Daniel Osvaldo Rahmanto
328d5ef2a0
fix(ext/node): accept ArrayBuffer on crypto.timingSafeEqual ( #30773 )
...
ci / test release macos-aarch64 (push) Blocked by required conditions
ci / bench release linux-x86_64 (push) Blocked by required conditions
ci / lint debug linux-x86_64 (push) Blocked by required conditions
ci / lint debug macos-x86_64 (push) Blocked by required conditions
ci / lint debug windows-x86_64 (push) Blocked by required conditions
ci / test debug linux-x86_64 (push) Blocked by required conditions
ci / test release linux-x86_64 (push) Blocked by required conditions
ci / test debug macos-x86_64 (push) Blocked by required conditions
ci / test release macos-x86_64 (push) Blocked by required conditions
ci / test debug windows-x86_64 (push) Blocked by required conditions
ci / test release windows-x86_64 (push) Blocked by required conditions
ci / build libs (push) Blocked by required conditions
ci / pre-build (push) Waiting to run
ci / test debug linux-aarch64 (push) Blocked by required conditions
ci / test release linux-aarch64 (push) Blocked by required conditions
ci / test debug macos-aarch64 (push) Blocked by required conditions
ci / publish canary (push) Blocked by required conditions
Fixes #30759
The buffer validation is based on Node.js implementation:
591ba692bf/src/crypto/crypto_util.h (L467-L472)
2025-09-18 16:51:56 +02:00
gitstart-app[bot]
6314c3c46d
fix(ext/node): crypto.hkdfSync returns wrong result for non-Uint8Array TypedArray inputs ( #30463 )
...
ci / pre-build (push) Has been cancelled
ci / build libs (push) Has been cancelled
ci / publish canary (push) Has been cancelled
ci / test debug linux-aarch64 (push) Has been cancelled
ci / test release linux-aarch64 (push) Has been cancelled
ci / test debug macos-aarch64 (push) Has been cancelled
ci / test release macos-aarch64 (push) Has been cancelled
ci / bench release linux-x86_64 (push) Has been cancelled
ci / lint debug linux-x86_64 (push) Has been cancelled
ci / lint debug macos-x86_64 (push) Has been cancelled
ci / lint debug windows-x86_64 (push) Has been cancelled
ci / test debug linux-x86_64 (push) Has been cancelled
ci / test release linux-x86_64 (push) Has been cancelled
ci / test debug macos-x86_64 (push) Has been cancelled
ci / test release macos-x86_64 (push) Has been cancelled
ci / test debug windows-x86_64 (push) Has been cancelled
ci / test release windows-x86_64 (push) Has been cancelled
The original HKDF implementation incorrectly handled
TypedArrays by converting them through the toBuf() function, which only
handles strings and Buffers. This caused TypedArrays to be processed
incorrectly, losing their actual byte representation.
Closes https://github.com/denoland/deno/issues/29913
---------
Co-authored-by: gitstart-app[bot] <80938352+gitstart-app[bot]@users.noreply.github.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2025-08-23 11:56:19 +02:00
Yoshiya Hinosawa
538f8870dc
fix(ext/node): support KeyObject in publicEncrypt/privateDecrypt ( #29798 )
2025-06-19 09:48:29 +09:00
Yoshiya Hinosawa
413aa404f9
fix(ext/node): add key length validation in DiffieHellman.prototype.computeSecret ( #29757 )
2025-06-16 21:32:05 +09:00
Yoshiya Hinosawa
a756a7bf8e
fix(ext/node): fix prototype of asymmetricKeyDetails of AsymmetricKeyObject ( #29576 )
2025-06-03 21:45:28 +09:00
Divy Srivastava
acd0c94b46
fix(ext/node): add AES CTR to supported ciphers list ( #29273 )
...
Fix https://github.com/denoland/deno/issues/29047
2025-05-13 09:45:36 +05:30
Divy Srivastava
b26c30d938
fix(ext/node): return Buffer from crypto cipher APIs ( #28826 )
...
Fixes https://github.com/denoland/deno/issues/28633
2025-04-10 08:01:30 +00:00
Arsh
447b5038c0
fix(ext/node): alias shake-128 and shake-256 hash algorithms ( #28451 )
...
Fixes #28442
---------
Signed-off-by: Arsh <69170106+lilnasy@users.noreply.github.com>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2025-04-10 07:58:44 +00:00
Divy Srivastava
648ee8f0e7
fix(ext/node): decipherIv() range error on invalid final block length ( #28215 )
...
Fixes https://github.com/denoland/deno/issues/28208
2025-02-21 04:48:38 +00:00
Divy Srivastava
a401a79c75
fix(ext/node): fix missing privateKey.x in curve25519 JWK ( #27990 )
...
Fixes https://github.com/denoland/deno/issues/27972
2025-02-06 12:11:42 +05:30
Divy Srivastava
79fa6028d1
fix(ext/node): implement crypto.hash ( #27858 )
...
Implement
[`crypto.hash`](https://nodejs.org/api/crypto.html#cryptohashalgorithm-data-outputencoding )
- one-shot version of `createHash`
Fixes #24945
2025-01-29 20:49:43 +05:30
Nathan Whitaker
094e268002
fix(ext/node): implement aes-128-ctr, aes-192-ctr, and aes-256-ctr ( #27630 )
...
Fixes https://github.com/denoland/deno/issues/24864
Need to add some tests, also unsure about the right counter size (went
with 128 bit to be safe)
---------
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
2025-01-27 23:35:51 -08:00
Divy Srivastava
533993efcf
fix(ext/node): implement X509Certificate#checkHost ( #27821 )
...
Fixes https://github.com/denoland/deno/issues/27619
2025-01-27 16:33:03 +05:30
Divy Srivastava
f678a17313
fix(ext/node): fix panic when invalid AES GCM key size ( #27818 )
...
Fixes https://github.com/denoland/deno/issues/27807
2025-01-27 16:32:25 +05:30
Divy Srivastava
1efc77331c
fix(ext/node): scrypt panic when log_n > 64 ( #27816 )
...
Throws an error instead of panic. Ref
https://github.com/denoland/deno/issues/27716
2025-01-27 09:12:51 +05:30
Divy Srivastava
4f27d7cdc0
fix(ext/node): GCM auth tag check on DechiperIv#final ( #27733 )
2025-01-20 18:16:44 +05:30
Kenta Moriuchi
8fb073d7b4
chore: Happy New Year 2025 ( #27509 )
2024-12-31 19:12:39 +00:00
Bartek Iwańczuk
1cd36009b0
fix(ext/node): support private key export in JWK format ( #27325 )
...
Closes https://github.com/denoland/deno/issues/26643
---------
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-12-31 13:49:02 +01:00
Yoshiya Hinosawa
c45d0dadb3
fix(ext/node): add support of any length IV for aes-(128|256)-gcm ciphers ( #27476 )
2024-12-27 17:46:01 +09:00
Divy Srivastava
6061f22abd
fix(ext/node): RangeError timingSafeEqual with different byteLength ( #27470 )
...
Fixes https://github.com/denoland/deno/issues/27214
2024-12-27 11:20:49 +05:30
Yoshiya Hinosawa
91150706d8
fix(ext/node): make getCiphers return supported ciphers ( #27466 )
...
Currently we only supports 7 ciphers (`aes-(128|192|256)-ecb` and
`aes-(128|256)-(cbc|gcm)`) in `node:crypto`, but `crypto.getCiphers`
returns other supported cipher names. That confuses `npm:openpgp`
package and causes https://github.com/denoland/deno/issues/26875 .
This PR makes `getCiphers` return actually supported cipher names.
With this change, the example given in #26875 can create private and
public key files.
closes #26875
2024-12-26 13:24:28 +09:00
Marvin Hagemeister
df1d36324f
fix(node/crypto): support promisify on generateKeyPair ( #26913 )
...
Calling `promisify(generateKeyPair)` didn't work as expected. It
requires a custom promisify implementation.
This was easy to fix thanks to the excellent debugging investigation in
https://github.com/denoland/deno/issues/26910
Fixes https://github.com/denoland/deno/issues/26910
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-19 01:39:40 +01:00
Divy Srivastava
21fa953f32
fix(ext/node): timingSafeEqual account for AB byteOffset ( #26292 )
...
Fixes https://github.com/denoland/deno/issues/26276
2024-10-16 14:27:28 +05:30
Divy Srivastava
bbad7c5922
fix(ext/node): compute pem length (upper bound) for key exports ( #26231 )
...
Fixes https://github.com/denoland/deno/issues/26188
2024-10-14 14:24:26 +05:30
Divy Srivastava
e97f00f6f6
fix(ext/node): support x509 certificates in createPublicKey ( #25731 )
...
Fixes https://github.com/denoland/deno/issues/25681
2024-09-19 19:12:23 +05:30
Luca Casonato
81c9e0ba25
fix(ext/crypto): support md4 digest algorithm ( #25656 )
...
Fixes #25646
2024-09-16 11:04:40 +00:00
Yoshiya Hinosawa
3f15e30062
fix(ext/node): fix Decipheriv when autoPadding disabled ( #25598 )
...
This change fixes Decipheriv behavior when autoPadding disabled and enabled.
By this change, the example given in
https://github.com/denoland/deno/issues/20924#issuecomment-2345931295
works in the same way as Node.
closes #20924
2024-09-13 01:13:56 +09:00
Yoshiya Hinosawa
aae3a6bcb4
fix(ext/node): fix Cipheriv#update(string, undefined) ( #25571 )
2024-09-11 19:24:17 +09:00
Yoshiya Hinosawa
ef2d98fe11
fix(ext/node): validate input lengths in Cipheriv and Decipheriv ( #25570 )
...
addresses the first part of #25279
2024-09-11 13:27:07 +09:00
David Sherret
4a5642779e
fix: upgrade deno_ast 0.42 ( #25313 )
2024-08-30 17:12:13 -04:00
Divy Srivastava
0e50bb1d4a
fix(ext/node): import RSA JWK keys ( #25267 )
...
Fixes https://github.com/denoland/deno/issues/24129
2024-08-28 20:56:11 +05:30
Divy Srivastava
b9c144df6f
fix(ext/node): export JWK public key ( #25239 )
...
Fixes https://github.com/denoland/deno/issues/18928
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-08-28 15:03:02 +00:00
Divy Srivastava
553bd7dec3
fix(ext/node): import EC JWK keys ( #25266 )
2024-08-28 19:54:49 +05:30
Divy Srivastava
3394c4df75
fix(ext/node): update aead-gcm-stream to 0.3 ( #25261 )
...
Fixes https://github.com/denoland/deno/issues/25260
Fixes https://github.com/denoland/deno/issues/25254
Fixes https://github.com/denoland/deno/issues/23693
Verified that `web-push` GCM decryption works in the browser. See
`aead-gcm-stream` changes
[here](a9ffd0c07c
2024-08-28 18:34:18 +05:30
Divy Srivastava
d9a7b30d1f
fix(ext/node): import JWK octet key pairs ( #25180 )
...
Ref https://github.com/denoland/deno/issues/24129
`kty: "okp"` is defined in
[rfc8037](https://www.rfc-editor.org/rfc/rfc8037.html )
2024-08-23 22:06:28 +05:30
Kenta Moriuchi
76f4f202e7
chore: update the copyright of c, mjs, and jsx ( #25005 )
2024-08-12 12:41:32 -04:00
Divy Srivastava
d6f662ac82
fix(ext/node): support ieee-p1363 ECDSA signatures and pss salt len ( #24981 )
...
Fixes https://github.com/denoland/deno/issues/22919
2024-08-11 14:59:53 +05:30
Luca Casonato
4fa8869f24
feat(ext/node): rewrite crypto keys ( #24463 )
...
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:
- **Signing**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC
- ED25519 🆕
- **Verifying**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- ED25519 🆕
- **Private key import**
- Passphrase encrypted private keys 🆕
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- DSA 🆕
- EC
- PEM
- DER (SEC1) 🆕
- DER (PKCS#8) 🆕
- X25519 🆕
- ED25519 🆕
- DH
- **Public key import**
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Private key export**
- RSA 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Public key export**
- RSA
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Key pair generation**
- Overhauled, but supported APIs unchanged
This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).
Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
2024-08-07 08:43:58 +02:00
Luca Casonato
f1fc708d81
fix(ext/crypto): respect offsets when writing into ab views in randomFillSync ( #24816 )
2024-08-01 09:38:46 +02:00
Asher Gomez
5f44148e83
chore: update to std@2024.07.19 ( #24715 )
2024-07-25 15:30:28 +10:00
Luca Casonato
08e5606c34
fix(ext/node): rewrite digest handling ( #24392 )
...
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.
It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.
It also adds support for `md5-sha1` digests in
various places.
2024-07-05 10:10:22 +02:00
Luca Casonato
1e8a6b94b1
fix(ext/node): rewrite crypto.Hash ( #24302 )
...
Changes in this PR:
- Added new fixed size hash algorithms (blake2b512, blake2s256,
sha512-224, sha512-256, sha3-224, sha3-256, sha3-384, sha3-512, sm3)
- Added variable size hash algorithms (the concept), with the algorithms
shake128 and shake256
- Use cppgc instead of resources for the hasher
- Enable Node's crypto.Hash tests and fix found bugs
2024-06-24 11:47:12 +02:00
Luca Casonato
e6756c3e66
fix(ext/node): don't panic on invalid utf-8 in pem ( #24303 )
2024-06-21 10:25:07 +00:00
Bartek Iwańczuk
eb218c0f33
chore: upgrade dlint to 0.60.0 ( #24041 )
...
Factoring out `dlint` upgrade from
https://github.com/denoland/deno/pull/24034 as it
requires us to change the lint step on mac to use ARM runners.
---------
Co-authored-by: Luca Casonato <hello@lcas.dev>
Co-authored-by: David Sherret <dsherret@users.noreply.github.com>
2024-06-05 01:09:29 +02:00
Divy Srivastava
b02ffec37c
fix(ext/node): exporting rsa public keys ( #23596 )
...
Initial support for exporting rsa public KeyObject.
Current assumption is that RSA keys are stored in pkcs1 der format in
key storage.
Ref https://github.com/denoland/deno/issues/23471
Ref https://github.com/denoland/deno/issues/18928
Ref https://github.com/denoland/deno/issues/21124
2024-04-29 19:16:38 +05:30
Divy Srivastava
43be97923f
fix(ext/node): handle KeyObject in prepareAsymmetricKey ( #23026 )
...
Fixes https://github.com/denoland/deno/issues/20938
2024-03-22 19:28:28 +05:30
Divy Srivastava
1f60b8af97
fix(ext/node): ECDH.publicKey() point encoding ( #23013 )
2024-03-21 14:11:54 +05:30
Asher Gomez
b0c687c1d2
fix(ext/node): support Diffie-Hellman key type in crypto.createPrivateKey() ( #22984 )
...
Towards #22489
Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
2024-03-19 11:11:01 +05:30
Satya Rohith
becdad531f
fix(ext/node): support public key point encoding in ECDH.generateKeys() ( #22976 )
...
Towards https://github.com/denoland/deno/issues/22921
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2024-03-18 13:20:10 +05:30
Divy Srivastava
b00f076017
fix(ext/node): Support private EC key signing ( #22914 )
...
Fixes https://github.com/denoland/deno/issues/18972
Support for web-push VAPID keys & jws signing
- Fixes EC keygen to return raw private key and uncompressed public key
point.
- Support for `EC PRIVATE KEY`
2024-03-14 14:53:50 +01:00
