gitstart-app[bot]
6314c3c46d
fix(ext/node): crypto.hkdfSync returns wrong result for non-Uint8Array TypedArray inputs ( #30463 )
...
ci / pre-build (push) Has been cancelled
ci / build libs (push) Has been cancelled
ci / publish canary (push) Has been cancelled
ci / test debug linux-aarch64 (push) Has been cancelled
ci / test release linux-aarch64 (push) Has been cancelled
ci / test debug macos-aarch64 (push) Has been cancelled
ci / test release macos-aarch64 (push) Has been cancelled
ci / bench release linux-x86_64 (push) Has been cancelled
ci / lint debug linux-x86_64 (push) Has been cancelled
ci / lint debug macos-x86_64 (push) Has been cancelled
ci / lint debug windows-x86_64 (push) Has been cancelled
ci / test debug linux-x86_64 (push) Has been cancelled
ci / test release linux-x86_64 (push) Has been cancelled
ci / test debug macos-x86_64 (push) Has been cancelled
ci / test release macos-x86_64 (push) Has been cancelled
ci / test debug windows-x86_64 (push) Has been cancelled
ci / test release windows-x86_64 (push) Has been cancelled
The original HKDF implementation incorrectly handled
TypedArrays by converting them through the toBuf() function, which only
handles strings and Buffers. This caused TypedArrays to be processed
incorrectly, losing their actual byte representation.
Closes https://github.com/denoland/deno/issues/29913
---------
Co-authored-by: gitstart-app[bot] <80938352+gitstart-app[bot]@users.noreply.github.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2025-08-23 11:56:19 +02:00
Garret Thompson
038d5a5331
fix(ext/node): avoid panic when crypto.randomInt has no arguments ( #30314 )
...
ci / test debug linux-aarch64 (push) Blocked by required conditions
ci / pre-build (push) Waiting to run
ci / lint debug linux-x86_64 (push) Blocked by required conditions
ci / lint debug macos-x86_64 (push) Blocked by required conditions
ci / lint debug windows-x86_64 (push) Blocked by required conditions
ci / test debug linux-x86_64 (push) Blocked by required conditions
ci / test release linux-x86_64 (push) Blocked by required conditions
ci / test debug macos-x86_64 (push) Blocked by required conditions
ci / test release macos-x86_64 (push) Blocked by required conditions
ci / test debug windows-x86_64 (push) Blocked by required conditions
ci / test release windows-x86_64 (push) Blocked by required conditions
ci / build libs (push) Blocked by required conditions
ci / publish canary (push) Blocked by required conditions
ci / test release linux-aarch64 (push) Blocked by required conditions
ci / test debug macos-aarch64 (push) Blocked by required conditions
ci / test release macos-aarch64 (push) Blocked by required conditions
ci / bench release linux-x86_64 (push) Blocked by required conditions
Closes https://github.com/denoland/deno/issues/30313
2025-08-05 17:09:39 +02:00
Divy Srivastava
d15581fb19
fix(ext/node): implement Certificate API ( #29828 )
2025-06-23 02:34:44 -07:00
Yoshiya Hinosawa
538f8870dc
fix(ext/node): support KeyObject in publicEncrypt/privateDecrypt ( #29798 )
2025-06-19 09:48:29 +09:00
Yoshiya Hinosawa
a334610faf
fix(ext/node): add validation to Cipheriv methods ( #29800 )
2025-06-19 09:40:50 +09:00
Yoshiya Hinosawa
94e26a90ea
fix(ext/node): improve scrypt support ( #29773 )
2025-06-18 09:50:37 +09:00
Yoshiya Hinosawa
2572b8398b
fix(ext/node): fix input validation of crypto hkdf ( #29775 )
2025-06-18 09:49:14 +09:00
Yoshiya Hinosawa
b979c886e6
fix(ext/node): fix error type in DiffieHellman constructor ( #29721 )
2025-06-17 11:43:26 +09:00
Yoshiya Hinosawa
413aa404f9
fix(ext/node): add key length validation in DiffieHellman.prototype.computeSecret ( #29757 )
2025-06-16 21:32:05 +09:00
Divy Srivastava
c9de072b61
fix(ext/node): throw invalid state from getAuthTag ( #29752 )
ci / pre-build (push) Waiting to run
ci / test debug linux-aarch64 (push) Blocked by required conditions
ci / test release linux-aarch64 (push) Blocked by required conditions
ci / test debug macos-aarch64 (push) Blocked by required conditions
ci / test release macos-aarch64 (push) Blocked by required conditions
ci / bench release linux-x86_64 (push) Blocked by required conditions
ci / lint debug linux-x86_64 (push) Blocked by required conditions
ci / lint debug macos-x86_64 (push) Blocked by required conditions
ci / lint debug windows-x86_64 (push) Blocked by required conditions
ci / test debug linux-x86_64 (push) Blocked by required conditions
ci / test release linux-x86_64 (push) Blocked by required conditions
ci / test debug macos-x86_64 (push) Blocked by required conditions
ci / test release macos-x86_64 (push) Blocked by required conditions
ci / test debug windows-x86_64 (push) Blocked by required conditions
ci / test release windows-x86_64 (push) Blocked by required conditions
ci / build libs (push) Blocked by required conditions
ci / publish canary (push) Blocked by required conditions
2025-06-15 19:48:20 -07:00
Divy Srivastava
02cff572b2
fix(ext/node): validate auth tag for GCM mode cipher ( #29739 )
...
Enables `parallel/test-crypto-gcm-explicit-short-tag.js`
Ref https://github.com/denoland/deno/issues/29637
2025-06-16 11:04:41 +09:00
Divy Srivastava
fa3208bf27
fix(ext/node): Fix crypto.pbkdf2 compat ( #29738 )
2025-06-13 09:10:41 -07:00
Divy Srivastava
cdf4834ba0
fix(ext/node): fix oneshot hash validation ( #29661 )
...
ci / test release linux-x86_64 (push) Blocked by required conditions
ci / test debug macos-x86_64 (push) Blocked by required conditions
ci / test release macos-x86_64 (push) Blocked by required conditions
ci / test debug windows-x86_64 (push) Blocked by required conditions
ci / test release windows-x86_64 (push) Blocked by required conditions
ci / pre-build (push) Waiting to run
ci / test debug linux-aarch64 (push) Blocked by required conditions
ci / test release linux-aarch64 (push) Blocked by required conditions
ci / test debug macos-aarch64 (push) Blocked by required conditions
ci / test release macos-aarch64 (push) Blocked by required conditions
ci / bench release linux-x86_64 (push) Blocked by required conditions
ci / lint debug linux-x86_64 (push) Blocked by required conditions
ci / lint debug macos-x86_64 (push) Blocked by required conditions
ci / lint debug windows-x86_64 (push) Blocked by required conditions
ci / test debug linux-x86_64 (push) Blocked by required conditions
ci / build wasm32 (push) Blocked by required conditions
ci / publish canary (push) Blocked by required conditions
Enables `parallel/test-crypto-oneshot-hash.js`
Ref https://github.com/denoland/deno/issues/29637
---------
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
2025-06-13 10:12:10 +05:30
Yoshiya Hinosawa
578634daf6
fix(ext/node): DiffieHellman constructor behaviors ( #29718 )
2025-06-13 12:21:39 +09:00
Yoshiya Hinosawa
2547f1dd19
refactor(ext/node): use FastBuffer in internal code ( #29700 )
2025-06-11 21:13:17 +09:00
Divy Srivastava
9ce1a60d4c
fix(ext/node): validate prime bigint candidate ( #29653 )
ci / test debug macos-aarch64 (push) Blocked by required conditions
ci / test release macos-aarch64 (push) Blocked by required conditions
ci / bench release linux-x86_64 (push) Blocked by required conditions
ci / lint debug linux-x86_64 (push) Blocked by required conditions
ci / lint debug macos-x86_64 (push) Blocked by required conditions
ci / lint debug windows-x86_64 (push) Blocked by required conditions
ci / test debug linux-x86_64 (push) Blocked by required conditions
ci / test release linux-x86_64 (push) Blocked by required conditions
ci / test debug macos-x86_64 (push) Blocked by required conditions
ci / test release macos-x86_64 (push) Blocked by required conditions
ci / test debug windows-x86_64 (push) Blocked by required conditions
ci / test release windows-x86_64 (push) Blocked by required conditions
ci / pre-build (push) Waiting to run
ci / test debug linux-aarch64 (push) Blocked by required conditions
ci / test release linux-aarch64 (push) Blocked by required conditions
ci / build wasm32 (push) Blocked by required conditions
ci / publish canary (push) Blocked by required conditions
2025-06-08 22:45:20 -07:00
Divy Srivastava
dfe56f8b45
fix(ext/node): internal getOpenSSLSecLevel() for tests ( #29657 )
...
Enables `parallel/test-crypto-sec-level.js`
Ref https://github.com/denoland/deno/issues/29637
2025-06-08 21:07:14 +05:30
Divy Srivastava
f3920ef2ec
fix(ext/node): validate randomUUID() options ( #29656 )
...
Enables `parallel/test-crypto-randomuuid.js`
Ref https://github.com/denoland/deno/issues/29637
2025-06-08 21:06:52 +05:30
Yoshiya Hinosawa
a756a7bf8e
fix(ext/node): fix prototype of asymmetricKeyDetails of AsymmetricKeyObject ( #29576 )
2025-06-03 21:45:28 +09:00
Divy Srivastava
acd0c94b46
fix(ext/node): add AES CTR to supported ciphers list ( #29273 )
...
Fix https://github.com/denoland/deno/issues/29047
2025-05-13 09:45:36 +05:30
Divy Srivastava
01b6da9d9b
fix(ext/node): upgrade node:stream ( #28855 )
...
Ref https://github.com/denoland/deno/issues/28836
This PR replaces the _stream.mjs bundle with a file-by-file port instead. A codemod transpiles Node.js internals to ESM. The codemod performs three tasks: translating CJS to ESM, remapping internal dependencies, and hoisting lazy requires as imports.
The process is fully automated through the `update_node_stream.ts` script, simplifying future internal updates. The script checks out Node.js from a specific tag defined in the `tests/node_compat/runner`.
Additionally, the update enables new tests in our Node test runner and adds features (like compose()) that were missing from the outdated bundle.
## Performance
There is a 140KB+ binary size increase on aarch64-apple-darwin and nop startup time stays the same.
2025-04-14 21:35:34 +05:30
Divy Srivastava
b26c30d938
fix(ext/node): return Buffer from crypto cipher APIs ( #28826 )
...
Fixes https://github.com/denoland/deno/issues/28633
2025-04-10 08:01:30 +00:00
Nathan Whitaker
094e268002
fix(ext/node): implement aes-128-ctr, aes-192-ctr, and aes-256-ctr ( #27630 )
...
Fixes https://github.com/denoland/deno/issues/24864
Need to add some tests, also unsure about the right counter size (went
with 128 bit to be safe)
---------
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
2025-01-27 23:35:51 -08:00
Divy Srivastava
533993efcf
fix(ext/node): implement X509Certificate#checkHost ( #27821 )
...
Fixes https://github.com/denoland/deno/issues/27619
2025-01-27 16:33:03 +05:30
Divy Srivastava
1efc77331c
fix(ext/node): scrypt panic when log_n > 64 ( #27816 )
...
Throws an error instead of panic. Ref
https://github.com/denoland/deno/issues/27716
2025-01-27 09:12:51 +05:30
Divy Srivastava
4f27d7cdc0
fix(ext/node): GCM auth tag check on DechiperIv#final ( #27733 )
2025-01-20 18:16:44 +05:30
Kenta Moriuchi
8fb073d7b4
chore: Happy New Year 2025 ( #27509 )
2024-12-31 19:12:39 +00:00
Bartek Iwańczuk
1cd36009b0
fix(ext/node): support private key export in JWK format ( #27325 )
...
Closes https://github.com/denoland/deno/issues/26643
---------
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-12-31 13:49:02 +01:00
Yoshiya Hinosawa
91150706d8
fix(ext/node): make getCiphers return supported ciphers ( #27466 )
...
Currently we only supports 7 ciphers (`aes-(128|192|256)-ecb` and
`aes-(128|256)-(cbc|gcm)`) in `node:crypto`, but `crypto.getCiphers`
returns other supported cipher names. That confuses `npm:openpgp`
package and causes https://github.com/denoland/deno/issues/26875 .
This PR makes `getCiphers` return actually supported cipher names.
With this change, the example given in #26875 can create private and
public key files.
closes #26875
2024-12-26 13:24:28 +09:00
Marvin Hagemeister
df1d36324f
fix(node/crypto): support promisify on generateKeyPair ( #26913 )
...
Calling `promisify(generateKeyPair)` didn't work as expected. It
requires a custom promisify implementation.
This was easy to fix thanks to the excellent debugging investigation in
https://github.com/denoland/deno/issues/26910
Fixes https://github.com/denoland/deno/issues/26910
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-19 01:39:40 +01:00
Kenta Moriuchi
fb1d33a711
chore: update dlint to v0.68.0 for internal ( #26711 )
2024-11-04 12:17:11 -05:00
Mayank Kumar
793b155cd3
fix(ext/node): use primordials in ext\node\polyfills\internal\crypto\_randomInt.ts ( #26534 )
...
Towards #24236
2024-10-26 19:42:14 +02:00
Yoshiya Hinosawa
3f15e30062
fix(ext/node): fix Decipheriv when autoPadding disabled ( #25598 )
...
This change fixes Decipheriv behavior when autoPadding disabled and enabled.
By this change, the example given in
https://github.com/denoland/deno/issues/20924#issuecomment-2345931295
works in the same way as Node.
closes #20924
2024-09-13 01:13:56 +09:00
Bartek Iwańczuk
f794781ffb
feat(ext/node): expose ES modules for _ modules ( #25588 )
...
Exposes following modules:
- `"node:_http_agent"`
- `"node:_http_common"`
- `"node:_http_outgoing"`
- `"node:_http_server"`
- `"node:_stream_duplex"`
- `"node:_stream_passthrough"`
- `"node:_stream_readable"`
- `"node:_stream_transform"`
- `"node:_stream_writable"`
- `"node:_tls_common"`
- `"node:_tls_wrap"`
2024-09-12 00:52:08 +00:00
Yoshiya Hinosawa
aae3a6bcb4
fix(ext/node): fix Cipheriv#update(string, undefined) ( #25571 )
2024-09-11 19:24:17 +09:00
Divy Srivastava
0e50bb1d4a
fix(ext/node): import RSA JWK keys ( #25267 )
...
Fixes https://github.com/denoland/deno/issues/24129
2024-08-28 20:56:11 +05:30
Divy Srivastava
b9c144df6f
fix(ext/node): export JWK public key ( #25239 )
...
Fixes https://github.com/denoland/deno/issues/18928
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-08-28 15:03:02 +00:00
Divy Srivastava
553bd7dec3
fix(ext/node): import EC JWK keys ( #25266 )
2024-08-28 19:54:49 +05:30
Divy Srivastava
d9a7b30d1f
fix(ext/node): import JWK octet key pairs ( #25180 )
...
Ref https://github.com/denoland/deno/issues/24129
`kty: "okp"` is defined in
[rfc8037](https://www.rfc-editor.org/rfc/rfc8037.html )
2024-08-23 22:06:28 +05:30
Kenta Moriuchi
76f4f202e7
chore: update the copyright of c, mjs, and jsx ( #25005 )
2024-08-12 12:41:32 -04:00
Divy Srivastava
b61fd622a5
fix(ext/node): rewrite X509Certificate resource and add publicKey() ( #24988 )
...
**Changes**:
- Remove unsafe usage, rewrite Rust representation with `yoke`.
- Implement `X509Certificate.prototype.publicKey()`
Fixes https://github.com/denoland/deno/issues/23307
2024-08-11 18:58:54 +05:30
Divy Srivastava
d6f662ac82
fix(ext/node): support ieee-p1363 ECDSA signatures and pss salt len ( #24981 )
...
Fixes https://github.com/denoland/deno/issues/22919
2024-08-11 14:59:53 +05:30
Luca Casonato
fc02303842
fix(ext/node): ed25519 signing and cipheriv autopadding fixes ( #24957 )
...
- Return auth tag for GCM ciphers from auto padding shortcircuit
- Use _ring_ for ed25519 signing
---------
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-08-09 12:58:20 +02:00
Divy Srivastava
0d1beed2e3
fix(ext/node): add CipherIv.setAutoPadding() ( #24940 )
...
Co-Authored-By: Luca Casonato <hello@lcas.dev>
Fixes https://github.com/denoland/deno/issues/21804
Ref https://github.com/denoland/deno/issues/20924
---------
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
2024-08-08 18:34:10 +05:30
Birk Skyum
733162a83e
fix(node/crypto): Assign publicKey and privateKey with let instead of const ( #24943 )
...
Because public/private key are reassigned, they should be `let` instead
of `const`.
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-08-08 15:50:16 +05:30
Luca Casonato
93d479252b
fix(ext/node): add crypto.diffieHellman ( #24938 )
...
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
Closes #21806
2024-08-08 15:05:29 +05:30
Luca Casonato
4fa8869f24
feat(ext/node): rewrite crypto keys ( #24463 )
...
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:
- **Signing**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC
- ED25519 🆕
- **Verifying**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- ED25519 🆕
- **Private key import**
- Passphrase encrypted private keys 🆕
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- DSA 🆕
- EC
- PEM
- DER (SEC1) 🆕
- DER (PKCS#8) 🆕
- X25519 🆕
- ED25519 🆕
- DH
- **Public key import**
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Private key export**
- RSA 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Public key export**
- RSA
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Key pair generation**
- Overhauled, but supported APIs unchanged
This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).
Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
2024-08-07 08:43:58 +02:00
Andreas Deininger
ea121c9a0e
docs: fix typos ( #24820 )
...
This PR fixes various typos I spotted in the project.
2024-08-02 13:26:54 +02:00
Luca Casonato
f1fc708d81
fix(ext/crypto): respect offsets when writing into ab views in randomFillSync ( #24816 )
2024-08-01 09:38:46 +02:00
Luca Casonato
08e5606c34
fix(ext/node): rewrite digest handling ( #24392 )
...
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.
It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.
It also adds support for `md5-sha1` digests in
various places.
2024-07-05 10:10:22 +02:00
