Merge pull request #36 from antonioconselheiro/feature/config-of-defa…

…ults feature - config of defaults
antonioconselheiro · Feb 15, 2024 · 2054220 · 2054220
2 parents 9285479 + 8236060
commit 2054220
Show file tree

Hide file tree

Showing 12 changed files with 669 additions and 201 deletions.
diff --git a/docs/ciphers/jest-html-reporters-attach/test-report/result.js b/docs/ciphers/jest-html-reporters-attach/test-report/result.js
diff --git a/docs/core/jest-html-reporters-attach/test-report/result.js b/docs/core/jest-html-reporters-attach/test-report/result.js
diff --git a/packages/ciphers/aes/cbc/index.ts b/packages/ciphers/aes/cbc/index.ts
@@ -20,9 +20,7 @@ class EncryptedURIAESCBCDecrypter extends EncryptedURIDecrypter<TInitializationV
     const ivhex = getInitializationVector(this.decoded);
     const cipher = base64.decode(this.decoded.cipher);
     const params = getSalt(cipher, this.decoded?.params);
-
     const derivatedKey = kdf(this.password, params.salt, this.decoded);
-
     const result = await cbc(derivatedKey, hexToBytes(ivhex))
       .decrypt(params.cipher);
 
@@ -48,7 +46,6 @@ class EncryptedURIAESCBCEncrypter extends EncryptedURIEncrypter<TInitializationV
     const content = utf8ToBytes(this.params.content);
     const saltLength = 8;
     const salt = randomBytes(saltLength);
-
     const derivatedKey = kdf(this.params.password, salt, this.params);
     const cipher = await cbc(derivatedKey, iv).encrypt(content);
 

diff --git a/packages/ciphers/aes/ctr/index.ts b/packages/ciphers/aes/ctr/index.ts
@@ -1,5 +1,5 @@
-import { EncryptedURIAlgorithm, EncryptedURIDecrypter, EncryptedURIEncrypter, TEncryptedURI, TEncryptedURIResultset } from "@encrypted-uri/core";
-import { bytesToUtf8, hexToBytes, utf8ToBytes } from "@noble/ciphers/utils";
+import { EncryptedURIAlgorithm, EncryptedURIDecrypter, EncryptedURIEncrypter, TEncryptedURI, TEncryptedURIResultset } from '@encrypted-uri/core';
+import { bytesToUtf8, hexToBytes, utf8ToBytes } from '@noble/ciphers/utils';
 import { ctr } from '@noble/ciphers/webcrypto/aes';
 import { randomBytes } from "@noble/hashes/utils";
 import { base64 } from '@scure/base';
@@ -20,7 +20,8 @@ class EncryptedURIAESCTRDecrypter extends EncryptedURIDecrypter<TInitializationV
     const ivhex = getInitializationVector(this.decoded);
     const cipher = base64.decode(this.decoded.cipher);
     const params = getSalt(cipher, this.decoded?.params);
-    const result = await ctr(kdf(this.password, params.salt, this.decoded), hexToBytes(ivhex))
+    const derivatedKey = kdf(this.password, params.salt, this.decoded);
+    const result = await ctr(derivatedKey, hexToBytes(ivhex))
       .decrypt(params.cipher);
 
     return bytesToUtf8(result);
@@ -46,7 +47,8 @@ class EncryptedURIAESCTREncrypter extends EncryptedURIEncrypter<TInitializationV
     const content = utf8ToBytes(this.params.content);
     const saltLength = 8;
     const salt = randomBytes(saltLength);
-    const cipher = await ctr(kdf(this.params.password, salt, this.params), iv).encrypt(content);
+    const derivatedKey = kdf(this.params.password, salt, this.params);
+    const cipher = await ctr(derivatedKey, iv).encrypt(content);
 
     return Promise.resolve({
       cipher: base64.encode(OpenSSLSerializer.encode(cipher, salt)),

diff --git a/packages/ciphers/aes/ecb/index.ts b/packages/ciphers/aes/ecb/index.ts
@@ -18,7 +18,8 @@ class EncryptedURIAESECBDecrypter<T extends TURIParams = TURIParams> extends Enc
   async decrypt(): Promise<string> {
     const cipher = base64.decode(this.decoded.cipher || '');
     const params = getSalt(cipher, this.decoded?.params);
-    const result = await ecb(kdf(this.password, params.salt, this.decoded))
+    const derivatedKey = kdf(this.password, params.salt, this.decoded);
+    const result = await ecb(derivatedKey)
       .decrypt(params.cipher);
 
     return bytesToUtf8(result);
@@ -42,7 +43,8 @@ class EncryptedURIAESECBEncrypter<T extends TURIParams = TURIParams> extends Enc
     const content = utf8ToBytes(this.params.content);
     const saltLength = 8;
     const salt = randomBytes(saltLength);
-    const rawCipher = await ecb(kdf(this.params.password, salt, this.params)).encrypt(content);
+    const derivatedKey = kdf(this.params.password, salt, this.params);
+    const rawCipher = await ecb(derivatedKey).encrypt(content);
     const cipher = base64.encode(OpenSSLSerializer.encode(rawCipher, salt));
 
     return Promise.resolve({ cipher });

diff --git a/packages/ciphers/aes/gcm/index.ts b/packages/ciphers/aes/gcm/index.ts
@@ -20,7 +20,8 @@ class EncryptedURIAESGCMDecrypter extends EncryptedURIDecrypter<TNumberOnceParam
     const nonce = getNumberOnce(this.decoded);
     const cipher = base64.decode(this.decoded.cipher);
     const params = getSalt(cipher, this.decoded?.params);
-    const result = await gcm(kdf(this.password, params.salt, this.decoded), hexToBytes(nonce))
+    const derivatedKey = kdf(this.password, params.salt, this.decoded);
+    const result = await gcm(derivatedKey, hexToBytes(nonce))
       .decrypt(params.cipher);
 
     return bytesToUtf8(result);
@@ -46,7 +47,8 @@ class EncryptedURIAESGCMEncrypter extends EncryptedURIEncrypter<TNumberOnceParam
     const content = utf8ToBytes(this.params.content);
     const saltLength = 8;
     const salt = randomBytes(saltLength);
-    const cipher = await gcm(kdf(this.params.password, salt, this.params), nonce).encrypt(content);
+    const derivatedKey = kdf(this.params.password, salt, this.params);
+    const cipher = await gcm(derivatedKey, nonce).encrypt(content);
 
     return Promise.resolve({
       cipher: base64.encode(OpenSSLSerializer.encode(cipher, salt)),

diff --git a/packages/ciphers/aes/kdf.ts b/packages/ciphers/aes/kdf.ts
@@ -7,7 +7,7 @@ export function kdf<T extends TURIParams>(
   salt: Uint8Array,
   kdfConfig?: TEncryptedURI<T> | TEncryptedURIResultset<T>
 ): Uint8Array {
-  const cfg = EncryptedURI.getKDFConfig(kdfConfig);
+  const cfg = EncryptedURI.getKDFParams(kdfConfig);
   const saltLength = 8;
   if (salt.length !== saltLength) {
     throw new Error(`salt length must be ${saltLength} bytes, ${salt.length} bytes was given`);

diff --git a/packages/ciphers/aes/siv/index.ts b/packages/ciphers/aes/siv/index.ts
@@ -1,12 +1,12 @@
-import { EncryptedURIAlgorithm, EncryptedURIDecrypter, EncryptedURIEncrypter, TEncryptedURI, TEncryptedURIResultset } from "@encrypted-uri/core";
+import { EncryptedURIAlgorithm, EncryptedURIDecrypter, EncryptedURIEncrypter, TEncryptedURI, TEncryptedURIResultset } from '@encrypted-uri/core';
 import { siv } from '@noble/ciphers/aes';
 import { bytesToUtf8, hexToBytes, utf8ToBytes } from '@noble/ciphers/utils';
-import { randomBytes } from "@noble/hashes/utils";
+import { randomBytes } from '@noble/hashes/utils';
 import { base64 } from '@scure/base';
-import { kdf } from "../kdf";
+import { kdf } from '../kdf';
 import { TNumberOnceParams, getNumberOnce } from '../number-once';
-import { OpenSSLSerializer } from "../openssl-serializer";
-import { getSalt } from "../salt";
+import { OpenSSLSerializer } from '../openssl-serializer';
+import { getSalt } from '../salt';
 
 class EncryptedURIAESSIVDecrypter extends EncryptedURIDecrypter<TNumberOnceParams> {
   constructor(
@@ -20,7 +20,8 @@ class EncryptedURIAESSIVDecrypter extends EncryptedURIDecrypter<TNumberOnceParam
     const nonce = getNumberOnce(this.decoded);
     const cipher = base64.decode(this.decoded.cipher);
     const params = getSalt(cipher, this.decoded?.params);
-    const result = await siv(kdf(this.password, params.salt, this.decoded), hexToBytes(nonce))
+    const derivatedKey = kdf(this.password, params.salt, this.decoded);
+    const result = await siv(derivatedKey, hexToBytes(nonce))
       .decrypt(params.cipher);
 
     return bytesToUtf8(result);
@@ -46,7 +47,8 @@ class EncryptedURIAESSIVEncrypter extends EncryptedURIEncrypter<TNumberOnceParam
     const content = utf8ToBytes(this.params.content);
     const saltLength = 8;
     const salt = randomBytes(saltLength);
-    const cipher = await siv(kdf(this.params.password, salt, this.params), nonce).encrypt(content);
+    const derivatedKey = kdf(this.params.password, salt, this.params);
+    const cipher = await siv(derivatedKey, nonce).encrypt(content);
 
     return Promise.resolve({
       cipher: base64.encode(OpenSSLSerializer.encode(cipher, salt)),

diff --git a/packages/ciphers/kdf.test.ts b/packages/ciphers/kdf.test.ts
@@ -1,13 +1,12 @@
-import { EncryptedURI, TEncryptedURIKDFConfig } from '@encrypted-uri/core';
+import { EncryptedURI, TEncryptedURIKDFParams } from '@encrypted-uri/core';
 import './aes';
 import './hashes';
 
 describe('kdf success flow', () => {
 
   it('[2] kdf include all parameters including default', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       kdf: 'pbkdf2',
-      ignoreDefaults: false,
       hasher: 'sha256',
       rounds: 10,
       derivateKeyLength: 32
@@ -20,6 +19,9 @@ describe('kdf success flow', () => {
       algorithm: 'aes/cbc',
       content: originalMessage,
       password,
+      config: {
+        ignoreDefaults: false
+      },
       kdf
     });
 
@@ -28,7 +30,7 @@ describe('kdf success flow', () => {
   });
 
   it('[3] kdf with hasher sha512', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha512'
     };
 
@@ -47,7 +49,7 @@ describe('kdf success flow', () => {
   });
 
   it('[4] kdf with hasher sha512_256', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha512_256'
     };
 
@@ -66,7 +68,7 @@ describe('kdf success flow', () => {
   });
 
   it('[5] kdf with hasher sha384', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha384'
     };
 
@@ -85,7 +87,7 @@ describe('kdf success flow', () => {
   });
 
   it('[6] kdf with hasher sha3_512', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha3_512'
     };
 
@@ -104,7 +106,7 @@ describe('kdf success flow', () => {
   });
 
   it('[7] kdf with hasher sha3_384', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha3_384'
     };
 
@@ -123,7 +125,7 @@ describe('kdf success flow', () => {
   });
 
   it('[8] kdf with hasher sha3_256', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha3_256'
     };
 
@@ -142,7 +144,7 @@ describe('kdf success flow', () => {
   });
 
   it('[9] kdf with hasher sha3_224', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'sha3_224'
     };
 
@@ -161,7 +163,7 @@ describe('kdf success flow', () => {
   });
 
   it('[10] kdf with hasher keccak_512', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'keccak_512'
     };
 
@@ -180,7 +182,7 @@ describe('kdf success flow', () => {
   });
 
   it('[11] kdf with hasher keccak_384', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'keccak_384'
     };
 
@@ -199,7 +201,7 @@ describe('kdf success flow', () => {
   });
 
   it('[12] kdf with hasher keccak_256', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'keccak_256'
     };
 
@@ -218,7 +220,7 @@ describe('kdf success flow', () => {
   });
 
   it('[13] kdf with hasher keccak_224', async () => {
-    const kdf: TEncryptedURIKDFConfig = {
+    const kdf: TEncryptedURIKDFParams = {
       hasher: 'keccak_224'
     };