Map cryptojs calls to jsrsasign for encryption and decryption

[mariusheine]

Hello,

we have the below code for encrypting and decrypting data using cryptojs in our app. Because we are in a closed environment and therefor sometimes sometimes no verifiable ssl certificates we can't use cryptojs due to its limitation of only being available on secure connections.

Therefor we want to use jsrsasign as a replacement since we are already using it for signing and digest calculation.
But by now we have not been able to find a proper replacement of the cryptojs code.

passphrase is a simple 64 bytes random string generated by jsrsasign.KJUR.crypto.Util.getRandomHexOfNbytes(64).

async function keysFromPassphrase(salt: BufferSource, passphrase: string) {
  const enc = new TextEncoder().encode(passphrase);
  const baseKey = await window.crypto.subtle.importKey('raw', enc, 'PBKDF2', false, ['deriveBits']);

  const keys = await window.crypto.subtle.deriveBits(
    {
      name: 'PBKDF2',
      hash: 'SHA-512',
      salt,
      iterations: 1e5,
    },
    baseKey,
    256 /* key */ + 128 /* iv */,
  );

  const iv = new Uint8Array(keys.slice(32));

  const key = await window.crypto.subtle.importKey('raw', new Uint8Array(keys.slice(0, 32)), { name: 'AES-CBC' }, false, [
    'decrypt',
    'encrypt',
  ]);

  return { key, iv };
}

async function encrypt(plaintext: string, passphrase: string): Promise<{ encryptedData: string; salt: string }> {
  const textEncoder = new TextEncoder();
  const saltStr = jsrsasign.KJUR.crypto.Util.getRandomHexOfNbytes(64);
  const salt = textEncoder.encode(saltStr);

  const { key, iv } = await keysFromPassphrase(salt, passphrase);

  const cipherText = (await window.crypto.subtle.encrypt(
    { name: 'AES-CBC', iv },
    key,
    textEncoder.encode(plaintext),
  )) as ArrayBuffer;
  const encryptedData = btoa(
    new Uint8Array(cipherText).reduce((data, byte) => {
      return data + String.fromCharCode(byte);
    }, ''),
  );

  return { encryptedData, salt: saltStr };
}

async function decrypt(cipherText: string, passphrase: string, salt: string): Promise<string> {
  const textEncoder = new TextEncoder();
  const { key, iv } = await keysFromPassphrase(textEncoder.encode(salt), passphrase);

  const decryptedData = (await window.crypto.subtle.decrypt(
    { name: 'AES-CBC', iv },
    key,
    Uint8Array.from(atob(cipherText), (c) => c.charCodeAt(0)),
  )) as ArrayBuffer;

  const textDecoder = new TextDecoder();
  return textDecoder.decode(decryptedData);
}

Can someone pleae help use?
We are currently using version 10.5.1 of jsrsasign.