mirror of
https://github.com/denoland/deno.git
synced 2024-12-24 08:09:08 -05:00
d740a9e43d
This commit adds the `crypto.createSecretKey` API. Key management: This follows the same approach as our WebCrypto CryptoKey impl where we use WeakMap for storing key material and a handle is passed around, such that (only internal) JS can access the key material and we don't have to explicitly close a Rust resource. As a result, `createHmac` now accepts a secret KeyObject. Closes https://github.com/denoland/deno/issues/17844
47 lines
1.3 KiB
TypeScript
47 lines
1.3 KiB
TypeScript
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
|
import { createSecretKey, randomBytes } from "node:crypto";
|
|
import { Buffer } from "node:buffer";
|
|
import { assertEquals } from "../../../test_util/std/testing/asserts.ts";
|
|
import { createHmac } from "node:crypto";
|
|
|
|
Deno.test({
|
|
name: "create secret key",
|
|
fn() {
|
|
const key = createSecretKey(Buffer.alloc(0));
|
|
assertEquals(key.type, "secret");
|
|
assertEquals(key.asymmetricKeyType, undefined);
|
|
assertEquals(key.symmetricKeySize, 0);
|
|
},
|
|
});
|
|
|
|
Deno.test({
|
|
name: "export secret key",
|
|
fn() {
|
|
const material = Buffer.from(randomBytes(32));
|
|
const key = createSecretKey(material);
|
|
assertEquals(Buffer.from(key.export()), material);
|
|
},
|
|
});
|
|
|
|
Deno.test({
|
|
name: "export jwk secret key",
|
|
fn() {
|
|
const material = Buffer.from("secret");
|
|
const key = createSecretKey(material);
|
|
assertEquals(key.export({ format: "jwk" }), {
|
|
kty: "oct",
|
|
k: "c2VjcmV0",
|
|
});
|
|
},
|
|
});
|
|
|
|
Deno.test({
|
|
name: "createHmac with secret key",
|
|
fn() {
|
|
const key = createSecretKey(Buffer.from("secret"));
|
|
assertEquals(
|
|
createHmac("sha256", key).update("hello").digest().toString("hex"),
|
|
"88aab3ede8d3adf94d26ab90d3bafd4a2083070c3bcce9c014ee04a443847c0b",
|
|
);
|
|
},
|
|
});
|