1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-24 08:09:08 -05:00

feat(ext/crypto): support importing raw EC keys (#13079)

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
This commit is contained in:
Luca Casonato 2022-01-19 16:20:28 +01:00 committed by GitHub
parent 4da41ca8fd
commit 82b086752a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 51 additions and 26 deletions

View file

@ -72,6 +72,7 @@
Pbkdf2Params: { hash: "HashAlgorithmIdentifier", salt: "BufferSource" }, Pbkdf2Params: { hash: "HashAlgorithmIdentifier", salt: "BufferSource" },
RsaOaepParams: { label: "BufferSource" }, RsaOaepParams: { label: "BufferSource" },
RsaHashedImportParams: { hash: "HashAlgorithmIdentifier" }, RsaHashedImportParams: { hash: "HashAlgorithmIdentifier" },
EcKeyImportParams: {},
}; };
const supportedAlgorithms = { const supportedAlgorithms = {
@ -109,8 +110,8 @@
"RSASSA-PKCS1-v1_5": "RsaHashedImportParams", "RSASSA-PKCS1-v1_5": "RsaHashedImportParams",
"RSA-PSS": "RsaHashedImportParams", "RSA-PSS": "RsaHashedImportParams",
"RSA-OAEP": "RsaHashedImportParams", "RSA-OAEP": "RsaHashedImportParams",
"ECDSA": "EcImportParams", "ECDSA": "EcKeyImportParams",
"ECDH": "EcImportParams", "ECDH": "EcKeyImportParams",
"HMAC": "HmacImportParams", "HMAC": "HmacImportParams",
"HKDF": null, "HKDF": null,
"PBKDF2": null, "PBKDF2": null,
@ -2347,19 +2348,6 @@
return key; return key;
} }
const SUPPORTED_EC_KEY_USAGES = {
"ECDSA": {
public: ["verify"],
private: ["sign"],
jwtUse: "sig",
},
"ECDH": {
public: [],
private: ["deriveKey", "deriveBits"],
jwtUse: "enc",
},
};
function importKeyEC( function importKeyEC(
format, format,
normalizedAlgorithm, normalizedAlgorithm,
@ -2367,7 +2355,7 @@
extractable, extractable,
keyUsages, keyUsages,
) { ) {
const supportedUsages = SUPPORTED_EC_KEY_USAGES[normalizedAlgorithm.name]; const supportedUsages = SUPPORTED_KEY_USAGES[normalizedAlgorithm.name];
switch (format) { switch (format) {
case "raw": { case "raw": {
@ -2388,7 +2376,11 @@
if ( if (
ArrayPrototypeFind( ArrayPrototypeFind(
keyUsages, keyUsages,
(u) => !ArrayPrototypeIncludes(supportedUsages.public, u), (u) =>
!ArrayPrototypeIncludes(
SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].public,
u,
),
) !== undefined ) !== undefined
) { ) {
throw new DOMException("Invalid key usages", "SyntaxError"); throw new DOMException("Invalid key usages", "SyntaxError");
@ -2425,7 +2417,11 @@
if ( if (
ArrayPrototypeFind( ArrayPrototypeFind(
keyUsages, keyUsages,
(u) => !ArrayPrototypeIncludes(supportedUsages.private, u), (u) =>
!ArrayPrototypeIncludes(
SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].private,
u,
),
) !== undefined ) !== undefined
) { ) {
throw new DOMException("Invalid key usages", "SyntaxError"); throw new DOMException("Invalid key usages", "SyntaxError");
@ -2461,7 +2457,11 @@
if ( if (
ArrayPrototypeFind( ArrayPrototypeFind(
keyUsages, keyUsages,
(u) => !ArrayPrototypeIncludes(supportedUsages.public, u), (u) =>
!ArrayPrototypeIncludes(
SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].public,
u,
),
) !== undefined ) !== undefined
) { ) {
throw new DOMException("Invalid key usages", "SyntaxError"); throw new DOMException("Invalid key usages", "SyntaxError");
@ -2667,7 +2667,7 @@
} }
} }
const SUPPORTED_RSA_KEY_USAGES = { const SUPPORTED_KEY_USAGES = {
"RSASSA-PKCS1-v1_5": { "RSASSA-PKCS1-v1_5": {
public: ["verify"], public: ["verify"],
private: ["sign"], private: ["sign"],
@ -2683,6 +2683,16 @@
private: ["decrypt", "unwrapKey"], private: ["decrypt", "unwrapKey"],
jwtUse: "enc", jwtUse: "enc",
}, },
"ECDSA": {
public: ["verify"],
private: ["sign"],
jwtUse: "sig",
},
"ECDH": {
public: [],
private: ["deriveKey", "deriveBits"],
jwtUse: "enc",
},
}; };
function importKeyRSA( function importKeyRSA(
@ -2700,7 +2710,7 @@
keyUsages, keyUsages,
(u) => (u) =>
!ArrayPrototypeIncludes( !ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].private, SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].private,
u, u,
), ),
) !== undefined ) !== undefined
@ -2746,7 +2756,7 @@
keyUsages, keyUsages,
(u) => (u) =>
!ArrayPrototypeIncludes( !ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public, SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].public,
u, u,
), ),
) !== undefined ) !== undefined
@ -2796,7 +2806,7 @@
keyUsages, keyUsages,
(u) => (u) =>
!ArrayPrototypeIncludes( !ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].private, SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].private,
u, u,
), ),
) !== undefined ) !== undefined
@ -2808,7 +2818,7 @@
keyUsages, keyUsages,
(u) => (u) =>
!ArrayPrototypeIncludes( !ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public, SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].public,
u, u,
), ),
) !== undefined ) !== undefined
@ -2828,11 +2838,11 @@
if ( if (
keyUsages.length > 0 && jwk.use !== undefined && keyUsages.length > 0 && jwk.use !== undefined &&
StringPrototypeToLowerCase(jwk.use) !== StringPrototypeToLowerCase(jwk.use) !==
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].jwtUse SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].jwtUse
) { ) {
throw new DOMException( throw new DOMException(
`'use' property of JsonWebKey must be '${ `'use' property of JsonWebKey must be '${
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].jwtUse SUPPORTED_KEY_USAGES[normalizedAlgorithm.name].jwtUse
}'`, }'`,
"DataError", "DataError",
); );

View file

@ -116,8 +116,23 @@
"RsaHashedImportParams", "RsaHashedImportParams",
dictRsaHashedImportParams, dictRsaHashedImportParams,
); );
webidl.converters.NamedCurve = webidl.converters.DOMString; webidl.converters.NamedCurve = webidl.converters.DOMString;
const dictEcKeyImportParams = [
...dictAlgorithm,
{
key: "namedCurve",
converter: webidl.converters.NamedCurve,
required: true,
},
];
webidl.converters.EcKeyImportParams = webidl.createDictionaryConverter(
"EcKeyImportParams",
dictEcKeyImportParams,
);
const dictEcKeyGenParams = [ const dictEcKeyGenParams = [
...dictAlgorithm, ...dictAlgorithm,
{ {