2024-01-01 14:58:21 -05:00
|
|
|
|
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
|
2023-04-18 14:29:10 +02:00
|
|
|
|
use deno_core::error::generic_error;
|
2023-02-14 17:38:45 +01:00
|
|
|
|
use deno_core::error::type_error;
|
|
|
|
|
use deno_core::error::AnyError;
|
2023-09-14 08:29:44 +02:00
|
|
|
|
use deno_core::op2;
|
2023-08-23 17:03:05 -06:00
|
|
|
|
use deno_core::unsync::spawn_blocking;
|
2023-06-22 23:37:56 +02:00
|
|
|
|
use deno_core::JsBuffer;
|
2023-02-14 17:38:45 +01:00
|
|
|
|
use deno_core::OpState;
|
2023-02-20 22:22:28 +05:30
|
|
|
|
use deno_core::StringOrBuffer;
|
2023-06-22 23:37:56 +02:00
|
|
|
|
use deno_core::ToJsBuffer;
|
2024-03-18 13:20:10 +05:30
|
|
|
|
use elliptic_curve::sec1::ToEncodedPoint;
|
2023-04-06 22:26:56 +05:30
|
|
|
|
use hkdf::Hkdf;
|
2024-08-08 11:35:29 +02:00
|
|
|
|
use keys::AsymmetricPrivateKey;
|
|
|
|
|
use keys::AsymmetricPublicKey;
|
|
|
|
|
use keys::EcPrivateKey;
|
|
|
|
|
use keys::EcPublicKey;
|
2024-08-07 08:43:58 +02:00
|
|
|
|
use keys::KeyObjectHandle;
|
2023-03-28 16:26:38 +05:30
|
|
|
|
use num_bigint::BigInt;
|
2023-05-15 19:41:53 +02:00
|
|
|
|
use num_bigint_dig::BigUint;
|
2023-04-12 02:57:57 +02:00
|
|
|
|
use rand::distributions::Distribution;
|
|
|
|
|
use rand::distributions::Uniform;
|
2023-04-06 18:39:25 +05:30
|
|
|
|
use rand::Rng;
|
2024-08-09 12:58:20 +02:00
|
|
|
|
use ring::signature::Ed25519KeyPair;
|
2023-03-28 16:26:38 +05:30
|
|
|
|
use std::future::Future;
|
2023-02-14 17:38:45 +01:00
|
|
|
|
use std::rc::Rc;
|
|
|
|
|
|
2023-04-27 18:31:35 +02:00
|
|
|
|
use p224::NistP224;
|
|
|
|
|
use p256::NistP256;
|
|
|
|
|
use p384::NistP384;
|
2023-02-20 22:22:28 +05:30
|
|
|
|
use rsa::pkcs8::DecodePrivateKey;
|
|
|
|
|
use rsa::pkcs8::DecodePublicKey;
|
2023-10-30 08:25:12 -07:00
|
|
|
|
use rsa::Oaep;
|
|
|
|
|
use rsa::Pkcs1v15Encrypt;
|
2023-02-20 22:22:28 +05:30
|
|
|
|
use rsa::RsaPrivateKey;
|
|
|
|
|
use rsa::RsaPublicKey;
|
|
|
|
|
|
2023-03-14 15:59:23 +09:00
|
|
|
|
mod cipher;
|
2023-04-19 22:27:34 +05:30
|
|
|
|
mod dh;
|
2023-02-14 17:38:45 +01:00
|
|
|
|
mod digest;
|
2024-08-07 08:43:58 +02:00
|
|
|
|
pub mod keys;
|
2024-07-05 10:10:22 +02:00
|
|
|
|
mod md5_sha1;
|
2024-08-08 11:35:29 +02:00
|
|
|
|
mod pkcs3;
|
2023-03-28 16:26:38 +05:30
|
|
|
|
mod primes;
|
2024-08-07 08:43:58 +02:00
|
|
|
|
mod sign;
|
2023-04-07 22:54:16 +05:30
|
|
|
|
pub mod x509;
|
2023-03-28 16:26:38 +05:30
|
|
|
|
|
2024-07-05 10:10:22 +02:00
|
|
|
|
use self::digest::match_fixed_digest_with_eager_block_buffer;
|
|
|
|
|
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[op2(fast)]
|
|
|
|
|
pub fn op_node_check_prime(
|
|
|
|
|
#[bigint] num: i64,
|
|
|
|
|
#[number] checks: usize,
|
|
|
|
|
) -> bool {
|
|
|
|
|
primes::is_probably_prime(&BigInt::from(num), checks)
|
2023-03-28 16:26:38 +05:30
|
|
|
|
}
|
|
|
|
|
|
2024-01-09 17:25:10 +01:00
|
|
|
|
#[op2]
|
2023-03-28 16:26:38 +05:30
|
|
|
|
pub fn op_node_check_prime_bytes(
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[anybuffer] bytes: &[u8],
|
|
|
|
|
#[number] checks: usize,
|
2023-03-28 16:26:38 +05:30
|
|
|
|
) -> Result<bool, AnyError> {
|
|
|
|
|
let candidate = BigInt::from_bytes_be(num_bigint::Sign::Plus, bytes);
|
|
|
|
|
Ok(primes::is_probably_prime(&candidate, checks))
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[op2(async)]
|
2023-03-28 16:26:38 +05:30
|
|
|
|
pub async fn op_node_check_prime_async(
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[bigint] num: i64,
|
|
|
|
|
#[number] checks: usize,
|
2023-03-28 16:26:38 +05:30
|
|
|
|
) -> Result<bool, AnyError> {
|
|
|
|
|
// TODO(@littledivy): use rayon for CPU-bound tasks
|
2023-10-06 00:16:36 +02:00
|
|
|
|
Ok(
|
|
|
|
|
spawn_blocking(move || {
|
|
|
|
|
primes::is_probably_prime(&BigInt::from(num), checks)
|
|
|
|
|
})
|
|
|
|
|
.await?,
|
|
|
|
|
)
|
2023-03-28 16:26:38 +05:30
|
|
|
|
}
|
|
|
|
|
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[op2(async)]
|
2023-03-28 16:26:38 +05:30
|
|
|
|
pub fn op_node_check_prime_bytes_async(
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[anybuffer] bytes: &[u8],
|
|
|
|
|
#[number] checks: usize,
|
|
|
|
|
) -> Result<impl Future<Output = Result<bool, AnyError>>, AnyError> {
|
2023-03-28 16:26:38 +05:30
|
|
|
|
let candidate = BigInt::from_bytes_be(num_bigint::Sign::Plus, bytes);
|
|
|
|
|
// TODO(@littledivy): use rayon for CPU-bound tasks
|
|
|
|
|
Ok(async move {
|
|
|
|
|
Ok(
|
2023-05-14 15:40:01 -06:00
|
|
|
|
spawn_blocking(move || primes::is_probably_prime(&candidate, checks))
|
|
|
|
|
.await?,
|
2023-03-28 16:26:38 +05:30
|
|
|
|
)
|
|
|
|
|
})
|
|
|
|
|
}
|
2023-02-14 17:38:45 +01:00
|
|
|
|
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[cppgc]
|
2023-09-14 08:29:44 +02:00
|
|
|
|
pub fn op_node_create_hash(
|
|
|
|
|
#[string] algorithm: &str,
|
2024-06-24 11:47:12 +02:00
|
|
|
|
output_length: Option<u32>,
|
|
|
|
|
) -> Result<digest::Hasher, AnyError> {
|
|
|
|
|
digest::Hasher::new(algorithm, output_length.map(|l| l as usize))
|
2023-02-14 17:38:45 +01:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-06-26 23:04:49 -03:00
|
|
|
|
pub fn op_node_get_hashes() -> Vec<&'static str> {
|
|
|
|
|
digest::Hash::get_hashes()
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
|
|
|
|
pub fn op_node_hash_update(
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[cppgc] hasher: &digest::Hasher,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] data: &[u8],
|
|
|
|
|
) -> bool {
|
2024-06-24 11:47:12 +02:00
|
|
|
|
hasher.update(data)
|
2023-03-06 08:58:04 +05:30
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-03-06 08:58:04 +05:30
|
|
|
|
pub fn op_node_hash_update_str(
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[cppgc] hasher: &digest::Hasher,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] data: &str,
|
2023-03-06 08:58:04 +05:30
|
|
|
|
) -> bool {
|
2024-06-24 11:47:12 +02:00
|
|
|
|
hasher.update(data.as_bytes())
|
2023-02-14 17:38:45 +01:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[buffer]
|
2023-02-14 17:38:45 +01:00
|
|
|
|
pub fn op_node_hash_digest(
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[cppgc] hasher: &digest::Hasher,
|
|
|
|
|
) -> Option<Box<[u8]>> {
|
|
|
|
|
hasher.digest()
|
2023-02-14 17:38:45 +01:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[string]
|
2023-03-06 08:58:04 +05:30
|
|
|
|
pub fn op_node_hash_digest_hex(
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[cppgc] hasher: &digest::Hasher,
|
|
|
|
|
) -> Option<String> {
|
|
|
|
|
let digest = hasher.digest()?;
|
|
|
|
|
Some(faster_hex::hex_string(&digest))
|
2023-03-06 08:58:04 +05:30
|
|
|
|
}
|
|
|
|
|
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[cppgc]
|
2023-02-14 17:38:45 +01:00
|
|
|
|
pub fn op_node_hash_clone(
|
2024-06-24 11:47:12 +02:00
|
|
|
|
#[cppgc] hasher: &digest::Hasher,
|
|
|
|
|
output_length: Option<u32>,
|
|
|
|
|
) -> Result<Option<digest::Hasher>, AnyError> {
|
|
|
|
|
hasher.clone_inner(output_length.map(|l| l as usize))
|
2023-02-14 17:38:45 +01:00
|
|
|
|
}
|
2023-02-20 22:22:28 +05:30
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-02-20 22:22:28 +05:30
|
|
|
|
pub fn op_node_private_encrypt(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[serde] key: StringOrBuffer,
|
|
|
|
|
#[serde] msg: StringOrBuffer,
|
|
|
|
|
#[smi] padding: u32,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-02-20 22:22:28 +05:30
|
|
|
|
let key = RsaPrivateKey::from_pkcs8_pem((&key).try_into()?)?;
|
|
|
|
|
|
|
|
|
|
let mut rng = rand::thread_rng();
|
|
|
|
|
match padding {
|
|
|
|
|
1 => Ok(
|
|
|
|
|
key
|
2023-10-30 08:25:12 -07:00
|
|
|
|
.as_ref()
|
|
|
|
|
.encrypt(&mut rng, Pkcs1v15Encrypt, &msg)?
|
2023-02-20 22:22:28 +05:30
|
|
|
|
.into(),
|
|
|
|
|
),
|
|
|
|
|
4 => Ok(
|
|
|
|
|
key
|
2023-10-30 08:25:12 -07:00
|
|
|
|
.as_ref()
|
|
|
|
|
.encrypt(&mut rng, Oaep::new::<sha1::Sha1>(), &msg)?
|
2023-02-20 22:22:28 +05:30
|
|
|
|
.into(),
|
|
|
|
|
),
|
|
|
|
|
_ => Err(type_error("Unknown padding")),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-02-20 22:22:28 +05:30
|
|
|
|
pub fn op_node_private_decrypt(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[serde] key: StringOrBuffer,
|
|
|
|
|
#[serde] msg: StringOrBuffer,
|
|
|
|
|
#[smi] padding: u32,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-02-20 22:22:28 +05:30
|
|
|
|
let key = RsaPrivateKey::from_pkcs8_pem((&key).try_into()?)?;
|
|
|
|
|
|
|
|
|
|
match padding {
|
2023-10-30 08:25:12 -07:00
|
|
|
|
1 => Ok(key.decrypt(Pkcs1v15Encrypt, &msg)?.into()),
|
|
|
|
|
4 => Ok(key.decrypt(Oaep::new::<sha1::Sha1>(), &msg)?.into()),
|
2023-02-20 22:22:28 +05:30
|
|
|
|
_ => Err(type_error("Unknown padding")),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-02-20 22:22:28 +05:30
|
|
|
|
pub fn op_node_public_encrypt(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[serde] key: StringOrBuffer,
|
|
|
|
|
#[serde] msg: StringOrBuffer,
|
|
|
|
|
#[smi] padding: u32,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-02-20 22:22:28 +05:30
|
|
|
|
let key = RsaPublicKey::from_public_key_pem((&key).try_into()?)?;
|
|
|
|
|
|
|
|
|
|
let mut rng = rand::thread_rng();
|
|
|
|
|
match padding {
|
2023-10-30 08:25:12 -07:00
|
|
|
|
1 => Ok(key.encrypt(&mut rng, Pkcs1v15Encrypt, &msg)?.into()),
|
2023-02-20 22:22:28 +05:30
|
|
|
|
4 => Ok(
|
|
|
|
|
key
|
2023-10-30 08:25:12 -07:00
|
|
|
|
.encrypt(&mut rng, Oaep::new::<sha1::Sha1>(), &msg)?
|
2023-02-20 22:22:28 +05:30
|
|
|
|
.into(),
|
|
|
|
|
),
|
|
|
|
|
_ => Err(type_error("Unknown padding")),
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-03-14 15:59:23 +09:00
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
|
|
|
|
#[smi]
|
2023-03-14 15:59:23 +09:00
|
|
|
|
pub fn op_node_create_cipheriv(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] algorithm: &str,
|
|
|
|
|
#[buffer] key: &[u8],
|
|
|
|
|
#[buffer] iv: &[u8],
|
2024-09-11 13:27:07 +09:00
|
|
|
|
) -> Result<u32, AnyError> {
|
|
|
|
|
let context = cipher::CipherContext::new(algorithm, key, iv)?;
|
|
|
|
|
Ok(state.resource_table.add(context))
|
2023-03-14 15:59:23 +09:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-09-05 22:31:50 -07:00
|
|
|
|
pub fn op_node_cipheriv_set_aad(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
#[buffer] aad: &[u8],
|
2023-09-05 22:31:50 -07:00
|
|
|
|
) -> bool {
|
|
|
|
|
let context = match state.resource_table.get::<cipher::CipherContext>(rid) {
|
|
|
|
|
Ok(context) => context,
|
|
|
|
|
Err(_) => return false,
|
|
|
|
|
};
|
|
|
|
|
context.set_aad(aad);
|
|
|
|
|
true
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-03-14 15:59:23 +09:00
|
|
|
|
pub fn op_node_cipheriv_encrypt(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
#[buffer] input: &[u8],
|
|
|
|
|
#[buffer] output: &mut [u8],
|
2023-03-14 15:59:23 +09:00
|
|
|
|
) -> bool {
|
|
|
|
|
let context = match state.resource_table.get::<cipher::CipherContext>(rid) {
|
|
|
|
|
Ok(context) => context,
|
|
|
|
|
Err(_) => return false,
|
|
|
|
|
};
|
|
|
|
|
context.encrypt(input, output);
|
|
|
|
|
true
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-03-14 15:59:23 +09:00
|
|
|
|
pub fn op_node_cipheriv_final(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
2024-08-08 06:04:10 -07:00
|
|
|
|
auto_pad: bool,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] input: &[u8],
|
2024-08-08 06:04:10 -07:00
|
|
|
|
#[anybuffer] output: &mut [u8],
|
2023-09-05 22:31:50 -07:00
|
|
|
|
) -> Result<Option<Vec<u8>>, AnyError> {
|
2023-03-14 15:59:23 +09:00
|
|
|
|
let context = state.resource_table.take::<cipher::CipherContext>(rid)?;
|
|
|
|
|
let context = Rc::try_unwrap(context)
|
|
|
|
|
.map_err(|_| type_error("Cipher context is already in use"))?;
|
2024-08-08 06:04:10 -07:00
|
|
|
|
context.r#final(auto_pad, input, output)
|
2023-03-14 15:59:23 +09:00
|
|
|
|
}
|
2023-03-18 21:51:28 +09:00
|
|
|
|
|
2024-08-09 12:58:20 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[buffer]
|
|
|
|
|
pub fn op_node_cipheriv_take(
|
|
|
|
|
state: &mut OpState,
|
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
) -> Result<Option<Vec<u8>>, AnyError> {
|
|
|
|
|
let context = state.resource_table.take::<cipher::CipherContext>(rid)?;
|
|
|
|
|
let context = Rc::try_unwrap(context)
|
|
|
|
|
.map_err(|_| type_error("Cipher context is already in use"))?;
|
|
|
|
|
Ok(context.take_tag())
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
|
|
|
|
#[smi]
|
2023-03-18 21:51:28 +09:00
|
|
|
|
pub fn op_node_create_decipheriv(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] algorithm: &str,
|
|
|
|
|
#[buffer] key: &[u8],
|
|
|
|
|
#[buffer] iv: &[u8],
|
2024-09-11 13:27:07 +09:00
|
|
|
|
) -> Result<u32, AnyError> {
|
|
|
|
|
let context = cipher::DecipherContext::new(algorithm, key, iv)?;
|
|
|
|
|
Ok(state.resource_table.add(context))
|
2023-03-18 21:51:28 +09:00
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-09-05 22:31:50 -07:00
|
|
|
|
pub fn op_node_decipheriv_set_aad(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
#[buffer] aad: &[u8],
|
2023-09-05 22:31:50 -07:00
|
|
|
|
) -> bool {
|
|
|
|
|
let context = match state.resource_table.get::<cipher::DecipherContext>(rid) {
|
|
|
|
|
Ok(context) => context,
|
|
|
|
|
Err(_) => return false,
|
|
|
|
|
};
|
|
|
|
|
context.set_aad(aad);
|
|
|
|
|
true
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-03-18 21:51:28 +09:00
|
|
|
|
pub fn op_node_decipheriv_decrypt(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
#[buffer] input: &[u8],
|
|
|
|
|
#[buffer] output: &mut [u8],
|
2023-03-18 21:51:28 +09:00
|
|
|
|
) -> bool {
|
|
|
|
|
let context = match state.resource_table.get::<cipher::DecipherContext>(rid) {
|
|
|
|
|
Ok(context) => context,
|
|
|
|
|
Err(_) => return false,
|
|
|
|
|
};
|
|
|
|
|
context.decrypt(input, output);
|
|
|
|
|
true
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2024-08-08 06:04:10 -07:00
|
|
|
|
pub fn op_node_decipheriv_take(
|
|
|
|
|
state: &mut OpState,
|
|
|
|
|
#[smi] rid: u32,
|
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
let context = state.resource_table.take::<cipher::DecipherContext>(rid)?;
|
|
|
|
|
Rc::try_unwrap(context)
|
|
|
|
|
.map_err(|_| type_error("Cipher context is already in use"))?;
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[op2]
|
2023-03-18 21:51:28 +09:00
|
|
|
|
pub fn op_node_decipheriv_final(
|
|
|
|
|
state: &mut OpState,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[smi] rid: u32,
|
2024-08-08 06:04:10 -07:00
|
|
|
|
auto_pad: bool,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] input: &[u8],
|
2024-08-08 06:04:10 -07:00
|
|
|
|
#[anybuffer] output: &mut [u8],
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] auth_tag: &[u8],
|
2023-03-18 21:51:28 +09:00
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
let context = state.resource_table.take::<cipher::DecipherContext>(rid)?;
|
|
|
|
|
let context = Rc::try_unwrap(context)
|
|
|
|
|
.map_err(|_| type_error("Cipher context is already in use"))?;
|
2024-08-08 06:04:10 -07:00
|
|
|
|
context.r#final(auto_pad, input, output, auth_tag)
|
2023-03-18 21:51:28 +09:00
|
|
|
|
}
|
2023-03-28 15:10:56 +05:30
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
2024-08-07 08:43:58 +02:00
|
|
|
|
#[buffer]
|
2023-03-28 21:46:48 +09:00
|
|
|
|
pub fn op_node_sign(
|
2024-08-07 08:43:58 +02:00
|
|
|
|
#[cppgc] handle: &KeyObjectHandle,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] digest: &[u8],
|
|
|
|
|
#[string] digest_type: &str,
|
2024-08-11 02:29:53 -07:00
|
|
|
|
#[smi] pss_salt_length: Option<u32>,
|
|
|
|
|
#[smi] dsa_signature_encoding: u32,
|
2024-08-07 08:43:58 +02:00
|
|
|
|
) -> Result<Box<[u8]>, AnyError> {
|
2024-08-11 02:29:53 -07:00
|
|
|
|
handle.sign_prehashed(
|
|
|
|
|
digest_type,
|
|
|
|
|
digest,
|
|
|
|
|
pss_salt_length,
|
|
|
|
|
dsa_signature_encoding,
|
|
|
|
|
)
|
2023-03-28 21:46:48 +09:00
|
|
|
|
}
|
|
|
|
|
|
2024-08-11 02:29:53 -07:00
|
|
|
|
#[op2]
|
2023-09-14 08:29:44 +02:00
|
|
|
|
pub fn op_node_verify(
|
2024-08-07 08:43:58 +02:00
|
|
|
|
#[cppgc] handle: &KeyObjectHandle,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] digest: &[u8],
|
|
|
|
|
#[string] digest_type: &str,
|
|
|
|
|
#[buffer] signature: &[u8],
|
2024-08-11 02:29:53 -07:00
|
|
|
|
#[smi] pss_salt_length: Option<u32>,
|
|
|
|
|
#[smi] dsa_signature_encoding: u32,
|
2023-04-18 21:04:51 +09:00
|
|
|
|
) -> Result<bool, AnyError> {
|
2024-08-11 02:29:53 -07:00
|
|
|
|
handle.verify_prehashed(
|
|
|
|
|
digest_type,
|
|
|
|
|
digest,
|
|
|
|
|
signature,
|
|
|
|
|
pss_salt_length,
|
|
|
|
|
dsa_signature_encoding,
|
|
|
|
|
)
|
2023-04-18 21:04:51 +09:00
|
|
|
|
}
|
|
|
|
|
|
2023-03-28 15:10:56 +05:30
|
|
|
|
fn pbkdf2_sync(
|
|
|
|
|
password: &[u8],
|
|
|
|
|
salt: &[u8],
|
|
|
|
|
iterations: u32,
|
2024-07-05 10:10:22 +02:00
|
|
|
|
algorithm_name: &str,
|
2023-03-28 15:10:56 +05:30
|
|
|
|
derived_key: &mut [u8],
|
|
|
|
|
) -> Result<(), AnyError> {
|
2024-07-05 10:10:22 +02:00
|
|
|
|
match_fixed_digest_with_eager_block_buffer!(
|
|
|
|
|
algorithm_name,
|
|
|
|
|
fn <D>() {
|
|
|
|
|
pbkdf2::pbkdf2_hmac::<D>(password, salt, iterations, derived_key);
|
|
|
|
|
Ok(())
|
|
|
|
|
},
|
|
|
|
|
_ => {
|
|
|
|
|
Err(type_error(format!(
|
|
|
|
|
"unsupported digest: {}",
|
|
|
|
|
algorithm_name
|
|
|
|
|
)))
|
|
|
|
|
}
|
|
|
|
|
)
|
2023-03-28 15:10:56 +05:30
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
2023-03-28 15:10:56 +05:30
|
|
|
|
pub fn op_node_pbkdf2(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[serde] password: StringOrBuffer,
|
|
|
|
|
#[serde] salt: StringOrBuffer,
|
|
|
|
|
#[smi] iterations: u32,
|
|
|
|
|
#[string] digest: &str,
|
|
|
|
|
#[buffer] derived_key: &mut [u8],
|
2023-03-28 15:10:56 +05:30
|
|
|
|
) -> bool {
|
|
|
|
|
pbkdf2_sync(&password, &salt, iterations, digest, derived_key).is_ok()
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[op2(async)]
|
|
|
|
|
#[serde]
|
2023-03-28 15:10:56 +05:30
|
|
|
|
pub async fn op_node_pbkdf2_async(
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[serde] password: StringOrBuffer,
|
|
|
|
|
#[serde] salt: StringOrBuffer,
|
|
|
|
|
#[smi] iterations: u32,
|
|
|
|
|
#[string] digest: String,
|
|
|
|
|
#[number] keylen: usize,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-05-14 15:40:01 -06:00
|
|
|
|
spawn_blocking(move || {
|
2023-03-28 15:10:56 +05:30
|
|
|
|
let mut derived_key = vec![0; keylen];
|
|
|
|
|
pbkdf2_sync(&password, &salt, iterations, &digest, &mut derived_key)
|
|
|
|
|
.map(|_| derived_key.into())
|
|
|
|
|
})
|
|
|
|
|
.await?
|
|
|
|
|
}
|
2023-04-06 18:39:25 +05:30
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2024-08-07 08:43:58 +02:00
|
|
|
|
pub fn op_node_fill_random(#[buffer] buf: &mut [u8]) {
|
2023-04-06 18:39:25 +05:30
|
|
|
|
rand::thread_rng().fill(buf);
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(async)]
|
|
|
|
|
#[serde]
|
2024-08-07 08:43:58 +02:00
|
|
|
|
pub async fn op_node_fill_random_async(#[smi] len: i32) -> ToJsBuffer {
|
2023-05-14 15:40:01 -06:00
|
|
|
|
spawn_blocking(move || {
|
2023-04-06 18:39:25 +05:30
|
|
|
|
let mut buf = vec![0u8; len as usize];
|
|
|
|
|
rand::thread_rng().fill(&mut buf[..]);
|
|
|
|
|
buf.into()
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.unwrap()
|
|
|
|
|
}
|
2023-04-06 22:26:56 +05:30
|
|
|
|
|
|
|
|
|
fn hkdf_sync(
|
2024-07-05 10:10:22 +02:00
|
|
|
|
digest_algorithm: &str,
|
2024-08-07 08:43:58 +02:00
|
|
|
|
handle: &KeyObjectHandle,
|
2023-04-06 22:26:56 +05:30
|
|
|
|
salt: &[u8],
|
|
|
|
|
info: &[u8],
|
|
|
|
|
okm: &mut [u8],
|
|
|
|
|
) -> Result<(), AnyError> {
|
2024-08-07 08:43:58 +02:00
|
|
|
|
let Some(ikm) = handle.as_secret_key() else {
|
|
|
|
|
return Err(type_error("expected secret key"));
|
|
|
|
|
};
|
|
|
|
|
|
2024-07-05 10:10:22 +02:00
|
|
|
|
match_fixed_digest_with_eager_block_buffer!(
|
|
|
|
|
digest_algorithm,
|
|
|
|
|
fn <D>() {
|
|
|
|
|
let hk = Hkdf::<D>::new(Some(salt), ikm);
|
2023-04-06 22:26:56 +05:30
|
|
|
|
hk.expand(info, okm)
|
2024-07-05 10:10:22 +02:00
|
|
|
|
.map_err(|_| type_error("HKDF-Expand failed"))
|
|
|
|
|
},
|
|
|
|
|
_ => {
|
|
|
|
|
Err(type_error(format!("Unsupported digest: {}", digest_algorithm)))
|
|
|
|
|
}
|
|
|
|
|
)
|
2023-04-06 22:26:56 +05:30
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-04-06 22:26:56 +05:30
|
|
|
|
pub fn op_node_hkdf(
|
2024-07-05 10:10:22 +02:00
|
|
|
|
#[string] digest_algorithm: &str,
|
2024-08-07 08:43:58 +02:00
|
|
|
|
#[cppgc] handle: &KeyObjectHandle,
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] salt: &[u8],
|
|
|
|
|
#[buffer] info: &[u8],
|
|
|
|
|
#[buffer] okm: &mut [u8],
|
2023-04-06 22:26:56 +05:30
|
|
|
|
) -> Result<(), AnyError> {
|
2024-08-07 08:43:58 +02:00
|
|
|
|
hkdf_sync(digest_algorithm, handle, salt, info, okm)
|
2023-04-06 22:26:56 +05:30
|
|
|
|
}
|
|
|
|
|
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[op2(async)]
|
|
|
|
|
#[serde]
|
2023-04-06 22:26:56 +05:30
|
|
|
|
pub async fn op_node_hkdf_async(
|
2024-07-05 10:10:22 +02:00
|
|
|
|
#[string] digest_algorithm: String,
|
2024-08-07 08:43:58 +02:00
|
|
|
|
#[cppgc] handle: &KeyObjectHandle,
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[buffer] salt: JsBuffer,
|
|
|
|
|
#[buffer] info: JsBuffer,
|
|
|
|
|
#[number] okm_len: usize,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2024-08-07 08:43:58 +02:00
|
|
|
|
let handle = handle.clone();
|
2023-05-14 15:40:01 -06:00
|
|
|
|
spawn_blocking(move || {
|
2023-04-06 22:26:56 +05:30
|
|
|
|
let mut okm = vec![0u8; okm_len];
|
2024-08-07 08:43:58 +02:00
|
|
|
|
hkdf_sync(&digest_algorithm, &handle, &salt, &info, &mut okm)?;
|
2023-04-06 22:26:56 +05:30
|
|
|
|
Ok(okm.into())
|
|
|
|
|
})
|
|
|
|
|
.await?
|
|
|
|
|
}
|
2023-04-12 02:57:57 +02:00
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
2023-05-15 19:41:53 +02:00
|
|
|
|
pub fn op_node_dh_compute_secret(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[buffer] prime: JsBuffer,
|
|
|
|
|
#[buffer] private_key: JsBuffer,
|
|
|
|
|
#[buffer] their_public_key: JsBuffer,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-05-15 19:41:53 +02:00
|
|
|
|
let pubkey: BigUint = BigUint::from_bytes_be(their_public_key.as_ref());
|
|
|
|
|
let privkey: BigUint = BigUint::from_bytes_be(private_key.as_ref());
|
|
|
|
|
let primei: BigUint = BigUint::from_bytes_be(prime.as_ref());
|
|
|
|
|
let shared_secret: BigUint = pubkey.modpow(&privkey, &primei);
|
|
|
|
|
|
|
|
|
|
Ok(shared_secret.to_bytes_be().into())
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
|
|
|
|
#[smi]
|
|
|
|
|
pub fn op_node_random_int(
|
|
|
|
|
#[smi] min: i32,
|
|
|
|
|
#[smi] max: i32,
|
|
|
|
|
) -> Result<i32, AnyError> {
|
2023-04-12 02:57:57 +02:00
|
|
|
|
let mut rng = rand::thread_rng();
|
|
|
|
|
// Uniform distribution is required to avoid Modulo Bias
|
|
|
|
|
// https://en.wikipedia.org/wiki/Fisher–Yates_shuffle#Modulo_bias
|
|
|
|
|
let dist = Uniform::from(min..max);
|
|
|
|
|
|
|
|
|
|
Ok(dist.sample(&mut rng))
|
|
|
|
|
}
|
2023-04-18 14:29:10 +02:00
|
|
|
|
|
|
|
|
|
#[allow(clippy::too_many_arguments)]
|
|
|
|
|
fn scrypt(
|
|
|
|
|
password: StringOrBuffer,
|
|
|
|
|
salt: StringOrBuffer,
|
|
|
|
|
keylen: u32,
|
|
|
|
|
cost: u32,
|
|
|
|
|
block_size: u32,
|
|
|
|
|
parallelization: u32,
|
|
|
|
|
_maxmem: u32,
|
|
|
|
|
output_buffer: &mut [u8],
|
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
// Construct Params
|
|
|
|
|
let params = scrypt::Params::new(
|
|
|
|
|
cost as u8,
|
|
|
|
|
block_size,
|
|
|
|
|
parallelization,
|
|
|
|
|
keylen as usize,
|
|
|
|
|
)
|
|
|
|
|
.unwrap();
|
|
|
|
|
|
|
|
|
|
// Call into scrypt
|
|
|
|
|
let res = scrypt::scrypt(&password, &salt, ¶ms, output_buffer);
|
|
|
|
|
if res.is_ok() {
|
|
|
|
|
Ok(())
|
|
|
|
|
} else {
|
|
|
|
|
// TODO(lev): key derivation failed, so what?
|
|
|
|
|
Err(generic_error("scrypt key derivation failed"))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[allow(clippy::too_many_arguments)]
|
|
|
|
|
#[op2]
|
2023-04-18 14:29:10 +02:00
|
|
|
|
pub fn op_node_scrypt_sync(
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[serde] password: StringOrBuffer,
|
|
|
|
|
#[serde] salt: StringOrBuffer,
|
|
|
|
|
#[smi] keylen: u32,
|
|
|
|
|
#[smi] cost: u32,
|
|
|
|
|
#[smi] block_size: u32,
|
|
|
|
|
#[smi] parallelization: u32,
|
|
|
|
|
#[smi] maxmem: u32,
|
|
|
|
|
#[anybuffer] output_buffer: &mut [u8],
|
2023-04-18 14:29:10 +02:00
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
scrypt(
|
|
|
|
|
password,
|
|
|
|
|
salt,
|
|
|
|
|
keylen,
|
|
|
|
|
cost,
|
|
|
|
|
block_size,
|
|
|
|
|
parallelization,
|
|
|
|
|
maxmem,
|
|
|
|
|
output_buffer,
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[op2(async)]
|
|
|
|
|
#[serde]
|
2023-04-18 14:29:10 +02:00
|
|
|
|
pub async fn op_node_scrypt_async(
|
2023-10-06 00:16:36 +02:00
|
|
|
|
#[serde] password: StringOrBuffer,
|
|
|
|
|
#[serde] salt: StringOrBuffer,
|
|
|
|
|
#[smi] keylen: u32,
|
|
|
|
|
#[smi] cost: u32,
|
|
|
|
|
#[smi] block_size: u32,
|
|
|
|
|
#[smi] parallelization: u32,
|
|
|
|
|
#[smi] maxmem: u32,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-05-14 15:40:01 -06:00
|
|
|
|
spawn_blocking(move || {
|
2023-04-18 14:29:10 +02:00
|
|
|
|
let mut output_buffer = vec![0u8; keylen as usize];
|
|
|
|
|
let res = scrypt(
|
|
|
|
|
password,
|
|
|
|
|
salt,
|
|
|
|
|
keylen,
|
|
|
|
|
cost,
|
|
|
|
|
block_size,
|
|
|
|
|
parallelization,
|
|
|
|
|
maxmem,
|
|
|
|
|
&mut output_buffer,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if res.is_ok() {
|
|
|
|
|
Ok(output_buffer.into())
|
|
|
|
|
} else {
|
|
|
|
|
// TODO(lev): rethrow the error?
|
|
|
|
|
Err(generic_error("scrypt failure"))
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
.await?
|
|
|
|
|
}
|
2023-04-27 19:40:59 +05:30
|
|
|
|
|
2024-03-21 14:11:54 +05:30
|
|
|
|
#[op2]
|
|
|
|
|
#[buffer]
|
|
|
|
|
pub fn op_node_ecdh_encode_pubkey(
|
|
|
|
|
#[string] curve: &str,
|
|
|
|
|
#[buffer] pubkey: &[u8],
|
|
|
|
|
compress: bool,
|
|
|
|
|
) -> Result<Vec<u8>, AnyError> {
|
|
|
|
|
use elliptic_curve::sec1::FromEncodedPoint;
|
|
|
|
|
|
|
|
|
|
match curve {
|
|
|
|
|
"secp256k1" => {
|
|
|
|
|
let pubkey =
|
|
|
|
|
elliptic_curve::PublicKey::<k256::Secp256k1>::from_encoded_point(
|
|
|
|
|
&elliptic_curve::sec1::EncodedPoint::<k256::Secp256k1>::from_bytes(
|
|
|
|
|
pubkey,
|
|
|
|
|
)?,
|
|
|
|
|
);
|
|
|
|
|
// CtOption does not expose its variants.
|
|
|
|
|
if pubkey.is_none().into() {
|
|
|
|
|
return Err(type_error("Invalid public key"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let pubkey = pubkey.unwrap();
|
|
|
|
|
|
|
|
|
|
Ok(pubkey.to_encoded_point(compress).as_ref().to_vec())
|
|
|
|
|
}
|
|
|
|
|
"prime256v1" | "secp256r1" => {
|
|
|
|
|
let pubkey = elliptic_curve::PublicKey::<NistP256>::from_encoded_point(
|
|
|
|
|
&elliptic_curve::sec1::EncodedPoint::<NistP256>::from_bytes(pubkey)?,
|
|
|
|
|
);
|
|
|
|
|
// CtOption does not expose its variants.
|
|
|
|
|
if pubkey.is_none().into() {
|
|
|
|
|
return Err(type_error("Invalid public key"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let pubkey = pubkey.unwrap();
|
|
|
|
|
|
|
|
|
|
Ok(pubkey.to_encoded_point(compress).as_ref().to_vec())
|
|
|
|
|
}
|
|
|
|
|
"secp384r1" => {
|
|
|
|
|
let pubkey = elliptic_curve::PublicKey::<NistP384>::from_encoded_point(
|
|
|
|
|
&elliptic_curve::sec1::EncodedPoint::<NistP384>::from_bytes(pubkey)?,
|
|
|
|
|
);
|
|
|
|
|
// CtOption does not expose its variants.
|
|
|
|
|
if pubkey.is_none().into() {
|
|
|
|
|
return Err(type_error("Invalid public key"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let pubkey = pubkey.unwrap();
|
|
|
|
|
|
|
|
|
|
Ok(pubkey.to_encoded_point(compress).as_ref().to_vec())
|
|
|
|
|
}
|
|
|
|
|
"secp224r1" => {
|
|
|
|
|
let pubkey = elliptic_curve::PublicKey::<NistP224>::from_encoded_point(
|
|
|
|
|
&elliptic_curve::sec1::EncodedPoint::<NistP224>::from_bytes(pubkey)?,
|
|
|
|
|
);
|
|
|
|
|
// CtOption does not expose its variants.
|
|
|
|
|
if pubkey.is_none().into() {
|
|
|
|
|
return Err(type_error("Invalid public key"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let pubkey = pubkey.unwrap();
|
|
|
|
|
|
|
|
|
|
Ok(pubkey.to_encoded_point(compress).as_ref().to_vec())
|
|
|
|
|
}
|
|
|
|
|
&_ => Err(type_error("Unsupported curve")),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-04-27 18:31:35 +02:00
|
|
|
|
pub fn op_node_ecdh_generate_keys(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] curve: &str,
|
|
|
|
|
#[buffer] pubbuf: &mut [u8],
|
|
|
|
|
#[buffer] privbuf: &mut [u8],
|
2024-03-18 13:20:10 +05:30
|
|
|
|
#[string] format: &str,
|
2024-03-21 12:15:10 +05:30
|
|
|
|
) -> Result<(), AnyError> {
|
2023-04-27 18:31:35 +02:00
|
|
|
|
let mut rng = rand::thread_rng();
|
2024-03-18 13:20:10 +05:30
|
|
|
|
let compress = format == "compressed";
|
2023-04-27 18:31:35 +02:00
|
|
|
|
match curve {
|
|
|
|
|
"secp256k1" => {
|
2023-11-10 09:29:01 -08:00
|
|
|
|
let privkey =
|
|
|
|
|
elliptic_curve::SecretKey::<k256::Secp256k1>::random(&mut rng);
|
|
|
|
|
let pubkey = privkey.public_key();
|
2024-03-18 13:20:10 +05:30
|
|
|
|
pubbuf.copy_from_slice(pubkey.to_encoded_point(compress).as_ref());
|
2023-11-10 09:29:01 -08:00
|
|
|
|
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
|
2024-03-21 12:15:10 +05:30
|
|
|
|
Ok(())
|
2023-04-27 18:31:35 +02:00
|
|
|
|
}
|
|
|
|
|
"prime256v1" | "secp256r1" => {
|
|
|
|
|
let privkey = elliptic_curve::SecretKey::<NistP256>::random(&mut rng);
|
|
|
|
|
let pubkey = privkey.public_key();
|
2024-03-18 13:20:10 +05:30
|
|
|
|
pubbuf.copy_from_slice(pubkey.to_encoded_point(compress).as_ref());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
|
2024-03-21 12:15:10 +05:30
|
|
|
|
|
|
|
|
|
Ok(())
|
2023-04-27 18:31:35 +02:00
|
|
|
|
}
|
|
|
|
|
"secp384r1" => {
|
|
|
|
|
let privkey = elliptic_curve::SecretKey::<NistP384>::random(&mut rng);
|
|
|
|
|
let pubkey = privkey.public_key();
|
2024-03-18 13:20:10 +05:30
|
|
|
|
pubbuf.copy_from_slice(pubkey.to_encoded_point(compress).as_ref());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
|
2024-03-21 12:15:10 +05:30
|
|
|
|
|
|
|
|
|
Ok(())
|
2023-04-27 18:31:35 +02:00
|
|
|
|
}
|
|
|
|
|
"secp224r1" => {
|
|
|
|
|
let privkey = elliptic_curve::SecretKey::<NistP224>::random(&mut rng);
|
|
|
|
|
let pubkey = privkey.public_key();
|
2024-03-18 13:20:10 +05:30
|
|
|
|
pubbuf.copy_from_slice(pubkey.to_encoded_point(compress).as_ref());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
|
2024-03-21 12:15:10 +05:30
|
|
|
|
|
|
|
|
|
Ok(())
|
2023-04-27 18:31:35 +02:00
|
|
|
|
}
|
2024-03-21 12:15:10 +05:30
|
|
|
|
&_ => Err(type_error(format!("Unsupported curve: {}", curve))),
|
2023-04-27 18:31:35 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2]
|
2023-04-27 18:31:35 +02:00
|
|
|
|
pub fn op_node_ecdh_compute_secret(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] curve: &str,
|
|
|
|
|
#[buffer] this_priv: Option<JsBuffer>,
|
|
|
|
|
#[buffer] their_pub: &mut [u8],
|
|
|
|
|
#[buffer] secret: &mut [u8],
|
2023-04-27 18:31:35 +02:00
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
match curve {
|
|
|
|
|
"secp256k1" => {
|
|
|
|
|
let their_public_key =
|
2023-11-10 09:29:01 -08:00
|
|
|
|
elliptic_curve::PublicKey::<k256::Secp256k1>::from_sec1_bytes(
|
|
|
|
|
their_pub,
|
|
|
|
|
)
|
|
|
|
|
.expect("bad public key");
|
|
|
|
|
let this_private_key =
|
|
|
|
|
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(
|
|
|
|
|
&this_priv.expect("must supply private key"),
|
|
|
|
|
)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
|
|
|
|
|
this_private_key.to_nonzero_scalar(),
|
|
|
|
|
their_public_key.as_affine(),
|
|
|
|
|
);
|
|
|
|
|
secret.copy_from_slice(shared_secret.raw_secret_bytes());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"prime256v1" | "secp256r1" => {
|
|
|
|
|
let their_public_key =
|
|
|
|
|
elliptic_curve::PublicKey::<NistP256>::from_sec1_bytes(their_pub)
|
|
|
|
|
.expect("bad public key");
|
|
|
|
|
let this_private_key = elliptic_curve::SecretKey::<NistP256>::from_slice(
|
|
|
|
|
&this_priv.expect("must supply private key"),
|
|
|
|
|
)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
|
|
|
|
|
this_private_key.to_nonzero_scalar(),
|
|
|
|
|
their_public_key.as_affine(),
|
|
|
|
|
);
|
|
|
|
|
secret.copy_from_slice(shared_secret.raw_secret_bytes());
|
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"secp384r1" => {
|
|
|
|
|
let their_public_key =
|
|
|
|
|
elliptic_curve::PublicKey::<NistP384>::from_sec1_bytes(their_pub)
|
|
|
|
|
.expect("bad public key");
|
|
|
|
|
let this_private_key = elliptic_curve::SecretKey::<NistP384>::from_slice(
|
|
|
|
|
&this_priv.expect("must supply private key"),
|
|
|
|
|
)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
|
|
|
|
|
this_private_key.to_nonzero_scalar(),
|
|
|
|
|
their_public_key.as_affine(),
|
|
|
|
|
);
|
|
|
|
|
secret.copy_from_slice(shared_secret.raw_secret_bytes());
|
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"secp224r1" => {
|
|
|
|
|
let their_public_key =
|
|
|
|
|
elliptic_curve::PublicKey::<NistP224>::from_sec1_bytes(their_pub)
|
|
|
|
|
.expect("bad public key");
|
|
|
|
|
let this_private_key = elliptic_curve::SecretKey::<NistP224>::from_slice(
|
|
|
|
|
&this_priv.expect("must supply private key"),
|
|
|
|
|
)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
|
|
|
|
|
this_private_key.to_nonzero_scalar(),
|
|
|
|
|
their_public_key.as_affine(),
|
|
|
|
|
);
|
|
|
|
|
secret.copy_from_slice(shared_secret.raw_secret_bytes());
|
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
&_ => todo!(),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[op2(fast)]
|
2023-04-27 18:31:35 +02:00
|
|
|
|
pub fn op_node_ecdh_compute_public_key(
|
2023-09-14 08:29:44 +02:00
|
|
|
|
#[string] curve: &str,
|
|
|
|
|
#[buffer] privkey: &[u8],
|
|
|
|
|
#[buffer] pubkey: &mut [u8],
|
2023-04-27 18:31:35 +02:00
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
match curve {
|
|
|
|
|
"secp256k1" => {
|
2023-11-10 09:29:01 -08:00
|
|
|
|
let this_private_key =
|
|
|
|
|
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(privkey)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let public_key = this_private_key.public_key();
|
|
|
|
|
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
|
2023-04-27 18:31:35 +02:00
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"prime256v1" | "secp256r1" => {
|
|
|
|
|
let this_private_key =
|
|
|
|
|
elliptic_curve::SecretKey::<NistP256>::from_slice(privkey)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let public_key = this_private_key.public_key();
|
|
|
|
|
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"secp384r1" => {
|
|
|
|
|
let this_private_key =
|
|
|
|
|
elliptic_curve::SecretKey::<NistP384>::from_slice(privkey)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let public_key = this_private_key.public_key();
|
|
|
|
|
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
"secp224r1" => {
|
|
|
|
|
let this_private_key =
|
|
|
|
|
elliptic_curve::SecretKey::<NistP224>::from_slice(privkey)
|
|
|
|
|
.expect("bad private key");
|
|
|
|
|
let public_key = this_private_key.public_key();
|
|
|
|
|
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
&_ => todo!(),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-27 19:40:59 +05:30
|
|
|
|
#[inline]
|
2023-06-22 23:37:56 +02:00
|
|
|
|
fn gen_prime(size: usize) -> ToJsBuffer {
|
2023-04-27 19:40:59 +05:30
|
|
|
|
primes::Prime::generate(size).0.to_bytes_be().into()
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[op2]
|
|
|
|
|
#[serde]
|
|
|
|
|
pub fn op_node_gen_prime(#[number] size: usize) -> ToJsBuffer {
|
2023-04-27 19:40:59 +05:30
|
|
|
|
gen_prime(size)
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[op2(async)]
|
|
|
|
|
#[serde]
|
2023-04-27 19:40:59 +05:30
|
|
|
|
pub async fn op_node_gen_prime_async(
|
2023-09-26 14:07:04 +02:00
|
|
|
|
#[number] size: usize,
|
2023-06-22 23:37:56 +02:00
|
|
|
|
) -> Result<ToJsBuffer, AnyError> {
|
2023-05-14 15:40:01 -06:00
|
|
|
|
Ok(spawn_blocking(move || gen_prime(size)).await?)
|
2023-04-27 19:40:59 +05:30
|
|
|
|
}
|
2024-08-08 11:35:29 +02:00
|
|
|
|
|
|
|
|
|
#[op2]
|
|
|
|
|
#[buffer]
|
|
|
|
|
pub fn op_node_diffie_hellman(
|
|
|
|
|
#[cppgc] private: &KeyObjectHandle,
|
|
|
|
|
#[cppgc] public: &KeyObjectHandle,
|
|
|
|
|
) -> Result<Box<[u8]>, AnyError> {
|
|
|
|
|
let private = private
|
|
|
|
|
.as_private_key()
|
|
|
|
|
.ok_or_else(|| type_error("Expected private key"))?;
|
|
|
|
|
let public = public
|
|
|
|
|
.as_public_key()
|
|
|
|
|
.ok_or_else(|| type_error("Expected public key"))?;
|
|
|
|
|
|
|
|
|
|
let res = match (private, &*public) {
|
|
|
|
|
(
|
|
|
|
|
AsymmetricPrivateKey::Ec(EcPrivateKey::P224(private)),
|
|
|
|
|
AsymmetricPublicKey::Ec(EcPublicKey::P224(public)),
|
|
|
|
|
) => p224::ecdh::diffie_hellman(
|
|
|
|
|
private.to_nonzero_scalar(),
|
|
|
|
|
public.as_affine(),
|
|
|
|
|
)
|
|
|
|
|
.raw_secret_bytes()
|
|
|
|
|
.to_vec()
|
|
|
|
|
.into_boxed_slice(),
|
|
|
|
|
(
|
|
|
|
|
AsymmetricPrivateKey::Ec(EcPrivateKey::P256(private)),
|
|
|
|
|
AsymmetricPublicKey::Ec(EcPublicKey::P256(public)),
|
|
|
|
|
) => p256::ecdh::diffie_hellman(
|
|
|
|
|
private.to_nonzero_scalar(),
|
|
|
|
|
public.as_affine(),
|
|
|
|
|
)
|
|
|
|
|
.raw_secret_bytes()
|
|
|
|
|
.to_vec()
|
|
|
|
|
.into_boxed_slice(),
|
|
|
|
|
(
|
|
|
|
|
AsymmetricPrivateKey::Ec(EcPrivateKey::P384(private)),
|
|
|
|
|
AsymmetricPublicKey::Ec(EcPublicKey::P384(public)),
|
|
|
|
|
) => p384::ecdh::diffie_hellman(
|
|
|
|
|
private.to_nonzero_scalar(),
|
|
|
|
|
public.as_affine(),
|
|
|
|
|
)
|
|
|
|
|
.raw_secret_bytes()
|
|
|
|
|
.to_vec()
|
|
|
|
|
.into_boxed_slice(),
|
|
|
|
|
(
|
|
|
|
|
AsymmetricPrivateKey::X25519(private),
|
|
|
|
|
AsymmetricPublicKey::X25519(public),
|
|
|
|
|
) => private
|
|
|
|
|
.diffie_hellman(public)
|
|
|
|
|
.to_bytes()
|
|
|
|
|
.into_iter()
|
|
|
|
|
.collect(),
|
|
|
|
|
(AsymmetricPrivateKey::Dh(private), AsymmetricPublicKey::Dh(public)) => {
|
|
|
|
|
if private.params.prime != public.params.prime
|
|
|
|
|
|| private.params.base != public.params.base
|
|
|
|
|
{
|
|
|
|
|
return Err(type_error("DH parameters mismatch"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// OSIP - Octet-String-to-Integer primitive
|
|
|
|
|
let public_key = public.key.clone().into_vec();
|
|
|
|
|
let pubkey = BigUint::from_bytes_be(&public_key);
|
|
|
|
|
|
|
|
|
|
// Exponentiation (z = y^x mod p)
|
|
|
|
|
let prime = BigUint::from_bytes_be(private.params.prime.as_bytes());
|
|
|
|
|
let private_key = private.key.clone().into_vec();
|
|
|
|
|
let private_key = BigUint::from_bytes_be(&private_key);
|
|
|
|
|
let shared_secret = pubkey.modpow(&private_key, &prime);
|
|
|
|
|
|
|
|
|
|
shared_secret.to_bytes_be().into()
|
|
|
|
|
}
|
|
|
|
|
_ => {
|
|
|
|
|
return Err(type_error(
|
|
|
|
|
"Unsupported key type for diffie hellman, or key type mismatch",
|
|
|
|
|
))
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Ok(res)
|
|
|
|
|
}
|
2024-08-09 12:58:20 +02:00
|
|
|
|
|
|
|
|
|
#[op2(fast)]
|
|
|
|
|
pub fn op_node_sign_ed25519(
|
|
|
|
|
#[cppgc] key: &KeyObjectHandle,
|
|
|
|
|
#[buffer] data: &[u8],
|
|
|
|
|
#[buffer] signature: &mut [u8],
|
|
|
|
|
) -> Result<(), AnyError> {
|
|
|
|
|
let private = key
|
|
|
|
|
.as_private_key()
|
|
|
|
|
.ok_or_else(|| type_error("Expected private key"))?;
|
|
|
|
|
|
|
|
|
|
let ed25519 = match private {
|
|
|
|
|
AsymmetricPrivateKey::Ed25519(private) => private,
|
|
|
|
|
_ => return Err(type_error("Expected Ed25519 private key")),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let pair = Ed25519KeyPair::from_seed_unchecked(ed25519.as_bytes().as_slice())
|
|
|
|
|
.map_err(|_| type_error("Invalid Ed25519 private key"))?;
|
|
|
|
|
signature.copy_from_slice(pair.sign(data).as_ref());
|
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[op2(fast)]
|
|
|
|
|
pub fn op_node_verify_ed25519(
|
|
|
|
|
#[cppgc] key: &KeyObjectHandle,
|
|
|
|
|
#[buffer] data: &[u8],
|
|
|
|
|
#[buffer] signature: &[u8],
|
|
|
|
|
) -> Result<bool, AnyError> {
|
|
|
|
|
let public = key
|
|
|
|
|
.as_public_key()
|
|
|
|
|
.ok_or_else(|| type_error("Expected public key"))?;
|
|
|
|
|
|
|
|
|
|
let ed25519 = match &*public {
|
|
|
|
|
AsymmetricPublicKey::Ed25519(public) => public,
|
|
|
|
|
_ => return Err(type_error("Expected Ed25519 public key")),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let verified = ring::signature::UnparsedPublicKey::new(
|
|
|
|
|
&ring::signature::ED25519,
|
|
|
|
|
ed25519.as_bytes().as_slice(),
|
|
|
|
|
)
|
|
|
|
|
.verify(data, signature)
|
|
|
|
|
.is_ok();
|
|
|
|
|
|
|
|
|
|
Ok(verified)
|
|
|
|
|
}
|