add an encrypted user secret key to the stored object

oauth3.issuer.mock.js

@@ -49,13 +49,13 @@
   };
 
   OAUTH3.crypto._createKey = function (ppid) {
-    var kekPromise, ecdsaPromise;
+    var kekPromise, ecdsaPromise, secretPromise;
     var salt = window.crypto.getRandomValues(new Uint8Array(16));
 
     kekPromise = window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey'])
     .then(function (key) {
       var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}};
-      return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 256}, false, ['encrypt']);
+      return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['encrypt']);
     });
 
     ecdsaPromise = window.crypto.subtle.generateKey({name: 'ECDSA', namedCurve: 'P-256'}, true, ['sign', 'verify'])
@@ -79,15 +79,29 @@
       });
     });
 
-    return OAUTH3.PromiseA.all([kekPromise, ecdsaPromise]).then(function (keys) {
+    secretPromise = window.crypto.subtle.generateKey({name: 'AES-GCM', length: 128}, true, ['encrypt', 'decrypt'])
-      var jwkBuf = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[1].privateKey));
+    .then(function (key) {
-      var iv = window.crypto.getRandomValues(new Uint8Array(12));
+      return window.crypto.subtle.exportKey('jwk', key);
-      return window.crypto.subtle.encrypt({name: 'AES-GCM', iv: iv}, keys[0], jwkBuf).then(function (encrypted) {
+    });
+
+    return OAUTH3.PromiseA.all([kekPromise, ecdsaPromise, secretPromise]).then(function (keys) {
+      var ecdsaJwk  = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[1].privateKey));
+      var secretJwk = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[2]));
+      var ecdsaIv  = window.crypto.getRandomValues(new Uint8Array(12));
+      var secretIv = window.crypto.getRandomValues(new Uint8Array(12));
+
+      return OAUTH3.PromiseA.all([
+        window.crypto.subtle.encrypt({name: 'AES-GCM', iv: ecdsaIv}, keys[0], ecdsaJwk)
+      , window.crypto.subtle.encrypt({name: 'AES-GCM', iv: secretIv}, keys[0], secretJwk)
+      ])
+      .then(function (encrypted) {
         return {
           publicKey:  keys[1].publicKey
-        , privateKey: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted))
+        , privateKey: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[0]))
+        , userSecret: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[1]))
         , salt:       OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(salt))
-        , iv:         OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(iv))
+        , ecdsaIv:    OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(ecdsaIv))
+        , secretIv:   OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(secretIv))
         };
       });
     });
@@ -96,12 +110,12 @@
   OAUTH3.crypto._decryptKey = function (ppid, storedObj) {
     var salt   = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.salt));
     var encJwk = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.privateKey));
-    var iv     = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.iv));
+    var iv     = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.ecdsaIv));
 
     return window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey'])
     .then(function (key) {
       var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}};
-      return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 256}, false, ['decrypt']);
+      return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['decrypt']);
     })
     .then(function (key) {
       return window.crypto.subtle.decrypt({name: 'AES-GCM', iv: iv}, key, encJwk);