-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Separate the HKDF classes dependent on external modules from the inde…
…pendent base class.
- Loading branch information
Showing
15 changed files
with
111 additions
and
42 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,11 @@ | ||
import { hmac } from "npm:@noble/[email protected]/hmac"; | ||
import { sha256 } from "npm:@noble/[email protected]/sha256"; | ||
import { sha384, sha512 } from "npm:@noble/[email protected]/sha512"; | ||
|
||
import type { KdfInterface } from "../interfaces/kdfInterface.ts"; | ||
|
||
import { KdfId } from "../identifiers.ts"; | ||
import { KdfAlgorithm } from "../algorithm.ts"; | ||
|
||
import * as consts from "../consts.ts"; | ||
|
||
export class Hkdf extends KdfAlgorithm implements KdfInterface { | ||
export class HkdfNative extends KdfAlgorithm implements KdfInterface { | ||
public readonly id: KdfId = KdfId.HkdfSha256; | ||
public readonly hashSize: number = 0; | ||
protected readonly algHash: HmacKeyGenParams = { | ||
|
@@ -58,29 +54,7 @@ export class Hkdf extends KdfAlgorithm implements KdfInterface { | |
salt = new ArrayBuffer(this.hashSize); | ||
} | ||
if (salt.byteLength !== this.hashSize) { | ||
// Web Cryptography API supports only Nh(hashSize) length key. | ||
// In this case, fallback to the upper-layer hmac library. | ||
switch (this.algHash.hash) { | ||
case "SHA-256": | ||
return hmac( | ||
sha256, | ||
new Uint8Array(salt), | ||
new Uint8Array(ikm), | ||
); | ||
case "SHA-384": | ||
return hmac( | ||
sha384, | ||
new Uint8Array(salt), | ||
new Uint8Array(ikm), | ||
); | ||
default: | ||
// case "SHA-512": | ||
return hmac( | ||
sha512, | ||
new Uint8Array(salt), | ||
new Uint8Array(ikm), | ||
); | ||
} | ||
throw new Error("The salt length must be the same as the hashSize"); | ||
} | ||
const key = await (this._api as SubtleCrypto).importKey( | ||
"raw", | ||
|
@@ -188,7 +162,7 @@ export class Hkdf extends KdfAlgorithm implements KdfInterface { | |
} | ||
} | ||
|
||
export class HkdfSha256 extends Hkdf implements KdfInterface { | ||
export class HkdfSha256Native extends HkdfNative { | ||
public readonly id: KdfId = KdfId.HkdfSha256; | ||
public readonly hashSize: number = 32; | ||
protected readonly algHash: HmacKeyGenParams = { | ||
|
@@ -198,7 +172,7 @@ export class HkdfSha256 extends Hkdf implements KdfInterface { | |
}; | ||
} | ||
|
||
export class HkdfSha384 extends Hkdf implements KdfInterface { | ||
export class HkdfSha384Native extends HkdfNative { | ||
public readonly id: KdfId = KdfId.HkdfSha384; | ||
public readonly hashSize: number = 48; | ||
protected readonly algHash: HmacKeyGenParams = { | ||
|
@@ -208,7 +182,7 @@ export class HkdfSha384 extends Hkdf implements KdfInterface { | |
}; | ||
} | ||
|
||
export class HkdfSha512 extends Hkdf implements KdfInterface { | ||
export class HkdfSha512Native extends HkdfNative { | ||
public readonly id: KdfId = KdfId.HkdfSha512; | ||
public readonly hashSize: number = 64; | ||
protected readonly algHash: HmacKeyGenParams = { | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
import { hmac } from "npm:@noble/[email protected]/hmac"; | ||
import { sha256 } from "npm:@noble/[email protected]/sha256"; | ||
|
||
import { HkdfSha256Native } from "./hkdf.ts"; | ||
|
||
export class HkdfSha256 extends HkdfSha256Native { | ||
public override async extract( | ||
salt: ArrayBuffer, | ||
ikm: ArrayBuffer, | ||
): Promise<ArrayBuffer> { | ||
this.checkInit(); | ||
if (salt.byteLength === 0) { | ||
salt = new ArrayBuffer(this.hashSize); | ||
} | ||
if (salt.byteLength !== this.hashSize) { | ||
return hmac(sha256, new Uint8Array(salt), new Uint8Array(ikm)); | ||
} | ||
const key = await (this._api as SubtleCrypto).importKey( | ||
"raw", | ||
salt, | ||
this.algHash, | ||
false, | ||
[ | ||
"sign", | ||
], | ||
); | ||
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
import { hmac } from "npm:@noble/[email protected]/hmac"; | ||
import { sha384 } from "npm:@noble/[email protected]/sha512"; | ||
|
||
import { HkdfSha384Native } from "./hkdf.ts"; | ||
|
||
export class HkdfSha384 extends HkdfSha384Native { | ||
public override async extract( | ||
salt: ArrayBuffer, | ||
ikm: ArrayBuffer, | ||
): Promise<ArrayBuffer> { | ||
this.checkInit(); | ||
if (salt.byteLength === 0) { | ||
salt = new ArrayBuffer(this.hashSize); | ||
} | ||
if (salt.byteLength !== this.hashSize) { | ||
return hmac(sha384, new Uint8Array(salt), new Uint8Array(ikm)); | ||
} | ||
const key = await (this._api as SubtleCrypto).importKey( | ||
"raw", | ||
salt, | ||
this.algHash, | ||
false, | ||
[ | ||
"sign", | ||
], | ||
); | ||
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
import { hmac } from "npm:@noble/[email protected]/hmac"; | ||
import { sha512 } from "npm:@noble/[email protected]/sha512"; | ||
|
||
import { HkdfSha512Native } from "./hkdf.ts"; | ||
|
||
export class HkdfSha512 extends HkdfSha512Native { | ||
public override async extract( | ||
salt: ArrayBuffer, | ||
ikm: ArrayBuffer, | ||
): Promise<ArrayBuffer> { | ||
this.checkInit(); | ||
if (salt.byteLength === 0) { | ||
salt = new ArrayBuffer(this.hashSize); | ||
} | ||
if (salt.byteLength !== this.hashSize) { | ||
return hmac(sha512, new Uint8Array(salt), new Uint8Array(ikm)); | ||
} | ||
const key = await (this._api as SubtleCrypto).importKey( | ||
"raw", | ||
salt, | ||
this.algHash, | ||
false, | ||
[ | ||
"sign", | ||
], | ||
); | ||
return await (this._api as SubtleCrypto).sign("HMAC", key, ikm); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters