( enc: string, plaintext: Uint8Array, cek: Uint8Array | types.CryptoKey, iv: Uint8Array, aad: Uint8Array, )
| 113 | // --- CBC encrypt/decrypt --- |
| 114 | |
| 115 | async function cbcEncrypt( |
| 116 | enc: string, |
| 117 | plaintext: Uint8Array, |
| 118 | cek: Uint8Array | types.CryptoKey, |
| 119 | iv: Uint8Array, |
| 120 | aad: Uint8Array, |
| 121 | ) { |
| 122 | const { encKey, macKey, keySize } = await cbcKeySetup(enc, cek, 'encrypt') |
| 123 | |
| 124 | const ciphertext = new Uint8Array( |
| 125 | await crypto.subtle.encrypt( |
| 126 | { |
| 127 | iv: iv as Uint8Array<ArrayBuffer>, |
| 128 | name: 'AES-CBC', |
| 129 | }, |
| 130 | encKey, |
| 131 | plaintext as Uint8Array<ArrayBuffer>, |
| 132 | ), |
| 133 | ) |
| 134 | |
| 135 | const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3)) |
| 136 | const tag = await cbcHmacTag(macKey, macData, keySize) |
| 137 | |
| 138 | return { ciphertext, tag, iv } |
| 139 | } |
| 140 | |
| 141 | async function timingSafeEqual(a: Uint8Array, b: Uint8Array): Promise<boolean> { |
| 142 | if (!(a instanceof Uint8Array)) { |
no test coverage detected
searching dependent graphs…