MCPcopy
hub / github.com/panva/jose / cbcEncrypt

Function cbcEncrypt

src/lib/content_encryption.ts:115–139  ·  view source on GitHub ↗
(
  enc: string,
  plaintext: Uint8Array,
  cek: Uint8Array | types.CryptoKey,
  iv: Uint8Array,
  aad: Uint8Array,
)

Source from the content-addressed store, hash-verified

113// --- CBC encrypt/decrypt ---
114
115async function cbcEncrypt(
116 enc: string,
117 plaintext: Uint8Array,
118 cek: Uint8Array | types.CryptoKey,
119 iv: Uint8Array,
120 aad: Uint8Array,
121) {
122 const { encKey, macKey, keySize } = await cbcKeySetup(enc, cek, 'encrypt')
123
124 const ciphertext = new Uint8Array(
125 await crypto.subtle.encrypt(
126 {
127 iv: iv as Uint8Array<ArrayBuffer>,
128 name: 'AES-CBC',
129 },
130 encKey,
131 plaintext as Uint8Array<ArrayBuffer>,
132 ),
133 )
134
135 const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3))
136 const tag = await cbcHmacTag(macKey, macData, keySize)
137
138 return { ciphertext, tag, iv }
139}
140
141async function timingSafeEqual(a: Uint8Array, b: Uint8Array): Promise<boolean> {
142 if (!(a instanceof Uint8Array)) {

Callers 1

encryptFunction · 0.85

Calls 5

cbcKeySetupFunction · 0.85
concatFunction · 0.85
uint64beFunction · 0.85
cbcHmacTagFunction · 0.85
encryptMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…