Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
/* Find data to encrypt. */
const plainText = new Uint8Array([1, 2, 3, 4, 5])
/* Encrypt the data. */
const { result } = await encrypt(keyring, plainText, { encryptionContext: context })
/* Log the plain text
* only for testing and to show that it works.
*/
console.log('plainText:', plainText)
document.write('<br>plainText:' + plainText + '<br>')
/* Log the base64-encoded result
* so that you can try decrypting it with another AWS Encryption SDK implementation.
*/
const resultBase64 = toBase64(result)
console.log(resultBase64)
document.write(resultBase64)
/* Decrypt the data.
* This decrypt call could be done with **any** of the 3 keyrings.
* Here we use the multi-keyring, but
* decrypt(kmsKeyring, result)
* decrypt(aesKeyring, result)
* would both work as well.
*/
const { plaintext, messageHeader } = await decrypt(keyring, result)
/* Grab the encryption context so you can verify it. */
const { encryptionContext } = messageHeader
/* Verify the encryption context.
/* Find data to encrypt. */
const plainText = new Uint8Array([1, 2, 3, 4, 5])
/* Encrypt the data. */
const { result } = await encrypt(keyring, plainText, { encryptionContext: context })
/* Log the plain text
* only for testing and to show that it works.
*/
console.log('plainText:', plainText)
document.write('<br>plainText:' + plainText + '<br>')
/* Log the base64-encoded result
* so that you can try decrypting it with another AWS Encryption SDK implementation.
*/
const resultBase64 = toBase64(result)
console.log(resultBase64)
document.write(resultBase64)
const { plaintext, messageHeader } = await decrypt(keyring, result)
/* Grab the encryption context so you can verify it. */
const { encryptionContext } = messageHeader
/* Verify the encryption context.
* If you use an algorithm suite with signing,
* the Encryption SDK adds a name-value pair to the encryption context that contains the public key.
* Because the encryption context might contain additional key-value pairs,
* do not add a test that requires that all key-value pairs match.
* Instead, verify that the key-value pairs you expect match.
*/
Object
/* Find data to encrypt. */
const plainText = new Uint8Array([1, 2, 3, 4, 5])
/* Encrypt the data. */
const { result } = await encrypt(keyring, plainText, { encryptionContext: context })
/* Log the plain text
* only for testing and to show that it works.
*/
console.log('plainText:', plainText)
document.write('<br>plainText:' + plainText + '<br>')
/* Log the base64-encoded result
* so that you can try decrypting it with another AWS Encryption SDK implementation.
*/
const resultBase64 = toBase64(result)
console.log(resultBase64)
document.write(resultBase64)
const { plaintext, messageHeader } = await decrypt(keyring, result)
/* Grab the encryption context so you can verify it. */
const { encryptionContext } = messageHeader
/* Verify the encryption context.
* If you use an algorithm suite with signing,
* the Encryption SDK adds a name-value pair to the encryption context that contains the public key.
* Because the encryption context might contain additional key-value pairs,
* do not add a test that requires that all key-value pairs match.
* Instead, verify that the key-value pairs you expect match.
*/
Object
/* Find data to encrypt. */
const plainText = new Uint8Array([1, 2, 3, 4, 5])
/* Encrypt the data. */
const { result } = await encrypt(keyring, plainText, { encryptionContext: context })
/* Log the plain text
* only for testing and to show that it works.
*/
console.log('plainText:', plainText)
document.write('<br>plainText:' + plainText + '<br>')
/* Log the base64-encoded result
* so that you can try decrypting it with another AWS Encryption SDK implementation.
*/
const resultBase64 = toBase64(result)
console.log(resultBase64)
document.write(resultBase64)
const { plaintext, messageHeader } = await decrypt(keyring, result)
/* Grab the encryption context so you can verify it. */
const { encryptionContext } = messageHeader
/* Verify the encryption context.
* If you use an algorithm suite with signing,
* the Encryption SDK adds a name-value pair to the encryption context that contains the public key.
* Because the encryption context might contain additional key-value pairs,
* do not add a test that requires that all key-value pairs match.
* Instead, verify that the key-value pairs you expect match.
*/
Object
export function bytes2JWK (rawKeyBytes: Uint8Array): JsonWebKey {
// See https://tools.ietf.org/html/rfc7515#appendix-C Base64url Encoding
const base64 = toBase64(rawKeyBytes)
const base64Url = base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '')
return {
kty: 'oct',
k: base64Url
}
}
const backend = await getWebCryptoBackend()
const subtle = getNonZeroByteBackend(backend)
const webCryptoAlgorithm = { name: 'ECDSA', namedCurve }
const extractable = false
const usages = ['sign']
const format = 'raw'
const { publicKey, privateKey } = await subtle.generateKey(webCryptoAlgorithm, extractable, usages)
const publicKeyBytes = await subtle.exportKey(format, publicKey)
const compressPoint = SignatureKey.encodeCompressPoint(new Uint8Array(publicKeyBytes), suite)
const signatureKey = new SignatureKey(privateKey, compressPoint, suite)
return new WebCryptoEncryptionMaterial(
suite,
{ ...encryptionContext, [ENCODED_SIGNER_KEY]: toBase64(compressPoint) }
)
.setSignatureKey(signatureKey)
}
export function toBase64(input: Uint8Array): string {
if (isNode()) {
return nodeToBase64(input);
}
return browserToBase64(input);
}