Upstream
/
bitwarden-browser
mirror of https://github.com/bitwarden/browser.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rsaDecrypt implementation

This commit is contained in:
Kyle Spearrin 2018-04-19 00:00:53 -04:00
parent e20e878b8b
commit 97fe01e131
3 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/abstractions/cryptoFunction.service.ts
View File

@ -3,4 +3,5 @@ export abstract class CryptoFunctionService {
iterations: number) => Promise<ArrayBuffer>;
hash: (value: string | ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512') => Promise<ArrayBuffer>;
hmac: (value: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512') => Promise<ArrayBuffer>;
rsaDecrypt: (data: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256') => Promise<ArrayBuffer>;
}

20
src/services/nodeCryptoFunction.service.ts
View File

@ -1,4 +1,5 @@
import * as crypto from 'crypto';
import * as constants from 'constants';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
@ -56,6 +57,20 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
return Promise.resolve(decBuf.buffer);
}
rsaDecrypt(data: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> {
if (algorithm !== 'sha1') {
throw new Error('only sha1 is supported on this platform.');
}
const nodeData = this.toNodeBuffer(data);
const rsaKey: crypto.RsaPrivateKey = {
key: this.toPem(key),
padding: constants.RSA_PKCS1_OAEP_PADDING,
};
const decBuf = crypto.publicDecrypt(rsaKey, nodeData);
return Promise.resolve(decBuf.buffer);
}
randomBytes(length: number): Promise<ArrayBuffer> {
return new Promise<ArrayBuffer>((resolve, reject) => {
crypto.randomBytes(length, (error, bytes) => {
@ -81,4 +96,9 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
private toNodeBuffer(value: ArrayBuffer): Buffer {
return Buffer.from(new Uint8Array(value) as any);
}
private toPem(key: ArrayBuffer): string {
const b64Key = ''; // TODO: key to b84
return '-----BEGIN PRIVATE KEY-----\n' + b64Key + '\n-----END PRIVATE KEY-----';
}
}

15
src/services/webCryptoFunction.service.ts
View File

@ -30,7 +30,7 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
const passwordBuf = this.toBuf(password);
const saltBuf = this.toBuf(salt);
const alg: Pbkdf2Params = {
const pbkdf2Params: Pbkdf2Params = {
name: 'PBKDF2',
salt: saltBuf,
iterations: iterations,
@ -38,7 +38,7 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
};
const impKey = await this.subtle.importKey('raw', passwordBuf, { name: 'PBKDF2' }, false, ['deriveBits']);
return await window.crypto.subtle.deriveBits(alg, impKey, wcLen);
return await window.crypto.subtle.deriveBits(pbkdf2Params, impKey, wcLen);
}
async hash(value: string | ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512'): Promise<ArrayBuffer> {
@ -102,6 +102,17 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
return await this.subtle.decrypt({ name: 'AES-CBC', iv: iv }, impKey, data);
}
async rsaDecrypt(data: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> {
// Note: Edge browser requires that we specify name and hash for both key import and decrypt.
// We cannot use the proper types here.
const rsaParams = {
name: 'RSA-OAEP',
hash: { name: this.toWebCryptoAlgorithm(algorithm) },
};
const impKey = await this.subtle.importKey('pkcs8', key, rsaParams, false, ['decrypt']);
return await this.subtle.decrypt(rsaParams, impKey, data);
}
randomBytes(length: number): Promise<ArrayBuffer> {
const arr = new Uint8Array(length);
this.crypto.getRandomValues(arr);