foster/denoland-deno
0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-02-23 13:43:31 -05:00
Code Issues Packages 1 Wiki Activity
13125 commits 144 branches 364 tags 335 MiB
Commit graph

74 commits

Author SHA1 Message Date
Nathan Whitaker
bac8171c40
perf(crypto): use ring for asm implementations of sha256/sha512 (#27885) 
Currently we are using the pure rust backend of `sha2`, which has subpar
performance compared to asm implementations. We already depend on
`ring`, so just use that instead of `sha2` for sha256/sha512 digests.

This also speeds up things like S3 uploads, which calculate sha digests
of the uploaded objects. On my local machine, this speeds up uploading a
100MB file (to a localhost s3 provider via`@aws-sdk/client-s3`) by about
2x

<details>

<summary>Benchmark:</summary>

```ts
import { createHmac } from "node:crypto";

for (
  const size of [1, 10, 100, 1_000, 10_000, 100_000, 1_000_000, 10_000_000]
) {
  const input = "a".repeat(size);
  Deno.bench({
    name: `sha256-${size}`,
    fn() {
      const _hash = createHmac("sha256", input).update(input).digest();
    },
  });
  Deno.bench({
    name: `sha512-${size}`,
    fn() {
      const _hash = createHmac("sha512", input).update(input).digest();
    },
  });
}
```

</details>

<details>

<summary>Results (arm64 macOS):</summary>

```
--- sha256-1 ---
../../deno/target/release/deno         2.527 µs    1.240 times faster
/Users/nathanwhit/.deno/bin/deno       3.132 µs    
--- sha512-1 ---
../../deno/target/release/deno         3.364 µs    1.071 times faster
/Users/nathanwhit/.deno/bin/deno       3.603 µs    
--- sha256-10 ---
../../deno/target/release/deno         3.060 µs    1.027 times faster
/Users/nathanwhit/.deno/bin/deno       3.144 µs    
--- sha512-10 ---
../../deno/target/release/deno         3.583 µs    1.047 times faster
/Users/nathanwhit/.deno/bin/deno       3.751 µs    
--- sha256-100 ---
../../deno/target/release/deno         3.695 µs    1.244 times faster
/Users/nathanwhit/.deno/bin/deno       4.598 µs    
--- sha512-100 ---
../../deno/target/release/deno         3.386 µs    1.188 times faster
/Users/nathanwhit/.deno/bin/deno       4.021 µs    
--- sha256-1000 ---
../../deno/target/release/deno         4.007 µs    3.230 times faster
/Users/nathanwhit/.deno/bin/deno      12.944 µs    
--- sha512-1000 ---
../../deno/target/release/deno         6.463 µs    1.466 times faster
/Users/nathanwhit/.deno/bin/deno       9.477 µs    
--- sha256-10000 ---
../../deno/target/release/deno        11.674 µs    6.981 times faster
/Users/nathanwhit/.deno/bin/deno      81.493 µs    
--- sha512-10000 ---
../../deno/target/release/deno        31.250 µs    1.740 times faster
/Users/nathanwhit/.deno/bin/deno      54.364 µs    
--- sha256-100000 ---
../../deno/target/release/deno        82.800 µs    9.393 times faster
/Users/nathanwhit/.deno/bin/deno     777.719 µs    
--- sha512-100000 ---
../../deno/target/release/deno       269.726 µs    1.851 times faster
/Users/nathanwhit/.deno/bin/deno     499.243 µs    
--- sha256-1000000 ---
../../deno/target/release/deno       808.662 µs    9.427 times faster
/Users/nathanwhit/.deno/bin/deno       7.623 ms    
--- sha512-1000000 ---
../../deno/target/release/deno         2.672 ms    1.795 times faster
/Users/nathanwhit/.deno/bin/deno       4.795 ms    
--- sha256-10000000 ---
../../deno/target/release/deno         7.823 ms    9.868 times faster
/Users/nathanwhit/.deno/bin/deno      77.201 ms    
--- sha512-10000000 ---
../../deno/target/release/deno        26.197 ms    1.846 times faster
/Users/nathanwhit/.deno/bin/deno      48.356 ms    
```

</details>

<details>

<summary>Results (x86_64 linux):</summary>

```
--- sha256-1 ---
/home/nathanwhit/.deno/bin/deno             10.726 µs    1.229 times faster
../../../deno/target/release-lite/deno      13.184 µs    
--- sha512-1 ---
/home/nathanwhit/.deno/bin/deno             13.177 µs    1.051 times faster
../../../deno/target/release-lite/deno      13.845 µs    
--- sha256-10 ---
/home/nathanwhit/.deno/bin/deno             13.156 µs    1.047 times faster
../../../deno/target/release-lite/deno      13.780 µs    
--- sha512-10 ---
/home/nathanwhit/.deno/bin/deno             14.386 µs    1.029 times faster
../../../deno/target/release-lite/deno      14.807 µs    
--- sha256-100 ---
/home/nathanwhit/.deno/bin/deno             14.580 µs    1.083 times faster
../../../deno/target/release-lite/deno      15.789 µs    
--- sha512-100 ---
/home/nathanwhit/.deno/bin/deno             13.477 µs    1.131 times faster
../../../deno/target/release-lite/deno      15.238 µs    
--- sha256-1000 ---
../../../deno/target/release-lite/deno      17.208 µs    1.116 times faster
/home/nathanwhit/.deno/bin/deno             19.198 µs    
--- sha512-1000 ---
../../../deno/target/release-lite/deno      21.168 µs    1.026 times faster
/home/nathanwhit/.deno/bin/deno             21.717 µs    
--- sha256-10000 ---
../../../deno/target/release-lite/deno      33.586 µs    1.990 times faster
/home/nathanwhit/.deno/bin/deno             66.837 µs    
--- sha512-10000 ---
../../../deno/target/release-lite/deno      53.338 µs    1.009 times faster
/home/nathanwhit/.deno/bin/deno             53.817 µs    
--- sha256-100000 ---
../../../deno/target/release-lite/deno     168.238 µs    3.063 times faster
/home/nathanwhit/.deno/bin/deno            515.354 µs    
--- sha512-100000 ---
../../../deno/target/release-lite/deno     383.311 µs    1.036 times faster
/home/nathanwhit/.deno/bin/deno            397.122 µs    
--- sha256-1000000 ---
../../../deno/target/release-lite/deno       1.474 ms    3.471 times faster
/home/nathanwhit/.deno/bin/deno              5.115 ms    
--- sha512-1000000 ---
../../../deno/target/release-lite/deno       3.658 ms    1.057 times faster
/home/nathanwhit/.deno/bin/deno              3.865 ms    
--- sha256-10000000 ---
../../../deno/target/release-lite/deno      16.438 ms    3.136 times faster
/home/nathanwhit/.deno/bin/deno             51.556 ms    
--- sha512-10000000 ---
../../../deno/target/release-lite/deno      37.128 ms    1.056 times faster
/home/nathanwhit/.deno/bin/deno             39.220 ms    
```

</details>
 2025-01-30 23:38:14 +00:00
Nathan Whitaker
094e268002
fix(ext/node): implement aes-128-ctr, aes-192-ctr, and aes-256-ctr (#27630) 
Fixes https://github.com/denoland/deno/issues/24864

Need to add some tests, also unsure about the right counter size (went
with 128 bit to be safe)

---------

Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
 2025-01-27 23:35:51 -08:00
Divy Srivastava
533993efcf
fix(ext/node): implement X509Certificate#checkHost (#27821) 
Fixes https://github.com/denoland/deno/issues/27619
 2025-01-27 16:33:03 +05:30
Divy Srivastava
f678a17313
fix(ext/node): fix panic when invalid AES GCM key size (#27818) 
Fixes https://github.com/denoland/deno/issues/27807
 2025-01-27 16:32:25 +05:30
Divy Srivastava
1efc77331c
fix(ext/node): scrypt panic when log_n > 64 (#27816) 
Throws an error instead of panic. Ref
https://github.com/denoland/deno/issues/27716
 2025-01-27 09:12:51 +05:30
Divy Srivastava
4f27d7cdc0
fix(ext/node): GCM auth tag check on DechiperIv#final (#27733) 2025-01-20 18:16:44 +05:30
Leo Kettmeir
ea30e188a8
refactor: update deno_core for error refactor (#26867) 
Closes #26171

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
 2025-01-08 14:52:32 -08:00
Kenta Moriuchi
8fb073d7b4
chore: Happy New Year 2025 (#27509) 2024-12-31 19:12:39 +00:00
David Sherret
ac7b33a340
chore: cargo fmt - turn on group_imports=StdExternalCrate (#26646) 2024-12-31 12:13:39 -05:00
Bartek Iwańczuk
1cd36009b0
fix(ext/node): support private key export in JWK format (#27325) 
Closes https://github.com/denoland/deno/issues/26643

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
 2024-12-31 13:49:02 +01:00
Yoshiya Hinosawa
c45d0dadb3
fix(ext/node): add support of any length IV for aes-(128|256)-gcm ciphers (#27476) 2024-12-27 17:46:01 +09:00
Yoshiya Hinosawa
91150706d8
fix(ext/node): make getCiphers return supported ciphers (#27466) 
Currently we only supports 7 ciphers (`aes-(128|192|256)-ecb` and
`aes-(128|256)-(cbc|gcm)`) in `node:crypto`, but `crypto.getCiphers`
returns other supported cipher names. That confuses `npm:openpgp`
package and causes https://github.com/denoland/deno/issues/26875.

This PR makes `getCiphers` return actually supported cipher names.

With this change, the example given in #26875 can create private and
public key files.

closes #26875
 2024-12-26 13:24:28 +09:00
Leo Kettmeir
1cab4f07a3
refactor: use concrete error type for remaining ops (#26746) 2024-11-06 16:57:57 -08:00
Divy Srivastava
4774eab64d
chore: upgrade to rust 1.82 and LLVM 19 (#26615) 
Upgrade to rust 1.82 and LLVM 19 . Removes one webusb test because
`requestAdapter` not working on new ubuntu 24 runners
 2024-11-01 16:13:02 +05:30
Divy Srivastava
8bfd134da6
fix: clamp smi in fast calls by default (#26506) 
Fixes https://github.com/denoland/deno/issues/26480

Ref
d2945fb65b
 2024-10-31 10:10:07 +05:30
Divy Srivastava
bbad7c5922
fix(ext/node): compute pem length (upper bound) for key exports (#26231) 
Fixes https://github.com/denoland/deno/issues/26188
 2024-10-14 14:24:26 +05:30
Divy Srivastava
e97f00f6f6
fix(ext/node): support x509 certificates in createPublicKey (#25731) 
Fixes https://github.com/denoland/deno/issues/25681
 2024-09-19 19:12:23 +05:30
Luca Casonato
81c9e0ba25
fix(ext/crypto): support md4 digest algorithm (#25656) 
Fixes #25646
 2024-09-16 11:04:40 +00:00
Yoshiya Hinosawa
ef2d98fe11
fix(ext/node): validate input lengths in Cipheriv and Decipheriv (#25570) 
addresses the first part of #25279
 2024-09-11 13:27:07 +09:00
Divy Srivastava
0e50bb1d4a
fix(ext/node): import RSA JWK keys (#25267) 
Fixes https://github.com/denoland/deno/issues/24129
 2024-08-28 20:56:11 +05:30
Divy Srivastava
b9c144df6f
fix(ext/node): export JWK public key (#25239) 
Fixes https://github.com/denoland/deno/issues/18928

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
 2024-08-28 15:03:02 +00:00
Divy Srivastava
553bd7dec3
fix(ext/node): import EC JWK keys (#25266) 2024-08-28 19:54:49 +05:30
Divy Srivastava
3394c4df75
fix(ext/node): update aead-gcm-stream to 0.3 (#25261) 
Fixes https://github.com/denoland/deno/issues/25260
Fixes https://github.com/denoland/deno/issues/25254
Fixes https://github.com/denoland/deno/issues/23693

Verified that `web-push` GCM decryption works in the browser. See
`aead-gcm-stream` changes
[here](a9ffd0c07c)
 2024-08-28 18:34:18 +05:30
Divy Srivastava
d9a7b30d1f
fix(ext/node): import JWK octet key pairs (#25180) 
Ref https://github.com/denoland/deno/issues/24129

`kty: "okp"` is defined in
[rfc8037](https://www.rfc-editor.org/rfc/rfc8037.html)
 2024-08-23 22:06:28 +05:30
Divy Srivastava
b61fd622a5
fix(ext/node): rewrite X509Certificate resource and add publicKey() (#24988) 
**Changes**:
- Remove unsafe usage, rewrite Rust representation with `yoke`.
- Implement `X509Certificate.prototype.publicKey()`

Fixes https://github.com/denoland/deno/issues/23307
 2024-08-11 18:58:54 +05:30
Divy Srivastava
d6f662ac82
fix(ext/node): support ieee-p1363 ECDSA signatures and pss salt len (#24981) 
Fixes https://github.com/denoland/deno/issues/22919
 2024-08-11 14:59:53 +05:30
Luca Casonato
4dc8fe2020
fix(ext/node): use pem private keys in createPublicKey (#24969) 2024-08-09 13:39:46 +00:00
Luca Casonato
fc02303842
fix(ext/node): ed25519 signing and cipheriv autopadding fixes (#24957) 
- Return auth tag for GCM ciphers from auto padding shortcircuit
- Use _ring_ for ed25519 signing

---------

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
 2024-08-09 12:58:20 +02:00
Divy Srivastava
0d1beed2e3
fix(ext/node): add CipherIv.setAutoPadding() (#24940) 
Co-Authored-By: Luca Casonato <hello@lcas.dev>

Fixes https://github.com/denoland/deno/issues/21804
Ref https://github.com/denoland/deno/issues/20924

---------

Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
 2024-08-08 18:34:10 +05:30
Luca Casonato
93d479252b
fix(ext/node): add crypto.diffieHellman (#24938) 
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>

Closes #21806
 2024-08-08 15:05:29 +05:30
Luca Casonato
4fa8869f24
feat(ext/node): rewrite crypto keys (#24463) 
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:

- **Signing**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC
  - ED25519 🆕
- **Verifying**
  - RSA
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - ED25519 🆕
- **Private key import**
  - Passphrase encrypted private keys 🆕
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - DSA 🆕
  - EC
    - PEM
    - DER (SEC1) 🆕
    - DER (PKCS#8) 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH
- **Public key import**
  - RSA
    - PEM
    - DER (PKCS#1) 🆕
    - DER (PKCS#8) 🆕
  - RSA-PSS 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Private key export**
  - RSA 🆕
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Public key export**
  - RSA
  - DSA 🆕
  - EC 🆕
  - X25519 🆕
  - ED25519 🆕
  - DH 🆕
- **Key pair generation**
  - Overhauled, but supported APIs unchanged

This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).

Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
 2024-08-07 08:43:58 +02:00
Luca Casonato
08e5606c34
fix(ext/node): rewrite digest handling (#24392) 
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.

It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.

It also adds support for `md5-sha1` digests in
various places.
 2024-07-05 10:10:22 +02:00
snek
a555cb4d1d
feat: upgrade deno_core (#24364) 
- Symbol.asyncDispose no longer needs to be polyfilled
- assorted updates for cppgc api changes
 2024-07-01 15:48:52 -07:00
Luca Casonato
1e8a6b94b1
fix(ext/node): rewrite crypto.Hash (#24302) 
Changes in this PR:

- Added new fixed size hash algorithms (blake2b512, blake2s256,
sha512-224, sha512-256, sha3-224, sha3-256, sha3-384, sha3-512, sm3)
- Added variable size hash algorithms (the concept), with the algorithms
shake128 and shake256
- Use cppgc instead of resources for the hasher
- Enable Node's crypto.Hash tests and fix found bugs
 2024-06-24 11:47:12 +02:00
Luca Casonato
e6756c3e66
fix(ext/node): don't panic on invalid utf-8 in pem (#24303) 2024-06-21 10:25:07 +00:00
Divy Srivastava
b4939f3379
fix: upgrade deno_core to 0.291.0 (#24297) 2024-06-21 10:49:39 +05:30
Satya Rohith
0f48313565
chore: upgrade to rust 1.79 (#24207) 2024-06-14 17:10:57 +05:30
Divy Srivastava
b02ffec37c
fix(ext/node): exporting rsa public keys (#23596) 
Initial support for exporting rsa public KeyObject.

Current assumption is that RSA keys are stored in pkcs1 der format in
key storage.

Ref https://github.com/denoland/deno/issues/23471 
Ref https://github.com/denoland/deno/issues/18928
Ref https://github.com/denoland/deno/issues/21124
 2024-04-29 19:16:38 +05:30
Divy Srivastava
1f60b8af97
fix(ext/node): ECDH.publicKey() point encoding (#23013) 2024-03-21 14:11:54 +05:30
Divy Srivastava
210f2911ce
fix(ext/node): panic in op_node_ecdh_generate_keys (#23011) 2024-03-21 06:45:10 +00:00
Asher Gomez
b0c687c1d2
fix(ext/node): support Diffie-Hellman key type in crypto.createPrivateKey() (#22984) 
Towards #22489

Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
 2024-03-19 11:11:01 +05:30
Satya Rohith
becdad531f
fix(ext/node): support public key point encoding in ECDH.generateKeys() (#22976) 
Towards https://github.com/denoland/deno/issues/22921

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
 2024-03-18 13:20:10 +05:30
Divy Srivastava
b00f076017
fix(ext/node): Support private EC key signing (#22914) 
Fixes https://github.com/denoland/deno/issues/18972

Support for web-push VAPID keys & jws signing

- Fixes EC keygen to return raw private key and uncompressed public key
point.
- Support for `EC PRIVATE KEY`
 2024-03-14 14:53:50 +01:00
Divy Srivastava
9c348a0acd
fix(ext/node): support spki format in createPublicKey (#22918) 2024-03-14 14:39:46 +01:00
Divy Srivastava
10e592f954
fix(ext/node): DH (dhKeyAgreement) support for createPrivateKey (#22891) 
Ref https://github.com/denoland/deno/pull/22511
 2024-03-14 08:56:07 +05:30
Asher Gomez
5cfa03ceca
fix(ext/node): initial crypto.createPublicKey() support (#22509) 
Closes #21807

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
 2024-03-13 08:17:23 +00:00
Asher Gomez
6e6c316c9d
feat(ext/node): add more named curves in crypto.generateKeyPair[Sync]() (#22882) 
Towards fixing #21761
 2024-03-13 12:14:51 +05:30
Matt Mastracci
4791d16a8e
perf(cli): use faster_hex (#22761) 
`cli::util::checksum` was showing up on flame graphs because it was
concatenating allocated strings. We can use `faster-hex` to improve it.
 2024-03-07 10:00:43 -07:00
Asher Gomez
6512be458f
fix(ext/node): add aes256 algorithm support (#22198) 
Towards #21804
 2024-02-01 09:13:24 +05:30
Divy Srivastava
d9191db0ce
chore: upgrade deno_core to 0.256.0 (#22145) 2024-01-27 12:27:41 +05:30