js-libp2p-crypto/src/keys/key-stretcher.js

'use strict'
const { Buffer } = require('buffer')
const errcode = require('err-code')
const hmac = require('../hmac')

const cipherMap = {
  'AES-128': {
    ivSize: 16,
    keySize: 16
  },
  'AES-256': {
    ivSize: 16,
    keySize: 32
  },
  Blowfish: {
    ivSize: 8,
    cipherKeySize: 32
  }
}

// Generates a set of keys for each party by stretching the shared key.
// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey)
module.exports = async (cipherType, hash, secret) => {
  const cipher = cipherMap[cipherType]

  if (!cipher) {
    const allowed = Object.keys(cipherMap).join(' / ')
    throw errcode(new Error(`unknown cipher type '${cipherType}'. Must be ${allowed}`), 'ERR_INVALID_CIPHER_TYPE')
  }

  if (!hash) {
    throw errcode(new Error('missing hash type'), 'ERR_MISSING_HASH_TYPE')
  }

  const cipherKeySize = cipher.keySize
  const ivSize = cipher.ivSize
  const hmacKeySize = 20
  const seed = Buffer.from('key expansion')
  const resultLength = 2 * (ivSize + cipherKeySize + hmacKeySize)

  const m = await hmac.create(hash, secret)
  let a = await m.digest(seed)

  const result = []
  let j = 0

  while (j < resultLength) {
    const b = await m.digest(Buffer.concat([a, seed]))
    let todo = b.length

    if (j + todo > resultLength) {
      todo = resultLength - j
    }

    result.push(b)
    j += todo
    a = await m.digest(a)
  }

  const half = resultLength / 2
  const resultBuffer = Buffer.concat(result)
  const r1 = resultBuffer.slice(0, half)
  const r2 = resultBuffer.slice(half, resultLength)

  const createKey = (res) => ({
    iv: res.slice(0, ivSize),
    cipherKey: res.slice(ivSize, ivSize + cipherKeySize),
    macKey: res.slice(ivSize + cipherKeySize)
  })

  return {
    k1: createKey(r1),
    k2: createKey(r2)
  }
}
feat: implement generateEphemeralKeyPair 2016-05-19 22:33:09 +02:00			`'use strict'`
fix: add buffer, cleanup, reduce size (#170) * fix: add buffer, cleanup, reduce size - add buffer related to https://github.com/ipfs/js-ipfs/issues/2924 - remove unnecessary eslint ignore - remove tweelnacl and use node-forge - remove browserify-aes and use node-forge - use multibase to encode b58 - require only sha256 from multihashing - reduce bundle size after all the deps here https://github.com/ipfs/js-ipfs/issues/2924 are merged libp2p-crypto will be able to be bundle with `node: false` 🎉 * fix: reduce bundle size * fix: use new secp * fix: bundle size * chore: update secp Co-Authored-By: Jacob Heun <jacobheun@gmail.com> Co-authored-by: Jacob Heun <jacobheun@gmail.com> 2020-03-23 15:55:35 +00:00			`const { Buffer } = require('buffer')`
chore: add error codes (#155) * chore: add error codes * chore: create errors with new Error() * fix: better error testin * refactor: simplify random bytes error checks 2019-07-22 06:16:02 -04:00			`const errcode = require('err-code')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`const hmac = require('../hmac')`
first pass at stretchKey 2016-05-20 12:50:16 +02:00
			`const cipherMap = {`
			`'AES-128': {`
			`ivSize: 16,`
			`keySize: 16`
			`},`
			`'AES-256': {`
			`ivSize: 16,`
			`keySize: 32`
			`},`
rsa key compat with go 2016-05-20 14:41:25 +02:00			`Blowfish: {`
first pass at stretchKey 2016-05-20 12:50:16 +02:00			`ivSize: 8,`
			`cipherKeySize: 32`
			`}`
			`}`

feat: implement generateEphemeralKeyPair 2016-05-19 22:33:09 +02:00			`// Generates a set of keys for each party by stretching the shared key.`
			`// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey)`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`module.exports = async (cipherType, hash, secret) => {`
first pass at stretchKey 2016-05-20 12:50:16 +02:00			`const cipher = cipherMap[cipherType]`

			`if (!cipher) {`
chore: add error codes (#155) * chore: add error codes * chore: create errors with new Error() * fix: better error testin * refactor: simplify random bytes error checks 2019-07-22 06:16:02 -04:00			`const allowed = Object.keys(cipherMap).join(' / ')`
			throw errcode(new Error(`unknown cipher type '${cipherType}'. Must be ${allowed}`), 'ERR_INVALID_CIPHER_TYPE')
first pass at stretchKey 2016-05-20 12:50:16 +02:00			`}`

			`if (!hash) {`
chore: remove commitlint chore: update deps chore: add bundlesize to ci 2019-10-24 18:16:41 +02:00			`throw errcode(new Error('missing hash type'), 'ERR_MISSING_HASH_TYPE')`
first pass at stretchKey 2016-05-20 12:50:16 +02:00			`}`

			`const cipherKeySize = cipher.keySize`
rsa key compat with go 2016-05-20 14:41:25 +02:00			`const ivSize = cipher.ivSize`
			`const hmacKeySize = 20`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00			`const seed = Buffer.from('key expansion')`
first pass at stretchKey 2016-05-20 12:50:16 +02:00			`const resultLength = 2 * (ivSize + cipherKeySize + hmacKeySize)`

feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`const m = await hmac.create(hash, secret)`
			`let a = await m.digest(seed)`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
chore: remove commitlint chore: update deps chore: add bundlesize to ci 2019-10-24 18:16:41 +02:00			`const result = []`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`let j = 0`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`while (j < resultLength) {`
			`const b = await m.digest(Buffer.concat([a, seed]))`
			`let todo = b.length`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`if (j + todo > resultLength) {`
			`todo = resultLength - j`
			`}`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`result.push(b)`
			`j += todo`
			`a = await m.digest(a)`
			`}`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`const half = resultLength / 2`
			`const resultBuffer = Buffer.concat(result)`
			`const r1 = resultBuffer.slice(0, half)`
			`const r2 = resultBuffer.slice(half, resultLength)`
feat: use webcrypto in favor of node-forge BREAKING CHANGE: generateKeyPair is now async 2016-09-13 13:23:11 +02:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`const createKey = (res) => ({`
			`iv: res.slice(0, ivSize),`
			`cipherKey: res.slice(ivSize, ivSize + cipherKeySize),`
			`macKey: res.slice(ivSize + cipherKeySize)`
go interop for keyStretcher 2016-05-20 15:55:19 +02:00			`})`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00
			`return {`
			`k1: createKey(r1),`
			`k2: createKey(r2)`
			`}`
feat: implement generateEphemeralKeyPair 2016-05-19 22:33:09 +02:00			`}`