feat(ext/crypto): implement encrypt, decrypt & generateKey for RSA-OAEP (#11654)

1 files changed, 84 insertions, 1 deletions

diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index 608e4660a..0e4b17b9a 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -1,4 +1,9 @@
-import { assert, assertEquals, unitTest } from "./test_util.ts";
+import {
+  assert,
+  assertEquals,
+  assertThrowsAsync,
+  unitTest,
+} from "./test_util.ts";
 
 // https://github.com/denoland/deno/issues/11664
 unitTest(async function testImportArrayBufferKey() {
@@ -46,6 +51,7 @@ unitTest(async function testSignVerify() {
       );
 
       const data = new Uint8Array([1, 2, 3]);
+
       const signAlgorithm = { name: algorithm, saltLength: 32 };
 
       const signature = await subtle.sign(
@@ -70,6 +76,83 @@ unitTest(async function testSignVerify() {
   }
 });
 
+// deno-fmt-ignore
+const plainText = new Uint8Array([95, 77, 186, 79, 50, 12, 12, 232, 118, 114, 90, 252, 229, 251, 210, 91, 248, 62, 90, 113, 37, 160, 140, 175, 231, 60, 62, 186, 196, 33, 119, 157, 249, 213, 93, 24, 12, 58, 233, 148, 38, 69, 225, 216, 47, 238, 140, 157, 41, 75, 60, 177, 160, 138, 153, 49, 32, 27, 60, 14, 129, 252, 71, 202, 207, 131, 21, 162, 175, 102, 50, 65, 19, 195, 182, 98, 48, 195, 70, 8, 196, 244, 89, 54, 52, 206, 2, 178, 103, 54, 34, 119, 240, 168, 64, 202, 116, 188, 61, 26, 98, 54, 149, 44, 94, 215, 170, 248, 168, 254, 203, 221, 250, 117, 132, 230, 151, 140, 234, 93, 42, 91, 159, 183, 241, 180, 140, 139, 11, 229, 138, 48, 82, 2, 117, 77, 131, 118, 16, 115, 116, 121, 60, 240, 38, 170, 238, 83, 0, 114, 125, 131, 108, 215, 30, 113, 179, 69, 221, 178, 228, 68, 70, 255, 197, 185, 1, 99, 84, 19, 137, 13, 145, 14, 163, 128, 152, 74, 144, 25, 16, 49, 50, 63, 22, 219, 204, 157, 107, 225, 104, 184, 72, 133, 56, 76, 160, 62, 18, 96, 10, 193, 194, 72, 2, 138, 243, 114, 108, 201, 52, 99, 136, 46, 168, 192, 42, 171]);
+
+// Passing
+const hashPlainTextVector = [
+  {
+    hash: "SHA-1",
+    plainText: plainText.slice(0, 214),
+  },
+  {
+    hash: "SHA-256",
+    plainText: plainText.slice(0, 190),
+  },
+  {
+    hash: "SHA-384",
+    plainText: plainText.slice(0, 158),
+  },
+  {
+    hash: "SHA-512",
+    plainText: plainText.slice(0, 126),
+  },
+];
+
+// TODO(@littledivy): Remove this when we enable WPT for encrypt_decrypt
+unitTest(async function testEncryptDecrypt() {
+  const subtle = window.crypto.subtle;
+  assert(subtle);
+  for (
+    const { hash, plainText } of hashPlainTextVector
+  ) {
+    const keyPair = await subtle.generateKey(
+      {
+        name: "RSA-OAEP",
+        modulusLength: 2048,
+        publicExponent: new Uint8Array([1, 0, 1]),
+        hash,
+      },
+      true,
+      ["encrypt", "decrypt"],
+    );
+
+    const encryptAlgorithm = { name: "RSA-OAEP" };
+    const cipherText = await subtle.encrypt(
+      encryptAlgorithm,
+      keyPair.publicKey,
+      plainText,
+    );
+
+    assert(cipherText);
+    assert(cipherText.byteLength > 0);
+    assertEquals(cipherText.byteLength * 8, 2048);
+    assert(cipherText instanceof ArrayBuffer);
+
+    const decrypted = await subtle.decrypt(
+      encryptAlgorithm,
+      keyPair.privateKey,
+      cipherText,
+    );
+    assert(decrypted);
+    assert(decrypted instanceof ArrayBuffer);
+    assertEquals(new Uint8Array(decrypted), plainText);
+
+    const badPlainText = new Uint8Array(plainText.byteLength + 1);
+    badPlainText.set(plainText, 0);
+    badPlainText.set(new Uint8Array([32]), plainText.byteLength);
+    await assertThrowsAsync(async () => {
+      // Should fail
+      await subtle.encrypt(
+        encryptAlgorithm,
+        keyPair.publicKey,
+        badPlainText,
+      );
+      throw new TypeError("unreachable");
+    }, DOMException);
+  }
+});
+
 unitTest(async function testGenerateRSAKey() {
   const subtle = window.crypto.subtle;
   assert(subtle);