( jwe: types.FlattenedJWE, key: types.CryptoKey | types.KeyObject | types.JWK | Uint8Array | FlattenedDecryptGetKey, options?: types.DecryptOptions, )
| 79 | options?: types.DecryptOptions, |
| 80 | ): Promise<types.FlattenedDecryptResult & types.ResolvedKey> |
| 81 | export async function flattenedDecrypt( |
| 82 | jwe: types.FlattenedJWE, |
| 83 | key: types.CryptoKey | types.KeyObject | types.JWK | Uint8Array | FlattenedDecryptGetKey, |
| 84 | options?: types.DecryptOptions, |
| 85 | ) { |
| 86 | if (!isObject(jwe)) { |
| 87 | throw new JWEInvalid('Flattened JWE must be an object') |
| 88 | } |
| 89 | |
| 90 | if (jwe.protected === undefined && jwe.header === undefined && jwe.unprotected === undefined) { |
| 91 | throw new JWEInvalid('JOSE Header missing') |
| 92 | } |
| 93 | |
| 94 | if (jwe.iv !== undefined && typeof jwe.iv !== 'string') { |
| 95 | throw new JWEInvalid('JWE Initialization Vector incorrect type') |
| 96 | } |
| 97 | |
| 98 | if (typeof jwe.ciphertext !== 'string') { |
| 99 | throw new JWEInvalid('JWE Ciphertext missing or incorrect type') |
| 100 | } |
| 101 | |
| 102 | if (jwe.tag !== undefined && typeof jwe.tag !== 'string') { |
| 103 | throw new JWEInvalid('JWE Authentication Tag incorrect type') |
| 104 | } |
| 105 | |
| 106 | if (jwe.protected !== undefined && typeof jwe.protected !== 'string') { |
| 107 | throw new JWEInvalid('JWE Protected Header incorrect type') |
| 108 | } |
| 109 | |
| 110 | if (jwe.encrypted_key !== undefined && typeof jwe.encrypted_key !== 'string') { |
| 111 | throw new JWEInvalid('JWE Encrypted Key incorrect type') |
| 112 | } |
| 113 | |
| 114 | if (jwe.aad !== undefined && typeof jwe.aad !== 'string') { |
| 115 | throw new JWEInvalid('JWE AAD incorrect type') |
| 116 | } |
| 117 | |
| 118 | if (jwe.header !== undefined && !isObject(jwe.header)) { |
| 119 | throw new JWEInvalid('JWE Shared Unprotected Header incorrect type') |
| 120 | } |
| 121 | |
| 122 | if (jwe.unprotected !== undefined && !isObject(jwe.unprotected)) { |
| 123 | throw new JWEInvalid('JWE Per-Recipient Unprotected Header incorrect type') |
| 124 | } |
| 125 | |
| 126 | let parsedProt!: types.JWEHeaderParameters | undefined |
| 127 | if (jwe.protected) { |
| 128 | try { |
| 129 | const protectedHeader = b64u(jwe.protected) |
| 130 | parsedProt = JSON.parse(decoder.decode(protectedHeader)) |
| 131 | } catch { |
| 132 | throw new JWEInvalid('JWE Protected Header is invalid') |
| 133 | } |
| 134 | } |
| 135 | if (!isDisjoint(parsedProt, jwe.header, jwe.unprotected)) { |
| 136 | throw new JWEInvalid( |
| 137 | 'JWE Protected, JWE Unprotected Header, and JWE Per-Recipient Unprotected Header Parameter names must be disjoint', |
| 138 | ) |
searching dependent graphs…