mirror of
https://github.com/denoland/deno.git
synced 2025-01-13 09:32:24 -05:00
b40086fd7d
This commit changes "include_js_files!" macro from "deno_core" in a way that "dir" option doesn't cause specifiers to be rewritten to include it. Example: ``` include_js_files! { dir "js", "hello.js", } ``` The above definition required embedders to use: `import ... from "internal:<ext_name>/js/hello.js"`. But with this change, the "js" directory in which the files are stored is an implementation detail, which for embedders results in: `import ... from "internal:<ext_name>/hello.js"`. The directory the files are stored in, is an implementation detail and in some cases might result in a significant size difference for the snapshot. As an example, in "deno_node" extension, we store the source code in "polyfills" directory; which resulted in each specifier to look like "internal:deno_node/polyfills/<module_name>", but with this change it's "internal:deno_node/<module_name>". Given that "deno_node" has over 100 files, many of them having several import specifiers to the same extension, this change removes 10 characters from each import specifier.
183 lines
4.4 KiB
TypeScript
183 lines
4.4 KiB
TypeScript
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
|
import { Buffer } from "internal:deno_node/buffer.ts";
|
|
import { createHash } from "internal:deno_node/internal/crypto/hash.ts";
|
|
import { HASH_DATA } from "internal:deno_node/internal/crypto/types.ts";
|
|
|
|
export const MAX_ALLOC = Math.pow(2, 30) - 1;
|
|
|
|
export type NormalizedAlgorithms =
|
|
| "md5"
|
|
| "ripemd160"
|
|
| "sha1"
|
|
| "sha224"
|
|
| "sha256"
|
|
| "sha384"
|
|
| "sha512";
|
|
|
|
export type Algorithms =
|
|
| "md5"
|
|
| "ripemd160"
|
|
| "rmd160"
|
|
| "sha1"
|
|
| "sha224"
|
|
| "sha256"
|
|
| "sha384"
|
|
| "sha512";
|
|
|
|
const createHasher = (algorithm: string) => (value: Uint8Array) =>
|
|
Buffer.from(createHash(algorithm).update(value).digest() as Buffer);
|
|
|
|
function getZeroes(zeros: number) {
|
|
return Buffer.alloc(zeros);
|
|
}
|
|
|
|
const sizes = {
|
|
md5: 16,
|
|
sha1: 20,
|
|
sha224: 28,
|
|
sha256: 32,
|
|
sha384: 48,
|
|
sha512: 64,
|
|
rmd160: 20,
|
|
ripemd160: 20,
|
|
};
|
|
|
|
function toBuffer(bufferable: HASH_DATA) {
|
|
if (bufferable instanceof Uint8Array || typeof bufferable === "string") {
|
|
return Buffer.from(bufferable as Uint8Array);
|
|
} else {
|
|
return Buffer.from(bufferable.buffer);
|
|
}
|
|
}
|
|
|
|
export class Hmac {
|
|
hash: (value: Uint8Array) => Buffer;
|
|
ipad1: Buffer;
|
|
opad: Buffer;
|
|
alg: string;
|
|
blocksize: number;
|
|
size: number;
|
|
ipad2: Buffer;
|
|
|
|
constructor(alg: Algorithms, key: Buffer, saltLen: number) {
|
|
this.hash = createHasher(alg);
|
|
|
|
const blocksize = alg === "sha512" || alg === "sha384" ? 128 : 64;
|
|
|
|
if (key.length > blocksize) {
|
|
key = this.hash(key);
|
|
} else if (key.length < blocksize) {
|
|
key = Buffer.concat([key, getZeroes(blocksize - key.length)], blocksize);
|
|
}
|
|
|
|
const ipad = Buffer.allocUnsafe(blocksize + sizes[alg]);
|
|
const opad = Buffer.allocUnsafe(blocksize + sizes[alg]);
|
|
for (let i = 0; i < blocksize; i++) {
|
|
ipad[i] = key[i] ^ 0x36;
|
|
opad[i] = key[i] ^ 0x5c;
|
|
}
|
|
|
|
const ipad1 = Buffer.allocUnsafe(blocksize + saltLen + 4);
|
|
ipad.copy(ipad1, 0, 0, blocksize);
|
|
|
|
this.ipad1 = ipad1;
|
|
this.ipad2 = ipad;
|
|
this.opad = opad;
|
|
this.alg = alg;
|
|
this.blocksize = blocksize;
|
|
this.size = sizes[alg];
|
|
}
|
|
|
|
run(data: Buffer, ipad: Buffer) {
|
|
data.copy(ipad, this.blocksize);
|
|
const h = this.hash(ipad);
|
|
h.copy(this.opad, this.blocksize);
|
|
return this.hash(this.opad);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @param iterations Needs to be higher or equal than zero
|
|
* @param keylen Needs to be higher or equal than zero but less than max allocation size (2^30)
|
|
* @param digest Algorithm to be used for encryption
|
|
*/
|
|
export function pbkdf2Sync(
|
|
password: HASH_DATA,
|
|
salt: HASH_DATA,
|
|
iterations: number,
|
|
keylen: number,
|
|
digest: Algorithms = "sha1",
|
|
): Buffer {
|
|
if (typeof iterations !== "number" || iterations < 0) {
|
|
throw new TypeError("Bad iterations");
|
|
}
|
|
if (typeof keylen !== "number" || keylen < 0 || keylen > MAX_ALLOC) {
|
|
throw new TypeError("Bad key length");
|
|
}
|
|
|
|
const bufferedPassword = toBuffer(password);
|
|
const bufferedSalt = toBuffer(salt);
|
|
|
|
const hmac = new Hmac(digest, bufferedPassword, bufferedSalt.length);
|
|
|
|
const DK = Buffer.allocUnsafe(keylen);
|
|
const block1 = Buffer.allocUnsafe(bufferedSalt.length + 4);
|
|
bufferedSalt.copy(block1, 0, 0, bufferedSalt.length);
|
|
|
|
let destPos = 0;
|
|
const hLen = sizes[digest];
|
|
const l = Math.ceil(keylen / hLen);
|
|
|
|
for (let i = 1; i <= l; i++) {
|
|
block1.writeUInt32BE(i, bufferedSalt.length);
|
|
|
|
const T = hmac.run(block1, hmac.ipad1);
|
|
let U = T;
|
|
|
|
for (let j = 1; j < iterations; j++) {
|
|
U = hmac.run(U, hmac.ipad2);
|
|
for (let k = 0; k < hLen; k++) T[k] ^= U[k];
|
|
}
|
|
|
|
T.copy(DK, destPos);
|
|
destPos += hLen;
|
|
}
|
|
|
|
return DK;
|
|
}
|
|
|
|
/**
|
|
* @param iterations Needs to be higher or equal than zero
|
|
* @param keylen Needs to be higher or equal than zero but less than max allocation size (2^30)
|
|
* @param digest Algorithm to be used for encryption
|
|
*/
|
|
export function pbkdf2(
|
|
password: HASH_DATA,
|
|
salt: HASH_DATA,
|
|
iterations: number,
|
|
keylen: number,
|
|
digest: Algorithms = "sha1",
|
|
callback: (err: Error | null, derivedKey?: Buffer) => void,
|
|
) {
|
|
setTimeout(() => {
|
|
let err = null,
|
|
res;
|
|
try {
|
|
res = pbkdf2Sync(password, salt, iterations, keylen, digest);
|
|
} catch (e) {
|
|
err = e;
|
|
}
|
|
if (err) {
|
|
callback(err instanceof Error ? err : new Error("[non-error thrown]"));
|
|
} else {
|
|
callback(null, res);
|
|
}
|
|
}, 0);
|
|
}
|
|
|
|
export default {
|
|
Hmac,
|
|
MAX_ALLOC,
|
|
pbkdf2,
|
|
pbkdf2Sync,
|
|
};
|