mirror of
https://github.com/denoland/deno.git
synced 2024-11-24 15:19:26 -05:00
fix(ext/crypto): fix identity test for x25519 derive bits (#26011)
This commit is contained in:
parent
ac73b1042b
commit
e54809f2d5
3 changed files with 46 additions and 70 deletions
|
@ -47,10 +47,10 @@ pub fn op_crypto_derive_bits_x25519(
|
||||||
let sh_sec = x25519_dalek::x25519(k, u);
|
let sh_sec = x25519_dalek::x25519(k, u);
|
||||||
let point = MontgomeryPoint(sh_sec);
|
let point = MontgomeryPoint(sh_sec);
|
||||||
if point.ct_eq(&MONTGOMERY_IDENTITY).unwrap_u8() == 1 {
|
if point.ct_eq(&MONTGOMERY_IDENTITY).unwrap_u8() == 1 {
|
||||||
return false;
|
return true;
|
||||||
}
|
}
|
||||||
secret.copy_from_slice(&sh_sec);
|
secret.copy_from_slice(&sh_sec);
|
||||||
true
|
false
|
||||||
}
|
}
|
||||||
|
|
||||||
// id-X25519 OBJECT IDENTIFIER ::= { 1 3 101 110 }
|
// id-X25519 OBJECT IDENTIFIER ::= { 1 3 101 110 }
|
||||||
|
|
|
@ -2045,3 +2045,43 @@ Deno.test(async function p521Generate() {
|
||||||
assert(key.privateKey instanceof CryptoKey);
|
assert(key.privateKey instanceof CryptoKey);
|
||||||
assert(key.publicKey instanceof CryptoKey);
|
assert(key.publicKey instanceof CryptoKey);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Deno.test(async function x25519SharedSecret() {
|
||||||
|
const alicesKeyPair = await crypto.subtle.generateKey(
|
||||||
|
{
|
||||||
|
name: "X25519",
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
["deriveBits"],
|
||||||
|
) as CryptoKeyPair;
|
||||||
|
|
||||||
|
const bobsKeyPair = await crypto.subtle.generateKey(
|
||||||
|
{
|
||||||
|
name: "X25519",
|
||||||
|
},
|
||||||
|
false,
|
||||||
|
["deriveBits"],
|
||||||
|
) as CryptoKeyPair;
|
||||||
|
|
||||||
|
const sharedSecret1 = await crypto.subtle.deriveBits(
|
||||||
|
{
|
||||||
|
name: "X25519",
|
||||||
|
public: bobsKeyPair.publicKey,
|
||||||
|
},
|
||||||
|
alicesKeyPair.privateKey,
|
||||||
|
128,
|
||||||
|
);
|
||||||
|
|
||||||
|
const sharedSecret2 = await crypto.subtle.deriveBits(
|
||||||
|
{
|
||||||
|
name: "X25519",
|
||||||
|
public: alicesKeyPair.publicKey,
|
||||||
|
},
|
||||||
|
bobsKeyPair.privateKey,
|
||||||
|
128,
|
||||||
|
);
|
||||||
|
|
||||||
|
assertEquals(sharedSecret1.byteLength, sharedSecret2.byteLength);
|
||||||
|
assertEquals(sharedSecret1.byteLength, 16);
|
||||||
|
assertEquals(new Uint8Array(sharedSecret1), new Uint8Array(sharedSecret2));
|
||||||
|
});
|
||||||
|
|
|
@ -54,23 +54,12 @@
|
||||||
"pbkdf2.https.any.worker.html?7001-8000": true,
|
"pbkdf2.https.any.worker.html?7001-8000": true,
|
||||||
"pbkdf2.https.any.worker.html?8001-last": true,
|
"pbkdf2.https.any.worker.html?8001-last": true,
|
||||||
"cfrg_curves_bits.https.any.html": [
|
"cfrg_curves_bits.https.any.html": [
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 0",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 1",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 8",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
|
||||||
"X448 key derivation checks for all-zero value result with a key of order 0",
|
"X448 key derivation checks for all-zero value result with a key of order 0",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order 1",
|
"X448 key derivation checks for all-zero value result with a key of order 1",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
"X448 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
"X448 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
||||||
"X25519 good parameters",
|
|
||||||
"X25519 mixed case parameters",
|
|
||||||
"X25519 short result",
|
|
||||||
"X25519 non-multiple of 8 bits",
|
|
||||||
"X25519 mismatched algorithms",
|
"X25519 mismatched algorithms",
|
||||||
"X25519 no deriveBits usage for base key",
|
|
||||||
"X448 good parameters",
|
"X448 good parameters",
|
||||||
"X448 mixed case parameters",
|
"X448 mixed case parameters",
|
||||||
"X448 short result",
|
"X448 short result",
|
||||||
|
@ -83,23 +72,12 @@
|
||||||
"X448 asking for too many bits"
|
"X448 asking for too many bits"
|
||||||
],
|
],
|
||||||
"cfrg_curves_bits.https.any.worker.html": [
|
"cfrg_curves_bits.https.any.worker.html": [
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 0",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 1",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order 8",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
|
||||||
"X25519 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
|
||||||
"X448 key derivation checks for all-zero value result with a key of order 0",
|
"X448 key derivation checks for all-zero value result with a key of order 0",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order 1",
|
"X448 key derivation checks for all-zero value result with a key of order 1",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
"X448 key derivation checks for all-zero value result with a key of order p-1 (order 2)",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
"X448 key derivation checks for all-zero value result with a key of order p (=0, order 4)",
|
||||||
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
||||||
"X25519 good parameters",
|
|
||||||
"X25519 mixed case parameters",
|
|
||||||
"X25519 short result",
|
|
||||||
"X25519 non-multiple of 8 bits",
|
|
||||||
"X25519 mismatched algorithms",
|
"X25519 mismatched algorithms",
|
||||||
"X25519 no deriveBits usage for base key",
|
|
||||||
"X448 good parameters",
|
"X448 good parameters",
|
||||||
"X448 mixed case parameters",
|
"X448 mixed case parameters",
|
||||||
"X448 short result",
|
"X448 short result",
|
||||||
|
@ -112,21 +90,12 @@
|
||||||
"X448 asking for too many bits"
|
"X448 asking for too many bits"
|
||||||
],
|
],
|
||||||
"cfrg_curves_keys.https.any.html": [
|
"cfrg_curves_keys.https.any.html": [
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 0",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 1",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 8",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order 0",
|
"X448 deriveBits checks for all-zero value result with a key of order 0",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order 1",
|
"X448 deriveBits checks for all-zero value result with a key of order 1",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
"X448 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
"X448 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
"X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
||||||
"Key derivation using a X25519 generated keys.",
|
|
||||||
"Key derivation using a X448 generated keys.",
|
"Key derivation using a X448 generated keys.",
|
||||||
"X25519 good parameters",
|
|
||||||
"X25519 mixed case parameters",
|
|
||||||
"X25519 mismatched algorithms",
|
"X25519 mismatched algorithms",
|
||||||
"X448 good parameters",
|
"X448 good parameters",
|
||||||
"X448 mixed case parameters",
|
"X448 mixed case parameters",
|
||||||
|
@ -137,21 +106,12 @@
|
||||||
"X448 public property value is a secret key"
|
"X448 public property value is a secret key"
|
||||||
],
|
],
|
||||||
"cfrg_curves_keys.https.any.worker.html": [
|
"cfrg_curves_keys.https.any.worker.html": [
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 0",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 1",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order 8",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
|
||||||
"X25519 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order 0",
|
"X448 deriveBits checks for all-zero value result with a key of order 0",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order 1",
|
"X448 deriveBits checks for all-zero value result with a key of order 1",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
"X448 deriveBits checks for all-zero value result with a key of order p-1 (order 2)",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
"X448 deriveBits checks for all-zero value result with a key of order p (=0, order 4)",
|
||||||
"X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
"X448 deriveBits checks for all-zero value result with a key of order p+1 (=1, order 1)",
|
||||||
"Key derivation using a X25519 generated keys.",
|
|
||||||
"Key derivation using a X448 generated keys.",
|
"Key derivation using a X448 generated keys.",
|
||||||
"X25519 good parameters",
|
|
||||||
"X25519 mixed case parameters",
|
|
||||||
"X25519 mismatched algorithms",
|
"X25519 mismatched algorithms",
|
||||||
"X448 good parameters",
|
"X448 good parameters",
|
||||||
"X448 mixed case parameters",
|
"X448 mixed case parameters",
|
||||||
|
@ -161,20 +121,8 @@
|
||||||
"X448 public property value is a private key",
|
"X448 public property value is a private key",
|
||||||
"X448 public property value is a secret key"
|
"X448 public property value is a secret key"
|
||||||
],
|
],
|
||||||
"derived_bits_length.https.any.html": [
|
"derived_bits_length.https.any.html": true,
|
||||||
"X25519 derivation with 256 as 'length' parameter",
|
"derived_bits_length.https.any.worker.html": true
|
||||||
"X25519 derivation with 0 as 'length' parameter",
|
|
||||||
"X25519 derivation with null as 'length' parameter",
|
|
||||||
"X25519 derivation with undefined as 'length' parameter",
|
|
||||||
"X25519 derivation with omitted as 'length' parameter"
|
|
||||||
],
|
|
||||||
"derived_bits_length.https.any.worker.html": [
|
|
||||||
"X25519 derivation with 256 as 'length' parameter",
|
|
||||||
"X25519 derivation with 0 as 'length' parameter",
|
|
||||||
"X25519 derivation with null as 'length' parameter",
|
|
||||||
"X25519 derivation with undefined as 'length' parameter",
|
|
||||||
"X25519 derivation with omitted as 'length' parameter"
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"digest": {
|
"digest": {
|
||||||
"digest.https.any.html": true,
|
"digest.https.any.html": true,
|
||||||
|
@ -1530,20 +1478,8 @@
|
||||||
"crypto-subtle-secure-context-available.https.sub.html": true
|
"crypto-subtle-secure-context-available.https.sub.html": true
|
||||||
},
|
},
|
||||||
"wrapKey_unwrapKey": {
|
"wrapKey_unwrapKey": {
|
||||||
"wrapKey_unwrapKey.https.any.html": [
|
"wrapKey_unwrapKey.https.any.html": true,
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CTR",
|
"wrapKey_unwrapKey.https.any.worker.html": true
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CBC",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-GCM",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-KW",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and RSA-OAEP"
|
|
||||||
],
|
|
||||||
"wrapKey_unwrapKey.https.any.worker.html": [
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CTR",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-CBC",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-GCM",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and AES-KW",
|
|
||||||
"Can wrap and unwrap X25519 private key keys as non-extractable using pkcs8 and RSA-OAEP"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"console": {
|
"console": {
|
||||||
|
|
Loading…
Reference in a new issue