1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-25 16:49:18 -05:00

feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support (#18832)

- ECDH class
- crypto.createECDH()
- Supported curves:
  - secp256k1
  - prime256v1 / secp256r1
  - secp384r1
  - secp224r1

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
This commit is contained in:
Levente Kurusa 2023-04-27 18:31:35 +02:00 committed by GitHub
parent 3fbb31c3c1
commit c3d670dbc9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 469 additions and 33 deletions

205
Cargo.lock generated
View file

@ -243,6 +243,12 @@ version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "349a06037c7bf932dd7e7d1f653678b2038b9ad46a74102f1fc7bd7872678cce"
[[package]]
name = "base16ct"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf"
[[package]]
name = "base32"
version = "0.4.0"
@ -595,6 +601,18 @@ dependencies = [
"zeroize",
]
[[package]]
name = "crypto-bigint"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf4c2f4e1afd912bc40bfd6fed5d9dc1f288e0ba01bfcc835cc5bc3eb13efe15"
dependencies = [
"generic-array 0.14.6",
"rand_core 0.6.4",
"subtle",
"zeroize",
]
[[package]]
name = "crypto-common"
version = "0.1.6"
@ -877,15 +895,15 @@ dependencies = [
"curve25519-dalek 2.1.3",
"deno_core",
"deno_web",
"elliptic-curve",
"elliptic-curve 0.12.3",
"num-traits",
"once_cell",
"p256",
"p384",
"p256 0.11.1",
"p384 0.11.2",
"rand",
"ring",
"rsa",
"sec1",
"sec1 0.3.0",
"serde",
"serde_bytes",
"sha1",
@ -1137,6 +1155,7 @@ dependencies = [
"digest 0.10.6",
"dsa",
"ecb",
"elliptic-curve 0.13.4",
"hex",
"hkdf",
"idna 0.3.0",
@ -1150,6 +1169,9 @@ dependencies = [
"num-integer",
"num-traits",
"once_cell",
"p224",
"p256 0.13.2",
"p384 0.13.0",
"path-clean",
"pbkdf2",
"rand",
@ -1158,6 +1180,7 @@ dependencies = [
"ripemd",
"rsa",
"scrypt",
"secp256k1",
"serde",
"sha-1",
"sha2",
@ -1371,7 +1394,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de"
dependencies = [
"const-oid",
"pem-rfc7468",
"pem-rfc7468 0.6.0",
"zeroize",
]
@ -1382,6 +1405,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "82b10af9f9f9f2134a42d3f8aa74658660f2e0234b0eb81bd171df8aa32779ed"
dependencies = [
"const-oid",
"pem-rfc7468 0.7.0",
"zeroize",
]
@ -1628,11 +1652,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "413301934810f597c1d19ca71c8710e99a3f1ba28a0d2ebc01551a2daeea3c5c"
dependencies = [
"der 0.6.1",
"elliptic-curve",
"elliptic-curve 0.12.3",
"rfc6979 0.3.1",
"signature 1.6.4",
]
[[package]]
name = "ecdsa"
version = "0.16.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a48e5d537b8a30c0b023116d981b16334be1485af7ca68db3a2b7024cbc957fd"
dependencies = [
"der 0.7.3",
"digest 0.10.6",
"elliptic-curve 0.13.4",
"rfc6979 0.4.0",
"signature 2.1.0",
]
[[package]]
name = "either"
version = "1.8.1"
@ -1645,18 +1682,39 @@ version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3"
dependencies = [
"base16ct",
"crypto-bigint",
"base16ct 0.1.1",
"crypto-bigint 0.4.9",
"der 0.6.1",
"digest 0.10.6",
"ff",
"ff 0.12.1",
"generic-array 0.14.6",
"group",
"group 0.12.1",
"hkdf",
"pem-rfc7468",
"pem-rfc7468 0.6.0",
"pkcs8 0.9.0",
"rand_core 0.6.4",
"sec1",
"sec1 0.3.0",
"subtle",
"zeroize",
]
[[package]]
name = "elliptic-curve"
version = "0.13.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75c71eaa367f2e5d556414a8eea812bc62985c879748d6403edabd9cb03f16e7"
dependencies = [
"base16ct 0.2.0",
"crypto-bigint 0.5.2",
"digest 0.10.6",
"ff 0.13.0",
"generic-array 0.14.6",
"group 0.13.0",
"hkdf",
"pem-rfc7468 0.7.0",
"pkcs8 0.10.2",
"rand_core 0.6.4",
"sec1 0.7.1",
"subtle",
"zeroize",
]
@ -1828,6 +1886,16 @@ dependencies = [
"subtle",
]
[[package]]
name = "ff"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449"
dependencies = [
"rand_core 0.6.4",
"subtle",
]
[[package]]
name = "filetime"
version = "0.2.20"
@ -2051,6 +2119,7 @@ checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9"
dependencies = [
"typenum",
"version_check",
"zeroize",
]
[[package]]
@ -2106,7 +2175,18 @@ version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5dfbfb3a6cfbd390d5c9564ab283a0349b9b9fcd46a706c1eb10e0db70bfbac7"
dependencies = [
"ff",
"ff 0.12.1",
"rand_core 0.6.4",
"subtle",
]
[[package]]
name = "group"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63"
dependencies = [
"ff 0.13.0",
"rand_core 0.6.4",
"subtle",
]
@ -3123,14 +3203,38 @@ version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4030760ffd992bef45b0ae3f10ce1aba99e33464c90d14dd7c039884963ddc7a"
[[package]]
name = "p224"
version = "0.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30c06436d66652bc2f01ade021592c80a2aad401570a18aa18b82e440d2b9aa1"
dependencies = [
"ecdsa 0.16.6",
"elliptic-curve 0.13.4",
"primeorder",
"sha2",
]
[[package]]
name = "p256"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51f44edd08f51e2ade572f141051021c5af22677e42b7dd28a88155151c33594"
dependencies = [
"ecdsa",
"elliptic-curve",
"ecdsa 0.14.8",
"elliptic-curve 0.12.3",
"sha2",
]
[[package]]
name = "p256"
version = "0.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b"
dependencies = [
"ecdsa 0.16.6",
"elliptic-curve 0.13.4",
"primeorder",
"sha2",
]
@ -3140,8 +3244,20 @@ version = "0.11.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dfc8c5bf642dde52bb9e87c0ecd8ca5a76faac2eeed98dedb7c717997e1080aa"
dependencies = [
"ecdsa",
"elliptic-curve",
"ecdsa 0.14.8",
"elliptic-curve 0.12.3",
"sha2",
]
[[package]]
name = "p384"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209"
dependencies = [
"ecdsa 0.16.6",
"elliptic-curve 0.13.4",
"primeorder",
"sha2",
]
@ -3244,6 +3360,15 @@ dependencies = [
"base64ct",
]
[[package]]
name = "pem-rfc7468"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
dependencies = [
"base64ct",
]
[[package]]
name = "percent-encoding"
version = "2.2.0"
@ -3431,6 +3556,15 @@ dependencies = [
"syn 1.0.109",
]
[[package]]
name = "primeorder"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf8d3875361e28f7753baefef104386e7aa47642c93023356d97fdef4003bfb5"
dependencies = [
"elliptic-curve 0.13.4",
]
[[package]]
name = "proc-macro-crate"
version = "1.3.1"
@ -3689,7 +3823,7 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb"
dependencies = [
"crypto-bigint",
"crypto-bigint 0.4.9",
"hmac",
"zeroize",
]
@ -3955,7 +4089,7 @@ version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928"
dependencies = [
"base16ct",
"base16ct 0.1.1",
"der 0.6.1",
"generic-array 0.14.6",
"pkcs8 0.9.0",
@ -3963,6 +4097,39 @@ dependencies = [
"zeroize",
]
[[package]]
name = "sec1"
version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "48518a2b5775ba8ca5b46596aae011caa431e6ce7e4a67ead66d92f08884220e"
dependencies = [
"base16ct 0.2.0",
"der 0.7.3",
"generic-array 0.14.6",
"pkcs8 0.10.2",
"subtle",
"zeroize",
]
[[package]]
name = "secp256k1"
version = "0.27.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "25996b82292a7a57ed3508f052cfff8640d38d32018784acd714758b43da9c8f"
dependencies = [
"rand",
"secp256k1-sys",
]
[[package]]
name = "secp256k1-sys"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70a129b9e9efbfb223753b9163c4ab3b13cff7fd9c7f010fbac25ab4099fa07e"
dependencies = [
"cc",
]
[[package]]
name = "security-framework"
version = "2.8.2"

View file

@ -139,6 +139,10 @@ tower-lsp = { version = "=0.17.0", features = ["proposed"] }
url = { version = "2.3.1", features = ["serde", "expose_internals"] }
uuid = { version = "1.3.0", features = ["v4"] }
zstd = "=0.11.2"
elliptic-curve = { version = "0.13.4", features = ["alloc", "arithmetic", "ecdh", "std", "pem"] }
p224 = { version = "0.13.0", features = ["ecdh"] }
p256 = { version = "0.13.2", features = ["ecdh"] }
p384 = { version = "0.13.0", features = ["ecdh"] }
# crypto
rsa = { version = "0.7.0", default-features = false, features = ["std", "pem", "hazmat"] } # hazmat needed for PrehashSigner in ext/node

View file

@ -24,6 +24,7 @@ deno_semver.workspace = true
digest = { version = "0.10.5", features = ["core-api", "std"] }
dsa = "0.6.1"
ecb.workspace = true
elliptic-curve.workspace = true
hex.workspace = true
hkdf.workspace = true
idna = "0.3.0"
@ -37,6 +38,9 @@ num-bigint-dig = "0.8.2"
num-integer = "0.1.45"
num-traits = "0.2.14"
once_cell.workspace = true
p224.workspace = true
p256.workspace = true
p384.workspace = true
path-clean = "=0.1.0"
pbkdf2 = "0.12.1"
rand.workspace = true
@ -45,6 +49,7 @@ ring.workspace = true
ripemd = "0.1.3"
rsa.workspace = true
scrypt = "0.11.0"
secp256k1 = { version = "0.27.0", features = ["rand-std"] }
serde = "1.0.149"
sha-1 = "0.10.0"
sha2.workspace = true

View file

@ -240,6 +240,9 @@ deno_core::extension!(deno_node,
ops::crypto::op_node_random_int,
ops::crypto::op_node_scrypt_sync,
ops::crypto::op_node_scrypt_async,
ops::crypto::op_node_ecdh_generate_keys,
ops::crypto::op_node_ecdh_compute_secret,
ops::crypto::op_node_ecdh_compute_public_key,
ops::crypto::x509::op_node_x509_parse,
ops::crypto::x509::op_node_x509_ca,
ops::crypto::x509::op_node_x509_check_email,
@ -267,7 +270,6 @@ deno_core::extension!(deno_node,
ops::zlib::op_zlib_init,
ops::zlib::op_zlib_reset,
op_node_build_os,
ops::require::op_require_init_paths,
ops::require::op_require_node_module_paths<Env>,
ops::require::op_require_proxy_path,

View file

@ -18,12 +18,18 @@ use rand::Rng;
use std::future::Future;
use std::rc::Rc;
use p224::NistP224;
use p256::NistP256;
use p384::NistP384;
use rsa::padding::PaddingScheme;
use rsa::pkcs8::DecodePrivateKey;
use rsa::pkcs8::DecodePublicKey;
use rsa::PublicKey;
use rsa::RsaPrivateKey;
use rsa::RsaPublicKey;
use secp256k1::ecdh::SharedSecret;
use secp256k1::Secp256k1;
use secp256k1::SecretKey;
mod cipher;
mod dh;
@ -902,6 +908,165 @@ pub async fn op_node_scrypt_async(
.await?
}
#[op]
pub fn op_node_ecdh_generate_keys(
curve: &str,
pubbuf: &mut [u8],
privbuf: &mut [u8],
) -> Result<ResourceId, AnyError> {
let mut rng = rand::thread_rng();
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let (privkey, pubkey) = secp.generate_keypair(&mut rng);
pubbuf.copy_from_slice(&pubkey.serialize_uncompressed());
privbuf.copy_from_slice(&privkey.secret_bytes());
Ok(0)
}
"prime256v1" | "secp256r1" => {
let privkey = elliptic_curve::SecretKey::<NistP256>::random(&mut rng);
let pubkey = privkey.public_key();
pubbuf.copy_from_slice(pubkey.to_sec1_bytes().as_ref());
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
Ok(0)
}
"secp384r1" => {
let privkey = elliptic_curve::SecretKey::<NistP384>::random(&mut rng);
let pubkey = privkey.public_key();
pubbuf.copy_from_slice(pubkey.to_sec1_bytes().as_ref());
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
Ok(0)
}
"secp224r1" => {
let privkey = elliptic_curve::SecretKey::<NistP224>::random(&mut rng);
let pubkey = privkey.public_key();
pubbuf.copy_from_slice(pubkey.to_sec1_bytes().as_ref());
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
Ok(0)
}
&_ => todo!(),
}
}
#[op]
pub fn op_node_ecdh_compute_secret(
curve: &str,
this_priv: Option<ZeroCopyBuf>,
their_pub: &mut [u8],
secret: &mut [u8],
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let this_secret_key = SecretKey::from_slice(
this_priv.expect("no private key provided?").as_ref(),
)
.unwrap();
let their_public_key =
secp256k1::PublicKey::from_slice(their_pub).unwrap();
let shared_secret =
SharedSecret::new(&their_public_key, &this_secret_key);
secret.copy_from_slice(&shared_secret.secret_bytes());
Ok(())
}
"prime256v1" | "secp256r1" => {
let their_public_key =
elliptic_curve::PublicKey::<NistP256>::from_sec1_bytes(their_pub)
.expect("bad public key");
let this_private_key = elliptic_curve::SecretKey::<NistP256>::from_slice(
&this_priv.expect("must supply private key"),
)
.expect("bad private key");
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
this_private_key.to_nonzero_scalar(),
their_public_key.as_affine(),
);
secret.copy_from_slice(shared_secret.raw_secret_bytes());
Ok(())
}
"secp384r1" => {
let their_public_key =
elliptic_curve::PublicKey::<NistP384>::from_sec1_bytes(their_pub)
.expect("bad public key");
let this_private_key = elliptic_curve::SecretKey::<NistP384>::from_slice(
&this_priv.expect("must supply private key"),
)
.expect("bad private key");
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
this_private_key.to_nonzero_scalar(),
their_public_key.as_affine(),
);
secret.copy_from_slice(shared_secret.raw_secret_bytes());
Ok(())
}
"secp224r1" => {
let their_public_key =
elliptic_curve::PublicKey::<NistP224>::from_sec1_bytes(their_pub)
.expect("bad public key");
let this_private_key = elliptic_curve::SecretKey::<NistP224>::from_slice(
&this_priv.expect("must supply private key"),
)
.expect("bad private key");
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
this_private_key.to_nonzero_scalar(),
their_public_key.as_affine(),
);
secret.copy_from_slice(shared_secret.raw_secret_bytes());
Ok(())
}
&_ => todo!(),
}
}
#[op]
pub fn op_node_ecdh_compute_public_key(
curve: &str,
privkey: &[u8],
pubkey: &mut [u8],
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let secret_key = SecretKey::from_slice(privkey).unwrap();
let public_key =
secp256k1::PublicKey::from_secret_key(&secp, &secret_key);
pubkey.copy_from_slice(&public_key.serialize_uncompressed());
Ok(())
}
"prime256v1" | "secp256r1" => {
let this_private_key =
elliptic_curve::SecretKey::<NistP256>::from_slice(privkey)
.expect("bad private key");
let public_key = this_private_key.public_key();
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
Ok(())
}
"secp384r1" => {
let this_private_key =
elliptic_curve::SecretKey::<NistP384>::from_slice(privkey)
.expect("bad private key");
let public_key = this_private_key.public_key();
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
Ok(())
}
"secp224r1" => {
let this_private_key =
elliptic_curve::SecretKey::<NistP224>::from_slice(privkey)
.expect("bad private key");
let public_key = this_private_key.public_key();
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
Ok(())
}
&_ => todo!(),
}
}
#[inline]
fn gen_prime(size: usize) -> ZeroCopyBuf {
primes::Prime::generate(size).0.to_bytes_be().into()

View file

@ -13,6 +13,8 @@ import {
} from "ext:deno_node/internal/validators.mjs";
import { Buffer } from "ext:deno_node/buffer.ts";
import {
EllipticCurve,
ellipticCurves,
getDefaultEncoding,
toBuf,
} from "ext:deno_node/internal/crypto/util.ts";
@ -24,6 +26,8 @@ import type {
import { KeyObject } from "ext:deno_node/internal/crypto/keys.ts";
import type { BufferEncoding } from "ext:deno_node/_global.d.ts";
const { ops } = Deno.core;
const DH_GENERATOR = 2;
export class DiffieHellman {
@ -219,10 +223,21 @@ export class DiffieHellmanGroup {
}
export class ECDH {
#curve: EllipticCurve; // the selected curve
#privbuf: Buffer; // the private key
#pubbuf: Buffer; // the public key
constructor(curve: string) {
validateString(curve, "curve");
notImplemented("crypto.ECDH");
const c = ellipticCurves.find((x) => x.name == curve);
if (c == undefined) {
throw new Error("invalid curve");
}
this.#curve = c;
this.#pubbuf = Buffer.alloc(this.#curve.publicKeySize);
this.#privbuf = Buffer.alloc(this.#curve.privateKeySize);
}
static convertKey(
@ -250,44 +265,80 @@ export class ECDH {
outputEncoding: BinaryToTextEncoding,
): string;
computeSecret(
_otherPublicKey: ArrayBufferView | string,
otherPublicKey: ArrayBufferView | string,
_inputEncoding?: BinaryToTextEncoding,
_outputEncoding?: BinaryToTextEncoding,
): Buffer | string {
notImplemented("crypto.ECDH.prototype.computeSecret");
const secretBuf = Buffer.alloc(this.#curve.sharedSecretSize);
ops.op_node_ecdh_compute_secret(
this.#curve.name,
this.#privbuf,
otherPublicKey,
secretBuf,
);
return secretBuf;
}
generateKeys(): Buffer;
generateKeys(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
generateKeys(
_encoding?: BinaryToTextEncoding,
encoding?: BinaryToTextEncoding,
_format?: ECDHKeyFormat,
): Buffer | string {
notImplemented("crypto.ECDH.prototype.generateKeys");
ops.op_node_ecdh_generate_keys(
this.#curve.name,
this.#pubbuf,
this.#privbuf,
);
if (encoding !== undefined) {
return this.#pubbuf.toString(encoding);
}
return this.#pubbuf;
}
getPrivateKey(): Buffer;
getPrivateKey(encoding: BinaryToTextEncoding): string;
getPrivateKey(_encoding?: BinaryToTextEncoding): Buffer | string {
notImplemented("crypto.ECDH.prototype.getPrivateKey");
getPrivateKey(encoding?: BinaryToTextEncoding): Buffer | string {
if (encoding !== undefined) {
return this.#privbuf.toString(encoding);
}
return this.#privbuf;
}
getPublicKey(): Buffer;
getPublicKey(encoding: BinaryToTextEncoding, format?: ECDHKeyFormat): string;
getPublicKey(
_encoding?: BinaryToTextEncoding,
encoding?: BinaryToTextEncoding,
_format?: ECDHKeyFormat,
): Buffer | string {
notImplemented("crypto.ECDH.prototype.getPublicKey");
if (encoding !== undefined) {
return this.#pubbuf.toString(encoding);
}
return this.#pubbuf;
}
setPrivateKey(privateKey: ArrayBufferView): void;
setPrivateKey(privateKey: string, encoding: BinaryToTextEncoding): void;
setPrivateKey(
_privateKey: ArrayBufferView | string,
_encoding?: BinaryToTextEncoding,
privateKey: ArrayBufferView | string,
encoding?: BinaryToTextEncoding,
): Buffer | string {
notImplemented("crypto.ECDH.prototype.setPrivateKey");
this.#privbuf = privateKey;
this.#pubbuf = Buffer.alloc(this.#curve.publicKeySize);
ops.op_node_ecdh_compute_public_key(
this.#curve.name,
this.#privbuf,
this.#pubbuf,
);
if (encoding !== undefined) {
return this.#pubbuf.toString(encoding);
}
return this.#pubbuf;
}
}

View file

@ -46,6 +46,47 @@ const digestAlgorithms = [
"sha1",
];
export type EllipticCurve = {
name: string;
ephemeral: boolean;
privateKeySize: number;
publicKeySize: number;
sharedSecretSize: number;
};
export const ellipticCurves: Array<EllipticCurve> = [
{
name: "secp256k1",
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // Weierstrass-class EC used by Bitcoin
{
name: "prime256v1",
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // NIST P-256 EC
{
name: "secp256r1",
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // NIST P-256 EC (same as above)
{
name: "secp384r1",
privateKeySize: 48,
publicKeySize: 97,
sharedSecretSize: 48,
}, // NIST P-384 EC
{
name: "secp224r1",
privateKeySize: 28,
publicKeySize: 57,
sharedSecretSize: 28,
}, // NIST P-224 EC
];
// deno-fmt-ignore
const supportedCiphers = [
"aes-128-ecb", "aes-192-ecb",
@ -114,8 +155,9 @@ export function getHashes(): readonly string[] {
return digestAlgorithms;
}
const curveNames = ellipticCurves.map((x) => x.name);
export function getCurves(): readonly string[] {
notImplemented("crypto.getCurves");
return curveNames;
}
export interface SecureHeapUsage {