|
1 | 1 |
|
2 | | -(async()=>{ |
3 | 2 |
|
4 | | - |
5 | | - var crypto = require('node:crypto'); |
| 3 | +!async function(){ |
| 4 | + console.clear(); |
| 5 | + |
| 6 | + const crypto = require('crypto'); |
6 | 7 |
|
7 | 8 | var {key,cert} = setup(); |
8 | 9 |
|
9 | 10 |
|
10 | | - var secret = 'my-super-secret-token'; |
| 11 | + |
| 12 | + |
| 13 | + var secret = 'hello world'; |
11 | 14 | var blob = new Blob([secret]); |
12 | 15 |
|
13 | 16 |
|
14 | 17 | var encrypted_blob = await encrypt(blob,cert); |
15 | | - var b64 = await blob_b64(blob); |
16 | | - console.log('Encrypted :',b64); |
| 18 | + var b64 = await blob_b64(encrypted_blob); |
| 19 | + console.log('Encrypted:',b64); |
17 | 20 |
|
18 | 21 | var encrypted_blob = b64_blob(b64); |
19 | | - var blob = await decrypt(blob,key); |
20 | | - var txt = await blob.text(); |
21 | | - console.log('Decrypted :',txt); |
| 22 | + var blob = await decrypt(encrypted_blob,key); |
| 23 | + var decrypted = await blob.text(); |
| 24 | + console.log('Decrypted:', decrypted); |
22 | 25 |
|
23 | 26 |
|
24 | 27 | //: |
25 | 28 |
|
26 | 29 |
|
27 | | - async function encrypt(blob,cert){ |
28 | | - // Encrypt with public key from X.509 cert |
29 | | - var buffer = await blob_buf(blob); |
30 | | - var publicKey = crypto.createPublicKey(cert); |
31 | | - |
32 | | - var key = publicKey; |
33 | | - var padding = crypto.constants.RSA_PKCS1_OAEP_PADDING; |
34 | | - var oaepHash = 'sha256'; |
| 30 | + function extract_spki(certPem){ |
| 31 | + |
| 32 | + certPem = normalisePem(certPem); |
| 33 | + var publicKey = crypto.createPublicKey(certPem); |
| 34 | + var spkiDer = publicKey.export({type:'spki',format:'der'}); |
| 35 | + var uint8 = new Uint8Array(spkiDer); |
| 36 | + return uint8 |
35 | 37 |
|
36 | | - var params = {key,padding,oaepHash}; |
37 | | - const encrypted = crypto.publicEncrypt(params,buffer); |
| 38 | + }//extract_spki |
| 39 | + |
| 40 | + |
| 41 | + async function pub_key(cert){ |
| 42 | + |
| 43 | + var spki = extract_spki(cert); |
| 44 | + var buf = spki.buffer; |
| 45 | + var pub_key = await crypto.subtle.importKey('spki',buf,{name:'RSA-OAEP',hash:'SHA-256'},true,['encrypt']); |
| 46 | + return pub_key; |
38 | 47 |
|
39 | | - var blob = new Blob([encrypted]); |
| 48 | + }//pub_key |
| 49 | + |
| 50 | + |
| 51 | + async function encrypt(blob,cert){ |
| 52 | + |
| 53 | + var publicKey = await pub_key(cert); |
| 54 | + var buf = await blob.arrayBuffer(); |
| 55 | + var encrypted = await crypto.subtle.encrypt({name:'RSA-OAEP'},publicKey,buf); |
| 56 | + var uint8 = new Uint8Array(encrypted); |
| 57 | + var blob = new Blob([uint8]); |
40 | 58 | return blob; |
41 | 59 |
|
42 | 60 | }//encrypt |
43 | 61 |
|
44 | 62 |
|
45 | | - async function decrypt(blob,key){ |
46 | | - // Decrypt with private key |
47 | | - var buffer = await blob_buffer(blob); |
48 | | - |
49 | | - var key = key |
50 | | - var padding = crypto.constants.RSA_PKCS1_OAEP_PADDING; |
51 | | - var oaepHash = 'sha256'; |
52 | | - |
53 | | - var params = {key,padding,oaepHash}; |
54 | | - var decrypted = crypto.privateDecrypt(params,buffer); |
| 63 | + //: |
| 64 | + |
| 65 | + |
| 66 | + async function priv_key(pem){ |
| 67 | + |
| 68 | + var b64 = pem.replace(/-----BEGIN PRIVATE KEY-----/, '') |
| 69 | + .replace(/-----END PRIVATE KEY-----/, '') |
| 70 | + .replace(/\s+/g, ''); |
| 71 | + var bin = atob(b64); |
| 72 | + var der = bin_uint8(bin); |
| 73 | + var buf = der.buffer; |
| 74 | + var priv_key = await crypto.subtle.importKey('pkcs8',buf,{name:'RSA-OAEP',hash:'SHA-256',},true,['decrypt']); |
| 75 | + return priv_key; |
55 | 76 |
|
56 | | - var blob = new Blob([decrypted]); |
| 77 | + }//priv_key |
| 78 | + |
| 79 | + |
| 80 | + async function decrypt(blob,key){ |
| 81 | + |
| 82 | + var privateKey = await priv_key(key); |
| 83 | + var uint8 = await blob_uint8(blob); |
| 84 | + var buffer = await crypto.subtle.decrypt({name:'RSA-OAEP',},privateKey,uint8); |
| 85 | + var blob = new Blob([buffer]); |
57 | 86 | return blob; |
58 | 87 |
|
59 | 88 | }//decrypt |
|
62 | 91 | //: |
63 | 92 |
|
64 | 93 |
|
65 | | - async function blob_buf(blob){ |
| 94 | + function b64_uint8(b64){ |
| 95 | + |
| 96 | + var bin = atob(b64); |
| 97 | + var uint8 = bin_uint8(bin); |
| 98 | + return uint8; |
| 99 | + |
| 100 | + }//b64_uint8 |
| 101 | + |
| 102 | + |
| 103 | + async function blob_uint8(blob){ |
66 | 104 |
|
67 | | - var arrayBuffer = await blob.arrayBuffer(); |
68 | | - var buffer = Buffer.from(arrayBuffer); |
69 | | - return buffer; |
| 105 | + var buf = await blob.arrayBuffer(); |
| 106 | + var uint8 = new Uint8Array(buf); |
| 107 | + return uint8; |
70 | 108 |
|
71 | | - }//blob_buf |
| 109 | + }//blob_uint8 |
72 | 110 |
|
73 | 111 |
|
74 | 112 | async function blob_b64(blob){ |
75 | 113 |
|
76 | | - const arrayBuffer = await blob.arrayBuffer(); |
77 | | - var buffer = Buffer.from(arrayBuffer); |
78 | | - var b64 = buffer.toString('base64'); |
| 114 | + var buf = await blob.arrayBuffer(); |
| 115 | + var bytes = new Uint8Array(buf); |
| 116 | + var bin = bytes.reduce((acc,byte)=>acc+=String.fromCharCode(byte),''); |
| 117 | + var b64 = btoa(bin); |
79 | 118 | return b64; |
80 | 119 |
|
81 | 120 | }//blob_b64 |
82 | 121 |
|
83 | 122 |
|
84 | 123 | function b64_blob(b64){ |
85 | 124 |
|
86 | | - var buf = Buffer.from(b64,'base64'); |
| 125 | + var bin = atob(b64); |
| 126 | + var bytes = [...bin].map(c=>c.charCodeAt(0)); |
| 127 | + var buf = new Uint8Array(bytes); |
87 | 128 | var blob = new Blob([buf]); |
88 | 129 | return blob; |
89 | 130 |
|
90 | 131 | }//b64_blob |
91 | 132 |
|
92 | 133 |
|
| 134 | + function bin_uint8(bin){ |
| 135 | + |
| 136 | + var uint8 = Uint8Array.from(bin,c=>c.charCodeAt(0)); |
| 137 | + return uint8; |
| 138 | + |
| 139 | + }//bin_uint8 |
| 140 | + |
| 141 | + |
| 142 | + function normalisePem(pem){ |
| 143 | + |
| 144 | + pem = pem.replace(/\r/g,''); |
| 145 | + var lines = pem.split('\n'); |
| 146 | + var n = lines.length; |
| 147 | + for(var i=1;i<n-1;i++){ |
| 148 | + |
| 149 | + var line = lines[i]; |
| 150 | + line = line.trimStart(); |
| 151 | + lines[i] = line; |
| 152 | + |
| 153 | + }//for |
| 154 | + pem = lines.join('\n').trim(); |
| 155 | + return pem; |
| 156 | + |
| 157 | + }//normalisePem |
| 158 | + |
| 159 | + |
93 | 160 | //: |
94 | 161 |
|
95 | 162 |
|
|
152 | 219 |
|
153 | 220 | return {key,cert}; |
154 | 221 |
|
155 | | - }//setu |
| 222 | + }//setup |
156 | 223 |
|
157 | 224 |
|
158 | 225 |
|
159 | | -})(); |
| 226 | + |
| 227 | +}(); |
| 228 | + |
160 | 229 |
|
161 | 230 |
|
162 | 231 |
|
0 commit comments