mirror of
https://github.com/danbulant/jose
synced 2026-05-25 13:01:49 +00:00
23b874cc20
BREAKING CHANGE: key.algorithms(op) un+wrapKey was split into correct wrapKey/unwrapKey/deriveKey returns BREAKING CHANGE: keystore.all and keystore.get `operation` option was removed, `key_ops: string[]` supersedes it
31 lines
928 B
JavaScript
31 lines
928 B
JavaScript
const { strict: assert } = require('assert')
|
|
|
|
const { KEYLENGTHS } = require('../../help/consts')
|
|
const { generateSync } = require('../../jwk/generate')
|
|
|
|
const derive = require('./derive')
|
|
|
|
const wrapKey = (key, payload, { enc }) => {
|
|
const epk = generateSync(key.kty, key.crv)
|
|
|
|
const derivedKey = derive(enc, KEYLENGTHS[enc], epk, key)
|
|
|
|
return {
|
|
wrapped: derivedKey,
|
|
header: { epk: { kty: key.kty, crv: key.crv, x: epk.x, y: epk.y } }
|
|
}
|
|
}
|
|
|
|
const unwrapKey = (key, payload, { apu, apv, epk, enc }) => {
|
|
return derive(enc, KEYLENGTHS[enc], key, epk, { apu, apv })
|
|
}
|
|
|
|
const ALG = 'ECDH-ES'
|
|
|
|
module.exports = (JWA) => {
|
|
assert(!JWA.keyManagementEncrypt.has(ALG), `keyManagementEncrypt alg ${ALG} already registered`)
|
|
assert(!JWA.keyManagementDecrypt.has(ALG), `keyManagementDecrypt alg ${ALG} already registered`)
|
|
|
|
JWA.keyManagementEncrypt.set(ALG, wrapKey)
|
|
JWA.keyManagementDecrypt.set(ALG, unwrapKey)
|
|
}
|