bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-21 02:33:46 +00:00
Code Issues Releases Wiki Activity

hmac implementation for web crypto

Browse Source
This commit is contained in:
Kyle Spearrin
2018-04-17 19:02:58 -04:00
parent 719c8aa70c
commit 81f7bd7b76
4 changed files with 54 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/services/webCryptoFunction.service.ts
View File

@@ -35,7 +35,7 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
name: 'PBKDF2',
salt: saltBuf,
iterations: iterations,
hash: { name: algorithm === 'sha256' ? 'SHA-256' : 'SHA-512' },
hash: { name: this.toWebCryptoAlgorithm(algorithm) },
};
const keyType: AesDerivedKeyParams = {
@@ -65,10 +65,29 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
const valueBuf = this.toBuf(value);
return await this.subtle.digest({
name: algorithm === 'sha1' ? 'SHA-1' : algorithm === 'sha256' ? 'SHA-256' : 'SHA-512'
name: this.toWebCryptoAlgorithm(algorithm)
}, valueBuf);
}
async hmac(value: ArrayBuffer, key: ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512'): Promise<ArrayBuffer> {
if (this.isEdge) {
const valueBytes = this.toForgeBytes(value);
const keyBytes = this.toForgeBytes(key);
const hmac = (forge as any).hmac.create();
hmac.start(algorithm, keyBytes);
hmac.update(valueBytes);
return this.fromForgeBytesToBuf(hmac.digest().getBytes());
}
const signingAlgorithm = {
name: 'HMAC',
hash: { name: this.toWebCryptoAlgorithm(algorithm) },
};
const importedKey = await this.subtle.importKey('raw', key, signingAlgorithm, false, ['sign']);
return await this.subtle.sign(signingAlgorithm, importedKey, value);
}
private toBuf(value: string | ArrayBuffer): ArrayBuffer {
let buf: ArrayBuffer;
if (typeof (value) === 'string') {
@@ -94,4 +113,8 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
const b64 = forge.util.encode64(byteString);
return UtilsService.fromB64ToArray(b64).buffer;
}
private toWebCryptoAlgorithm(algorithm: 'sha1' | 'sha256' | 'sha512'): string {
return algorithm === 'sha1' ? 'SHA-1' : algorithm === 'sha256' ? 'SHA-256' : 'SHA-512';
}
}