bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-17 00:33:44 +00:00
Code Issues Releases Wiki Activity

switch to node crypto for rsa encrypt/decrypt

Browse Source
This commit is contained in:
Kyle Spearrin
2018-05-21 09:10:13 -04:00
parent bf260819bb
commit 43ac05d1fc
1 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/services/nodeCryptoFunction.service.ts
View File

@@ -114,31 +114,23 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
} }
rsaEncrypt(data: ArrayBuffer, publicKey: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> { rsaEncrypt(data: ArrayBuffer, publicKey: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> {
let md: forge.md.MessageDigest;
if (algorithm === 'sha256') { if (algorithm === 'sha256') {
md = forge.md.sha256.create(); throw new Error('Node crypto does not support RSA-OAEP SHA-256');
} else {
md = forge.md.sha1.create();
} }
const dataBytes = Utils.fromBufferToByteString(data); const pem = this.toPemPublicKey(publicKey);
const key = this.toForgePublicKey(publicKey); const decipher = crypto.publicEncrypt(pem, this.toNodeBuffer(data));
const decBytes: string = key.encrypt(dataBytes, 'RSA-OAEP', { md: md }); return Promise.resolve(this.toArrayBuffer(decipher));
return Promise.resolve(Utils.fromByteStringToArray(decBytes).buffer);
} }
rsaDecrypt(data: ArrayBuffer, privateKey: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> { rsaDecrypt(data: ArrayBuffer, privateKey: ArrayBuffer, algorithm: 'sha1' | 'sha256'): Promise<ArrayBuffer> {
let md: forge.md.MessageDigest;
if (algorithm === 'sha256') { if (algorithm === 'sha256') {
md = forge.md.sha256.create(); throw new Error('Node crypto does not support RSA-OAEP SHA-256');
} else {
md = forge.md.sha1.create();
} }
const dataBytes = Utils.fromBufferToByteString(data); const pem = this.toPemPrivateKey(privateKey);
const key = this.toForgePrivateKey(privateKey); const decipher = crypto.privateDecrypt(pem, this.toNodeBuffer(data));
const decBytes: string = key.decrypt(dataBytes, 'RSA-OAEP', { md: md }); return Promise.resolve(this.toArrayBuffer(decipher));
return Promise.resolve(Utils.fromByteStringToArray(decBytes).buffer);
} }
randomBytes(length: number): Promise<ArrayBuffer> { randomBytes(length: number): Promise<ArrayBuffer> {
@@ -171,15 +163,19 @@ export class NodeCryptoFunctionService implements CryptoFunctionService {
return new Uint8Array(buf).buffer; return new Uint8Array(buf).buffer;
} }
private toForgePrivateKey(key: ArrayBuffer): any { private toPemPrivateKey(key: ArrayBuffer): string {
const byteString = Utils.fromBufferToByteString(key); const byteString = Utils.fromBufferToByteString(key);
const asn1 = forge.asn1.fromDer(byteString); const asn1 = forge.asn1.fromDer(byteString);
return (forge as any).pki.privateKeyFromAsn1(asn1); const privateKey = (forge as any).pki.privateKeyFromAsn1(asn1);
const rsaPrivateKey = (forge.pki as any).privateKeyToAsn1(privateKey);
const privateKeyInfo = (forge.pki as any).wrapRsaPrivateKey(rsaPrivateKey);
return (forge.pki as any).privateKeyInfoToPem(privateKeyInfo);
} }
private toForgePublicKey(key: ArrayBuffer): any { private toPemPublicKey(key: ArrayBuffer): string {
const byteString = Utils.fromBufferToByteString(key); const byteString = Utils.fromBufferToByteString(key);
const asn1 = forge.asn1.fromDer(byteString); const asn1 = forge.asn1.fromDer(byteString);
return (forge as any).pki.publicKeyFromAsn1(asn1); const publicKey = (forge as any).pki.publicKeyFromAsn1(asn1);
return (forge.pki as any).publicKeyToPem(publicKey);
} }
} }