1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-14 01:50:19 -05:00
Commit graph

51 commits

Author SHA1 Message Date
Divy Srivastava
37fa0e0f48
fix(ext/node): import JWK octet key pairs (#25180)
Ref https://github.com/denoland/deno/issues/24129

`kty: "okp"` is defined in
[rfc8037](https://www.rfc-editor.org/rfc/rfc8037.html)
2024-08-29 15:34:14 +02:00
Divy Srivastava
b61fd622a5
fix(ext/node): rewrite X509Certificate resource and add publicKey() (#24988)
**Changes**:
- Remove unsafe usage, rewrite Rust representation with `yoke`.
- Implement `X509Certificate.prototype.publicKey()`

Fixes https://github.com/denoland/deno/issues/23307
2024-08-11 18:58:54 +05:30
Divy Srivastava
d6f662ac82
fix(ext/node): support ieee-p1363 ECDSA signatures and pss salt len (#24981)
Fixes https://github.com/denoland/deno/issues/22919
2024-08-11 14:59:53 +05:30
Luca Casonato
4dc8fe2020
fix(ext/node): use pem private keys in createPublicKey (#24969) 2024-08-09 13:39:46 +00:00
Luca Casonato
fc02303842
fix(ext/node): ed25519 signing and cipheriv autopadding fixes (#24957)
- Return auth tag for GCM ciphers from auto padding shortcircuit
- Use _ring_ for ed25519 signing

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-08-09 12:58:20 +02:00
Divy Srivastava
0d1beed2e3
fix(ext/node): add CipherIv.setAutoPadding() (#24940)
Co-Authored-By: Luca Casonato <hello@lcas.dev>

Fixes https://github.com/denoland/deno/issues/21804
Ref https://github.com/denoland/deno/issues/20924

---------

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
2024-08-08 18:34:10 +05:30
Luca Casonato
93d479252b
fix(ext/node): add crypto.diffieHellman (#24938)
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>

Closes #21806
2024-08-08 15:05:29 +05:30
Luca Casonato
4fa8869f24
feat(ext/node): rewrite crypto keys (#24463)
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:

- **Signing**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC
  - ED25519 🆕
- **Verifying**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - ED25519 🆕
- **Private key import**
  - Passphrase encrypted private keys 🆕
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - DSA 🆕
  - EC
    - PEM
    - DER (SEC1) 🆕
    - DER (PKCS#8) 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH
- **Public key import**
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Private key export**
  - RSA 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Public key export**
  - RSA
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Key pair generation**
  - Overhauled, but supported APIs unchanged

This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).

Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
2024-08-07 08:43:58 +02:00
Luca Casonato
08e5606c34
fix(ext/node): rewrite digest handling (#24392)
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.

It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.

It also adds support for `md5-sha1` digests in
various places.
2024-07-05 10:10:22 +02:00
snek
a555cb4d1d
feat: upgrade deno_core (#24364)
- Symbol.asyncDispose no longer needs to be polyfilled
- assorted updates for cppgc api changes
2024-07-01 15:48:52 -07:00
Luca Casonato
1e8a6b94b1
fix(ext/node): rewrite crypto.Hash (#24302)
Changes in this PR:

- Added new fixed size hash algorithms (blake2b512, blake2s256,
sha512-224, sha512-256, sha3-224, sha3-256, sha3-384, sha3-512, sm3)
- Added variable size hash algorithms (the concept), with the algorithms
shake128 and shake256
- Use cppgc instead of resources for the hasher
- Enable Node's crypto.Hash tests and fix found bugs
2024-06-24 11:47:12 +02:00
Luca Casonato
e6756c3e66
fix(ext/node): don't panic on invalid utf-8 in pem (#24303) 2024-06-21 10:25:07 +00:00
Divy Srivastava
b4939f3379
fix: upgrade deno_core to 0.291.0 (#24297) 2024-06-21 10:49:39 +05:30
Satya Rohith
0f48313565
chore: upgrade to rust 1.79 (#24207) 2024-06-14 17:10:57 +05:30
Divy Srivastava
b02ffec37c
fix(ext/node): exporting rsa public keys (#23596)
Initial support for exporting rsa public KeyObject.

Current assumption is that RSA keys are stored in pkcs1 der format in
key storage.

Ref https://github.com/denoland/deno/issues/23471 
Ref https://github.com/denoland/deno/issues/18928
Ref https://github.com/denoland/deno/issues/21124
2024-04-29 19:16:38 +05:30
Divy Srivastava
1f60b8af97
fix(ext/node): ECDH.publicKey() point encoding (#23013) 2024-03-21 14:11:54 +05:30
Divy Srivastava
210f2911ce
fix(ext/node): panic in op_node_ecdh_generate_keys (#23011) 2024-03-21 06:45:10 +00:00
Asher Gomez
b0c687c1d2
fix(ext/node): support Diffie-Hellman key type in crypto.createPrivateKey() (#22984)
Towards #22489

Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
2024-03-19 11:11:01 +05:30
Satya Rohith
becdad531f
fix(ext/node): support public key point encoding in ECDH.generateKeys() (#22976)
Towards https://github.com/denoland/deno/issues/22921

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-18 13:20:10 +05:30
Divy Srivastava
b00f076017
fix(ext/node): Support private EC key signing (#22914)
Fixes https://github.com/denoland/deno/issues/18972

Support for web-push VAPID keys & jws signing

- Fixes EC keygen to return raw private key and uncompressed public key
point.
- Support for `EC PRIVATE KEY`
2024-03-14 14:53:50 +01:00
Divy Srivastava
9c348a0acd
fix(ext/node): support spki format in createPublicKey (#22918) 2024-03-14 14:39:46 +01:00
Divy Srivastava
10e592f954
fix(ext/node): DH (dhKeyAgreement) support for createPrivateKey (#22891)
Ref https://github.com/denoland/deno/pull/22511
2024-03-14 08:56:07 +05:30
Asher Gomez
5cfa03ceca
fix(ext/node): initial crypto.createPublicKey() support (#22509)
Closes #21807

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-13 08:17:23 +00:00
Asher Gomez
6e6c316c9d
feat(ext/node): add more named curves in crypto.generateKeyPair[Sync]() (#22882)
Towards fixing #21761
2024-03-13 12:14:51 +05:30
Matt Mastracci
4791d16a8e
perf(cli): use faster_hex (#22761)
`cli::util::checksum` was showing up on flame graphs because it was
concatenating allocated strings. We can use `faster-hex` to improve it.
2024-03-07 10:00:43 -07:00
Asher Gomez
6512be458f
fix(ext/node): add aes256 algorithm support (#22198)
Towards #21804
2024-02-01 09:13:24 +05:30
Divy Srivastava
d9191db0ce
chore: upgrade deno_core to 0.256.0 (#22145) 2024-01-27 12:27:41 +05:30
Luca Casonato
316093fec4
feat(publish): error on invalid external imports (#22088) 2024-01-24 21:59:18 +00:00
Divy Srivastava
28f64171cb
fix(node): use cppgc for managing X509Certificate (#21999)
Introduces the first cppgc backed Resource into Deno.

This fixes the memory leak when using `X509Certificate`

**Comparison**:

```js
import { X509Certificate } from 'node:crypto';

const r = Deno.readFileSync('cli/tests/node_compat/test/fixtures/keys/agent1-cert.pem');

setInterval(() => {
  for (let i = 0; i < 10000; i++) {
    const cert = new X509Certificate(r);
  }
}, 1000);
```

Memory usage after 5 secs

`main`: 1692MB
`cppgc`: peaks at 400MB
2024-01-20 21:58:37 +05:30
Bartek Iwańczuk
cd43d2b877
chore: upgrade deno_core to 0.244.0 (#21859) 2024-01-09 17:25:10 +01:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Lino Le Van
d5f6e271ff
fix(ext/node): Implement aes-192-ecb and aes-256-ecb (#21710) 2023-12-27 17:24:52 +05:30
Divy Srivastava
32438d25c3
fix(ext/node): sign with PEM private keys (#21287)
Add support for signing with a RSA PEM private key: `pkcs8` and `pkcs1`.

Fixes https://github.com/denoland/deno/issues/18972
Ref #21124 

Verified fix with `npm:sshpk`. Unverfied but fixes
`npm:google-auth-library`, `npm:web-push` & `oracle/oci-typescript-sdk`

---------

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
2023-12-03 09:58:13 +05:30
Divy Srivastava
05704fbf78
chore: use pure rust secp256k1 crate (#21154)
Saves ~40s in fresh debug build
2023-11-10 22:59:01 +05:30
Divy Srivastava
c4029f6af2
fix(node): implement createPrivateKey (#20981)
Towards #18455
2023-11-09 23:26:59 +05:30
Divy Srivastava
02cc37e054
chore: upgrade rsa to 0.9 (#21016) 2023-10-30 16:25:12 +01:00
Divy Srivastava
4c6b986f17
chore(ext/crypto): upgrade to ring 0.17 (#20824)
Ref https://github.com/denoland/deno/issues/18071
2023-10-27 23:15:09 +02:00
Bartek Iwańczuk
f0608a5b91
refactor: migrate ext/node/ops to op2 (#20805) 2023-10-06 00:16:36 +02:00
Bartek Iwańczuk
3c0d6de155
refactor: rewrite ext/node/crypto to op2 macro (#20675) 2023-09-26 12:07:04 +00:00
Bartek Iwańczuk
bbb348aa33
refactor: rewrite ext/node to op2 (#20489) 2023-09-14 08:29:44 +02:00
Matt Mastracci
9226207c01
chore(ext/node): port some ops to op2 (#20400) 2023-09-07 10:56:02 -06:00
Divy Srivastava
9befa566ec
fix(ext/node): implement AES GCM cipher (#20368)
Adds support for AES-GCM 128/256 bit keys in `node:crypto` and
`setAAD()`, `setAuthTag()` and `getAuthTag()`

Uses https://github.com/littledivy/aead-gcm-stream

Fixes https://github.com/denoland/deno/issues/19836
https://github.com/denoland/deno/issues/20353
2023-09-06 11:01:50 +05:30
林炳权
2080669943
chore: update to Rust 1.72 (#20258)
<!--
Before submitting a PR, please read https://deno.com/manual/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->

As the title.

---------

Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2023-08-26 22:04:12 -06:00
Matt Mastracci
b1ce2e4167
fix(ext/web): add stream tests to detect v8slice split bug (#20253)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-08-23 17:03:05 -06:00
Felipe Baltor
814edcdd57
test(ext/node): port crypto_test.ts from deno_std (#19561) 2023-06-27 11:04:49 +09:00
Bartek Iwańczuk
dda0f1c343
refactor(serde_v8): split ZeroCopyBuf into JsBuffer and ToJsBuffer (#19566)
`ZeroCopyBuf` was convenient to use, but sometimes it did hide details
that some copies were necessary in certain cases. Also it made it way to easy
for the caller to pass around and convert into different values. This commit
splits `ZeroCopyBuf` into `JsBuffer` (an array buffer coming from V8) and
`ToJsBuffer` (a Rust buffer that will be converted into a V8 array buffer).

As a result some magical conversions were removed (they were never used)
limiting the API surface and preparing for changes in #19534.
2023-06-22 23:37:56 +02:00
Levente Kurusa
3356173d00
feat(node/crypto): Diffie Hellman Support (#18943)
Support crypto.DiffieHellman class in ext/node/crypto
2023-05-15 19:41:53 +02:00
Matt Mastracci
9845361153
refactor(core): bake single-thread assumptions into spawn/spawn_blocking (#19056)
Partially supersedes #19016.

This migrates `spawn` and `spawn_blocking` to `deno_core`, and removes
the requirement for `spawn` tasks to be `Send` given our single-threaded
executor.

While we don't need to technically do anything w/`spawn_blocking`, this
allows us to have a single `JoinHandle` type that works for both cases,
and allows us to more easily experiment with alternative
`spawn_blocking` implementations that do not require tokio (ie: rayon).

Async ops (+~35%):

Before: 

```
time 1310 ms rate 763358
time 1267 ms rate 789265
time 1259 ms rate 794281
time 1266 ms rate 789889
```

After:

```
time 956 ms rate 1046025
time 954 ms rate 1048218
time 924 ms rate 1082251
time 920 ms rate 1086956
```

HTTP serve (+~4.4%):

Before:

```
Running 10s test @ http://localhost:4500
  2 threads and 10 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    68.78us   19.77us   1.43ms   86.84%
    Req/Sec    68.78k     5.00k   73.84k    91.58%
  1381833 requests in 10.10s, 167.36MB read
Requests/sec: 136823.29
Transfer/sec:     16.57MB
```

After:

```
Running 10s test @ http://localhost:4500
  2 threads and 10 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    63.12us   17.43us   1.11ms   85.13%
    Req/Sec    71.82k     3.71k   77.02k    79.21%
  1443195 requests in 10.10s, 174.79MB read
Requests/sec: 142921.99
Transfer/sec:     17.31MB
```

Suggested-By: alice@ryhl.io
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-05-14 15:40:01 -06:00
Levente Kurusa
c3d670dbc9
feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support (#18832)
- ECDH class
- crypto.createECDH()
- Supported curves:
  - secp256k1
  - prime256v1 / secp256r1
  - secp384r1
  - secp224r1

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-04-27 18:31:35 +02:00
Divy Srivastava
b0264bea7d
fix(ext/node): prime generation (#18861)
Towards https://github.com/denoland/deno/issues/18455

`safe`, `add` and `rem` options are not implemented because there is no
rust crate that provides this functionality (except rust-openssl maybe)
and its just not clear if this API is used widely.
2023-04-27 19:40:59 +05:30