mirror of
https://github.com/denoland/deno.git
synced 2025-03-03 09:31:22 -05:00
feat(ext/crypto): support importing raw ECDSA keys (#11871)
This commit is contained in:
Divy Srivastava
GitHub
parent
1683044ed9
commit
70978fd05a
4 changed files with 94 additions and 1 deletions
1
Cargo.lock
generated
1
Cargo.lock
generated
|
|
@ -775,6 +775,7 @@ dependencies = [
|
|||
"block-modes",
|
||||
"deno_core",
|
||||
"deno_web",
|
||||
"elliptic-curve",
|
||||
"lazy_static",
|
||||
"num-traits",
|
||||
"p256",
|
||||
|
|
|
|||
|
|
@ -975,6 +975,66 @@
|
|||
|
||||
return key;
|
||||
}
|
||||
// TODO(@littledivy): RSA-PSS
|
||||
case "ECDSA": {
|
||||
switch (format) {
|
||||
case "raw": {
|
||||
// 1.
|
||||
if (
|
||||
!ArrayPrototypeIncludes(
|
||||
supportedNamedCurves,
|
||||
normalizedAlgorithm.namedCurve,
|
||||
)
|
||||
) {
|
||||
throw new DOMException(
|
||||
"Invalid namedCurve",
|
||||
"DataError",
|
||||
);
|
||||
}
|
||||
|
||||
// 2.
|
||||
if (
|
||||
ArrayPrototypeFind(
|
||||
keyUsages,
|
||||
(u) => !ArrayPrototypeIncludes(["verify"], u),
|
||||
) !== undefined
|
||||
) {
|
||||
throw new DOMException("Invalid key usages", "SyntaxError");
|
||||
}
|
||||
|
||||
// 3.
|
||||
const { data } = await core.opAsync("op_crypto_import_key", {
|
||||
algorithm: "ECDSA",
|
||||
namedCurve: normalizedAlgorithm.namedCurve,
|
||||
}, keyData);
|
||||
|
||||
const handle = {};
|
||||
WeakMapPrototypeSet(KEY_STORE, handle, {
|
||||
type: "raw",
|
||||
data,
|
||||
});
|
||||
|
||||
// 4-5.
|
||||
const algorithm = {
|
||||
name: "ECDSA",
|
||||
namedCurve: normalizedAlgorithm.namedCurve,
|
||||
};
|
||||
|
||||
// 6-8.
|
||||
const key = constructKey(
|
||||
"public",
|
||||
extractable,
|
||||
usageIntersection(keyUsages, recognisedUsages),
|
||||
algorithm,
|
||||
handle,
|
||||
);
|
||||
|
||||
return key;
|
||||
}
|
||||
default:
|
||||
throw new DOMException("Not implemented", "NotSupportedError");
|
||||
}
|
||||
}
|
||||
case "RSASSA-PKCS1-v1_5": {
|
||||
switch (format) {
|
||||
case "pkcs8": {
|
||||
|
|
@ -1149,7 +1209,6 @@
|
|||
throw new DOMException("Not implemented", "NotSupportedError");
|
||||
}
|
||||
}
|
||||
// TODO(@littledivy): ECDSA
|
||||
case "HKDF": {
|
||||
if (format !== "raw") {
|
||||
throw new DOMException("Format not supported", "NotSupportedError");
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ aes = "0.7.5"
|
|||
block-modes = "0.8.1"
|
||||
deno_core = { version = "0.102.0", path = "../../core" }
|
||||
deno_web = { version = "0.51.0", path = "../web" }
|
||||
elliptic-curve = "0.10.6"
|
||||
lazy_static = "1.4.0"
|
||||
num-traits = "0.2.14"
|
||||
p256 = { version = "0.9.0", features = ["ecdh"] }
|
||||
|
|
|
|||
|
|
@ -1166,6 +1166,8 @@ pub struct ImportKeyArg {
|
|||
format: KeyFormat,
|
||||
// RSASSA-PKCS1-v1_5
|
||||
hash: Option<CryptoHash>,
|
||||
// ECDSA
|
||||
named_curve: Option<CryptoNamedCurve>,
|
||||
}
|
||||
|
||||
#[derive(Serialize)]
|
||||
|
|
@ -1186,6 +1188,36 @@ pub async fn op_crypto_import_key(
|
|||
let algorithm = args.algorithm;
|
||||
|
||||
match algorithm {
|
||||
Algorithm::Ecdsa => {
|
||||
let curve = args.named_curve.ok_or_else(|| {
|
||||
type_error("Missing argument named_curve".to_string())
|
||||
})?;
|
||||
|
||||
match curve {
|
||||
CryptoNamedCurve::P256 => {
|
||||
// 1-2.
|
||||
let point = p256::EncodedPoint::from_bytes(data)?;
|
||||
// 3.
|
||||
if point.is_identity() {
|
||||
return Err(type_error("Invalid key data".to_string()));
|
||||
}
|
||||
}
|
||||
CryptoNamedCurve::P384 => {
|
||||
// 1-2.
|
||||
let point = p384::EncodedPoint::from_bytes(data)?;
|
||||
// 3.
|
||||
if point.is_identity() {
|
||||
return Err(type_error("Invalid key data".to_string()));
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
Ok(ImportKeyResult {
|
||||
data: zero_copy,
|
||||
modulus_length: None,
|
||||
public_exponent: None,
|
||||
})
|
||||
}
|
||||
Algorithm::RsassaPkcs1v15 => {
|
||||
match args.format {
|
||||
KeyFormat::Pkcs8 => {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue