetricKey implements IJsonConvertible {
 
   public fromJSON(json: JsonWebKey) {
     if (!json.crv) {
-      throw new core.OperationError(`Cannot get named curve from JWK. Property 'crv' is required`);
+      throw new core.OperationError(
+        `Cannot get named curve from JWK. Property 'crv' is required`
+      );
     }
 
     const keyInfo = new core.asn1.PrivateKeyInfo();
     keyInfo.privateKeyAlgorithm.algorithm = getOidByNamedCurve(json.crv);
-    const key = JsonParser.fromJSON(json, { targetSchema: core.asn1.CurvePrivateKey });
+    const key = JsonParser.fromJSON(json, {
+      targetSchema: core.asn1.CurvePrivateKey,
+    });
     keyInfo.privateKey = AsnSerializer.serialize(key);
 
     this.data = Buffer.from(AsnSerializer.serialize(keyInfo));
 
     return this;
   }
-
 }

src/mechs/ed/public_key.ts

@@ -1,13 +1,13 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
 import { IJsonConvertible } from "@peculiar/json-schema";
 import { Convert } from "pvtsutils";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys/asymmetric";
 import { getOidByNamedCurve } from "./helper";
+import { AsymmetricKey } from "../../keys/asymmetric";
 
 export class EdPublicKey extends AsymmetricKey implements IJsonConvertible {
-
-  public readonly type: "public" = "public";
+  public readonly type = "public" as const;
   public override algorithm!: EcKeyAlgorithm;
 
   public getKey() {
@@ -26,16 +26,20 @@ export class EdPublicKey extends AsymmetricKey implements IJsonConvertible {
     };
 
     return Object.assign(json, {
-      x: Convert.ToBase64Url(key)
+      x: Convert.ToBase64Url(key),
     });
   }
 
   public fromJSON(json: JsonWebKey) {
     if (!json.crv) {
-      throw new core.OperationError(`Cannot get named curve from JWK. Property 'crv' is required`);
+      throw new core.OperationError(
+        `Cannot get named curve from JWK. Property 'crv' is required`
+      );
     }
     if (!json.x) {
-      throw new core.OperationError(`Cannot get property from JWK. Property 'x' is required`);
+      throw new core.OperationError(
+        `Cannot get property from JWK. Property 'x' is required`
+      );
     }
 
     const keyInfo = new core.asn1.PublicKeyInfo();

src/mechs/hkdf/hkdf.ts

@@ -1,12 +1,18 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import * as core from "webcrypto-core";
 import { BufferSourceConverter, CryptoKey } from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { HkdfCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class HkdfProvider extends core.HkdfProvider {
-
-  public async onImportKey(format: KeyFormat, keyData: ArrayBuffer, algorithm: HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: ArrayBuffer,
+    algorithm: HmacImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     if (format.toLowerCase() !== "raw") {
       throw new core.OperationError("Operation not supported");
     }
@@ -19,14 +25,19 @@ export class HkdfProvider extends core.HkdfProvider {
     return setCryptoKey(key);
   }
 
-  public async onDeriveBits(params: HkdfParams, baseKey: HkdfCryptoKey, length: number): Promise<ArrayBuffer> {
+  public async onDeriveBits(
+    params: HkdfParams,
+    baseKey: HkdfCryptoKey,
+    length: number
+  ): Promise<ArrayBuffer> {
     const hash = (params.hash as Algorithm).name.replace("-", "");
     const hashLength = crypto.createHash(hash).digest().length;
 
     const byteLength = length / 8;
     const info = BufferSourceConverter.toUint8Array(params.info);
 
-    const PRK = crypto.createHmac(hash, BufferSourceConverter.toUint8Array(params.salt))
+    const PRK = crypto
+      .createHmac(hash, BufferSourceConverter.toUint8Array(params.salt))
       .update(BufferSourceConverter.toUint8Array(getCryptoKey(baseKey).data))
       .digest();
 
@@ -34,9 +45,10 @@ export class HkdfProvider extends core.HkdfProvider {
     const blockCount = Math.ceil(byteLength / hashLength) + 1; // Includes empty buffer
     for (let i = 1; i < blockCount; ++i) {
       blocks.push(
-          crypto.createHmac(hash, PRK)
+        crypto
+          .createHmac(hash, PRK)
           .update(Buffer.concat([blocks[i - 1], info, Buffer.from([i])]))
-            .digest(),
+          .digest()
       );
     }
 
@@ -49,5 +61,4 @@ export class HkdfProvider extends core.HkdfProvider {
       throw new TypeError("key: Is not HKDF CryptoKey");
     }
   }
-
 }

src/mechs/hkdf/key.ts

@@ -1,7 +1,6 @@
 import { CryptoKey } from "../../keys";
 
 export class HkdfCryptoKey extends CryptoKey {
-
   public override data!: Buffer;
 
   public override algorithm!: KeyAlgorithm;

src/mechs/hmac/hmac.ts

@@ -1,17 +1,25 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
+import { HmacCryptoKey } from "./key";
 import { ShaCrypto } from "../sha";
 import { setCryptoKey, getCryptoKey } from "../storage";
-import { HmacCryptoKey } from "./key";
 
 export class HmacProvider extends core.HmacProvider {
-
-  public async onGenerateKey(algorithm: HmacKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const length = (algorithm.length || this.getDefaultLength((algorithm.hash as Algorithm).name)) >> 3 << 3;
+  public async onGenerateKey(
+    algorithm: HmacKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const length =
+      ((algorithm.length ||
+        this.getDefaultLength((algorithm.hash as Algorithm).name)) >>
+        3) <<
+      3;
     const key = new HmacCryptoKey();
     key.algorithm = {
-      ...algorithm as any,
+      ...(algorithm as any),
       length,
       name: this.name,
     };
@@ -22,23 +30,42 @@ export class HmacProvider extends core.HmacProvider {
     return setCryptoKey(key);
   }
 
-  public override async onSign(algorithm: Algorithm, key: HmacCryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onSign(
+    algorithm: Algorithm,
+    key: HmacCryptoKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const cryptoAlg = ShaCrypto.getAlgorithmName(key.algorithm.hash);
-    const hmac = crypto.createHmac(cryptoAlg, getCryptoKey(key).data)
-      .update(Buffer.from(data)).digest();
+    const hmac = crypto
+      .createHmac(cryptoAlg, getCryptoKey(key).data)
+      .update(Buffer.from(data))
+      .digest();
 
     return new Uint8Array(hmac).buffer;
   }
 
-  public override async onVerify(algorithm: Algorithm, key: HmacCryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
+  public override async onVerify(
+    algorithm: Algorithm,
+    key: HmacCryptoKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
     const cryptoAlg = ShaCrypto.getAlgorithmName(key.algorithm.hash);
-    const hmac = crypto.createHmac(cryptoAlg, getCryptoKey(key).data)
-      .update(Buffer.from(data)).digest();
+    const hmac = crypto
+      .createHmac(cryptoAlg, getCryptoKey(key).data)
+      .update(Buffer.from(data))
+      .digest();
 
     return hmac.compare(Buffer.from(signature)) === 0;
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: HmacImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     let key: HmacCryptoKey;
 
     switch (format.toLowerCase()) {
@@ -64,7 +91,10 @@ export class HmacProvider extends core.HmacProvider {
     return setCryptoKey(key);
   }
 
-  public async onExportKey(format: KeyFormat, key: HmacCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: HmacCryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     switch (format.toLowerCase()) {
       case "jwk":
         return JsonSerializer.toJSON(getCryptoKey(key));
@@ -81,5 +111,4 @@ export class HmacProvider extends core.HmacProvider {
       throw new TypeError("key: Is not HMAC CryptoKey");
     }
   }
-
 }

src/mechs/hmac/key.ts

@@ -3,7 +3,6 @@ import { JsonBase64UrlConverter } from "../../converters";
 import { CryptoKey } from "../../keys";
 
 export class HmacCryptoKey extends CryptoKey {
-
   @JsonProp({ name: "k", converter: JsonBase64UrlConverter })
   public override data!: Buffer;
 
@@ -19,5 +18,4 @@ export class HmacCryptoKey extends CryptoKey {
   protected override set alg(value: string) {
     // nothing, cause set is needed for json-schema, but is not used by module
   }
-
 }

src/mechs/pbkdf/key.ts

@@ -1,4 +1,3 @@
 import { CryptoKey } from "../../keys";
 
-export class PbkdfCryptoKey extends CryptoKey {
-}
+export class PbkdfCryptoKey extends CryptoKey {}

src/mechs/pbkdf/pbkdf2.ts

@@ -1,25 +1,42 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { PbkdfCryptoKey } from "./key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class Pbkdf2Provider extends core.Pbkdf2Provider {
-
-  public async onDeriveBits(algorithm: Pbkdf2Params, baseKey: PbkdfCryptoKey, length: number): Promise<ArrayBuffer> {
+  public async onDeriveBits(
+    algorithm: Pbkdf2Params,
+    baseKey: PbkdfCryptoKey,
+    length: number
+  ): Promise<ArrayBuffer> {
     return new Promise<ArrayBuffer>((resolve, reject) => {
       const salt = core.BufferSourceConverter.toArrayBuffer(algorithm.salt);
       const hash = (algorithm.hash as Algorithm).name.replace("-", "");
-      crypto.pbkdf2(getCryptoKey(baseKey).data, Buffer.from(salt), algorithm.iterations, length >> 3, hash, (err, derivedBits) => {
+      crypto.pbkdf2(
+        getCryptoKey(baseKey).data,
+        Buffer.from(salt),
+        algorithm.iterations,
+        length >> 3,
+        hash,
+        (err, derivedBits) => {
           if (err) {
             reject(err);
           } else {
             resolve(new Uint8Array(derivedBits).buffer);
           }
-      });
+        }
+      );
     });
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: Algorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     if (format === "raw") {
       const key = new PbkdfCryptoKey();
       key.data = Buffer.from(keyData as ArrayBuffer);
@@ -37,5 +54,4 @@ export class Pbkdf2Provider extends core.Pbkdf2Provider {
       throw new TypeError("key: Is not PBKDF CryptoKey");
     }
   }
-
 }

src/mechs/rsa/crypto.ts

@@ -1,10 +1,11 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { CryptoKey } from "../../keys";
 import { RsaPrivateKey } from "./private_key";
 import { RsaPublicKey } from "./public_key";
+import { CryptoKey } from "../../keys";
 
 interface INodeCryptoSignOptions {
   key: string;
@@ -14,20 +15,27 @@ interface INodeCryptoSignOptions {
 }
 
 export class RsaCrypto {
-
   public static publicKeyUsages = ["verify", "encrypt", "wrapKey"];
   public static privateKeyUsages = ["sign", "decrypt", "unwrapKey"];
 
-  public static async generateKey(algorithm: RsaHashedKeyGenParams | RsaKeyGenParams, extractable: boolean, keyUsages: string[]): Promise<CryptoKeyPair> {
+  public static async generateKey(
+    algorithm: RsaHashedKeyGenParams | RsaKeyGenParams,
+    extractable: boolean,
+    keyUsages: string[]
+  ): Promise<CryptoKeyPair> {
     const privateKey = new RsaPrivateKey();
     privateKey.algorithm = algorithm as RsaHashedKeyAlgorithm;
     privateKey.extractable = extractable;
-    privateKey.usages = keyUsages.filter((usage) => this.privateKeyUsages.indexOf(usage) !== -1) as KeyUsage[];
+    privateKey.usages = keyUsages.filter(
+      (usage) => this.privateKeyUsages.indexOf(usage) !== -1
+    ) as KeyUsage[];
 
     const publicKey = new RsaPublicKey();
     publicKey.algorithm = algorithm as RsaHashedKeyAlgorithm;
     publicKey.extractable = true;
-    publicKey.usages = keyUsages.filter((usage) => this.publicKeyUsages.indexOf(usage) !== -1) as KeyUsage[];
+    publicKey.usages = keyUsages.filter(
+      (usage) => this.publicKeyUsages.indexOf(usage) !== -1
+    ) as KeyUsage[];
 
     const publicExponent = Buffer.concat([
       Buffer.alloc(4 - algorithm.publicExponent.byteLength, 0),
@@ -58,7 +66,10 @@ export class RsaCrypto {
     return res;
   }
 
-  public static async exportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public static async exportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     switch (format.toLowerCase()) {
       case "jwk":
         return JsonSerializer.toJSON(key);
@@ -66,38 +77,78 @@ export class RsaCrypto {
       case "spki":
         return new Uint8Array(key.data).buffer;
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'pkcs8' or 'spki'"
+        );
     }
   }
 
-  public static async importKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
+  public static async importKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
     switch (format.toLowerCase()) {
       case "jwk": {
         const jwk = keyData as JsonWebKey;
         if (jwk.d) {
-          const asnKey = JsonParser.fromJSON(keyData, { targetSchema: core.asn1.RsaPrivateKey });
-          return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
+          const asnKey = JsonParser.fromJSON(keyData, {
+            targetSchema: core.asn1.RsaPrivateKey,
+          });
+          return this.importPrivateKey(
+            asnKey,
+            algorithm,
+            extractable,
+            keyUsages
+          );
         } else {
-          const asnKey = JsonParser.fromJSON(keyData, { targetSchema: core.asn1.RsaPublicKey });
-          return this.importPublicKey(asnKey, algorithm, extractable, keyUsages);
+          const asnKey = JsonParser.fromJSON(keyData, {
+            targetSchema: core.asn1.RsaPublicKey,
+          });
+          return this.importPublicKey(
+            asnKey,
+            algorithm,
+            extractable,
+            keyUsages
+          );
         }
       }
       case "spki": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PublicKeyInfo);
-        const asnKey = AsnParser.parse(keyInfo.publicKey, core.asn1.RsaPublicKey);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PublicKeyInfo
+        );
+        const asnKey = AsnParser.parse(
+          keyInfo.publicKey,
+          core.asn1.RsaPublicKey
+        );
         return this.importPublicKey(asnKey, algorithm, extractable, keyUsages);
       }
       case "pkcs8": {
-        const keyInfo = AsnParser.parse(new Uint8Array(keyData as ArrayBuffer), core.asn1.PrivateKeyInfo);
-        const asnKey = AsnParser.parse(keyInfo.privateKey, core.asn1.RsaPrivateKey);
+        const keyInfo = AsnParser.parse(
+          new Uint8Array(keyData as ArrayBuffer),
+          core.asn1.PrivateKeyInfo
+        );
+        const asnKey = AsnParser.parse(
+          keyInfo.privateKey,
+          core.asn1.RsaPrivateKey
+        );
         return this.importPrivateKey(asnKey, algorithm, extractable, keyUsages);
       }
       default:
-        throw new core.OperationError("format: Must be 'jwk', 'pkcs8' or 'spki'");
+        throw new core.OperationError(
+          "format: Must be 'jwk', 'pkcs8' or 'spki'"
+        );
     }
   }
 
-  public static async sign(algorithm: Algorithm, key: RsaPrivateKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async sign(
+    algorithm: Algorithm,
+    key: RsaPrivateKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     switch (algorithm.name.toUpperCase()) {
       case "RSA-PSS":
       case "RSASSA-PKCS1-V1_5":
@@ -107,7 +158,12 @@ export class RsaCrypto {
     }
   }
 
-  public static async verify(algorithm: Algorithm, key: RsaPublicKey, signature: Uint8Array, data: Uint8Array): Promise<boolean> {
+  public static async verify(
+    algorithm: Algorithm,
+    key: RsaPublicKey,
+    signature: Uint8Array,
+    data: Uint8Array
+  ): Promise<boolean> {
     switch (algorithm.name.toUpperCase()) {
       case "RSA-PSS":
       case "RSASSA-PKCS1-V1_5":
@@ -117,7 +173,11 @@ export class RsaCrypto {
     }
   }
 
-  public static async encrypt(algorithm: RsaOaepParams, key: RsaPublicKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async encrypt(
+    algorithm: RsaOaepParams,
+    key: RsaPublicKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     switch (algorithm.name.toUpperCase()) {
       case "RSA-OAEP":
         return this.encryptOAEP(algorithm, key, data);
@@ -126,7 +186,11 @@ export class RsaCrypto {
     }
   }
 
-  public static async decrypt(algorithm: RsaOaepParams, key: RsaPrivateKey, data: Uint8Array): Promise<ArrayBuffer> {
+  public static async decrypt(
+    algorithm: RsaOaepParams,
+    key: RsaPrivateKey,
+    data: Uint8Array
+  ): Promise<ArrayBuffer> {
     switch (algorithm.name.toUpperCase()) {
       case "RSA-OAEP":
         return this.decryptOAEP(algorithm, key, data);
@@ -135,7 +199,12 @@ export class RsaCrypto {
     }
   }
 
-  protected static importPrivateKey(asnKey: core.asn1.RsaPrivateKey, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static importPrivateKey(
+    asnKey: core.asn1.RsaPrivateKey,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const keyInfo = new core.asn1.PrivateKeyInfo();
     keyInfo.privateKeyAlgorithm.algorithm = "1.2.840.113549.1.1.1";
     keyInfo.privateKeyAlgorithm.parameters = null;
@@ -153,7 +222,12 @@ export class RsaCrypto {
     return key;
   }
 
-  protected static importPublicKey(asnKey: core.asn1.RsaPublicKey, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]) {
+  protected static importPublicKey(
+    asnKey: core.asn1.RsaPublicKey,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ) {
     const keyInfo = new core.asn1.PublicKeyInfo();
     keyInfo.publicKeyAlgorithm.algorithm = "1.2.840.113549.1.1.1";
     keyInfo.publicKeyAlgorithm.parameters = null;
@@ -192,13 +266,19 @@ export class RsaCrypto {
     }
   }
 
-  protected static signRsa(algorithm: Algorithm, key: RsaPrivateKey, data: Uint8Array) {
+  protected static signRsa(
+    algorithm: Algorithm,
+    key: RsaPrivateKey,
+    data: Uint8Array
+  ) {
     const cryptoAlg = this.getCryptoAlgorithm(key.algorithm);
     const signer = crypto.createSign(cryptoAlg);
     signer.update(Buffer.from(data));
 
     if (!key.pem) {
-      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString("base64")}\n-----END PRIVATE KEY-----`;
+      key.pem = `-----BEGIN PRIVATE KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PRIVATE KEY-----`;
     }
     const options: INodeCryptoSignOptions = {
       key: key.pem,
@@ -212,13 +292,20 @@ export class RsaCrypto {
     return new Uint8Array(signature).buffer;
   }
 
-  protected static verifySSA(algorithm: Algorithm, key: RsaPublicKey, data: Uint8Array, signature: Uint8Array) {
+  protected static verifySSA(
+    algorithm: Algorithm,
+    key: RsaPublicKey,
+    data: Uint8Array,
+    signature: Uint8Array
+  ) {
     const cryptoAlg = this.getCryptoAlgorithm(key.algorithm);
     const signer = crypto.createVerify(cryptoAlg);
     signer.update(Buffer.from(data));
 
     if (!key.pem) {
-      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString("base64")}\n-----END PUBLIC KEY-----`;
+      key.pem = `-----BEGIN PUBLIC KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PUBLIC KEY-----`;
     }
     const options: INodeCryptoSignOptions = {
       key: key.pem,
@@ -232,9 +319,15 @@ export class RsaCrypto {
     return ok;
   }
 
-  protected static encryptOAEP(algorithm: RsaOaepParams, key: RsaPublicKey, data: Uint8Array) {
+  protected static encryptOAEP(
+    algorithm: RsaOaepParams,
+    key: RsaPublicKey,
+    data: Uint8Array
+  ) {
     const options: crypto.RsaPublicKey = {
-      key: `-----BEGIN PUBLIC KEY-----\n${key.data.toString("base64")}\n-----END PUBLIC KEY-----`,
+      key: `-----BEGIN PUBLIC KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PUBLIC KEY-----`,
       padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
     };
     if (algorithm.label) {
@@ -244,9 +337,15 @@ export class RsaCrypto {
     return new Uint8Array(crypto.publicEncrypt(options, data)).buffer;
   }
 
-  protected static decryptOAEP(algorithm: RsaOaepParams, key: RsaPrivateKey, data: Uint8Array) {
+  protected static decryptOAEP(
+    algorithm: RsaOaepParams,
+    key: RsaPrivateKey,
+    data: Uint8Array
+  ) {
     const options: crypto.RsaPrivateKey = {
-      key: `-----BEGIN PRIVATE KEY-----\n${key.data.toString("base64")}\n-----END PRIVATE KEY-----`,
+      key: `-----BEGIN PRIVATE KEY-----\n${key.data.toString(
+        "base64"
+      )}\n-----END PRIVATE KEY-----`,
       padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
     };
     if (algorithm.label) {
@@ -255,5 +354,4 @@ export class RsaCrypto {
 
     return new Uint8Array(crypto.privateDecrypt(options, data)).buffer;
   }
-
 }

src/mechs/rsa/private_key.ts

@@ -1,11 +1,12 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys";
 import { getJwkAlgorithm } from "./helper";
+import { AsymmetricKey } from "../../keys";
 
 export class RsaPrivateKey extends AsymmetricKey {
-  public readonly type: "private" = "private";
+  public readonly type = "private" as const;
   public override algorithm!: RsaHashedKeyAlgorithm;
 
   public getKey() {
@@ -27,7 +28,9 @@ export class RsaPrivateKey extends AsymmetricKey {
   }
 
   public fromJSON(json: JsonWebKey) {
-    const key = JsonParser.fromJSON(json, { targetSchema: core.asn1.RsaPrivateKey });
+    const key = JsonParser.fromJSON(json, {
+      targetSchema: core.asn1.RsaPrivateKey,
+    });
 
     const keyInfo = new core.asn1.PrivateKeyInfo();
     keyInfo.privateKeyAlgorithm.algorithm = "1.2.840.113549.1.1.1";
@@ -36,5 +39,4 @@ export class RsaPrivateKey extends AsymmetricKey {
 
     this.data = Buffer.from(AsnSerializer.serialize(keyInfo));
   }
-
 }

src/mechs/rsa/public_key.ts

@@ -1,11 +1,12 @@
+import { Buffer } from "buffer";
 import { AsnParser, AsnSerializer } from "@peculiar/asn1-schema";
 import { JsonParser, JsonSerializer } from "@peculiar/json-schema";
 import * as core from "webcrypto-core";
-import { AsymmetricKey } from "../../keys/asymmetric";
 import { getJwkAlgorithm } from "./helper";
+import { AsymmetricKey } from "../../keys/asymmetric";
 
 export class RsaPublicKey extends AsymmetricKey {
-  public readonly type: "public" = "public";
+  public readonly type = "public" as const;
   public override algorithm!: RsaHashedKeyAlgorithm;
 
   public getKey() {
@@ -27,7 +28,9 @@ export class RsaPublicKey extends AsymmetricKey {
   }
 
   public fromJSON(json: JsonWebKey) {
-    const key = JsonParser.fromJSON(json, { targetSchema: core.asn1.RsaPublicKey });
+    const key = JsonParser.fromJSON(json, {
+      targetSchema: core.asn1.RsaPublicKey,
+    });
 
     const keyInfo = new core.asn1.PublicKeyInfo();
     keyInfo.publicKeyAlgorithm.algorithm = "1.2.840.113549.1.1.1";

src/mechs/rsa/rsa_es.ts

@@ -1,27 +1,31 @@
 import * as crypto from "crypto";
 import { Convert } from "pvtsutils";
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { RsaCrypto } from "./crypto";
 import { RsaPrivateKey } from "./private_key";
 import { RsaPublicKey } from "./public_key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class RsaEsProvider extends core.ProviderCrypto {
-
   public name = "RSAES-PKCS1-v1_5";
   public usages = {
     publicKey: ["encrypt", "wrapKey"] as core.KeyUsages,
     privateKey: ["decrypt", "unwrapKey"] as core.KeyUsages,
   };
 
-  public override async onGenerateKey(algorithm: RsaKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public override async onGenerateKey(
+    algorithm: RsaKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await RsaCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as RsaPrivateKey),
@@ -32,7 +36,12 @@ export class RsaEsProvider extends core.ProviderCrypto {
   public override checkGenerateKeyParams(algorithm: RsaKeyGenParams) {
     // public exponent
     this.checkRequiredProperty(algorithm, "publicExponent");
-    if (!(algorithm.publicExponent && algorithm.publicExponent instanceof Uint8Array)) {
+    if (
+      !(
+        algorithm.publicExponent &&
+        algorithm.publicExponent instanceof Uint8Array
+      )
+    ) {
       throw new TypeError("publicExponent: Missing or not a Uint8Array");
     }
     const publicExponent = Convert.ToBase64(algorithm.publicExponent);
@@ -52,31 +61,59 @@ export class RsaEsProvider extends core.ProviderCrypto {
     }
   }
 
-  public override async onEncrypt(algorithm: Algorithm, key: RsaPublicKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onEncrypt(
+    algorithm: Algorithm,
+    key: RsaPublicKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const options = this.toCryptoOptions(key);
     const enc = crypto.publicEncrypt(options, new Uint8Array(data));
     return new Uint8Array(enc).buffer;
   }
 
-  public override async onDecrypt(algorithm: Algorithm, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDecrypt(
+    algorithm: Algorithm,
+    key: RsaPrivateKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const options = this.toCryptoOptions(key);
     const dec = crypto.privateDecrypt(options, new Uint8Array(data));
     return new Uint8Array(dec).buffer;
   }
 
-  public override async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public override async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return RsaCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public override async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await RsaCrypto.importKey(format, keyData, { ...algorithm, name: this.name }, extractable, keyUsages);
+  public override async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await RsaCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof RsaPrivateKey || internalKey instanceof RsaPublicKey)) {
+    if (
+      !(
+        internalKey instanceof RsaPrivateKey ||
+        internalKey instanceof RsaPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not RSA CryptoKey");
     }
   }
@@ -86,7 +123,9 @@ export class RsaEsProvider extends core.ProviderCrypto {
   private toCryptoOptions(key: RsaPrivateKey | RsaPublicKey) {
     const type = key.type.toUpperCase();
     return {
-      key: `-----BEGIN ${type} KEY-----\n${getCryptoKey(key).data.toString("base64")}\n-----END ${type} KEY-----`,
+      key: `-----BEGIN ${type} KEY-----\n${getCryptoKey(key).data.toString(
+        "base64"
+      )}\n-----END ${type} KEY-----`,
       padding: crypto.constants.RSA_PKCS1_PADDING,
     };
   }

src/mechs/rsa/rsa_oaep.ts

@@ -1,10 +1,11 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import * as core from "webcrypto-core";
-import { ShaCrypto } from "../sha/crypto";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { RsaCrypto } from "./crypto";
 import { RsaPrivateKey } from "./private_key";
 import { RsaPublicKey } from "./public_key";
+import { ShaCrypto } from "../sha/crypto";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 /**
  * Source code for decrypt, encrypt, mgf1 functions is from asmcrypto module
@@ -14,15 +15,19 @@ import { RsaPublicKey } from "./public_key";
  */
 
 export class RsaOaepProvider extends core.RsaOaepProvider {
-
-  public async onGenerateKey(algorithm: RsaHashedKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: RsaHashedKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await RsaCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as RsaPrivateKey),
@@ -30,7 +35,11 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
     };
   }
 
-  public async onEncrypt(algorithm: RsaOaepParams, key: RsaPublicKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public async onEncrypt(
+    algorithm: RsaOaepParams,
+    key: RsaPublicKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const internalKey = getCryptoKey(key) as RsaPublicKey;
     const dataView = new Uint8Array(data);
     const keySize = Math.ceil(internalKey.algorithm.modulusLength >> 3);
@@ -48,37 +57,59 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
 
     dataBlock.set(dataView, hashSize + psLength + 1);
 
-    const labelHash = crypto.createHash(internalKey.algorithm.hash.name.replace("-", ""))
-      .update(core.BufferSourceConverter.toUint8Array(algorithm.label || new Uint8Array(0)))
+    const labelHash = crypto
+      .createHash(internalKey.algorithm.hash.name.replace("-", ""))
+      .update(
+        core.BufferSourceConverter.toUint8Array(
+          algorithm.label || new Uint8Array(0)
+        )
+      )
       .digest();
     dataBlock.set(labelHash, 0);
     dataBlock[hashSize + psLength] = 1;
 
     crypto.randomFillSync(seed);
 
-    const dataBlockMask = this.mgf1(internalKey.algorithm.hash, seed, dataBlock.length);
+    const dataBlockMask = this.mgf1(
+      internalKey.algorithm.hash,
+      seed,
+      dataBlock.length
+    );
     for (let i = 0; i < dataBlock.length; i++) {
       dataBlock[i] ^= dataBlockMask[i];
     }
 
-    const seedMask = this.mgf1(internalKey.algorithm.hash, dataBlock, seed.length);
+    const seedMask = this.mgf1(
+      internalKey.algorithm.hash,
+      dataBlock,
+      seed.length
+    );
     for (let i = 0; i < seed.length; i++) {
       seed[i] ^= seedMask[i];
     }
 
     if (!internalKey.pem) {
-      internalKey.pem = `-----BEGIN PUBLIC KEY-----\n${internalKey.data.toString("base64")}\n-----END PUBLIC KEY-----`;
+      internalKey.pem = `-----BEGIN PUBLIC KEY-----\n${internalKey.data.toString(
+        "base64"
+      )}\n-----END PUBLIC KEY-----`;
     }
 
-    const pkcs0 = crypto.publicEncrypt({
+    const pkcs0 = crypto.publicEncrypt(
+      {
         key: internalKey.pem,
         padding: crypto.constants.RSA_NO_PADDING,
-    }, Buffer.from(message));
+      },
+      Buffer.from(message)
+    );
 
     return new Uint8Array(pkcs0).buffer;
   }
 
-  public async onDecrypt(algorithm: RsaOaepParams, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public async onDecrypt(
+    algorithm: RsaOaepParams,
+    key: RsaPrivateKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     const internalKey = getCryptoKey(key) as RsaPrivateKey;
     const keySize = Math.ceil(internalKey.algorithm.modulusLength >> 3);
     const hashSize = ShaCrypto.size(internalKey.algorithm.hash) >> 3;
@@ -89,13 +120,18 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
     }
 
     if (!internalKey.pem) {
-      internalKey.pem = `-----BEGIN PRIVATE KEY-----\n${internalKey.data.toString("base64")}\n-----END PRIVATE KEY-----`;
+      internalKey.pem = `-----BEGIN PRIVATE KEY-----\n${internalKey.data.toString(
+        "base64"
+      )}\n-----END PRIVATE KEY-----`;
     }
 
-    let pkcs0 = crypto.privateDecrypt({
+    let pkcs0 = crypto.privateDecrypt(
+      {
         key: internalKey.pem,
         padding: crypto.constants.RSA_NO_PADDING,
-    }, Buffer.from(data));
+      },
+      Buffer.from(data)
+    );
     const z = pkcs0[0];
     const seed = pkcs0.subarray(1, hashSize + 1);
     const dataBlock = pkcs0.subarray(hashSize + 1);
@@ -104,18 +140,31 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
       throw new Error("Decryption failed");
     }
 
-    const seedMask = this.mgf1(internalKey.algorithm.hash, dataBlock, seed.length);
+    const seedMask = this.mgf1(
+      internalKey.algorithm.hash,
+      dataBlock,
+      seed.length
+    );
     for (let i = 0; i < seed.length; i++) {
       seed[i] ^= seedMask[i];
     }
 
-    const dataBlockMask = this.mgf1(internalKey.algorithm.hash, seed, dataBlock.length);
+    const dataBlockMask = this.mgf1(
+      internalKey.algorithm.hash,
+      seed,
+      dataBlock.length
+    );
     for (let i = 0; i < dataBlock.length; i++) {
       dataBlock[i] ^= dataBlockMask[i];
     }
 
-    const labelHash = crypto.createHash(internalKey.algorithm.hash.name.replace("-", ""))
-      .update(core.BufferSourceConverter.toUint8Array(algorithm.label || new Uint8Array(0)))
+    const labelHash = crypto
+      .createHash(internalKey.algorithm.hash.name.replace("-", ""))
+      .update(
+        core.BufferSourceConverter.toUint8Array(
+          algorithm.label || new Uint8Array(0)
+        )
+      )
       .digest();
     for (let i = 0; i < hashSize; i++) {
       if (labelHash[i] !== dataBlock[i]) {
@@ -142,19 +191,39 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
     return new Uint8Array(pkcs0).buffer;
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return RsaCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await RsaCrypto.importKey(format, keyData, { ...algorithm, name: this.name }, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await RsaCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof RsaPrivateKey || internalKey instanceof RsaPublicKey)) {
+    if (
+      !(
+        internalKey instanceof RsaPrivateKey ||
+        internalKey instanceof RsaPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not RSA CryptoKey");
     }
   }
@@ -178,7 +247,8 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
 
       const submask = mask.subarray(i * hashSize);
 
-      let chunk = crypto.createHash(algorithm.name.replace("-", ""))
+      let chunk = crypto
+        .createHash(algorithm.name.replace("-", ""))
         .update(seed)
         .update(counter)
         .digest() as Uint8Array;
@@ -191,5 +261,4 @@ export class RsaOaepProvider extends core.RsaOaepProvider {
 
     return mask;
   }
-
 }

src/mechs/rsa/rsa_pss.ts

@@ -1,24 +1,35 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { RsaCrypto } from "./crypto";
 import { RsaPrivateKey } from "./private_key";
 import { RsaPublicKey } from "./public_key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class RsaPssProvider extends core.RsaPssProvider {
-
   public override hashAlgorithms = [
-    "SHA-1", "SHA-256", "SHA-384", "SHA-512", 
-    "shake128", "shake256", 
-    "SHA3-256", "SHA3-384", "SHA3-512"];
+    "SHA-1",
+    "SHA-256",
+    "SHA-384",
+    "SHA-512",
+    "shake128",
+    "shake256",
+    "SHA3-256",
+    "SHA3-384",
+    "SHA3-512",
+  ];
 
-  public async onGenerateKey(algorithm: RsaHashedKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: RsaHashedKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKeyPair> {
     const keys = await RsaCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as RsaPrivateKey),
@@ -26,29 +37,66 @@ export class RsaPssProvider extends core.RsaPssProvider {
     };
   }
 
-  public async onSign(algorithm: RsaPssParams, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return RsaCrypto.sign(algorithm, getCryptoKey(key) as RsaPrivateKey, new Uint8Array(data));
+  public async onSign(
+    algorithm: RsaPssParams,
+    key: RsaPrivateKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return RsaCrypto.sign(
+      algorithm,
+      getCryptoKey(key) as RsaPrivateKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onVerify(algorithm: RsaPssParams, key: RsaPublicKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
-    return RsaCrypto.verify(algorithm, getCryptoKey(key) as RsaPublicKey, new Uint8Array(signature), new Uint8Array(data));
+  public async onVerify(
+    algorithm: RsaPssParams,
+    key: RsaPublicKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
+    return RsaCrypto.verify(
+      algorithm,
+      getCryptoKey(key) as RsaPublicKey,
+      new Uint8Array(signature),
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return RsaCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await RsaCrypto.importKey(format, keyData, {...algorithm, name: this.name}, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await RsaCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof RsaPrivateKey || internalKey instanceof RsaPublicKey)) {
+    if (
+      !(
+        internalKey instanceof RsaPrivateKey ||
+        internalKey instanceof RsaPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not RSA CryptoKey");
     }
   }
-
 }

src/mechs/rsa/rsa_ssa.ts

@@ -1,24 +1,35 @@
 import * as core from "webcrypto-core";
-import { setCryptoKey, getCryptoKey } from "../storage";
 import { RsaCrypto } from "./crypto";
 import { RsaPrivateKey } from "./private_key";
 import { RsaPublicKey } from "./public_key";
+import { setCryptoKey, getCryptoKey } from "../storage";
 
 export class RsaSsaProvider extends core.RsaSsaProvider {
-
   public override hashAlgorithms = [
-    "SHA-1", "SHA-256", "SHA-384", "SHA-512", 
-    "shake128", "shake256", 
-    "SHA3-256", "SHA3-384", "SHA3-512"];
+    "SHA-1",
+    "SHA-256",
+    "SHA-384",
+    "SHA-512",
+    "shake128",
+    "shake256",
+    "SHA3-256",
+    "SHA3-384",
+    "SHA3-512",
+  ];
 
-  public async onGenerateKey(algorithm: RsaHashedKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<globalThis.CryptoKeyPair> {
+  public async onGenerateKey(
+    algorithm: RsaHashedKeyGenParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<globalThis.CryptoKeyPair> {
     const keys = await RsaCrypto.generateKey(
       {
         ...algorithm,
         name: this.name,
       },
       extractable,
-      keyUsages);
+      keyUsages
+    );
 
     return {
       privateKey: setCryptoKey(keys.privateKey as RsaPrivateKey),
@@ -26,29 +37,66 @@ export class RsaSsaProvider extends core.RsaSsaProvider {
     };
   }
 
-  public async onSign(algorithm: Algorithm, key: RsaPrivateKey, data: ArrayBuffer): Promise<ArrayBuffer> {
-    return RsaCrypto.sign(algorithm, getCryptoKey(key) as RsaPrivateKey, new Uint8Array(data));
+  public async onSign(
+    algorithm: Algorithm,
+    key: RsaPrivateKey,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
+    return RsaCrypto.sign(
+      algorithm,
+      getCryptoKey(key) as RsaPrivateKey,
+      new Uint8Array(data)
+    );
   }
 
-  public async onVerify(algorithm: Algorithm, key: RsaPublicKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {
-    return RsaCrypto.verify(algorithm, getCryptoKey(key) as RsaPublicKey, new Uint8Array(signature), new Uint8Array(data));
+  public async onVerify(
+    algorithm: Algorithm,
+    key: RsaPublicKey,
+    signature: ArrayBuffer,
+    data: ArrayBuffer
+  ): Promise<boolean> {
+    return RsaCrypto.verify(
+      algorithm,
+      getCryptoKey(key) as RsaPublicKey,
+      new Uint8Array(signature),
+      new Uint8Array(data)
+    );
   }
 
-  public async onExportKey(format: KeyFormat, key: CryptoKey): Promise<JsonWebKey | ArrayBuffer> {
+  public async onExportKey(
+    format: KeyFormat,
+    key: CryptoKey
+  ): Promise<JsonWebKey | ArrayBuffer> {
     return RsaCrypto.exportKey(format, getCryptoKey(key));
   }
 
-  public async onImportKey(format: KeyFormat, keyData: JsonWebKey | ArrayBuffer, algorithm: RsaHashedImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
-    const key = await RsaCrypto.importKey(format, keyData, {...algorithm, name: this.name}, extractable, keyUsages);
+  public async onImportKey(
+    format: KeyFormat,
+    keyData: JsonWebKey | ArrayBuffer,
+    algorithm: RsaHashedImportParams,
+    extractable: boolean,
+    keyUsages: KeyUsage[]
+  ): Promise<CryptoKey> {
+    const key = await RsaCrypto.importKey(
+      format,
+      keyData,
+      { ...algorithm, name: this.name },
+      extractable,
+      keyUsages
+    );
     return setCryptoKey(key);
   }
 
   public override checkCryptoKey(key: CryptoKey, keyUsage?: KeyUsage) {
     super.checkCryptoKey(key, keyUsage);
     const internalKey = getCryptoKey(key);
-    if (!(internalKey instanceof RsaPrivateKey || internalKey instanceof RsaPublicKey)) {
+    if (
+      !(
+        internalKey instanceof RsaPrivateKey ||
+        internalKey instanceof RsaPublicKey
+      )
+    ) {
       throw new TypeError("key: Is not RSA CryptoKey");
     }
   }
-
 }

src/mechs/sha/crypto.ts

@@ -1,7 +1,7 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 
 export class ShaCrypto {
-
   /**
    * Returns size of the hash algorithm in bits
    * @param algorithm Hash algorithm
@@ -53,9 +53,7 @@ export class ShaCrypto {
 
   public static digest(algorithm: Algorithm, data: ArrayBuffer) {
     const hashAlg = this.getAlgorithmName(algorithm);
-    const hash = crypto.createHash(hashAlg)
-      .update(Buffer.from(data)).digest();
+    const hash = crypto.createHash(hashAlg).update(Buffer.from(data)).digest();
     return new Uint8Array(hash).buffer;
   }
-
 }

src/mechs/sha/sha3_256.ts

@@ -5,8 +5,10 @@ export class Sha3256Provider extends core.ProviderCrypto {
   public name = "SHA3-256";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha3_384.ts

@@ -5,8 +5,10 @@ export class Sha3384Provider extends core.ProviderCrypto {
   public name = "SHA3-384";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha3_512.ts

@@ -5,8 +5,10 @@ export class Sha3512Provider extends core.ProviderCrypto {
   public name = "SHA3-512";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha_1.ts

@@ -5,8 +5,10 @@ export class Sha1Provider extends core.ProviderCrypto {
   public name = "SHA-1";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha_256.ts

@@ -5,8 +5,10 @@ export class Sha256Provider extends core.ProviderCrypto {
   public name = "SHA-256";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha_384.ts

@@ -5,8 +5,10 @@ export class Sha384Provider extends core.ProviderCrypto {
   public name = "SHA-384";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/sha/sha_512.ts

@@ -5,8 +5,10 @@ export class Sha512Provider extends core.ProviderCrypto {
   public name = "SHA-512";
   public usages = [];
 
-  public override async onDigest(algorithm: Algorithm, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Algorithm,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShaCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/shake/crypto.ts

@@ -1,13 +1,19 @@
+import { Buffer } from "buffer";
 import crypto from "crypto";
 import * as core from "webcrypto-core";
 
 export class ShakeCrypto {
-
-  public static digest(algorithm: Required<core.ShakeParams>, data: ArrayBuffer) {
-    const hash = crypto.createHash(algorithm.name.toLowerCase(), {outputLength: algorithm.length})
-      .update(Buffer.from(data)).digest();
+  public static digest(
+    algorithm: Required<core.ShakeParams>,
+    data: ArrayBuffer
+  ) {
+    const hash = crypto
+      .createHash(algorithm.name.toLowerCase(), {
+        outputLength: algorithm.length,
+      })
+      .update(Buffer.from(data))
+      .digest();
 
     return new Uint8Array(hash).buffer;
   }
-
 }

src/mechs/shake/shake128.ts

@@ -2,9 +2,10 @@ import * as core from "webcrypto-core";
 import { ShakeCrypto } from "./crypto";
 
 export class Shake128Provider extends core.Shake128Provider {
-
-  public override async onDigest(algorithm: Required<core.ShakeParams>, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Required<core.ShakeParams>,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShakeCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/shake/shake256.ts

@@ -2,9 +2,10 @@ import * as core from "webcrypto-core";
 import { ShakeCrypto } from "./crypto";
 
 export class Shake256Provider extends core.Shake256Provider {
-
-  public override async onDigest(algorithm: Required<core.ShakeParams>, data: ArrayBuffer): Promise<ArrayBuffer> {
+  public override async onDigest(
+    algorithm: Required<core.ShakeParams>,
+    data: ArrayBuffer
+  ): Promise<ArrayBuffer> {
     return ShakeCrypto.digest(algorithm, data);
   }
-
 }

src/mechs/storage.ts

@@ -12,7 +12,12 @@ export function getCryptoKey(key: core.CryptoKey) {
 }
 
 export function setCryptoKey(value: InternalCryptoKey) {
-  const key = core.CryptoKey.create(value.algorithm, value.type, value.extractable, value.usages);
+  const key = core.CryptoKey.create(
+    value.algorithm,
+    value.type,
+    value.extractable,
+    value.usages
+  );
   Object.freeze(key);
 
   keyStorage.set(key, value);

src/subtle.ts

@@ -2,18 +2,34 @@ import * as crypto from "crypto";
 import * as process from "process";
 import * as core from "webcrypto-core";
 import {
-  AesCbcProvider, AesCmacProvider, AesCtrProvider, AesEcbProvider, AesGcmProvider, AesKwProvider,
+  AesCbcProvider,
+  AesCmacProvider,
+  AesCtrProvider,
+  AesEcbProvider,
+  AesGcmProvider,
+  AesKwProvider,
   DesCbcProvider,
-  DesEde3CbcProvider, EcdhProvider,
-  EcdsaProvider, HkdfProvider,
+  DesEde3CbcProvider,
+  EcdhProvider,
+  EcdsaProvider,
+  HkdfProvider,
   EdDsaProvider,
   EcdhEsProvider,
   HmacProvider,
   Pbkdf2Provider,
-  RsaEsProvider, RsaOaepProvider, RsaPssProvider, RsaSsaProvider,
-  Sha1Provider, Sha256Provider, Sha384Provider, Sha512Provider,
-  Shake128Provider, Shake256Provider,
-  Sha3256Provider, Sha3384Provider, Sha3512Provider,
+  RsaEsProvider,
+  RsaOaepProvider,
+  RsaPssProvider,
+  RsaSsaProvider,
+  Sha1Provider,
+  Sha256Provider,
+  Sha384Provider,
+  Sha512Provider,
+  Shake128Provider,
+  Shake256Provider,
+  Sha3256Provider,
+  Sha3384Provider,
+  Sha3512Provider,
 } from "./mechs";
 
 export class SubtleCrypto extends core.SubtleCrypto {
@@ -30,7 +46,10 @@ export class SubtleCrypto extends core.SubtleCrypto {
     //#endregion
 
     //#region DES
+    const ciphers = crypto.getCiphers();
+    if (ciphers.includes("des-cbc")) {
       this.providers.set(new DesCbcProvider());
+    }
     this.providers.set(new DesEde3CbcProvider());
     //#endregion
 

test/crypto.ts

@@ -1,5 +1,6 @@
-import assert from "assert";
-import process from "process";
+import assert from "node:assert";
+import nodeCrypto from "node:crypto";
+import process from "node:process";
 import { WebcryptoTest } from "@peculiar/webcrypto-test";
 import { Convert } from "pvtsutils";
 import * as core from "webcrypto-core";
@@ -10,7 +11,11 @@ const nodeMajorVersion = parseInt(/^v(\d+)/.exec(process.version)![1], 10);
 
 const crypto = new Crypto();
 
-WebcryptoTest.check(crypto as any, {});
+const ciphers = nodeCrypto.getCiphers();
+
+WebcryptoTest.check(crypto as any, {
+  DESCBC: !ciphers.includes("des-cbc"),
+});
 context("Crypto", () => {
 
   context("getRandomValues", () => {
@@ -280,4 +285,23 @@ context("Crypto", () => {
     });
   });
 
+  context("ECDH deriveBits with null", () => {
+    it("P-256", async () => {
+      const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-256" }, false, ["deriveBits"]);
+      const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
+      assert.equal(bits.byteLength, 32);
+    });
+
+    it("P-384", async () => {
+      const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-384" }, false, ["deriveBits"]);
+      const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
+      assert.equal(bits.byteLength, 48);
+    });
+
+    it("P-521", async () => {
+      const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-521" }, false, ["deriveBits"]);
+      const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
+      assert.equal(bits.byteLength, 66);
+    });
+  });
 });