constructor()

in modules/raw-aes-keyring-node/src/raw_aes_keyring_node.ts [52:136]

• 61 lines of code
• 3 McCabe index (conditional complexity)

  constructor(input: RawAesKeyringNodeInput) {
    super()

    const {
      keyName,
      keyNamespace,
      unencryptedMasterKey,
      wrappingSuite,
      utf8Sorting,
    } = input
    /* Precondition: AesKeyringNode needs identifying information for encrypt and decrypt. */
    needs(keyName && keyNamespace, 'Identifying information must be defined.')
    /* Precondition: RawAesKeyringNode requires wrappingSuite to be a valid RawAesWrappingSuite. */
    const wrappingMaterial = new NodeRawAesMaterial(wrappingSuite)
      /* Precondition: unencryptedMasterKey must correspond to the NodeAlgorithmSuite specification.
       * Note: the KeyringTrace and flag are _only_ set because I am reusing an existing implementation.
       * See: raw_aes_material.ts in @aws-crypto/raw-keyring for details
       */
      .setUnencryptedDataKey(unencryptedMasterKey, {
        keyNamespace,
        keyName,
        flags: KeyringTraceFlag.WRAPPING_KEY_GENERATED_DATA_KEY,
      })

    if (utf8Sorting === undefined) {
      readOnlyProperty(this, '_utf8Sorting', false)
    } else {
      readOnlyProperty(this, '_utf8Sorting', utf8Sorting)
    }
    // default will be false
    const { serializeEncryptionContext } = serializeFactory(fromUtf8, {
      utf8Sorting: this._utf8Sorting,
    })
    const _wrapKey = async (material: NodeEncryptionMaterial) => {
      /* The AAD section is uInt16BE(length) + AAD
       * see: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html#header-aad
       * However, the RAW Keyring wants _only_ the ADD.
       * So, I just slice off the length.
       */
      const { buffer, byteOffset, byteLength } = serializeEncryptionContext(
        material.encryptionContext
      ).slice(2)
      const aad = Buffer.from(buffer, byteOffset, byteLength)
      const { keyNamespace, keyName } = this

      return aesGcmWrapKey(
        keyNamespace,
        keyName,
        material,
        aad,
        wrappingMaterial
      )
    }

    const _unwrapKey = async (
      material: NodeDecryptionMaterial,
      edk: EncryptedDataKey
    ) => {
      const { keyNamespace, keyName } = this
      /* The AAD section is uInt16BE(length) + AAD
       * see: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html#header-aad
       * However, the RAW Keyring wants _only_ the ADD.
       * So, I just slice off the length.
       */
      const { buffer, byteOffset, byteLength } = serializeEncryptionContext(
        material.encryptionContext
      ).slice(2)
      const aad = Buffer.from(buffer, byteOffset, byteLength)
      // const aad = Buffer.concat(encodeEncryptionContext(context || {}))

      return aesGcmUnwrapKey(
        keyNamespace,
        keyName,
        material,
        wrappingMaterial,
        edk,
        aad
      )
    }

    readOnlyProperty(this, 'keyName', keyName)
    readOnlyProperty(this, 'keyNamespace', keyNamespace)
    readOnlyProperty(this, '_wrapKey', _wrapKey)
    readOnlyProperty(this, '_unwrapKey', _unwrapKey)
  }