Merge pull request #16 from dojyorin/dev

feat: cwd to main module and easy WebCrypto.
dojyorin · Nov 24, 2022 · 161cdcc · 161cdcc
2 parents e92dad7 + cf8b25b
commit 161cdcc
Show file tree

Hide file tree

Showing 15 changed files with 297 additions and 27 deletions.
diff --git a/README.md b/README.md
@@ -20,6 +20,20 @@ const encoded = base64Encode(file); // base64 code.
 const decoded = base64Decode(encoded); // Restored.
 ```
 
+**Easy WebCrypto**
+
+```ts
+const file = await Deno.readFile("/path/to/binary.bin");
+
+const hash = await deriveHash(false, file); // byte array of hash value.
+const keyEcdh = await generateKeyPair(false); // public/private key pair for ECDH, each in byte array.
+const keyEcdsa = await generateKeyPair(true); // public/private key pair for ECDSA, each in byte array.
+const encrypted = await cryptoEncrypt(keyEcdh, file); // encrypted byte array.
+const decrypted = await cryptoDecrypt(keyEcdh, encrypted); // Restored.
+const signature = await cryptoSign(keyEcdsa.privateKey, data); // signature byte array.
+const verify = await cryptoVerify(signature, keyEcdsa.publicKey, data); // `true` if correct.
+```
+
 **Date UnixTime**
 
 ```ts
@@ -57,13 +71,6 @@ const encoded = await minipackEncode(files); // byte array in "minipack" format.
 const decoded = await minipackDecode(encoded); // Restored.
 ```
 
-**Platform Specific**
-
-```ts
-const win = isWin(); // "true" if running on Windows.
-const tmp = tmpPath(); // "C:/Windows/Temp" if running on Windows, or "/tmp" if running on Linux or Mac.
-```
-
 **Text Convert**
 
 ```ts
@@ -75,6 +82,14 @@ const hexadecimal = hexEncode(encoded); // hexadecimal string.
 const formatted = trimExtend(decoded); // formatted string.
 ```
 
+**Platform Specific**
+
+```ts
+const win = isWin(); // "true" if running on Windows.
+const tmp = tmpPath(); // "C:/Windows/Temp" if running on Windows, or "/tmp" if running on Linux or Mac.
+cwdMain(); // Move current directory to `Deno.mainModule`.
+```
+
 </p>
 </details>
 </p>
@@ -115,7 +130,7 @@ This section is not directly related to this module, but provides a few line sni
 
 **JSON Import**
 ```ts
-const {default: config} = await import("./config.json", {assert: {type: "json"}});
+const {default: data} = await import("./data.json", {assert: {type: "json"}});
 ```
 
 </p>

diff --git a/deps.test.ts b/deps.test.ts
@@ -1,2 +1,3 @@
 export {assertEquals} from "https://deno.land/[email protected]/testing/asserts.ts";
+export {dirname, fromFileUrl} from "https://deno.land/[email protected]/path/mod.ts";
 export {serve} from "https://deno.land/[email protected]/http/mod.ts";
diff --git a/deps.ts b/deps.ts
@@ -1,3 +1,2 @@
-/**
-* no dependencies.
-*/
+export {} from "https://deno.land/[email protected]/bytes/mod.ts";
+export {dirname, fromFileUrl} from "https://deno.land/[email protected]/path/mod.ts";
diff --git a/mod.compatible.ts b/mod.compatible.ts
@@ -1,4 +1,5 @@
 export * from "./src/base64.ts";
+export * from "./src/crypto.ts";
 export * from "./src/date.ts";
 export * from "./src/deflate.ts";
 export * from "./src/fetch.ts";

diff --git a/mod.test.ts b/mod.test.ts
@@ -1,4 +1,5 @@
 import "./test/base64.test.ts";
+import "./test/crypto.test.ts";
 import "./test/date.test.ts";
 import "./test/deflate.test.ts";
 import "./test/fetch.test.ts";

diff --git a/mod.ts b/mod.ts
@@ -1,10 +1,12 @@
 export * from "./src/base64.ts";
+export * from "./src/crypto.ts";
 export * from "./src/date.ts";
 export * from "./src/deflate.ts";
 export * from "./src/fetch.ts";
 export * from "./src/minipack.ts";
-export * from "./src/platform.ts";
 export * from "./src/text.ts";
 
+export * from "./src/platform.ts";
+
 export * from "./src/core.d.ts";
 export * from "./src/web.d.ts";
diff --git a/src/_utility.ts b/src/_utility.ts
diff --git a/src/core.d.ts b/src/core.d.ts
@@ -1,9 +1,9 @@
 /**
-* function returning arbitrary types.
+* Function returning arbitrary types.
 */
 export type SyncFunction<T extends unknown = void> = () => T;
 
 /**
-* function returning arbitrary async types.
+* Function returning arbitrary async types.
 */
 export type AsyncFunction<T extends unknown = void> = SyncFunction<Promise<T>>;
diff --git a/src/crypto.ts b/src/crypto.ts
@@ -0,0 +1,166 @@
+/**
+* Means the byte array after exporting `CryptoKey`.
+*/
+export type PortableCryptoKey = Uint8Array;
+
+/**
+* Each is `PortableCryptoKey` public/private key pair.
+*/
+export interface PortableCryptoKeyPair{
+    privateKey: PortableCryptoKey;
+    publicKey: PortableCryptoKey;
+}
+
+async function parseCommonKey(kp:PortableCryptoKeyPair){
+    const ec:EcKeyAlgorithm = {
+        namedCurve: "P-384",
+        name: "ECDH"
+    };
+
+    const publicKey = await crypto.subtle.importKey("spki", kp.publicKey, ec, false, []);
+    const privateKey = await crypto.subtle.importKey("pkcs8", kp.privateKey, ec, false, ["deriveKey", "deriveBits"]);
+
+    const dh:EcdhKeyDeriveParams = {
+        name: "ECDH",
+        public: publicKey
+    };
+
+    const aes:AesDerivedKeyParams = {
+        name: "AES-GCM",
+        length: 256
+    };
+
+    return await crypto.subtle.deriveKey(dh, privateKey, aes, false, ["encrypt", "decrypt"]);
+}
+
+async function parseSignKey(k:PortableCryptoKey, isPrivate:boolean){
+    const format:KeyFormat = isPrivate ? "pkcs8" : "spki";
+    const usage:KeyUsage[] = isPrivate ? ["sign"] : ["verify"];
+
+    const ec:EcKeyAlgorithm = {
+        namedCurve: "P-384",
+        name: "ECDSA"
+    };
+
+    return await crypto.subtle.importKey(format, k, ec, false, usage);
+}
+
+/**
+* Derive SHA2 hash value from byte array.
+* @param isHalf Use the hash length 256 bits if `true`, 512 bits if `false`.
+* @param data byte array.
+* @return byte array of hash value.
+*/
+export async function deriveHash(isHalf:boolean, data:Uint8Array){
+    const sha = isHalf ? "SHA-256" : "SHA-512";
+
+    return new Uint8Array(await crypto.subtle.digest(sha, data));
+}
+
+/**
+* Generate and export public/private key pair as a portable byte array.
+* @param isDsa Outputs the key for ECDSA if `true`, for ECDH if `false`.
+* @return public/private key pair, each in byte array.
+*/
+export async function generateKeyPair(isDsa:boolean){
+    const usage:KeyUsage[] = isDsa ? ["sign", "verify"] : ["deriveKey", "deriveBits"];
+
+    const ec:EcKeyAlgorithm = {
+        namedCurve: "P-384",
+        name: isDsa ? "ECDSA" : "ECDH"
+    };
+
+    const {publicKey, privateKey} = await crypto.subtle.generateKey(ec, true, usage);
+
+    return <PortableCryptoKeyPair>{
+        publicKey: new Uint8Array(await crypto.subtle.exportKey("spki", publicKey)),
+        privateKey: new Uint8Array(await crypto.subtle.exportKey("pkcs8", privateKey))
+    };
+}
+
+/**
+* Encrypt byte array using AES-GCM with 256 bits key, 128 bits tag and 96 bits IV.
+* The IV is prepended to the byte array.
+* @param kp public/private key pair, each in byte array.
+* @param data byte array.
+* @return encrypted byte array.
+*/
+export async function cryptoEncrypt(kp:PortableCryptoKeyPair, data:Uint8Array){
+    const sizeTag = 16;
+    const sizeIv = 12;
+
+    const gcm:AesGcmParams = {
+        name: "AES-GCM",
+        tagLength: sizeTag * 8,
+        iv: crypto.getRandomValues(new Uint8Array(sizeIv))
+    };
+
+    const commonKey = await parseCommonKey(kp);
+
+    const output = new Uint8Array(sizeTag + sizeIv + data.byteLength);
+    output.set(<Uint8Array>gcm.iv, 0);
+    output.set(new Uint8Array(await crypto.subtle.encrypt(gcm, commonKey, data)), gcm.iv.byteLength);
+
+    return output;
+}
+
+/**
+* Decrypt encrypted byte array using AES-GCM with 256 bits key 128 bits tag and 96 bits IV.
+* Read the IV prepended to the byte array.
+* @param kp public/private key pair, each in byte array.
+* @param data encrypted byte array.
+* @return byte array.
+*/
+export async function cryptoDecrypt(kp:PortableCryptoKeyPair, data:Uint8Array){
+    const sizeTag = 16;
+    const sizeIv = 12;
+
+    const gcm:AesGcmParams = {
+        name: "AES-GCM",
+        tagLength: sizeTag * 8,
+        iv: data.subarray(0, sizeIv)
+    };
+
+    const commonKey = await parseCommonKey(kp);
+
+    return new Uint8Array(await crypto.subtle.decrypt(gcm, commonKey, data.subarray(sizeIv)));
+}
+
+/**
+* Create byte array signature using the private key and SHA384 hash algorithm.
+* @param k private key.
+* @param data byte array.
+* @return signature byte array.
+*/
+export async function cryptoSign(k:PortableCryptoKey, data:Uint8Array){
+    const dsa:EcdsaParams = {
+        name: "ECDSA",
+        hash: {
+            name: "SHA-384"
+        }
+    };
+
+    const privateKey = await parseSignKey(k, true);
+
+    return new Uint8Array(await crypto.subtle.sign(dsa, privateKey, data));
+}
+
+/**
+* Verifies the correct signature of a byte array using the public key and SHA384 hash algorithm.
+* @param signature signature byte array.
+* @param k public key.
+* @param data byte array.
+* @return `true` if correct.
+*/
+export async function cryptoVerify(signature:Uint8Array, k:PortableCryptoKey, data:Uint8Array){
+    const dsa:EcdsaParams = {
+        name: "ECDSA",
+        hash: {
+            name: "SHA-384"
+        }
+    };
+
+    const publicKey = await parseSignKey(k, false);
+
+    return await crypto.subtle.verify(dsa, publicKey, signature, data);
+}
diff --git a/src/deflate.ts b/src/deflate.ts
@@ -1,4 +1,6 @@
-import {streamConvert} from "./_utility.ts";
+async function streamConvert(data:Uint8Array, ts:TransformStream<Uint8Array, Uint8Array>){
+    return new Uint8Array(await new Response(new Blob([data]).stream().pipeThrough(ts)).arrayBuffer());
+}
 
 /**
 * Compress binary in "deflate" format (RFC1951).

diff --git a/src/fetch.ts b/src/fetch.ts
@@ -1,9 +1,15 @@
 import {JsonStruct, QueryInit} from "./web.d.ts";
 
+/**
+* Option to remove `window` from `RequestInit` and add `query` for query string.
+*/
 export interface FetchInit extends Omit<RequestInit, "window">{
     query?: QueryInit;
 }
 
+/**
+* A map of fetch response types and strings specifying them.
+*/
 export interface FetchResponseType{
     "text": string;
     "json": JsonStruct;

diff --git a/src/minipack.ts b/src/minipack.ts
@@ -1,4 +1,4 @@
-import {deriveHash} from "./_utility.ts";
+import {deriveHash} from "./crypto.ts";
 import {ucEncode, ucDecode, hexEncode} from "./text.ts";
 
 const sizeOf = <const>{
@@ -23,7 +23,7 @@ export async function minipackEncode(files:[string, Uint8Array][]){
         const name = ucEncode(k);
         const body = v;
 
-        archive.set(await deriveHash(body), offset);
+        archive.set(await deriveHash(true, body), offset);
         offset += sizeOf.hash;
 
         new DataView(archive.buffer, offset).setUint8(0, name.byteLength);
@@ -65,7 +65,7 @@ export async function minipackDecode(archive:Uint8Array){
 
         const body = archive.subarray(offset, offset += bs);
 
-        if(hexEncode(hash) !== hexEncode(await deriveHash(body))){
+        if(hexEncode(hash) !== hexEncode(await deriveHash(true, body))){
             throw new Error();
         }
 

diff --git a/src/platform.ts b/src/platform.ts
@@ -1,3 +1,5 @@
+import {dirname, fromFileUrl} from "../deps.ts";
+
 /**
 * @return `true` if running on Windows.
 */
@@ -21,4 +23,17 @@ export function tmpPath(){
         case "darwin": return "/tmp";
         default: throw new Error();
     }
+}
+
+/**
+* Move current directory to `Deno.mainModule`.
+*/
+export function cwdMain(){
+    const ep = Deno?.mainModule;
+
+    if(!ep){
+        throw new Error();
+    }
+
+    Deno?.chdir(fromFileUrl(dirname(ep)));
 }