PHP WebShell
Текущая директория: /usr/lib/node_modules/bitgo/node_modules/@noble/ciphers/src
Просмотр файла: webcrypto.ts
/**
* WebCrypto-based AES gcm/ctr/cbc, `managedNonce` and `randomBytes`.
* We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
* node.js versions earlier than v19 don't declare it in global scope.
* For node.js, package.js on#exports field mapping rewrites import
* from `crypto` to `cryptoNode`, which imports native module.
* Makes the utils un-importable in browsers without a bundler.
* Once node.js 18 is deprecated, we can just drop the import.
* @module
*/
// Use full path so that Node.js can rewrite it to `cryptoNode.js`.
import { crypto } from '@noble/ciphers/crypto';
import { abytes, anumber, type AsyncCipher, type Cipher, concatBytes } from './utils.ts';
/**
* Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS.
*/
export function randomBytes(bytesLength = 32): Uint8Array {
if (crypto && typeof crypto.getRandomValues === 'function') {
return crypto.getRandomValues(new Uint8Array(bytesLength));
}
// Legacy Node.js compatibility
if (crypto && typeof crypto.randomBytes === 'function') {
return Uint8Array.from(crypto.randomBytes(bytesLength));
}
throw new Error('crypto.getRandomValues must be defined');
}
export function getWebcryptoSubtle(): any {
if (crypto && typeof crypto.subtle === 'object' && crypto.subtle != null) return crypto.subtle;
throw new Error('crypto.subtle must be defined');
}
type RemoveNonceInner<T extends any[], Ret> = ((...args: T) => Ret) extends (
arg0: any,
arg1: any,
...rest: infer R
) => any
? (key: Uint8Array, ...args: R) => Ret
: never;
type RemoveNonce<T extends (...args: any) => any> = RemoveNonceInner<Parameters<T>, ReturnType<T>>;
type CipherWithNonce = ((key: Uint8Array, nonce: Uint8Array, ...args: any[]) => Cipher) & {
nonceLength: number;
};
/**
* Uses CSPRG for nonce, nonce injected in ciphertext.
* @example
* const gcm = managedNonce(aes.gcm);
* const ciphr = gcm(key).encrypt(data);
* const plain = gcm(key).decrypt(ciph);
*/
export function managedNonce<T extends CipherWithNonce>(fn: T): RemoveNonce<T> {
const { nonceLength } = fn;
anumber(nonceLength);
return ((key: Uint8Array, ...args: any[]): any => ({
encrypt(plaintext: Uint8Array, ...argsEnc: any[]) {
const nonce = randomBytes(nonceLength);
const ciphertext = (fn(key, nonce, ...args).encrypt as any)(plaintext, ...argsEnc);
const out = concatBytes(nonce, ciphertext);
ciphertext.fill(0);
return out;
},
decrypt(ciphertext: Uint8Array, ...argsDec: any[]) {
const nonce = ciphertext.subarray(0, nonceLength);
const data = ciphertext.subarray(nonceLength);
return (fn(key, nonce, ...args).decrypt as any)(data, ...argsDec);
},
})) as RemoveNonce<T>;
}
// Overridable
// @TODO
export const utils: {
encrypt: (key: Uint8Array, ...all: any[]) => Promise<Uint8Array>;
decrypt: (key: Uint8Array, ...all: any[]) => Promise<Uint8Array>;
} = {
async encrypt(
key: Uint8Array,
keyParams: any,
cryptParams: any,
plaintext: Uint8Array
): Promise<Uint8Array> {
const cr = getWebcryptoSubtle();
const iKey = await cr.importKey('raw', key, keyParams, true, ['encrypt']);
const ciphertext = await cr.encrypt(cryptParams, iKey, plaintext);
return new Uint8Array(ciphertext);
},
async decrypt(
key: Uint8Array,
keyParams: any,
cryptParams: any,
ciphertext: Uint8Array
): Promise<Uint8Array> {
const cr = getWebcryptoSubtle();
const iKey = await cr.importKey('raw', key, keyParams, true, ['decrypt']);
const plaintext = await cr.decrypt(cryptParams, iKey, ciphertext);
return new Uint8Array(plaintext);
},
};
const mode = {
CBC: 'AES-CBC',
CTR: 'AES-CTR',
GCM: 'AES-GCM',
} as const;
type BlockMode = (typeof mode)[keyof typeof mode];
function getCryptParams(algo: BlockMode, nonce: Uint8Array, AAD?: Uint8Array) {
if (algo === mode.CBC) return { name: mode.CBC, iv: nonce };
if (algo === mode.CTR) return { name: mode.CTR, counter: nonce, length: 64 };
if (algo === mode.GCM) {
if (AAD) return { name: mode.GCM, iv: nonce, additionalData: AAD };
else return { name: mode.GCM, iv: nonce };
}
throw new Error('unknown aes block mode');
}
function generate(algo: BlockMode) {
return (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array): AsyncCipher => {
abytes(key);
abytes(nonce);
const keyParams = { name: algo, length: key.length * 8 };
const cryptParams = getCryptParams(algo, nonce, AAD);
let consumed = false;
return {
// keyLength,
encrypt(plaintext: Uint8Array) {
abytes(plaintext);
if (consumed) throw new Error('Cannot encrypt() twice with same key / nonce');
consumed = true;
return utils.encrypt(key, keyParams, cryptParams, plaintext);
},
decrypt(ciphertext: Uint8Array) {
abytes(ciphertext);
return utils.decrypt(key, keyParams, cryptParams, ciphertext);
},
};
};
}
/** AES-CBC, native webcrypto version */
export const cbc: (key: Uint8Array, iv: Uint8Array) => AsyncCipher = /* @__PURE__ */ (() =>
generate(mode.CBC))();
/** AES-CTR, native webcrypto version */
export const ctr: (key: Uint8Array, nonce: Uint8Array) => AsyncCipher = /* @__PURE__ */ (() =>
generate(mode.CTR))();
/** AES-GCM, native webcrypto version */
export const gcm: (key: Uint8Array, nonce: Uint8Array, AAD?: Uint8Array) => AsyncCipher =
/* @__PURE__ */ (() => generate(mode.GCM))();
// // Type tests
// import { siv, gcm, ctr, ecb, cbc } from '../aes.ts';
// import { xsalsa20poly1305 } from '../salsa.ts';
// import { chacha20poly1305, xchacha20poly1305 } from '../chacha.ts';
// const wsiv = managedNonce(siv);
// const wgcm = managedNonce(gcm);
// const wctr = managedNonce(ctr);
// const wcbc = managedNonce(cbc);
// const wsalsapoly = managedNonce(xsalsa20poly1305);
// const wchacha = managedNonce(chacha20poly1305);
// const wxchacha = managedNonce(xchacha20poly1305);
// // should fail
// const wcbc2 = managedNonce(managedNonce(cbc));
// const wctr = managedNonce(ctr);
Выполнить команду
Для локальной разработки. Не используйте в интернете!