Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
let keys = session.generateKeyPair(graphene.KeyGenMechanism.ECDSA, {
keyType: graphene.KeyType.ECDSA,
token: false,
derive: true,
paramsECDSA: graphene.NamedCurve.getByName("secp192r1").value
}, {
keyType: graphene.KeyType.ECDSA,
token: false,
derive: true
});
// derive algorithm
let alg = {
name: "ECDH1_DERIVE",
params: new graphene.EcdhParams(
graphene.EcKdf.SHA1,
null,
keys.publicKey.getAttribute({ pointEC: null }).pointEC)
};
// Template for derived key
let template = {
"class": graphene.ObjectClass.SECRET_KEY,
"token": false,
"keyType": graphene.KeyType.AES,
"valueLen": 256 / 8,
"encrypt": true,
"decrypt": true
};
// Key derivation
let dKey = session.deriveKey(alg, keys.privateKey, template);
token: false,
sensitive: false,
class: graphene.ObjectClass.SECRET_KEY,
keyType: graphene.KeyType.GENERIC_SECRET,
extractable: true,
encrypt: true,
decrypt: true,
valueLen: valueLen >> 3,
};
// derive key
const ecPoint = (algorithm.public as EcCryptoKey).key.getAttribute({ pointEC: null }).pointEC!;
this.crypto.session.deriveKey(
{
name: "ECDH1_DERIVE",
params: new graphene.EcdhParams(
graphene.EcKdf.NULL,
null as any,
ecPoint, // CKA_EC_POINT
),
},
baseKey.key,
template,
(err, key) => {
if (err) {
reject(err);
} else {
const secretKey = key.toType();
const value = secretKey.getAttribute({ value: null }).value as Buffer;
resolve(new Uint8Array(value.slice(0, length >> 3)).buffer);
}
});
});
switch (derivedKeyType.name.toLowerCase()) {
case aes.AesGCM.ALGORITHM_NAME.toLowerCase():
AesClass = aes.AesGCM;
break;
case aes.AesCBC.ALGORITHM_NAME.toLowerCase():
AesClass = aes.AesCBC;
break;
default:
throw new Error("derivedKeyType: Unknown Algorithm name in use");
}
AesClass.checkKeyGenAlgorithm(derivedKeyType);
var template = aes.create_template(session, derivedKeyType, extractable, keyUsages);
template.valueLen = derivedKeyType.length / 8;
session.deriveKey({
name: "ECDH1_DERIVE",
params: new graphene_pk11_1.EcdhParams(graphene_pk11_1.EcKdf.NULL, null, algorithm.public.key.getAttribute({ pointEC: null }).pointEC)
}, baseKey.key, template, function (err, key) {
if (err)
callback(err, null);
else
callback(null, new key_1.P11CryptoKey(key, derivedKeyType));
});
}
catch (e) {
callback(e, null);
}
};
Ecdh.ALGORITHM_NAME = exports.ALG_NAME_ECDH;