Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
/* Precondition: WebCryptoDefaultCryptographicMaterialsManager If the algorithm suite specification requires a signatureCurve a context must exist. */
if (!encryptionContext) throw new Error('Encryption context does not contain required public key.')
const { [ENCODED_SIGNER_KEY]: compressPoint } = encryptionContext
/* Precondition: WebCryptoDefaultCryptographicMaterialsManager The context must contain the public key. */
needs(compressPoint, 'Context does not contain required public key.')
const backend = await getWebCryptoBackend()
const subtle = getNonZeroByteBackend(backend)
const webCryptoAlgorithm = { name: 'ECDSA', namedCurve }
const extractable = false
const usages = ['verify']
const format = 'raw'
const publicKeyBytes = VerificationKey.decodeCompressPoint(fromBase64(compressPoint), suite)
const publicKey = await subtle.importKey(format, publicKeyBytes, webCryptoAlgorithm, extractable, usages)
return new WebCryptoDecryptionMaterial(suite, encryptionContext)
.setVerificationKey(new VerificationKey(publicKey, suite))
}
}
export function fromBase64(input: string): Uint8Array {
if (isNode()) {
return nodeFromBase64(input);
}
return browserFromBase64(input);
}
async function aesKeyring (keyInfo:AesKeyInfo, key: AESKey) {
const keyName = key['key-id']
const keyNamespace = keyInfo['provider-id']
const { encoding, material } = key
needs(encoding === 'base64', 'Unsupported encoding')
const rawKey = fromBase64(material)
if (!Bits2RawAesWrappingSuiteIdentifier[key.bits]) throw new Error('Unsupported right now')
const wrappingSuite = Bits2RawAesWrappingSuiteIdentifier[key.bits]
const masterKey = await RawAesKeyringWebCrypto.importCryptoKey(rawKey, wrappingSuite)
return new RawAesKeyringWebCrypto({ keyName, keyNamespace, masterKey, wrappingSuite })
}