mirror of
https://github.com/denoland/deno
synced 2024-08-24 18:47:06 +00:00
refactor: rewrite ext/crypto to op2 (#20477)
This commit is contained in:
Bartek Iwańczuk
GitHub
parent
8f0270c0cf
commit
109a42ab07
|
|
@ -19,7 +19,7 @@ use ctr::Ctr64BE;
|
|||
use deno_core::error::custom_error;
|
||||
use deno_core::error::type_error;
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::unsync::spawn_blocking;
|
||||
use deno_core::JsBuffer;
|
||||
use deno_core::ToJsBuffer;
|
||||
|
|
@ -75,10 +75,11 @@ pub enum DecryptAlgorithm {
|
|||
},
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
#[serde]
|
||||
pub async fn op_crypto_decrypt(
|
||||
opts: DecryptOptions,
|
||||
data: JsBuffer,
|
||||
#[serde] opts: DecryptOptions,
|
||||
#[buffer] data: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let key = opts.key;
|
||||
let fun = move || match opts.algorithm {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::ToJsBuffer;
|
||||
use elliptic_curve::pkcs8::PrivateKeyInfo;
|
||||
use rand::rngs::OsRng;
|
||||
|
|
@ -11,10 +11,10 @@ use ring::signature::KeyPair;
|
|||
use spki::der::Decode;
|
||||
use spki::der::Encode;
|
||||
|
||||
#[op(fast)]
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_generate_ed25519_keypair(
|
||||
pkey: &mut [u8],
|
||||
pubkey: &mut [u8],
|
||||
#[buffer] pkey: &mut [u8],
|
||||
#[buffer] pubkey: &mut [u8],
|
||||
) -> bool {
|
||||
let mut rng = OsRng;
|
||||
rng.fill_bytes(pkey);
|
||||
|
|
@ -27,11 +27,11 @@ pub fn op_crypto_generate_ed25519_keypair(
|
|||
true
|
||||
}
|
||||
|
||||
#[op(fast)]
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_sign_ed25519(
|
||||
key: &[u8],
|
||||
data: &[u8],
|
||||
signature: &mut [u8],
|
||||
#[buffer] key: &[u8],
|
||||
#[buffer] data: &[u8],
|
||||
#[buffer] signature: &mut [u8],
|
||||
) -> bool {
|
||||
let pair = match Ed25519KeyPair::from_seed_unchecked(key) {
|
||||
Ok(p) => p,
|
||||
|
|
@ -41,11 +41,11 @@ pub fn op_crypto_sign_ed25519(
|
|||
true
|
||||
}
|
||||
|
||||
#[op(fast)]
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_verify_ed25519(
|
||||
pubkey: &[u8],
|
||||
data: &[u8],
|
||||
signature: &[u8],
|
||||
#[buffer] pubkey: &[u8],
|
||||
#[buffer] data: &[u8],
|
||||
#[buffer] signature: &[u8],
|
||||
) -> bool {
|
||||
ring::signature::UnparsedPublicKey::new(&ring::signature::ED25519, pubkey)
|
||||
.verify(data, signature)
|
||||
|
|
@ -56,8 +56,11 @@ pub fn op_crypto_verify_ed25519(
|
|||
pub const ED25519_OID: const_oid::ObjectIdentifier =
|
||||
const_oid::ObjectIdentifier::new_unwrap("1.3.101.112");
|
||||
|
||||
#[op(fast)]
|
||||
pub fn op_crypto_import_spki_ed25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_import_spki_ed25519(
|
||||
#[buffer] key_data: &[u8],
|
||||
#[buffer] out: &mut [u8],
|
||||
) -> bool {
|
||||
// 2-3.
|
||||
let pk_info = match spki::SubjectPublicKeyInfo::from_der(key_data) {
|
||||
Ok(pk_info) => pk_info,
|
||||
|
|
@ -76,8 +79,11 @@ pub fn op_crypto_import_spki_ed25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
|||
true
|
||||
}
|
||||
|
||||
#[op(fast)]
|
||||
pub fn op_crypto_import_pkcs8_ed25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_import_pkcs8_ed25519(
|
||||
#[buffer] key_data: &[u8],
|
||||
#[buffer] out: &mut [u8],
|
||||
) -> bool {
|
||||
// 2-3.
|
||||
// This should probably use OneAsymmetricKey instead
|
||||
let pk_info = match PrivateKeyInfo::from_der(key_data) {
|
||||
|
|
@ -102,9 +108,10 @@ pub fn op_crypto_import_pkcs8_ed25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
|||
true
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_export_spki_ed25519(
|
||||
pubkey: &[u8],
|
||||
#[buffer] pubkey: &[u8],
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let key_info = spki::SubjectPublicKeyInfo {
|
||||
algorithm: spki::AlgorithmIdentifier {
|
||||
|
|
@ -117,9 +124,10 @@ pub fn op_crypto_export_spki_ed25519(
|
|||
Ok(key_info.to_vec()?.into())
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_export_pkcs8_ed25519(
|
||||
pkey: &[u8],
|
||||
#[buffer] pkey: &[u8],
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
// This should probably use OneAsymmetricKey instead
|
||||
let pk_info = rsa::pkcs8::PrivateKeyInfo {
|
||||
|
|
@ -137,8 +145,11 @@ pub fn op_crypto_export_pkcs8_ed25519(
|
|||
|
||||
// 'x' from Section 2 of RFC 8037
|
||||
// https://www.rfc-editor.org/rfc/rfc8037#section-2
|
||||
#[op]
|
||||
pub fn op_crypto_jwk_x_ed25519(pkey: &[u8]) -> Result<String, AnyError> {
|
||||
#[op2]
|
||||
#[string]
|
||||
pub fn op_crypto_jwk_x_ed25519(
|
||||
#[buffer] pkey: &[u8],
|
||||
) -> Result<String, AnyError> {
|
||||
let pair = Ed25519KeyPair::from_seed_unchecked(pkey)?;
|
||||
Ok(base64::encode_config(
|
||||
pair.public_key().as_ref(),
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ use ctr::Ctr32BE;
|
|||
use ctr::Ctr64BE;
|
||||
use deno_core::error::type_error;
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::unsync::spawn_blocking;
|
||||
use deno_core::JsBuffer;
|
||||
use deno_core::ToJsBuffer;
|
||||
|
|
@ -76,10 +76,11 @@ pub enum EncryptAlgorithm {
|
|||
},
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
#[serde]
|
||||
pub async fn op_crypto_encrypt(
|
||||
opts: EncryptOptions,
|
||||
data: JsBuffer,
|
||||
#[serde] opts: EncryptOptions,
|
||||
#[buffer] data: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let key = opts.key;
|
||||
let fun = move || match opts.algorithm {
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ use const_oid::AssociatedOid;
|
|||
use const_oid::ObjectIdentifier;
|
||||
use deno_core::error::custom_error;
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::ToJsBuffer;
|
||||
use elliptic_curve::sec1::ToEncodedPoint;
|
||||
use p256::pkcs8::DecodePrivateKey;
|
||||
|
|
@ -90,10 +90,11 @@ pub enum ExportKeyResult {
|
|||
},
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_export_key(
|
||||
opts: ExportKeyOptions,
|
||||
key_data: V8RawKeyData,
|
||||
#[serde] opts: ExportKeyOptions,
|
||||
#[serde] key_data: V8RawKeyData,
|
||||
) -> Result<ExportKeyResult, AnyError> {
|
||||
match opts.algorithm {
|
||||
ExportKeyAlgorithm::RsassaPkcs1v15 {}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::unsync::spawn_blocking;
|
||||
use deno_core::ToJsBuffer;
|
||||
use elliptic_curve::rand_core::OsRng;
|
||||
|
|
@ -42,9 +42,10 @@ pub enum GenerateKeyOptions {
|
|||
},
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
#[serde]
|
||||
pub async fn op_crypto_generate_key(
|
||||
opts: GenerateKeyOptions,
|
||||
#[serde] opts: GenerateKeyOptions,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let fun = || match opts {
|
||||
GenerateKeyOptions::Rsa {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::JsBuffer;
|
||||
use deno_core::ToJsBuffer;
|
||||
use elliptic_curve::pkcs8::PrivateKeyInfo;
|
||||
|
|
@ -87,10 +87,11 @@ pub enum ImportKeyResult {
|
|||
Hmac { raw_data: RustRawKeyData },
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_import_key(
|
||||
opts: ImportKeyOptions,
|
||||
key_data: KeyData,
|
||||
#[serde] opts: ImportKeyOptions,
|
||||
#[serde] key_data: KeyData,
|
||||
) -> Result<ImportKeyResult, AnyError> {
|
||||
match opts {
|
||||
ImportKeyOptions::RsassaPkcs1v15 {} => import_key_rsassa(key_data),
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ use deno_core::error::not_supported;
|
|||
use deno_core::error::type_error;
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::ToJsBuffer;
|
||||
|
||||
use deno_core::unsync::spawn_blocking;
|
||||
|
|
@ -116,24 +117,26 @@ deno_core::extension!(deno_crypto,
|
|||
},
|
||||
);
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_base64url_decode(
|
||||
data: String,
|
||||
#[string] data: String,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let data: Vec<u8> = base64::decode_config(data, base64::URL_SAFE_NO_PAD)?;
|
||||
Ok(data.into())
|
||||
}
|
||||
|
||||
#[op]
|
||||
pub fn op_crypto_base64url_encode(data: JsBuffer) -> String {
|
||||
#[op2]
|
||||
#[string]
|
||||
pub fn op_crypto_base64url_encode(#[buffer] data: JsBuffer) -> String {
|
||||
let data: String = base64::encode_config(data, base64::URL_SAFE_NO_PAD);
|
||||
data
|
||||
}
|
||||
|
||||
#[op(fast)]
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_get_random_values(
|
||||
state: &mut OpState,
|
||||
out: &mut [u8],
|
||||
#[buffer] out: &mut [u8],
|
||||
) -> Result<(), AnyError> {
|
||||
if out.len() > 65536 {
|
||||
return Err(
|
||||
|
|
@ -186,10 +189,11 @@ pub struct SignArg {
|
|||
named_curve: Option<CryptoNamedCurve>,
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
#[serde]
|
||||
pub async fn op_crypto_sign_key(
|
||||
args: SignArg,
|
||||
zero_copy: JsBuffer,
|
||||
#[serde] args: SignArg,
|
||||
#[buffer] zero_copy: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let data = &*zero_copy;
|
||||
let algorithm = args.algorithm;
|
||||
|
|
@ -302,10 +306,10 @@ pub struct VerifyArg {
|
|||
named_curve: Option<CryptoNamedCurve>,
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
pub async fn op_crypto_verify_key(
|
||||
args: VerifyArg,
|
||||
zero_copy: JsBuffer,
|
||||
#[serde] args: VerifyArg,
|
||||
#[buffer] zero_copy: JsBuffer,
|
||||
) -> Result<bool, AnyError> {
|
||||
let data = &*zero_copy;
|
||||
let algorithm = args.algorithm;
|
||||
|
|
@ -583,7 +587,8 @@ fn read_rsa_public_key(key_data: KeyData) -> Result<RsaPublicKey, AnyError> {
|
|||
Ok(public_key)
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[string]
|
||||
pub fn op_crypto_random_uuid(state: &mut OpState) -> Result<String, AnyError> {
|
||||
let maybe_seeded_rng = state.try_borrow_mut::<StdRng>();
|
||||
let uuid = if let Some(seeded_rng) = maybe_seeded_rng {
|
||||
|
|
@ -599,10 +604,11 @@ pub fn op_crypto_random_uuid(state: &mut OpState) -> Result<String, AnyError> {
|
|||
Ok(uuid.to_string())
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2(async)]
|
||||
#[serde]
|
||||
pub async fn op_crypto_subtle_digest(
|
||||
algorithm: CryptoHash,
|
||||
data: JsBuffer,
|
||||
#[serde] algorithm: CryptoHash,
|
||||
#[buffer] data: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let output = spawn_blocking(move || {
|
||||
digest::digest(algorithm.into(), &data)
|
||||
|
|
@ -622,10 +628,11 @@ pub struct WrapUnwrapKeyArg {
|
|||
algorithm: Algorithm,
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_wrap_key(
|
||||
args: WrapUnwrapKeyArg,
|
||||
data: JsBuffer,
|
||||
#[serde] args: WrapUnwrapKeyArg,
|
||||
#[buffer] data: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let algorithm = args.algorithm;
|
||||
|
||||
|
|
@ -651,10 +658,11 @@ pub fn op_crypto_wrap_key(
|
|||
}
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_unwrap_key(
|
||||
args: WrapUnwrapKeyArg,
|
||||
data: JsBuffer,
|
||||
#[serde] args: WrapUnwrapKeyArg,
|
||||
#[buffer] data: JsBuffer,
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let algorithm = args.algorithm;
|
||||
match algorithm {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
use curve25519_dalek::montgomery::MontgomeryPoint;
|
||||
use deno_core::error::AnyError;
|
||||
use deno_core::op;
|
||||
use deno_core::op2;
|
||||
use deno_core::ToJsBuffer;
|
||||
use elliptic_curve::pkcs8::PrivateKeyInfo;
|
||||
use elliptic_curve::subtle::ConstantTimeEq;
|
||||
|
|
@ -11,8 +11,11 @@ use rand::RngCore;
|
|||
use spki::der::Decode;
|
||||
use spki::der::Encode;
|
||||
|
||||
#[op(fast)]
|
||||
pub fn op_crypto_generate_x25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) {
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_generate_x25519_keypair(
|
||||
#[buffer] pkey: &mut [u8],
|
||||
#[buffer] pubkey: &mut [u8],
|
||||
) {
|
||||
// u-coordinate of the base point.
|
||||
const X25519_BASEPOINT_BYTES: [u8; 32] = [
|
||||
9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
|
|
@ -31,11 +34,11 @@ pub fn op_crypto_generate_x25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) {
|
|||
|
||||
const MONTGOMERY_IDENTITY: MontgomeryPoint = MontgomeryPoint([0; 32]);
|
||||
|
||||
#[op(fast)]
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_derive_bits_x25519(
|
||||
k: &[u8],
|
||||
u: &[u8],
|
||||
secret: &mut [u8],
|
||||
#[buffer] k: &[u8],
|
||||
#[buffer] u: &[u8],
|
||||
#[buffer] secret: &mut [u8],
|
||||
) -> bool {
|
||||
let k: [u8; 32] = k.try_into().expect("Expected byteLength 32");
|
||||
let u: [u8; 32] = u.try_into().expect("Expected byteLength 32");
|
||||
|
|
@ -52,8 +55,11 @@ pub fn op_crypto_derive_bits_x25519(
|
|||
pub const X25519_OID: const_oid::ObjectIdentifier =
|
||||
const_oid::ObjectIdentifier::new_unwrap("1.3.101.110");
|
||||
|
||||
#[op(fast)]
|
||||
pub fn op_crypto_import_spki_x25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_import_spki_x25519(
|
||||
#[buffer] key_data: &[u8],
|
||||
#[buffer] out: &mut [u8],
|
||||
) -> bool {
|
||||
// 2-3.
|
||||
let pk_info = match spki::SubjectPublicKeyInfo::from_der(key_data) {
|
||||
Ok(pk_info) => pk_info,
|
||||
|
|
@ -72,8 +78,11 @@ pub fn op_crypto_import_spki_x25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
|||
true
|
||||
}
|
||||
|
||||
#[op(fast)]
|
||||
pub fn op_crypto_import_pkcs8_x25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
||||
#[op2(fast)]
|
||||
pub fn op_crypto_import_pkcs8_x25519(
|
||||
#[buffer] key_data: &[u8],
|
||||
#[buffer] out: &mut [u8],
|
||||
) -> bool {
|
||||
// 2-3.
|
||||
// This should probably use OneAsymmetricKey instead
|
||||
let pk_info = match PrivateKeyInfo::from_der(key_data) {
|
||||
|
|
@ -98,9 +107,10 @@ pub fn op_crypto_import_pkcs8_x25519(key_data: &[u8], out: &mut [u8]) -> bool {
|
|||
true
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_export_spki_x25519(
|
||||
pubkey: &[u8],
|
||||
#[buffer] pubkey: &[u8],
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
let key_info = spki::SubjectPublicKeyInfo {
|
||||
algorithm: spki::AlgorithmIdentifier {
|
||||
|
|
@ -113,9 +123,10 @@ pub fn op_crypto_export_spki_x25519(
|
|||
Ok(key_info.to_vec()?.into())
|
||||
}
|
||||
|
||||
#[op]
|
||||
#[op2]
|
||||
#[serde]
|
||||
pub fn op_crypto_export_pkcs8_x25519(
|
||||
pkey: &[u8],
|
||||
#[buffer] pkey: &[u8],
|
||||
) -> Result<ToJsBuffer, AnyError> {
|
||||
// This should probably use OneAsymmetricKey instead
|
||||
let pk_info = rsa::pkcs8::PrivateKeyInfo {
|
||||
|
|
|
|||
Loading…
Reference in a new issue