fix(ext/node): implement asymmetric keygen (#18651)

Towards #18455 This commit implements the keypair generation for asymmetric keys for the `generateKeyPair` API. See how key material is managed in this implementation: https://www.notion.so/denolandinc/node-crypto-design-99fc33f568d24e47a5e4b36002c5325d?pvs=4 Private and public key encoding depend on `KeyObject#export` which is not implemented. I've also skipped ED448 and X448 since we need a crate for that in WebCrypto too.
author: Divy Srivastava <dj.srivastava23@gmail.com> 2023-04-19 22:27:34 +0530
committer: GitHub <noreply@github.com> 2023-04-19 22:27:34 +0530
commit: 9496dfc68558a0d6e9fa0a3bf1fbde9883a88d07 (patch)
tree: fd37f0f325e288c7cf4a48426481d8553c38f6ef /cli/tests/unit_node/crypto_key.ts
parent: 53c9f5918cd07237c20b086945d4604baf1900fb (diff)
1 files changed, 159 insertions, 2 deletions
diff --git a/cli/tests/unit_node/crypto_key.ts b/cli/tests/unit_node/crypto_key.ts
index d1a33db9e..49d81003f 100644
--- a/cli/tests/unit_node/crypto_key.ts
+++ b/cli/tests/unit_node/crypto_key.ts
@@ -1,9 +1,39 @@
+// deno-lint-ignore-file no-explicit-any
+
 // Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
-import { createSecretKey, randomBytes } from "node:crypto";
+import {
+  createSecretKey,
+  generateKeyPair,
+  generateKeyPairSync,
+  KeyObject,
+  randomBytes,
+} from "node:crypto";
+import { promisify } from "node:util";
 import { Buffer } from "node:buffer";
-import { assertEquals } from "../../../test_util/std/testing/asserts.ts";
+import {
+  assertEquals,
+  assertThrows,
+} from "../../../test_util/std/testing/asserts.ts";
 import { createHmac } from "node:crypto";
 
+const generateKeyPairAsync = promisify(
+  (
+    type: any,
+    options: any,
+    callback: (
+      err: Error | null,
+      key: { publicKey: KeyObject; privateKey: KeyObject },
+    ) => void,
+  ) =>
+    generateKeyPair(
+      type,
+      options,
+      (err: Error | null, publicKey: KeyObject, privateKey: KeyObject) => {
+        callback(err, { publicKey, privateKey });
+      },
+    ),
+);
+
 Deno.test({
   name: "create secret key",
   fn() {
@@ -45,3 +75,130 @@ Deno.test({
     );
   },
 });
+
+for (const type of ["rsa", "rsa-pss", "dsa"]) {
+  for (const modulusLength of [2048, 3072]) {
+    Deno.test({
+      name: `generate ${type} key`,
+      fn() {
+        const { publicKey, privateKey } = generateKeyPairSync(type as any, {
+          modulusLength,
+        });
+
+        assertEquals(publicKey.type, "public");
+        assertEquals(privateKey.type, "private");
+      },
+    });
+
+    Deno.test({
+      name: `generate ${type} key async`,
+      async fn() {
+        const x = await generateKeyPairAsync(type as any, {
+          modulusLength,
+        });
+        const { publicKey, privateKey } = x;
+        assertEquals(publicKey.type, "public");
+        assertEquals(privateKey.type, "private");
+      },
+    });
+  }
+}
+
+for (const namedCurve of ["P-384", "P-256"]) {
+  Deno.test({
+    name: `generate ec key ${namedCurve}`,
+    fn() {
+      const { publicKey, privateKey } = generateKeyPairSync("ec", {
+        namedCurve,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+
+  Deno.test({
+    name: `generate ec key ${namedCurve} async`,
+    async fn() {
+      const { publicKey, privateKey } = await generateKeyPairAsync("ec", {
+        namedCurve,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+
+  Deno.test({
+    name: `generate ec key ${namedCurve} paramEncoding=explicit fails`,
+    fn() {
+      assertThrows(() => {
+        // @ts-ignore: @types/node is broken?
+        generateKeyPairSync("ec", {
+          namedCurve,
+          paramEncoding: "explicit",
+        });
+      });
+    },
+  });
+}
+
+for (
+  const groupName of ["modp5", "modp14", "modp15", "modp16", "modp17", "modp18"]
+) {
+  Deno.test({
+    name: `generate dh key ${groupName}`,
+    fn() {
+      // @ts-ignore: @types/node is broken?
+      const { publicKey, privateKey } = generateKeyPairSync("dh", {
+        group: groupName,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+
+  Deno.test({
+    name: `generate dh key ${groupName} async`,
+    async fn() {
+      // @ts-ignore: @types/node is broken?
+      const { publicKey, privateKey } = await generateKeyPairAsync("dh", {
+        group: groupName,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+}
+
+for (const primeLength of [1024, 2048, 4096]) {
+  Deno.test({
+    name: `generate dh key ${primeLength}`,
+    fn() {
+      // @ts-ignore: @types/node is broken?
+      const { publicKey, privateKey } = generateKeyPairSync("dh", {
+        primeLength,
+        generator: 2,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+
+  Deno.test({
+    name: `generate dh key ${primeLength} async`,
+    async fn() {
+      // @ts-ignore: @types/node is broken?
+      const { publicKey, privateKey } = await generateKeyPairAsync("dh", {
+        primeLength,
+        generator: 2,
+      });
+
+      assertEquals(publicKey.type, "public");
+      assertEquals(privateKey.type, "private");
+    },
+  });
+}
author	Divy Srivastava <dj.srivastava23@gmail.com>	2023-04-19 22:27:34 +0530
committer	GitHub <noreply@github.com>	2023-04-19 22:27:34 +0530
commit	9496dfc68558a0d6e9fa0a3bf1fbde9883a88d07 (patch)
tree	fd37f0f325e288c7cf4a48426481d8553c38f6ef /cli/tests/unit_node/crypto_key.ts
parent	53c9f5918cd07237c20b086945d4604baf1900fb (diff)