forked from benetech/InPlainSight
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcrypto.js
More file actions
178 lines (169 loc) · 5.1 KB
/
crypto.js
File metadata and controls
178 lines (169 loc) · 5.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
"use strict";
/**
* Algorithm Parameters
*/
const kKDFAlgorithm = 'PBKDF2';
const kKDFSaltSize = 8;
const kKDFIterations = 1024 * 128;
const kKDFHash = 'SHA-256';
const kCipherAlgorithm = 'AES-GCM';
const kCipherKeySize = 256;
const kCipherIVSize = 96;
const kCipherTagSize = 128;
function ab2str(buf) {
return String.fromCharCode.apply(null, new Uint16Array(buf));
}
function str2ab(str) {
var buf = new ArrayBuffer(str.length*2); // 2 bytes for each char
var bufView = new Uint16Array(buf);
for (var i=0, strLen=str.length; i < strLen; i++) {
bufView[i] = str.charCodeAt(i);
}
return buf;
}
/**
* Derives an encryption key and initialization vector from |password| using
* |salt1| for the key and |salt2| for the iv. Each salt value should be at
* least 8 bytes in length. The result is a dictionary with 'key' and 'iv'
* ArrayBuffer values.
*
* @param {string} password
* @param {ArrayBuffer} salt1
* @param {ArrayBuffer} salt2
* @return {Promise}
*/
function derive(password, salt1, salt2)
{
var password_key = null;
var derived_key = null;
const password_array = str2ab(password);
const algorithm = {name: kKDFAlgorithm};
const usages = ['deriveBits', 'deriveKey'];
const extractable = false;
// Import the password as a 'key'
//console.log('import');
return crypto.subtle.importKey('raw', password_array, algorithm, extractable, usages).then(function(result) {
password_key = result;
// Derive encryption key
const derived_algorithm = {name: kCipherAlgorithm, length: kCipherKeySize};
const derived_usages = ['encrypt', 'decrypt'];
const params = {
name: kKDFAlgorithm,
salt: salt1,
iterations: kKDFIterations,
hash: {name: kKDFHash}
};
//console.log('deriveKey');
return crypto.subtle.deriveKey(params, password_key, derived_algorithm, extractable, derived_usages);
}).then(function(result) {
derived_key = result;
// Derive iv
const params = {
name: kKDFAlgorithm,
salt: salt2,
iterations: kKDFIterations,
hash: {name: kKDFHash}
};
//console.log('deriveBits');
return crypto.subtle.deriveBits(params, password_key, kCipherIVSize);
}).then(function(derived_iv) {
return {
key: derived_key,
iv: derived_iv
};
});
}
/**
* Encrypts |plain_text| using a key derived from |password|. The result is the
* ArrayBuffer cipher text.
*
* @param {string} password
* @param {ArrayBuffer} plain_text
* @return {Promise that returns ArrayBuffer}
*/
function encrypt(password, plain_text)
{
var salt1 = new Uint8Array(kKDFSaltSize);
crypto.getRandomValues(salt1);
var salt2 = new Uint8Array(kKDFSaltSize);
crypto.getRandomValues(salt2);
return derive(password, salt1, salt2).then(function(result) {
const algorithm = {
name: kCipherAlgorithm,
iv: result.iv,
tagLength: kCipherTagSize
};
//console.log('encrypt');
return crypto.subtle.encrypt(algorithm, result.key, plain_text);
}).then(function(cipher_text) {
// Concatenate salts with cipher_text.
cipher_text = new Uint8Array(cipher_text);
var final_output = new Uint8Array(cipher_text.length + 16);
final_output.set(salt1, 0);
final_output.set(salt2, 8);
final_output.set(cipher_text, 16);
return final_output.buffer;
});
}
/**
* Decrypts |cipher_text| using a key derived from |password|. The result is the
* ArrayBuffer plain text.
*
* @param {string} password
* @param {ArrayBuffer} cipher_text
* @return {Promise that returns ArrayBuffer}
*/
function decrypt(password, cipher_text)
{
cipher_text = new Uint8Array(cipher_text);
const salt1 = cipher_text.subarray(0, 8);
const salt2 = cipher_text.subarray(8, 16);
const raw_cipher_text = cipher_text.subarray(16);
return derive(password, salt1, salt2).then(function(result) {
const algorithm = {
name: kCipherAlgorithm,
iv: result.iv,
tagLength: kCipherTagSize
};
//console.log('decrypt');
return crypto.subtle.decrypt(algorithm, result.key, raw_cipher_text);
});
}
function testEncryptDecrypt()
{
var password = 'test_password_345_%$#';
var data = str2ab('test_data');
encrypt(password, data).then(function(encrypted_data) {
return decrypt(password, encrypted_data);
}).then(function(decrypted_data) {
console.log('decrypt finished')
if (ab2str(decrypted_data) == 'test_data') {
console.log('ENCRYPT/DECRYPT SUCCESS!');
} else {
console.log('ENCRYPT/DECRYPT FAIL!');
}
}, function(reason) {
console.log('DECRYPT FAIL!');
console.log(reason);
});
}
function testEncryptDecryptFail()
{
var password = 'test_password_345_%$#';
var data = str2ab('test_data');
encrypt(password, data).then(function(encrypted_data) {
return decrypt('wrong password', encrypted_data);
}).then(function(decrypted_data) {
console.log('decrypt finished')
if (ab2str(decrypted_data) == 'test_data') {
console.log('ENCRYPT/DECRYPT SUCCESS!');
} else {
console.log('ENCRYPT/DECRYPT FAIL!');
}
}, function(reason) {
console.log('DECRYPT FAIL!');
console.log(reason);
});
}
// testEncryptDecrypt();
// testEncryptDecryptFail();