1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-26 00:59:24 -05:00

fix(ext/crypto): support EC p256 private key material in exportKey (#13547)

Co-authored-by: Luca Casonato <hello@lcas.dev>
This commit is contained in:
Divy Srivastava 2022-02-08 18:48:28 +05:30 committed by GitHub
parent 4799aaac15
commit e218d567d5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 83 additions and 32 deletions

View file

@ -1668,3 +1668,19 @@ Deno.test(async function testAesGcmTagLength() {
);
});
});
Deno.test(async function ecPrivateKeyMaterialExportSpki() {
// `generateKey` generates a key pair internally stored as "private" key.
const keys = await crypto.subtle.generateKey(
{ name: "ECDSA", namedCurve: "P-256" },
true,
["sign", "verify"],
);
assert(keys.privateKey instanceof CryptoKey);
assert(keys.publicKey instanceof CryptoKey);
// `exportKey` should be able to perform necessary conversion to export spki.
const spki = await crypto.subtle.exportKey("spki", keys.publicKey);
assert(spki instanceof ArrayBuffer);
});

View file

@ -4,12 +4,16 @@ use deno_core::error::custom_error;
use deno_core::error::type_error;
use deno_core::error::AnyError;
use deno_core::ZeroCopyBuf;
use elliptic_curve::sec1::ToEncodedPoint;
use p256::pkcs8::FromPrivateKey;
use rsa::pkcs1::FromRsaPrivateKey;
use rsa::pkcs1::ToRsaPublicKey;
use rsa::RsaPrivateKey;
use serde::Deserialize;
use serde::Serialize;
use crate::ec_key::ECPrivateKey;
pub const RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier =
rsa::pkcs8::ObjectIdentifier::new("1.2.840.113549.1.1.1");
pub const SHA1_RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier =
@ -112,9 +116,15 @@ impl RawKeyData {
RawKeyData::Public(data) => {
// public_key is a serialized EncodedPoint
p256::EncodedPoint::from_bytes(&data)
.map_err(|_| type_error("expected valid private EC key"))
.map_err(|_| type_error("expected valid public EC key"))
}
_ => Err(type_error("expected private key")),
RawKeyData::Private(data) => {
let signing_key = p256::SecretKey::from_pkcs8_der(data)
.map_err(|_| type_error("expected valid private EC key"))?;
Ok(signing_key.public_key().to_encoded_point(false))
}
// Should never reach here.
RawKeyData::Secret(_) => unreachable!(),
}
}
@ -123,9 +133,22 @@ impl RawKeyData {
RawKeyData::Public(data) => {
// public_key is a serialized EncodedPoint
p384::EncodedPoint::from_bytes(&data)
.map_err(|_| type_error("expected valid private EC key"))
.map_err(|_| type_error("expected valid public EC key"))
}
_ => Err(type_error("expected private key")),
RawKeyData::Private(data) => {
let ec_key = ECPrivateKey::<p384::NistP384>::try_from(&**data)
.map_err(|_| {
custom_error(
"DOMExceptionOperationError",
"failed to decode private key",
)
})?;
let point = p384::EncodedPoint::from_bytes(&ec_key.encoded_point)
.map_err(|_| data_error("expected valid public EC key"))?;
Ok(point)
}
// Should never reach here.
RawKeyData::Secret(_) => unreachable!(),
}
}

View file

@ -852,28 +852,28 @@
},
"wrapKey_unwrapKey": {
"wrapKey_unwrapKey.https.any.html": [
"setup",
"Can wrap and unwrap ECDH public key keys using spki and AES-CTR",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR",
"Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR",
"Can wrap and unwrap ECDH public key keys using spki and AES-CBC",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC",
"Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC",
"Can wrap and unwrap ECDSA public key keys using spki and AES-GCM",
"Can wrap and unwrap ECDSA public key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDSA private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDSA private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDSA private key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDSA private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap ECDSA private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap ECDH public key keys using spki and AES-GCM",
"Can wrap and unwrap ECDH public key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDH private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDH private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDH private key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDH private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap ECDH private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap HMAC keys using raw and AES-GCM",
"Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM",
"Can wrap and unwrap HMAC keys using jwk and AES-GCM",
"Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM",
"Can unwrap HMAC non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap AES-CTR keys using raw and AES-GCM",
"Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-GCM",
"Can wrap and unwrap AES-CTR keys using jwk and AES-GCM",
@ -894,13 +894,11 @@
"Can wrap and unwrap AES-KW keys using jwk and AES-GCM",
"Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM",
"Can unwrap AES-KW non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap HMAC keys using raw and AES-GCM",
"Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM",
"Can wrap and unwrap HMAC keys using jwk and AES-GCM",
"Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM",
"Can unwrap HMAC non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM",
@ -915,24 +913,37 @@
"Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW",
"Can wrap and unwrap ECDH public key keys using spki and RSA-OAEP",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP",
"Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP"
],
"wrapKey_unwrapKey.https.any.worker.html": [
"setup",
"Can wrap and unwrap ECDH public key keys using spki and AES-CTR",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR",
"Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR",
"Can wrap and unwrap ECDH public key keys using spki and AES-CBC",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC",
"Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC",
"Can wrap and unwrap ECDSA public key keys using spki and AES-GCM",
"Can wrap and unwrap ECDSA public key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDSA private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDSA private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDSA private key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDSA private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap ECDSA private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap ECDH public key keys using spki and AES-GCM",
"Can wrap and unwrap ECDH public key keys using jwk and AES-GCM",
"Can wrap and unwrap ECDH private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDH private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap ECDH private key keys using jwk and AES-GCM",
@ -963,20 +974,6 @@
"Can wrap and unwrap AES-KW keys using jwk and AES-GCM",
"Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM",
"Can unwrap AES-KW non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM",
"Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM",
@ -984,7 +981,22 @@
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM",
"Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM",
"Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM",
"Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM",
"Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW",
"Can wrap and unwrap ECDH public key keys using spki and RSA-OAEP",
"Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP",
"Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP",
"Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP"