1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-29 10:39:10 -05:00
Commit graph

64 commits

Author SHA1 Message Date
Luca Casonato
4fa8869f24
feat(ext/node): rewrite crypto keys (#24463)
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:

- **Signing**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC
  - ED25519 🆕
- **Verifying**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - ED25519 🆕
- **Private key import**
  - Passphrase encrypted private keys 🆕
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - DSA 🆕
  - EC
    - PEM
    - DER (SEC1) 🆕
    - DER (PKCS#8) 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH
- **Public key import**
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Private key export**
  - RSA 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Public key export**
  - RSA
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Key pair generation**
  - Overhauled, but supported APIs unchanged

This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).

Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
2024-08-07 08:43:58 +02:00
Andreas Deininger
ea121c9a0e
docs: fix typos (#24820)
This PR fixes various typos I spotted in the project.
2024-08-02 13:26:54 +02:00
Luca Casonato
f1fc708d81
fix(ext/crypto): respect offsets when writing into ab views in randomFillSync (#24816) 2024-08-01 09:38:46 +02:00
Luca Casonato
08e5606c34
fix(ext/node): rewrite digest handling (#24392)
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.

It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.

It also adds support for `md5-sha1` digests in
various places.
2024-07-05 10:10:22 +02:00
Filip Skokan
740c6a0998
fix(ext/node): add Symbol.toStringTag to KeyObject instances (#24377)
As per https://github.com/nodejs/node/pull/46043, this adds
Symbol.toStringTag getter to KeyObject.
2024-07-02 00:36:22 +02:00
Luca Casonato
1e8a6b94b1
fix(ext/node): rewrite crypto.Hash (#24302)
Changes in this PR:

- Added new fixed size hash algorithms (blake2b512, blake2s256,
sha512-224, sha512-256, sha3-224, sha3-256, sha3-384, sha3-512, sm3)
- Added variable size hash algorithms (the concept), with the algorithms
shake128 and shake256
- Use cppgc instead of resources for the hasher
- Enable Node's crypto.Hash tests and fix found bugs
2024-06-24 11:47:12 +02:00
Divy Srivastava
b02ffec37c
fix(ext/node): exporting rsa public keys (#23596)
Initial support for exporting rsa public KeyObject.

Current assumption is that RSA keys are stored in pkcs1 der format in
key storage.

Ref https://github.com/denoland/deno/issues/23471 
Ref https://github.com/denoland/deno/issues/18928
Ref https://github.com/denoland/deno/issues/21124
2024-04-29 19:16:38 +05:30
Divy Srivastava
43be97923f
fix(ext/node): handle KeyObject in prepareAsymmetricKey (#23026)
Fixes https://github.com/denoland/deno/issues/20938
2024-03-22 19:28:28 +05:30
Divy Srivastava
1f60b8af97
fix(ext/node): ECDH.publicKey() point encoding (#23013) 2024-03-21 14:11:54 +05:30
Satya Rohith
becdad531f
fix(ext/node): support public key point encoding in ECDH.generateKeys() (#22976)
Towards https://github.com/denoland/deno/issues/22921

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-18 13:20:10 +05:30
Divy Srivastava
9c348a0acd
fix(ext/node): support spki format in createPublicKey (#22918) 2024-03-14 14:39:46 +01:00
Divy Srivastava
cf3c6f9b08
fix(ext/node): crypto.getCipherInfo() (#22916)
Stub implementation of getCipherInfo(). Good enough for most cases.

Note: We do not support all OpenSSL ciphers (likely never will)

Fixes https://github.com/denoland/deno/issues/21805
2024-03-14 19:00:29 +05:30
Asher Gomez
5cfa03ceca
fix(ext/node): initial crypto.createPublicKey() support (#22509)
Closes #21807

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-13 08:17:23 +00:00
Bartek Iwańczuk
345423cf76
refactor: Use virtul ops module (#22175)
Follow up to #22157.

This leaves us with 4 usages of `ensureFastOps()` in `deno` itself.
There's also about 150 usages of `Deno.core.ops.<op_name>` left as well.
2024-01-29 22:02:26 +01:00
Bartek Iwańczuk
909986fa6e
refactor: migrate 'ext/node' extension to virtual ops module (#22157)
Follow up to https://github.com/denoland/deno/pull/22135
2024-01-29 14:58:08 +01:00
Kenta Moriuchi
515a34b4de
refactor: use core.ensureFastOps() (#21888) 2024-01-10 15:37:25 -07:00
David Sherret
7e72f3af61
chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Matt Mastracci
0efe438f7c
perf: remove opAsync (#21690)
`opAsync` requires a lookup by name on each async call. This is a
mechanical translation of all opAsync calls to ensureFastOps.

The `opAsync` API on Deno.core will be removed at a later time.
2023-12-27 02:30:26 +01:00
Bartek Iwańczuk
c1fc7b2cd5
refactor: pull 'core', 'internals', 'primordials' from ES module (#21462)
This commit refactors how we access "core", "internals" and
"primordials" objects coming from `deno_core`, in our internal JavaScript code.

Instead of capturing them from "globalThis.__bootstrap" namespace, we
import them from recently added "ext:core/mod.js" file.
2023-12-07 14:21:01 +01:00
Divy Srivastava
32438d25c3
fix(ext/node): sign with PEM private keys (#21287)
Add support for signing with a RSA PEM private key: `pkcs8` and `pkcs1`.

Fixes https://github.com/denoland/deno/issues/18972
Ref #21124 

Verified fix with `npm:sshpk`. Unverfied but fixes
`npm:google-auth-library`, `npm:web-push` & `oracle/oci-typescript-sdk`

---------

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
2023-12-03 09:58:13 +05:30
Divy Srivastava
c4029f6af2
fix(node): implement createPrivateKey (#20981)
Towards #18455
2023-11-09 23:26:59 +05:30
Divy Srivastava
75a724890d
fix(node): supported arguments to randomFillSync (#20637)
Fixes https://github.com/denoland/deno/issues/20634
2023-09-23 10:04:55 +02:00
David Sherret
3fc19dab47
feat: support import attributes (#20342) 2023-09-07 09:09:16 -04:00
Divy Srivastava
9befa566ec
fix(ext/node): implement AES GCM cipher (#20368)
Adds support for AES-GCM 128/256 bit keys in `node:crypto` and
`setAAD()`, `setAuthTag()` and `getAuthTag()`

Uses https://github.com/littledivy/aead-gcm-stream

Fixes https://github.com/denoland/deno/issues/19836
https://github.com/denoland/deno/issues/20353
2023-09-06 11:01:50 +05:30
Divy Srivastava
1cb547d885
fix(node): propagate create cipher errors (#20280)
Fixes https://github.com/denoland/deno/issues/19002
2023-08-26 10:45:37 +05:30
Divy Srivastava
65db8814c3
fix(node): object keys in publicEncrypt (#20128)
Fixes https://github.com/denoland/deno/issues/19935
2023-08-11 07:34:23 +00:00
Bartek Iwańczuk
01f0d03ae8
refactor: rename built-in node modules from ext:deno_node/ to node: (#19680)
Closes https://github.com/denoland/deno/issues/19510
2023-07-02 20:19:30 +02:00
Kenta Moriuchi
e16b74d792
chore(ext/node): disable prefer-primordials on a per-file basis (#19553) 2023-06-27 15:18:22 +09:00
Felipe Baltor
814edcdd57
test(ext/node): port crypto_test.ts from deno_std (#19561) 2023-06-27 11:04:49 +09:00
Divy Srivastava
f81027ae9f
fix(serde_v8): Do not coerce values in serde_v8 (#19569)
Fixes #19568 

Values are not coerced to the desired type during deserialisation. This
makes serde_v8 stricter.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-06-23 12:52:48 +02:00
Matt Mastracci
0bbdbace02
refactor(core): ensureFastOps is an op-generating proxy (#19377)
Startup benchmark shows no changes (within 1ms, identical system/user
times).
2023-06-06 11:01:28 +02:00
Levente Kurusa
1171c54952
feat(node/crypto): Builtin Diffie-Hellman Groups (#19137)
Towards #18455
2023-05-16 00:07:58 +02:00
Levente Kurusa
3356173d00
feat(node/crypto): Diffie Hellman Support (#18943)
Support crypto.DiffieHellman class in ext/node/crypto
2023-05-15 19:41:53 +02:00
Bartek Iwańczuk
dcf391ffed
refactor: migrate async ops to generated wrappers (#18937)
Migrates some of existing async ops to generated wrappers introduced in
https://github.com/denoland/deno/pull/18887. As a result "core.opAsync2"
was removed.

I will follow up with more PRs that migrate all the async ops to
generated wrappers.
2023-05-01 17:40:00 +02:00
Levente Kurusa
c3d670dbc9
feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support (#18832)
- ECDH class
- crypto.createECDH()
- Supported curves:
  - secp256k1
  - prime256v1 / secp256r1
  - secp384r1
  - secp224r1

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-04-27 18:31:35 +02:00
Divy Srivastava
b0264bea7d
fix(ext/node): prime generation (#18861)
Towards https://github.com/denoland/deno/issues/18455

`safe`, `add` and `rem` options are not implemented because there is no
rust crate that provides this functionality (except rust-openssl maybe)
and its just not clear if this API is used widely.
2023-04-27 19:40:59 +05:30
Yoshiya Hinosawa
63befe9377
fix(ext/node): fix hash.flush (#18818) 2023-04-25 11:21:26 +09:00
Divy Srivastava
9496dfc685
fix(ext/node): implement asymmetric keygen (#18651)
Towards #18455 

This commit implements the keypair generation for asymmetric keys for
the `generateKeyPair` API.

See how key material is managed in this implementation:
https://www.notion.so/denolandinc/node-crypto-design-99fc33f568d24e47a5e4b36002c5325d?pvs=4

Private and public key encoding depend on `KeyObject#export` which is
not implemented. I've also skipped ED448 and X448 since we need a crate
for that in WebCrypto too.
2023-04-19 22:27:34 +05:30
Yoshiya Hinosawa
fdebb7e793
fix(ext/node): add crypto.sign|verify methods (#18765) 2023-04-19 23:24:26 +09:00
Levente Kurusa
530963c34c
refactor(node/crypto): scrypt polyfill to rust (#18746) 2023-04-18 14:29:10 +02:00
Yoshiya Hinosawa
5f44396a9e
fix(ext/node): implement crypto.createVerify (#18703) 2023-04-18 21:04:51 +09:00
Levente Kurusa
65b0d2316d
refactor(node/crypto): port polyfill to Rust for randomInt, randomFill, randomFillSync (#18658)
Pretty much as per the title, I'd welcome some feedback especially
around the
array/buffer handling in the two randomFill functions.
2023-04-12 02:57:57 +02:00
Divy Srivastava
a0dd0cbcb9
fix(ext/node): add X509Certificate (#18625)
Towards #18455
2023-04-07 22:54:16 +05:30
Divy Srivastava
df72420d72
fix(ext/node): implement hkdf-expand (#18612)
Towards https://github.com/denoland/deno/issues/18455
2023-04-06 16:56:56 +00:00
Divy Srivastava
3b62a58818
fix(ext/node): add symmetric keygen (#18609)
Towards #18455
2023-04-06 18:39:25 +05:30
Divy Srivastava
aa9b94a80e
perf(ext/websocket): use opAsync2 to avoid spread deopt (#18525)
This commit adds a new core API `opAsync2` to call an async op with
atmost 2 arguments. Spread argument iterators has a pretty big perf hit
when calling ops.

| name | avg msg/sec/core |
| --- | --- |
| 1.32.1 | `127820.750000` |
| #18506 | `140079.000000` |
| #18506 + #18509 | `150104.250000` |
| #18506 + #18509 + this | `157340.000000` |
2023-03-31 21:28:21 +05:30
Yoshiya Hinosawa
4358ab2d84
fix(ext/node): implement crypto.Sign (RSA/PEM/SHA{224,256,384,512}) (#18471) 2023-03-28 21:46:48 +09:00
Divy Srivastava
10012c2fe3
feat(ext/node): add crypto.checkPrime API (#18465)
Towards #18455 

This commit implements `checkPrimeSync` and `checkPrime` in node:crypto
using the Miller-Rabin primality test (fun fact: it actually is a test
for composite numbers)

It first compares the candidate against many known small primes and if
not, proceeds to run the Miller-Rabin primality test.
http://nickle.org/examples/miller-rabin.5c used as reference
implementation.
2023-03-28 10:56:38 +00:00
Divy Srivastava
67e21e71ce
chore(ext/node): port pbkdf2 to Rust (#18470)
Towards #18455
2023-03-28 09:40:56 +00:00
Yoshiya Hinosawa
70e2e8f2dd
fix(ext/node): add aes-128-ecb algorithm support (#18412) 2023-03-25 15:42:07 +09:00