Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
protected static async exportJwkPrivateKey(key: EcCryptoKey) {
const pkey: graphene.ITemplate = key.key.getAttribute({
value: null,
});
const jwk: JsonWebKey = {
kty: "EC",
crv: (key.algorithm as EcKeyGenParams).namedCurve,
ext: true,
key_ops: key.usages,
d: Convert.ToBase64Url(pkey.value!),
};
return jwk;
}
coefficient: null,
});
const alg = this.jwkAlgName(key.algorithm as RsaHashedKeyAlgorithm);
const jwk: JsonWebKey = {
kty: "RSA",
alg,
ext: true,
key_ops: key.usages,
e: Convert.ToBase64Url(pkey.publicExponent as Uint8Array),
n: Convert.ToBase64Url(pkey.modulus as Uint8Array),
d: Convert.ToBase64Url(pkey.privateExponent as Uint8Array),
p: Convert.ToBase64Url(pkey.prime1 as Uint8Array),
q: Convert.ToBase64Url(pkey.prime2 as Uint8Array),
dp: Convert.ToBase64Url(pkey.exp1 as Uint8Array),
dq: Convert.ToBase64Url(pkey.exp2 as Uint8Array),
qi: Convert.ToBase64Url(pkey.coefficient as Uint8Array),
};
return jwk;
}
protected static async exportJwkPublicKey(key: RsaCryptoKey) {
const pkey: ITemplate = key.key.getAttribute({
publicExponent: null,
modulus: null,
});
const alg = this.jwkAlgName(key.algorithm as RsaHashedKeyAlgorithm);
const jwk: JsonWebKey = {
kty: "RSA",
alg,
ext: true,
key_ops: key.usages,
e: Convert.ToBase64Url(pkey.publicExponent),
n: Convert.ToBase64Url(pkey.modulus),
};
return jwk;
}
public static async importKey(bytes: ArrayBuffer, type: ECKeyType) {
const x = Convert.ToBase64Url(bytes.slice(0, 32));
const y = Convert.ToBase64Url(bytes.slice(32));
const jwk = {
crv: Curve.NAMED_CURVE,
kty: "EC",
x,
y,
};
const usage = (type === "ECDSA" ? ["verify"] : []);
const key = await getEngine().crypto.subtle
.importKey("jwk", jwk, { name: type, namedCurve: Curve.NAMED_CURVE }, true, usage);
const res = await ECPublicKey.create(key);
return res;
}
}
case "spki": {
const jwk = this.spki2jwk(keyData as ArrayBuffer);
return this.importJwkPublicKey(session!, jwk, algorithm as EcKeyGenParams, extractable, keyUsages);
}
case "pkcs8": {
const jwk = this.pkcs2jwk(keyData as ArrayBuffer);
return this.importJwkPrivateKey(session!, jwk, algorithm as EcKeyGenParams, extractable, keyUsages);
}
case "raw": {
const curve = this.getNamedCurve(algorithm.namedCurve);
const ecPoint = EcUtils.decodePoint(Buffer.from(keyData as Uint8Array), curve, false);
const jwk: JsonWebKey = {
kty: "EC",
crv: algorithm.namedCurve,
x: Convert.ToBase64Url(ecPoint.x),
};
if (ecPoint.y) {
jwk.y = Convert.ToBase64Url(ecPoint.y);
}
return this.importJwkPublicKey(session, jwk, algorithm, extractable, keyUsages);
}
default:
throw new core.OperationError("format: Must be 'jwk', 'raw', 'pkcs8' or 'spki'");
}
}
modulus: null,
privateExponent: null,
prime1: null,
prime2: null,
exp1: null,
exp2: null,
coefficient: null,
});
const alg = this.jwkAlgName(key.algorithm as RsaHashedKeyAlgorithm);
const jwk: JsonWebKey = {
kty: "RSA",
alg,
ext: true,
key_ops: key.usages,
e: Convert.ToBase64Url(pkey.publicExponent as Uint8Array),
n: Convert.ToBase64Url(pkey.modulus as Uint8Array),
d: Convert.ToBase64Url(pkey.privateExponent as Uint8Array),
p: Convert.ToBase64Url(pkey.prime1 as Uint8Array),
q: Convert.ToBase64Url(pkey.prime2 as Uint8Array),
dp: Convert.ToBase64Url(pkey.exp1 as Uint8Array),
dq: Convert.ToBase64Url(pkey.exp2 as Uint8Array),
qi: Convert.ToBase64Url(pkey.coefficient as Uint8Array),
};
return jwk;
}
public static async exportKey(session: graphene.Session, format: string, key: CryptoKey): Promise {
const template = key.key.getAttribute({ value: null, valueLen: null });
switch (format.toLowerCase()) {
case "jwk":
const aes: string = /AES-(\w+)/.exec(key.algorithm.name!)![1];
const jwk: JsonWebKey = {
kty: "oct",
k: Convert.ToBase64Url(template.value!),
alg: `A${template.valueLen! * 8}${aes}`,
ext: true,
key_ops: key.usages,
};
return jwk;
case "raw":
return new Uint8Array(template.value).buffer;
break;
default:
throw new core.OperationError("format: Must be 'jwk' or 'raw'");
}
}
break;
default:
throw new Error(`Unsupported EC named curve '${crvName}'`);
}
const asn1PrvKey = Asn1Js.fromBER(pkcs8.privateKey.valueBlock.valueHex);
const parsedKey = new pkijs.ECPrivateKey({
namedCurve: algId === "1.3.132.0.10" ? "1.2.840.10045.3.1.7" : algId,
schema: asn1PrvKey.result,
});
return {
kty: "EC",
crv: crvName,
d: Convert.ToBase64Url(parsedKey.privateKey.valueBlock.valueHex),
};
}
publicExponent: null,
modulus: null,
privateExponent: null,
prime1: null,
prime2: null,
exp1: null,
exp2: null,
coefficient: null,
});
const alg = this.jwkAlgName(key.algorithm as RsaHashedKeyAlgorithm);
const jwk: JsonWebKey = {
kty: "RSA",
alg,
ext: true,
key_ops: key.usages,
e: Convert.ToBase64Url(pkey.publicExponent as Uint8Array),
n: Convert.ToBase64Url(pkey.modulus as Uint8Array),
d: Convert.ToBase64Url(pkey.privateExponent as Uint8Array),
p: Convert.ToBase64Url(pkey.prime1 as Uint8Array),
q: Convert.ToBase64Url(pkey.prime2 as Uint8Array),
dp: Convert.ToBase64Url(pkey.exp1 as Uint8Array),
dq: Convert.ToBase64Url(pkey.exp2 as Uint8Array),
qi: Convert.ToBase64Url(pkey.coefficient as Uint8Array),
};
return jwk;
}