Big News: Socket Selected for OpenAI's Cybersecurity Grant Program.Details →
@metamask/browser-passworder
Advanced tools
@metamask/browser-passworder - npm Package Compare versions
+12
-2
@@ -160,5 +160,6 @@ export declare type DetailedEncryptionResult = { | ||
| * @param password - The password to use for encryption. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns A promise resolving to the updated vault. | ||
| */ | ||
| export declare function updateVault(vault: string, password: string): Promise<string>; | ||
| export declare function updateVault(vault: string, password: string, targetDerivationParams?: KeyDerivationOptions): Promise<string>; | ||
| /** | ||
@@ -173,4 +174,13 @@ * Updates the provided vault and exported key, re-encrypting | ||
| * @param password - The password to use for encryption. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns A promise resolving to the updated encrypted data and exported key. | ||
| */ | ||
| export declare function updateVaultWithDetail(encryptionResult: DetailedEncryptionResult, password: string): Promise<DetailedEncryptionResult>; | ||
| export declare function updateVaultWithDetail(encryptionResult: DetailedEncryptionResult, password: string, targetDerivationParams?: KeyDerivationOptions): Promise<DetailedEncryptionResult>; | ||
| /** | ||
| * Checks if the provided vault is an updated encryption format. | ||
| * | ||
| * @param vault - The vault to check. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns Whether or not the vault is an updated encryption format. | ||
| */ | ||
| export declare function isVaultUpdated(vault: string, targetDerivationParams?: KeyDerivationOptions): boolean; |
+14
-11
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.updateVaultWithDetail = exports.updateVault = exports.generateSalt = exports.serializeBufferForStorage = exports.serializeBufferFromStorage = exports.keyFromPassword = exports.exportKey = exports.importKey = exports.decryptWithKey = exports.decryptWithDetail = exports.decrypt = exports.encryptWithKey = exports.encryptWithDetail = exports.encrypt = void 0; | ||
| exports.isVaultUpdated = exports.updateVaultWithDetail = exports.updateVault = exports.generateSalt = exports.serializeBufferForStorage = exports.serializeBufferFromStorage = exports.keyFromPassword = exports.exportKey = exports.importKey = exports.decryptWithKey = exports.decryptWithDetail = exports.decrypt = exports.encryptWithKey = exports.encryptWithDetail = exports.encrypt = void 0; | ||
| const utils_1 = require("@metamask/utils"); | ||
@@ -281,9 +281,10 @@ const EXPORT_FORMAT = 'jwk'; | ||
| * @param password - The password to use for encryption. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns A promise resolving to the updated vault. | ||
| */ | ||
| async function updateVault(vault, password) { | ||
| if (isVaultUpdated(vault)) { | ||
| async function updateVault(vault, password, targetDerivationParams = DEFAULT_DERIVATION_PARAMS) { | ||
| if (isVaultUpdated(vault, targetDerivationParams)) { | ||
| return vault; | ||
| } | ||
| return encrypt(password, await decrypt(password, vault)); | ||
| return encrypt(password, await decrypt(password, vault), undefined, undefined, targetDerivationParams); | ||
| } | ||
@@ -300,9 +301,10 @@ exports.updateVault = updateVault; | ||
| * @param password - The password to use for encryption. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns A promise resolving to the updated encrypted data and exported key. | ||
| */ | ||
| async function updateVaultWithDetail(encryptionResult, password) { | ||
| if (isVaultUpdated(encryptionResult.vault)) { | ||
| async function updateVaultWithDetail(encryptionResult, password, targetDerivationParams = DEFAULT_DERIVATION_PARAMS) { | ||
| if (isVaultUpdated(encryptionResult.vault, targetDerivationParams)) { | ||
| return encryptionResult; | ||
| } | ||
| return encryptWithDetail(password, await decrypt(password, encryptionResult.vault)); | ||
| return encryptWithDetail(password, await decrypt(password, encryptionResult.vault), undefined, targetDerivationParams); | ||
| } | ||
@@ -360,11 +362,12 @@ exports.updateVaultWithDetail = updateVaultWithDetail; | ||
| * @param vault - The vault to check. | ||
| * @param targetDerivationParams - The options to use for key derivation. | ||
| * @returns Whether or not the vault is an updated encryption format. | ||
| */ | ||
| function isVaultUpdated(vault) { | ||
| function isVaultUpdated(vault, targetDerivationParams = DEFAULT_DERIVATION_PARAMS) { | ||
| const { keyMetadata } = JSON.parse(vault); | ||
| return (isKeyDerivationOptions(keyMetadata) && | ||
| keyMetadata.algorithm === DEFAULT_DERIVATION_PARAMS.algorithm && | ||
| keyMetadata.params.iterations === | ||
| DEFAULT_DERIVATION_PARAMS.params.iterations); | ||
| keyMetadata.algorithm === targetDerivationParams.algorithm && | ||
| keyMetadata.params.iterations === targetDerivationParams.params.iterations); | ||
| } | ||
| exports.isVaultUpdated = isVaultUpdated; | ||
| //# sourceMappingURL=index.js.map |
@@ -1,1 +0,1 @@ | ||
| {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,2CAA6D;AAwC7D,MAAM,aAAa,GAAG,KAAK,CAAC;AAC5B,MAAM,kBAAkB,GAAG,SAAS,CAAC;AACrC,MAAM,eAAe,GAAG,OAAO,CAAC;AAChC,MAAM,qBAAqB,GAAyB;IAClD,SAAS,EAAE,QAAQ;IACnB,MAAM,EAAE;QACN,UAAU,EAAE,KAAM;KACnB;CACF,CAAC;AACF,MAAM,yBAAyB,GAAyB;IACtD,SAAS,EAAE,QAAQ;IACnB,MAAM,EAAE;QACN,UAAU,EAAE,MAAO;KACpB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACI,KAAK,UAAU,OAAO,CAC3B,QAAgB,EAChB,OAAU,EACV,GAA+B,EAC/B,OAAe,YAAY,EAAE,EAC7B,oBAAoB,GAAG,yBAAyB;IAEhD,MAAM,SAAS,GACb,GAAG,IAAI,CAAC,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IACpB,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC;AAZD,0BAYC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,OAAU,EACV,IAAI,GAAG,YAAY,EAAE,EACrB,oBAAoB,GAAG,yBAAyB;IAEhD,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC9E,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAE1D,OAAO;QACL,KAAK;QACL,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAdD,8CAcC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,cAAc,CAClC,aAAwC,EACxC,OAAU;IAEV,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAErC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAC5C;QACE,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,MAAM;KACX,EACD,GAAG,EACH,UAAU,CACX,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAqB;QACzC,IAAI,EAAE,QAAQ;QACd,EAAE,EAAE,SAAS;KACd,CAAC;IAEF,IAAI,eAAe,CAAC,aAAa,CAAC,EAAE;QAClC,gBAAgB,CAAC,WAAW,GAAG,aAAa,CAAC,iBAAiB,CAAC;KAChE;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AA/BD,wCA+BC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,OAAO,CAC3B,QAAgB,EAChB,IAAY,EACZ,aAAyC;IAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACtC,MAAM,SAAS,GAAG,SAAS,CACzB,aAAa;QACX,CAAC,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC,CAC9D,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IACxD,OAAO,MAAM,CAAC;AAChB,CAAC;AAdD,0BAcC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,IAAY;IAEZ,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACtC,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IACrE,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;IAEjD,OAAO;QACL,iBAAiB;QACjB,KAAK;QACL,IAAI;KACL,CAAC;AACJ,CAAC;AAfD,8CAeC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,cAAc,CAClC,aAAwC,EACxC,OAAyB;IAEzB,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACjD,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAErC,IAAI,YAAY,CAAC;IACjB,IAAI;QACF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACxC,EAAE,IAAI,EAAE,kBAAkB,EAAE,EAAE,EAAE,MAAM,EAAE,EACxC,GAAG,EACH,aAAa,CACd,CAAC;QAEF,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAC1E,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;KACzC;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;KACvC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAxBD,wCAwBC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,SAAS,CAC7B,SAAiB;IAEjB,MAAM,qBAAqB,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,uBAAuB,CAAC,qBAAqB,CAAC,EAAE;QAClD,OAAO;YACL,GAAG,EAAE,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,aAAa,EACb,qBAAqB,CAAC,GAAG,EACzB,kBAAkB,EAClB,IAAI,EACJ,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB;YACD,iBAAiB,EAAE,qBAAqB,CAAC,iBAAiB;SAC3D,CAAC;KACH;IAED,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACzC,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,IAAI,EACJ,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB,CAAC;AACJ,CAAC;AAzBD,8BAyBC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,SAAS,CAC7B,aAAwC;IAExC,IAAI,eAAe,CAAC,aAAa,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,GAAG,EAAE,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,aAAa,EACb,aAAa,CAAC,GAAG,CAClB;YACD,iBAAiB,EAAE,aAAa,CAAC,iBAAiB;SACnD,CAAC,CAAC;KACJ;IAED,OAAO,IAAI,CAAC,SAAS,CACnB,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAa,EAAE,aAAa,CAAC,CACnE,CAAC;AACJ,CAAC;AAhBD,8BAgBC;AA+BD,wCAAwC;AACxC,+CAA+C;AACxC,KAAK,UAAU,eAAe,CACnC,QAAgB,EAChB,IAAY,EACZ,UAAU,GAAG,KAAK,EAClB,OAA6B,qBAAqB;IAElD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAE/C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAC9C,KAAK,EACL,UAAU,EACV,EAAE,IAAI,EAAE,QAAQ,EAAE,EAClB,KAAK,EACL,CAAC,YAAY,EAAE,WAAW,CAAC,CAC5B,CAAC;IAEF,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACrD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;QAClC,IAAI,EAAE,SAAS;KAChB,EACD,GAAG,EACH,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,GAAG,EAAE,EACzC,UAAU,EACV,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB,CAAC;IAEF,OAAO,IAAI;QACT,CAAC,CAAC;YACE,GAAG,EAAE,UAAU;YACf,iBAAiB,EAAE,IAAI;SACxB;QACH,CAAC,CAAC,UAAU,CAAC;AACjB,CAAC;AApCD,0CAoCC;AAED;;;;;GAKG;AACH,SAAgB,0BAA0B,CAAC,GAAW;IACpD,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC/D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE;QAC3C,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;KAChC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gEAQC;AAED;;;;;GAKG;AACH,SAAgB,yBAAyB,CAAC,MAAkB;IAC1D,IAAI,MAAM,GAAG,IAAI,CAAC;IAClB,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACvB,MAAM,IAAI,aAAa,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAND,8DAMC;AAED;;;;;;GAMG;AACH,SAAS,aAAa,CAAC,GAAW;IAChC,IAAI,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC3B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC;KACjB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAC,SAAS,GAAG,EAAE;IACzC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACvC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACpC,kFAAkF;IAClF,oFAAoF;IACpF,kFAAkF;IAClF,uFAAuF;IACvF,2EAA2E;IAC3E,MAAM,UAAU,GAAG,IAAI,CACrB,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAA2B,CAAC,CAC7D,CAAC;IACF,OAAO,UAAU,CAAC;AACpB,CAAC;AAZD,oCAYC;AAED;;;;;;;;;;GAUG;AACI,KAAK,UAAU,WAAW,CAC/B,KAAa,EACb,QAAgB;IAEhB,IAAI,cAAc,CAAC,KAAK,CAAC,EAAE;QACzB,OAAO,KAAK,CAAC;KACd;IAED,OAAO,OAAO,CAAC,QAAQ,EAAE,MAAM,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;AAC3D,CAAC;AATD,kCASC;AAED;;;;;;;;;;GAUG;AACI,KAAK,UAAU,qBAAqB,CACzC,gBAA0C,EAC1C,QAAgB;IAEhB,IAAI,cAAc,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE;QAC1C,OAAO,gBAAgB,CAAC;KACzB;IAED,OAAO,iBAAiB,CACtB,QAAQ,EACR,MAAM,OAAO,CAAC,QAAQ,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAChD,CAAC;AACJ,CAAC;AAZD,sDAYC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CACtB,aAAsB;IAEtB,OAAO,CACL,IAAA,qBAAa,EAAC,aAAa,CAAC;QAC5B,IAAA,mBAAW,EAAC,aAAa,EAAE,KAAK,CAAC;QACjC,IAAA,mBAAW,EAAC,aAAa,EAAE,mBAAmB,CAAC;QAC/C,aAAa,CAAC,GAAG,YAAY,SAAS;QACtC,sBAAsB,CAAC,aAAa,CAAC,iBAAiB,CAAC,CACxD,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,sBAAsB,CAC7B,iBAA0B;IAE1B,OAAO,CACL,IAAA,qBAAa,EAAC,iBAAiB,CAAC;QAChC,IAAA,mBAAW,EAAC,iBAAiB,EAAE,WAAW,CAAC;QAC3C,IAAA,mBAAW,EAAC,iBAAiB,EAAE,QAAQ,CAAC,CACzC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,uBAAuB,CAC9B,WAAoB;IAEpB,OAAO,CACL,IAAA,qBAAa,EAAC,WAAW,CAAC;QAC1B,IAAA,mBAAW,EAAC,WAAW,EAAE,KAAK,CAAC;QAC/B,IAAA,mBAAW,EAAC,WAAW,EAAE,mBAAmB,CAAC;QAC7C,sBAAsB,CAAC,WAAW,CAAC,iBAAiB,CAAC,CACtD,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,SAAS,CAAC,aAAwC;IACzD,OAAO,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC;AAC5E,CAAC;AAED;;;;;GAKG;AACH,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1C,OAAO,CACL,sBAAsB,CAAC,WAAW,CAAC;QACnC,WAAW,CAAC,SAAS,KAAK,yBAAyB,CAAC,SAAS;QAC7D,WAAW,CAAC,MAAM,CAAC,UAAU;YAC3B,yBAAyB,CAAC,MAAM,CAAC,UAAU,CAC9C,CAAC;AACJ,CAAC","sourcesContent":["import { hasProperty, isPlainObject } from '@metamask/utils';\n\nexport type DetailedEncryptionResult = {\n vault: string;\n exportedKeyString: string;\n};\n\nexport type PBKDF2Params = {\n iterations: number;\n};\n\nexport type KeyDerivationOptions = {\n algorithm: 'PBKDF2';\n params: PBKDF2Params;\n};\n\nexport type EncryptionKey = {\n key: CryptoKey;\n derivationOptions: KeyDerivationOptions;\n};\n\nexport type ExportedEncryptionKey = {\n key: JsonWebKey;\n derivationOptions: KeyDerivationOptions;\n};\n\nexport type EncryptionResult = {\n data: string;\n iv: string;\n salt?: string;\n // old encryption results will not have this\n keyMetadata?: KeyDerivationOptions;\n};\n\nexport type DetailedDecryptResult = {\n exportedKeyString: string;\n vault: unknown;\n salt: string;\n};\n\nconst EXPORT_FORMAT = 'jwk';\nconst DERIVED_KEY_FORMAT = 'AES-GCM';\nconst STRING_ENCODING = 'utf-8';\nconst OLD_DERIVATION_PARAMS: KeyDerivationOptions = {\n algorithm: 'PBKDF2',\n params: {\n iterations: 10_000,\n },\n};\nconst DEFAULT_DERIVATION_PARAMS: KeyDerivationOptions = {\n algorithm: 'PBKDF2',\n params: {\n iterations: 900_000,\n },\n};\n\n/**\n * Encrypts a data object that can be any serializable value using\n * a provided password.\n *\n * @param password - The password to use for encryption.\n * @param dataObj - The data to encrypt.\n * @param key - The CryptoKey to encrypt with.\n * @param salt - The salt to use to encrypt.\n * @param keyDerivationOptions - The options to use for key derivation.\n * @returns The encrypted vault.\n */\nexport async function encrypt<R>(\n password: string,\n dataObj: R,\n key?: EncryptionKey | CryptoKey,\n salt: string = generateSalt(),\n keyDerivationOptions = DEFAULT_DERIVATION_PARAMS,\n): Promise<string> {\n const cryptoKey =\n key || (await keyFromPassword(password, salt, false, keyDerivationOptions));\n const payload = await encryptWithKey(cryptoKey, dataObj);\n payload.salt = salt;\n return JSON.stringify(payload);\n}\n\n/**\n * Encrypts a data object that can be any serializable value using\n * a provided password.\n *\n * @param password - A password to use for encryption.\n * @param dataObj - The data to encrypt.\n * @param salt - The salt used to encrypt.\n * @param keyDerivationOptions - The options to use for key derivation.\n * @returns The vault and exported key string.\n */\nexport async function encryptWithDetail<R>(\n password: string,\n dataObj: R,\n salt = generateSalt(),\n keyDerivationOptions = DEFAULT_DERIVATION_PARAMS,\n): Promise<DetailedEncryptionResult> {\n const key = await keyFromPassword(password, salt, true, keyDerivationOptions);\n const exportedKeyString = await exportKey(key);\n const vault = await encrypt(password, dataObj, key, salt);\n\n return {\n vault,\n exportedKeyString,\n };\n}\n\n/**\n * Encrypts the provided serializable javascript object using the\n * provided CryptoKey and returns an object containing the cypher text and\n * the initialization vector used.\n *\n * @param encryptionKey - The CryptoKey to encrypt with.\n * @param dataObj - A serializable JavaScript object to encrypt.\n * @returns The encrypted data.\n */\nexport async function encryptWithKey<R>(\n encryptionKey: EncryptionKey | CryptoKey,\n dataObj: R,\n): Promise<EncryptionResult> {\n const data = JSON.stringify(dataObj);\n const dataBuffer = Buffer.from(data, STRING_ENCODING);\n const vector = global.crypto.getRandomValues(new Uint8Array(16));\n const key = unwrapKey(encryptionKey);\n\n const buf = await global.crypto.subtle.encrypt(\n {\n name: DERIVED_KEY_FORMAT,\n iv: vector,\n },\n key,\n dataBuffer,\n );\n\n const buffer = new Uint8Array(buf);\n const vectorStr = Buffer.from(vector).toString('base64');\n const vaultStr = Buffer.from(buffer).toString('base64');\n const encryptionResult: EncryptionResult = {\n data: vaultStr,\n iv: vectorStr,\n };\n\n if (isEncryptionKey(encryptionKey)) {\n encryptionResult.keyMetadata = encryptionKey.derivationOptions;\n }\n\n return encryptionResult;\n}\n\n/**\n * Given a password and a cypher text, decrypts the text and returns\n * the resulting value.\n *\n * @param password - The password to decrypt with.\n * @param text - The cypher text to decrypt.\n * @param encryptionKey - The key to decrypt with.\n * @returns The decrypted data.\n */\nexport async function decrypt(\n password: string,\n text: string,\n encryptionKey?: EncryptionKey | CryptoKey,\n): Promise<unknown> {\n const payload = JSON.parse(text);\n const { salt, keyMetadata } = payload;\n const cryptoKey = unwrapKey(\n encryptionKey ||\n (await keyFromPassword(password, salt, false, keyMetadata)),\n );\n\n const result = await decryptWithKey(cryptoKey, payload);\n return result;\n}\n\n/**\n * Given a password and a cypher text, decrypts the text and returns\n * the resulting value, keyString, and salt.\n *\n * @param password - The password to decrypt with.\n * @param text - The encrypted vault to decrypt.\n * @returns The decrypted vault along with the salt and exported key.\n */\nexport async function decryptWithDetail(\n password: string,\n text: string,\n): Promise<DetailedDecryptResult> {\n const payload = JSON.parse(text);\n const { salt, keyMetadata } = payload;\n const key = await keyFromPassword(password, salt, true, keyMetadata);\n const exportedKeyString = await exportKey(key);\n const vault = await decrypt(password, text, key);\n\n return {\n exportedKeyString,\n vault,\n salt,\n };\n}\n\n/**\n * Given a CryptoKey and an EncryptionResult object containing the initialization\n * vector (iv) and data to decrypt, return the resulting decrypted value.\n *\n * @param encryptionKey - The CryptoKey to decrypt with.\n * @param payload - The payload to decrypt, returned from an encryption method.\n * @returns The decrypted data.\n */\nexport async function decryptWithKey<R>(\n encryptionKey: EncryptionKey | CryptoKey,\n payload: EncryptionResult,\n): Promise<R> {\n const encryptedData = Buffer.from(payload.data, 'base64');\n const vector = Buffer.from(payload.iv, 'base64');\n const key = unwrapKey(encryptionKey);\n\n let decryptedObj;\n try {\n const result = await crypto.subtle.decrypt(\n { name: DERIVED_KEY_FORMAT, iv: vector },\n key,\n encryptedData,\n );\n\n const decryptedData = new Uint8Array(result);\n const decryptedStr = Buffer.from(decryptedData).toString(STRING_ENCODING);\n decryptedObj = JSON.parse(decryptedStr);\n } catch (e) {\n throw new Error('Incorrect password');\n }\n\n return decryptedObj;\n}\n\n/**\n * Receives an exported CryptoKey string and creates a key.\n *\n * This function supports both JsonWebKey's and exported EncryptionKey's.\n * It will return a CryptoKey for the former, and an EncryptionKey for the latter.\n *\n * @param keyString - The key string to import.\n * @returns An EncryptionKey or a CryptoKey.\n */\nexport async function importKey(\n keyString: string,\n): Promise<EncryptionKey | CryptoKey> {\n const exportedEncryptionKey = JSON.parse(keyString);\n\n if (isExportedEncryptionKey(exportedEncryptionKey)) {\n return {\n key: await window.crypto.subtle.importKey(\n EXPORT_FORMAT,\n exportedEncryptionKey.key,\n DERIVED_KEY_FORMAT,\n true,\n ['encrypt', 'decrypt'],\n ),\n derivationOptions: exportedEncryptionKey.derivationOptions,\n };\n }\n\n return await window.crypto.subtle.importKey(\n EXPORT_FORMAT,\n exportedEncryptionKey,\n DERIVED_KEY_FORMAT,\n true,\n ['encrypt', 'decrypt'],\n );\n}\n\n/**\n * Exports a key string from a CryptoKey or from an\n * EncryptionKey instance.\n *\n * @param encryptionKey - The CryptoKey or EncryptionKey to export.\n * @returns A key string.\n */\nexport async function exportKey(\n encryptionKey: CryptoKey | EncryptionKey,\n): Promise<string> {\n if (isEncryptionKey(encryptionKey)) {\n return JSON.stringify({\n key: await window.crypto.subtle.exportKey(\n EXPORT_FORMAT,\n encryptionKey.key,\n ),\n derivationOptions: encryptionKey.derivationOptions,\n });\n }\n\n return JSON.stringify(\n await window.crypto.subtle.exportKey(EXPORT_FORMAT, encryptionKey),\n );\n}\n\n/**\n * Generate a CryptoKey from a password and random salt.\n *\n * @param password - The password to use to generate key.\n * @param salt - The salt string to use in key derivation.\n * @param exportable - Whether or not the key should be exportable.\n * @returns A CryptoKey for encryption and decryption.\n */\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable?: boolean,\n): Promise<CryptoKey>;\n/**\n * Generate a CryptoKey from a password and random salt, specifying\n * key derivation options.\n *\n * @param password - The password to use to generate key.\n * @param salt - The salt string to use in key derivation.\n * @param exportable - Whether or not the key should be exportable.\n * @param opts - The options to use for key derivation.\n * @returns An EncryptionKey for encryption and decryption.\n */\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable?: boolean,\n opts?: KeyDerivationOptions,\n): Promise<EncryptionKey>;\n// The overloads are already documented.\n// eslint-disable-next-line jsdoc/require-jsdoc\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable = false,\n opts: KeyDerivationOptions = OLD_DERIVATION_PARAMS,\n): Promise<CryptoKey | EncryptionKey> {\n const passBuffer = Buffer.from(password, STRING_ENCODING);\n const saltBuffer = Buffer.from(salt, 'base64');\n\n const key = await global.crypto.subtle.importKey(\n 'raw',\n passBuffer,\n { name: 'PBKDF2' },\n false,\n ['deriveBits', 'deriveKey'],\n );\n\n const derivedKey = await global.crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n salt: saltBuffer,\n iterations: opts.params.iterations,\n hash: 'SHA-256',\n },\n key,\n { name: DERIVED_KEY_FORMAT, length: 256 },\n exportable,\n ['encrypt', 'decrypt'],\n );\n\n return opts\n ? {\n key: derivedKey,\n derivationOptions: opts,\n }\n : derivedKey;\n}\n\n/**\n * Converts a hex string into a buffer.\n *\n * @param str - Hex encoded string.\n * @returns The string ecoded as a byte array.\n */\nexport function serializeBufferFromStorage(str: string): Uint8Array {\n const stripStr = str.slice(0, 2) === '0x' ? str.slice(2) : str;\n const buf = new Uint8Array(stripStr.length / 2);\n for (let i = 0; i < stripStr.length; i += 2) {\n const seg = stripStr.substr(i, 2);\n buf[i / 2] = parseInt(seg, 16);\n }\n return buf;\n}\n\n/**\n * Converts a buffer into a hex string ready for storage.\n *\n * @param buffer - Buffer to serialize.\n * @returns A hex encoded string.\n */\nexport function serializeBufferForStorage(buffer: Uint8Array): string {\n let result = '0x';\n buffer.forEach((value) => {\n result += unprefixedHex(value);\n });\n return result;\n}\n\n/**\n * Converts a number into hex value, and ensures proper leading 0\n * for single characters strings.\n *\n * @param num - The number to convert to string.\n * @returns An unprefixed hex string.\n */\nfunction unprefixedHex(num: number): string {\n let hex = num.toString(16);\n while (hex.length < 2) {\n hex = `0${hex}`;\n }\n return hex;\n}\n\n/**\n * Generates a random string for use as a salt in CryptoKey generation.\n *\n * @param byteCount - The number of bytes to generate.\n * @returns A randomly generated string.\n */\nexport function generateSalt(byteCount = 32): string {\n const view = new Uint8Array(byteCount);\n global.crypto.getRandomValues(view);\n // Uint8Array is a fixed length array and thus does not have methods like pop, etc\n // so TypeScript complains about casting it to an array. Array.from() works here for\n // getting the proper type, but it results in a functional difference. In order to\n // cast, you have to first cast view to unknown then cast the unknown value to number[]\n // TypeScript ftw: double opt in to write potentially type-mismatched code.\n const b64encoded = btoa(\n String.fromCharCode.apply(null, view as unknown as number[]),\n );\n return b64encoded;\n}\n\n/**\n * Updates the provided vault, re-encrypting\n * data with a safer algorithm if one is available.\n *\n * If the provided vault is already using the latest available encryption method,\n * it is returned as is.\n *\n * @param vault - The vault to update.\n * @param password - The password to use for encryption.\n * @returns A promise resolving to the updated vault.\n */\nexport async function updateVault(\n vault: string,\n password: string,\n): Promise<string> {\n if (isVaultUpdated(vault)) {\n return vault;\n }\n\n return encrypt(password, await decrypt(password, vault));\n}\n\n/**\n * Updates the provided vault and exported key, re-encrypting\n * data with a safer algorithm if one is available.\n *\n * If the provided vault is already using the latest available encryption method,\n * it is returned as is.\n *\n * @param encryptionResult - The encrypted data to update.\n * @param password - The password to use for encryption.\n * @returns A promise resolving to the updated encrypted data and exported key.\n */\nexport async function updateVaultWithDetail(\n encryptionResult: DetailedEncryptionResult,\n password: string,\n): Promise<DetailedEncryptionResult> {\n if (isVaultUpdated(encryptionResult.vault)) {\n return encryptionResult;\n }\n\n return encryptWithDetail(\n password,\n await decrypt(password, encryptionResult.vault),\n );\n}\n\n/**\n * Checks if the provided key is an `EncryptionKey`.\n *\n * @param encryptionKey - The object to check.\n * @returns Whether or not the key is an `EncryptionKey`.\n */\nfunction isEncryptionKey(\n encryptionKey: unknown,\n): encryptionKey is EncryptionKey {\n return (\n isPlainObject(encryptionKey) &&\n hasProperty(encryptionKey, 'key') &&\n hasProperty(encryptionKey, 'derivationOptions') &&\n encryptionKey.key instanceof CryptoKey &&\n isKeyDerivationOptions(encryptionKey.derivationOptions)\n );\n}\n\n/**\n * Checks if the provided object is a `KeyDerivationOptions`.\n *\n * @param derivationOptions - The object to check.\n * @returns Whether or not the object is a `KeyDerivationOptions`.\n */\nfunction isKeyDerivationOptions(\n derivationOptions: unknown,\n): derivationOptions is KeyDerivationOptions {\n return (\n isPlainObject(derivationOptions) &&\n hasProperty(derivationOptions, 'algorithm') &&\n hasProperty(derivationOptions, 'params')\n );\n}\n\n/**\n * Checks if the provided key is an `ExportedEncryptionKey`.\n *\n * @param exportedKey - The object to check.\n * @returns Whether or not the object is an `ExportedEncryptionKey`.\n */\nfunction isExportedEncryptionKey(\n exportedKey: unknown,\n): exportedKey is ExportedEncryptionKey {\n return (\n isPlainObject(exportedKey) &&\n hasProperty(exportedKey, 'key') &&\n hasProperty(exportedKey, 'derivationOptions') &&\n isKeyDerivationOptions(exportedKey.derivationOptions)\n );\n}\n\n/**\n * Returns the `CryptoKey` from the provided encryption key.\n * If the provided key is a `CryptoKey`, it is returned as is.\n *\n * @param encryptionKey - The key to unwrap.\n * @returns The `CryptoKey` from the provided encryption key.\n */\nfunction unwrapKey(encryptionKey: EncryptionKey | CryptoKey): CryptoKey {\n return isEncryptionKey(encryptionKey) ? encryptionKey.key : encryptionKey;\n}\n\n/**\n * Checks if the provided vault is an updated encryption format.\n *\n * @param vault - The vault to check.\n * @returns Whether or not the vault is an updated encryption format.\n */\nfunction isVaultUpdated(vault: string): boolean {\n const { keyMetadata } = JSON.parse(vault);\n return (\n isKeyDerivationOptions(keyMetadata) &&\n keyMetadata.algorithm === DEFAULT_DERIVATION_PARAMS.algorithm &&\n keyMetadata.params.iterations ===\n DEFAULT_DERIVATION_PARAMS.params.iterations\n );\n}\n"]} | ||
| {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,2CAA6D;AAwC7D,MAAM,aAAa,GAAG,KAAK,CAAC;AAC5B,MAAM,kBAAkB,GAAG,SAAS,CAAC;AACrC,MAAM,eAAe,GAAG,OAAO,CAAC;AAChC,MAAM,qBAAqB,GAAyB;IAClD,SAAS,EAAE,QAAQ;IACnB,MAAM,EAAE;QACN,UAAU,EAAE,KAAM;KACnB;CACF,CAAC;AACF,MAAM,yBAAyB,GAAyB;IACtD,SAAS,EAAE,QAAQ;IACnB,MAAM,EAAE;QACN,UAAU,EAAE,MAAO;KACpB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACI,KAAK,UAAU,OAAO,CAC3B,QAAgB,EAChB,OAAU,EACV,GAA+B,EAC/B,OAAe,YAAY,EAAE,EAC7B,oBAAoB,GAAG,yBAAyB;IAEhD,MAAM,SAAS,GACb,GAAG,IAAI,CAAC,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IACpB,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC;AAZD,0BAYC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,OAAU,EACV,IAAI,GAAG,YAAY,EAAE,EACrB,oBAAoB,GAAG,yBAAyB;IAEhD,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC9E,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAE1D,OAAO;QACL,KAAK;QACL,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAdD,8CAcC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,cAAc,CAClC,aAAwC,EACxC,OAAU;IAEV,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAErC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAC5C;QACE,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,MAAM;KACX,EACD,GAAG,EACH,UAAU,CACX,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAqB;QACzC,IAAI,EAAE,QAAQ;QACd,EAAE,EAAE,SAAS;KACd,CAAC;IAEF,IAAI,eAAe,CAAC,aAAa,CAAC,EAAE;QAClC,gBAAgB,CAAC,WAAW,GAAG,aAAa,CAAC,iBAAiB,CAAC;KAChE;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AA/BD,wCA+BC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,OAAO,CAC3B,QAAgB,EAChB,IAAY,EACZ,aAAyC;IAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACtC,MAAM,SAAS,GAAG,SAAS,CACzB,aAAa;QACX,CAAC,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC,CAC9D,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IACxD,OAAO,MAAM,CAAC;AAChB,CAAC;AAdD,0BAcC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,IAAY;IAEZ,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACtC,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IACrE,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;IAEjD,OAAO;QACL,iBAAiB;QACjB,KAAK;QACL,IAAI;KACL,CAAC;AACJ,CAAC;AAfD,8CAeC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,cAAc,CAClC,aAAwC,EACxC,OAAyB;IAEzB,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACjD,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAErC,IAAI,YAAY,CAAC;IACjB,IAAI;QACF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACxC,EAAE,IAAI,EAAE,kBAAkB,EAAE,EAAE,EAAE,MAAM,EAAE,EACxC,GAAG,EACH,aAAa,CACd,CAAC;QAEF,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAC1E,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;KACzC;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;KACvC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAxBD,wCAwBC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,SAAS,CAC7B,SAAiB;IAEjB,MAAM,qBAAqB,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,uBAAuB,CAAC,qBAAqB,CAAC,EAAE;QAClD,OAAO;YACL,GAAG,EAAE,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,aAAa,EACb,qBAAqB,CAAC,GAAG,EACzB,kBAAkB,EAClB,IAAI,EACJ,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB;YACD,iBAAiB,EAAE,qBAAqB,CAAC,iBAAiB;SAC3D,CAAC;KACH;IAED,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACzC,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,IAAI,EACJ,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB,CAAC;AACJ,CAAC;AAzBD,8BAyBC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,SAAS,CAC7B,aAAwC;IAExC,IAAI,eAAe,CAAC,aAAa,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,GAAG,EAAE,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,aAAa,EACb,aAAa,CAAC,GAAG,CAClB;YACD,iBAAiB,EAAE,aAAa,CAAC,iBAAiB;SACnD,CAAC,CAAC;KACJ;IAED,OAAO,IAAI,CAAC,SAAS,CACnB,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAa,EAAE,aAAa,CAAC,CACnE,CAAC;AACJ,CAAC;AAhBD,8BAgBC;AA+BD,wCAAwC;AACxC,+CAA+C;AACxC,KAAK,UAAU,eAAe,CACnC,QAAgB,EAChB,IAAY,EACZ,UAAU,GAAG,KAAK,EAClB,OAA6B,qBAAqB;IAElD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAE/C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAC9C,KAAK,EACL,UAAU,EACV,EAAE,IAAI,EAAE,QAAQ,EAAE,EAClB,KAAK,EACL,CAAC,YAAY,EAAE,WAAW,CAAC,CAC5B,CAAC;IAEF,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CACrD;QACE,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;QAClC,IAAI,EAAE,SAAS;KAChB,EACD,GAAG,EACH,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,GAAG,EAAE,EACzC,UAAU,EACV,CAAC,SAAS,EAAE,SAAS,CAAC,CACvB,CAAC;IAEF,OAAO,IAAI;QACT,CAAC,CAAC;YACE,GAAG,EAAE,UAAU;YACf,iBAAiB,EAAE,IAAI;SACxB;QACH,CAAC,CAAC,UAAU,CAAC;AACjB,CAAC;AApCD,0CAoCC;AAED;;;;;GAKG;AACH,SAAgB,0BAA0B,CAAC,GAAW;IACpD,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC/D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE;QAC3C,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;KAChC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gEAQC;AAED;;;;;GAKG;AACH,SAAgB,yBAAyB,CAAC,MAAkB;IAC1D,IAAI,MAAM,GAAG,IAAI,CAAC;IAClB,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACvB,MAAM,IAAI,aAAa,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC;AAND,8DAMC;AAED;;;;;;GAMG;AACH,SAAS,aAAa,CAAC,GAAW;IAChC,IAAI,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC3B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC;KACjB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAC,SAAS,GAAG,EAAE;IACzC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACvC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IACpC,kFAAkF;IAClF,oFAAoF;IACpF,kFAAkF;IAClF,uFAAuF;IACvF,2EAA2E;IAC3E,MAAM,UAAU,GAAG,IAAI,CACrB,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAA2B,CAAC,CAC7D,CAAC;IACF,OAAO,UAAU,CAAC;AACpB,CAAC;AAZD,oCAYC;AAED;;;;;;;;;;;GAWG;AACI,KAAK,UAAU,WAAW,CAC/B,KAAa,EACb,QAAgB,EAChB,sBAAsB,GAAG,yBAAyB;IAElD,IAAI,cAAc,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE;QACjD,OAAO,KAAK,CAAC;KACd;IAED,OAAO,OAAO,CACZ,QAAQ,EACR,MAAM,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,EAC9B,SAAS,EACT,SAAS,EACT,sBAAsB,CACvB,CAAC;AACJ,CAAC;AAhBD,kCAgBC;AAED;;;;;;;;;;;GAWG;AACI,KAAK,UAAU,qBAAqB,CACzC,gBAA0C,EAC1C,QAAgB,EAChB,sBAAsB,GAAG,yBAAyB;IAElD,IAAI,cAAc,CAAC,gBAAgB,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE;QAClE,OAAO,gBAAgB,CAAC;KACzB;IAED,OAAO,iBAAiB,CACtB,QAAQ,EACR,MAAM,OAAO,CAAC,QAAQ,EAAE,gBAAgB,CAAC,KAAK,CAAC,EAC/C,SAAS,EACT,sBAAsB,CACvB,CAAC;AACJ,CAAC;AAfD,sDAeC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CACtB,aAAsB;IAEtB,OAAO,CACL,IAAA,qBAAa,EAAC,aAAa,CAAC;QAC5B,IAAA,mBAAW,EAAC,aAAa,EAAE,KAAK,CAAC;QACjC,IAAA,mBAAW,EAAC,aAAa,EAAE,mBAAmB,CAAC;QAC/C,aAAa,CAAC,GAAG,YAAY,SAAS;QACtC,sBAAsB,CAAC,aAAa,CAAC,iBAAiB,CAAC,CACxD,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,sBAAsB,CAC7B,iBAA0B;IAE1B,OAAO,CACL,IAAA,qBAAa,EAAC,iBAAiB,CAAC;QAChC,IAAA,mBAAW,EAAC,iBAAiB,EAAE,WAAW,CAAC;QAC3C,IAAA,mBAAW,EAAC,iBAAiB,EAAE,QAAQ,CAAC,CACzC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,uBAAuB,CAC9B,WAAoB;IAEpB,OAAO,CACL,IAAA,qBAAa,EAAC,WAAW,CAAC;QAC1B,IAAA,mBAAW,EAAC,WAAW,EAAE,KAAK,CAAC;QAC/B,IAAA,mBAAW,EAAC,WAAW,EAAE,mBAAmB,CAAC;QAC7C,sBAAsB,CAAC,WAAW,CAAC,iBAAiB,CAAC,CACtD,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,SAAS,CAAC,aAAwC;IACzD,OAAO,eAAe,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC;AAC5E,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,cAAc,CAC5B,KAAa,EACb,sBAAsB,GAAG,yBAAyB;IAElD,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1C,OAAO,CACL,sBAAsB,CAAC,WAAW,CAAC;QACnC,WAAW,CAAC,SAAS,KAAK,sBAAsB,CAAC,SAAS;QAC1D,WAAW,CAAC,MAAM,CAAC,UAAU,KAAK,sBAAsB,CAAC,MAAM,CAAC,UAAU,CAC3E,CAAC;AACJ,CAAC;AAVD,wCAUC","sourcesContent":["import { hasProperty, isPlainObject } from '@metamask/utils';\n\nexport type DetailedEncryptionResult = {\n vault: string;\n exportedKeyString: string;\n};\n\nexport type PBKDF2Params = {\n iterations: number;\n};\n\nexport type KeyDerivationOptions = {\n algorithm: 'PBKDF2';\n params: PBKDF2Params;\n};\n\nexport type EncryptionKey = {\n key: CryptoKey;\n derivationOptions: KeyDerivationOptions;\n};\n\nexport type ExportedEncryptionKey = {\n key: JsonWebKey;\n derivationOptions: KeyDerivationOptions;\n};\n\nexport type EncryptionResult = {\n data: string;\n iv: string;\n salt?: string;\n // old encryption results will not have this\n keyMetadata?: KeyDerivationOptions;\n};\n\nexport type DetailedDecryptResult = {\n exportedKeyString: string;\n vault: unknown;\n salt: string;\n};\n\nconst EXPORT_FORMAT = 'jwk';\nconst DERIVED_KEY_FORMAT = 'AES-GCM';\nconst STRING_ENCODING = 'utf-8';\nconst OLD_DERIVATION_PARAMS: KeyDerivationOptions = {\n algorithm: 'PBKDF2',\n params: {\n iterations: 10_000,\n },\n};\nconst DEFAULT_DERIVATION_PARAMS: KeyDerivationOptions = {\n algorithm: 'PBKDF2',\n params: {\n iterations: 900_000,\n },\n};\n\n/**\n * Encrypts a data object that can be any serializable value using\n * a provided password.\n *\n * @param password - The password to use for encryption.\n * @param dataObj - The data to encrypt.\n * @param key - The CryptoKey to encrypt with.\n * @param salt - The salt to use to encrypt.\n * @param keyDerivationOptions - The options to use for key derivation.\n * @returns The encrypted vault.\n */\nexport async function encrypt<R>(\n password: string,\n dataObj: R,\n key?: EncryptionKey | CryptoKey,\n salt: string = generateSalt(),\n keyDerivationOptions = DEFAULT_DERIVATION_PARAMS,\n): Promise<string> {\n const cryptoKey =\n key || (await keyFromPassword(password, salt, false, keyDerivationOptions));\n const payload = await encryptWithKey(cryptoKey, dataObj);\n payload.salt = salt;\n return JSON.stringify(payload);\n}\n\n/**\n * Encrypts a data object that can be any serializable value using\n * a provided password.\n *\n * @param password - A password to use for encryption.\n * @param dataObj - The data to encrypt.\n * @param salt - The salt used to encrypt.\n * @param keyDerivationOptions - The options to use for key derivation.\n * @returns The vault and exported key string.\n */\nexport async function encryptWithDetail<R>(\n password: string,\n dataObj: R,\n salt = generateSalt(),\n keyDerivationOptions = DEFAULT_DERIVATION_PARAMS,\n): Promise<DetailedEncryptionResult> {\n const key = await keyFromPassword(password, salt, true, keyDerivationOptions);\n const exportedKeyString = await exportKey(key);\n const vault = await encrypt(password, dataObj, key, salt);\n\n return {\n vault,\n exportedKeyString,\n };\n}\n\n/**\n * Encrypts the provided serializable javascript object using the\n * provided CryptoKey and returns an object containing the cypher text and\n * the initialization vector used.\n *\n * @param encryptionKey - The CryptoKey to encrypt with.\n * @param dataObj - A serializable JavaScript object to encrypt.\n * @returns The encrypted data.\n */\nexport async function encryptWithKey<R>(\n encryptionKey: EncryptionKey | CryptoKey,\n dataObj: R,\n): Promise<EncryptionResult> {\n const data = JSON.stringify(dataObj);\n const dataBuffer = Buffer.from(data, STRING_ENCODING);\n const vector = global.crypto.getRandomValues(new Uint8Array(16));\n const key = unwrapKey(encryptionKey);\n\n const buf = await global.crypto.subtle.encrypt(\n {\n name: DERIVED_KEY_FORMAT,\n iv: vector,\n },\n key,\n dataBuffer,\n );\n\n const buffer = new Uint8Array(buf);\n const vectorStr = Buffer.from(vector).toString('base64');\n const vaultStr = Buffer.from(buffer).toString('base64');\n const encryptionResult: EncryptionResult = {\n data: vaultStr,\n iv: vectorStr,\n };\n\n if (isEncryptionKey(encryptionKey)) {\n encryptionResult.keyMetadata = encryptionKey.derivationOptions;\n }\n\n return encryptionResult;\n}\n\n/**\n * Given a password and a cypher text, decrypts the text and returns\n * the resulting value.\n *\n * @param password - The password to decrypt with.\n * @param text - The cypher text to decrypt.\n * @param encryptionKey - The key to decrypt with.\n * @returns The decrypted data.\n */\nexport async function decrypt(\n password: string,\n text: string,\n encryptionKey?: EncryptionKey | CryptoKey,\n): Promise<unknown> {\n const payload = JSON.parse(text);\n const { salt, keyMetadata } = payload;\n const cryptoKey = unwrapKey(\n encryptionKey ||\n (await keyFromPassword(password, salt, false, keyMetadata)),\n );\n\n const result = await decryptWithKey(cryptoKey, payload);\n return result;\n}\n\n/**\n * Given a password and a cypher text, decrypts the text and returns\n * the resulting value, keyString, and salt.\n *\n * @param password - The password to decrypt with.\n * @param text - The encrypted vault to decrypt.\n * @returns The decrypted vault along with the salt and exported key.\n */\nexport async function decryptWithDetail(\n password: string,\n text: string,\n): Promise<DetailedDecryptResult> {\n const payload = JSON.parse(text);\n const { salt, keyMetadata } = payload;\n const key = await keyFromPassword(password, salt, true, keyMetadata);\n const exportedKeyString = await exportKey(key);\n const vault = await decrypt(password, text, key);\n\n return {\n exportedKeyString,\n vault,\n salt,\n };\n}\n\n/**\n * Given a CryptoKey and an EncryptionResult object containing the initialization\n * vector (iv) and data to decrypt, return the resulting decrypted value.\n *\n * @param encryptionKey - The CryptoKey to decrypt with.\n * @param payload - The payload to decrypt, returned from an encryption method.\n * @returns The decrypted data.\n */\nexport async function decryptWithKey<R>(\n encryptionKey: EncryptionKey | CryptoKey,\n payload: EncryptionResult,\n): Promise<R> {\n const encryptedData = Buffer.from(payload.data, 'base64');\n const vector = Buffer.from(payload.iv, 'base64');\n const key = unwrapKey(encryptionKey);\n\n let decryptedObj;\n try {\n const result = await crypto.subtle.decrypt(\n { name: DERIVED_KEY_FORMAT, iv: vector },\n key,\n encryptedData,\n );\n\n const decryptedData = new Uint8Array(result);\n const decryptedStr = Buffer.from(decryptedData).toString(STRING_ENCODING);\n decryptedObj = JSON.parse(decryptedStr);\n } catch (e) {\n throw new Error('Incorrect password');\n }\n\n return decryptedObj;\n}\n\n/**\n * Receives an exported CryptoKey string and creates a key.\n *\n * This function supports both JsonWebKey's and exported EncryptionKey's.\n * It will return a CryptoKey for the former, and an EncryptionKey for the latter.\n *\n * @param keyString - The key string to import.\n * @returns An EncryptionKey or a CryptoKey.\n */\nexport async function importKey(\n keyString: string,\n): Promise<EncryptionKey | CryptoKey> {\n const exportedEncryptionKey = JSON.parse(keyString);\n\n if (isExportedEncryptionKey(exportedEncryptionKey)) {\n return {\n key: await window.crypto.subtle.importKey(\n EXPORT_FORMAT,\n exportedEncryptionKey.key,\n DERIVED_KEY_FORMAT,\n true,\n ['encrypt', 'decrypt'],\n ),\n derivationOptions: exportedEncryptionKey.derivationOptions,\n };\n }\n\n return await window.crypto.subtle.importKey(\n EXPORT_FORMAT,\n exportedEncryptionKey,\n DERIVED_KEY_FORMAT,\n true,\n ['encrypt', 'decrypt'],\n );\n}\n\n/**\n * Exports a key string from a CryptoKey or from an\n * EncryptionKey instance.\n *\n * @param encryptionKey - The CryptoKey or EncryptionKey to export.\n * @returns A key string.\n */\nexport async function exportKey(\n encryptionKey: CryptoKey | EncryptionKey,\n): Promise<string> {\n if (isEncryptionKey(encryptionKey)) {\n return JSON.stringify({\n key: await window.crypto.subtle.exportKey(\n EXPORT_FORMAT,\n encryptionKey.key,\n ),\n derivationOptions: encryptionKey.derivationOptions,\n });\n }\n\n return JSON.stringify(\n await window.crypto.subtle.exportKey(EXPORT_FORMAT, encryptionKey),\n );\n}\n\n/**\n * Generate a CryptoKey from a password and random salt.\n *\n * @param password - The password to use to generate key.\n * @param salt - The salt string to use in key derivation.\n * @param exportable - Whether or not the key should be exportable.\n * @returns A CryptoKey for encryption and decryption.\n */\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable?: boolean,\n): Promise<CryptoKey>;\n/**\n * Generate a CryptoKey from a password and random salt, specifying\n * key derivation options.\n *\n * @param password - The password to use to generate key.\n * @param salt - The salt string to use in key derivation.\n * @param exportable - Whether or not the key should be exportable.\n * @param opts - The options to use for key derivation.\n * @returns An EncryptionKey for encryption and decryption.\n */\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable?: boolean,\n opts?: KeyDerivationOptions,\n): Promise<EncryptionKey>;\n// The overloads are already documented.\n// eslint-disable-next-line jsdoc/require-jsdoc\nexport async function keyFromPassword(\n password: string,\n salt: string,\n exportable = false,\n opts: KeyDerivationOptions = OLD_DERIVATION_PARAMS,\n): Promise<CryptoKey | EncryptionKey> {\n const passBuffer = Buffer.from(password, STRING_ENCODING);\n const saltBuffer = Buffer.from(salt, 'base64');\n\n const key = await global.crypto.subtle.importKey(\n 'raw',\n passBuffer,\n { name: 'PBKDF2' },\n false,\n ['deriveBits', 'deriveKey'],\n );\n\n const derivedKey = await global.crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n salt: saltBuffer,\n iterations: opts.params.iterations,\n hash: 'SHA-256',\n },\n key,\n { name: DERIVED_KEY_FORMAT, length: 256 },\n exportable,\n ['encrypt', 'decrypt'],\n );\n\n return opts\n ? {\n key: derivedKey,\n derivationOptions: opts,\n }\n : derivedKey;\n}\n\n/**\n * Converts a hex string into a buffer.\n *\n * @param str - Hex encoded string.\n * @returns The string ecoded as a byte array.\n */\nexport function serializeBufferFromStorage(str: string): Uint8Array {\n const stripStr = str.slice(0, 2) === '0x' ? str.slice(2) : str;\n const buf = new Uint8Array(stripStr.length / 2);\n for (let i = 0; i < stripStr.length; i += 2) {\n const seg = stripStr.substr(i, 2);\n buf[i / 2] = parseInt(seg, 16);\n }\n return buf;\n}\n\n/**\n * Converts a buffer into a hex string ready for storage.\n *\n * @param buffer - Buffer to serialize.\n * @returns A hex encoded string.\n */\nexport function serializeBufferForStorage(buffer: Uint8Array): string {\n let result = '0x';\n buffer.forEach((value) => {\n result += unprefixedHex(value);\n });\n return result;\n}\n\n/**\n * Converts a number into hex value, and ensures proper leading 0\n * for single characters strings.\n *\n * @param num - The number to convert to string.\n * @returns An unprefixed hex string.\n */\nfunction unprefixedHex(num: number): string {\n let hex = num.toString(16);\n while (hex.length < 2) {\n hex = `0${hex}`;\n }\n return hex;\n}\n\n/**\n * Generates a random string for use as a salt in CryptoKey generation.\n *\n * @param byteCount - The number of bytes to generate.\n * @returns A randomly generated string.\n */\nexport function generateSalt(byteCount = 32): string {\n const view = new Uint8Array(byteCount);\n global.crypto.getRandomValues(view);\n // Uint8Array is a fixed length array and thus does not have methods like pop, etc\n // so TypeScript complains about casting it to an array. Array.from() works here for\n // getting the proper type, but it results in a functional difference. In order to\n // cast, you have to first cast view to unknown then cast the unknown value to number[]\n // TypeScript ftw: double opt in to write potentially type-mismatched code.\n const b64encoded = btoa(\n String.fromCharCode.apply(null, view as unknown as number[]),\n );\n return b64encoded;\n}\n\n/**\n * Updates the provided vault, re-encrypting\n * data with a safer algorithm if one is available.\n *\n * If the provided vault is already using the latest available encryption method,\n * it is returned as is.\n *\n * @param vault - The vault to update.\n * @param password - The password to use for encryption.\n * @param targetDerivationParams - The options to use for key derivation.\n * @returns A promise resolving to the updated vault.\n */\nexport async function updateVault(\n vault: string,\n password: string,\n targetDerivationParams = DEFAULT_DERIVATION_PARAMS,\n): Promise<string> {\n if (isVaultUpdated(vault, targetDerivationParams)) {\n return vault;\n }\n\n return encrypt(\n password,\n await decrypt(password, vault),\n undefined,\n undefined,\n targetDerivationParams,\n );\n}\n\n/**\n * Updates the provided vault and exported key, re-encrypting\n * data with a safer algorithm if one is available.\n *\n * If the provided vault is already using the latest available encryption method,\n * it is returned as is.\n *\n * @param encryptionResult - The encrypted data to update.\n * @param password - The password to use for encryption.\n * @param targetDerivationParams - The options to use for key derivation.\n * @returns A promise resolving to the updated encrypted data and exported key.\n */\nexport async function updateVaultWithDetail(\n encryptionResult: DetailedEncryptionResult,\n password: string,\n targetDerivationParams = DEFAULT_DERIVATION_PARAMS,\n): Promise<DetailedEncryptionResult> {\n if (isVaultUpdated(encryptionResult.vault, targetDerivationParams)) {\n return encryptionResult;\n }\n\n return encryptWithDetail(\n password,\n await decrypt(password, encryptionResult.vault),\n undefined,\n targetDerivationParams,\n );\n}\n\n/**\n * Checks if the provided key is an `EncryptionKey`.\n *\n * @param encryptionKey - The object to check.\n * @returns Whether or not the key is an `EncryptionKey`.\n */\nfunction isEncryptionKey(\n encryptionKey: unknown,\n): encryptionKey is EncryptionKey {\n return (\n isPlainObject(encryptionKey) &&\n hasProperty(encryptionKey, 'key') &&\n hasProperty(encryptionKey, 'derivationOptions') &&\n encryptionKey.key instanceof CryptoKey &&\n isKeyDerivationOptions(encryptionKey.derivationOptions)\n );\n}\n\n/**\n * Checks if the provided object is a `KeyDerivationOptions`.\n *\n * @param derivationOptions - The object to check.\n * @returns Whether or not the object is a `KeyDerivationOptions`.\n */\nfunction isKeyDerivationOptions(\n derivationOptions: unknown,\n): derivationOptions is KeyDerivationOptions {\n return (\n isPlainObject(derivationOptions) &&\n hasProperty(derivationOptions, 'algorithm') &&\n hasProperty(derivationOptions, 'params')\n );\n}\n\n/**\n * Checks if the provided key is an `ExportedEncryptionKey`.\n *\n * @param exportedKey - The object to check.\n * @returns Whether or not the object is an `ExportedEncryptionKey`.\n */\nfunction isExportedEncryptionKey(\n exportedKey: unknown,\n): exportedKey is ExportedEncryptionKey {\n return (\n isPlainObject(exportedKey) &&\n hasProperty(exportedKey, 'key') &&\n hasProperty(exportedKey, 'derivationOptions') &&\n isKeyDerivationOptions(exportedKey.derivationOptions)\n );\n}\n\n/**\n * Returns the `CryptoKey` from the provided encryption key.\n * If the provided key is a `CryptoKey`, it is returned as is.\n *\n * @param encryptionKey - The key to unwrap.\n * @returns The `CryptoKey` from the provided encryption key.\n */\nfunction unwrapKey(encryptionKey: EncryptionKey | CryptoKey): CryptoKey {\n return isEncryptionKey(encryptionKey) ? encryptionKey.key : encryptionKey;\n}\n\n/**\n * Checks if the provided vault is an updated encryption format.\n *\n * @param vault - The vault to check.\n * @param targetDerivationParams - The options to use for key derivation.\n * @returns Whether or not the vault is an updated encryption format.\n */\nexport function isVaultUpdated(\n vault: string,\n targetDerivationParams = DEFAULT_DERIVATION_PARAMS,\n): boolean {\n const { keyMetadata } = JSON.parse(vault);\n return (\n isKeyDerivationOptions(keyMetadata) &&\n keyMetadata.algorithm === targetDerivationParams.algorithm &&\n keyMetadata.params.iterations === targetDerivationParams.params.iterations\n );\n}\n"]} |
+1
-1
| { | ||
| "name": "@metamask/browser-passworder", | ||
| "version": "4.2.0", | ||
| "version": "4.3.0", | ||
| "description": "A simple browserifiable module for password-encrypting JS objects.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
No alert changes
Improved metrics
- Total package byte prevSize
56522
3.47%- Lines of code
554
2.4%No dependency changes