feat(ext/crypto): implement AES-CBC encryption & decryption (#12123)

* initial stuff

* stuff

* merge stuff

* cleanup

* fmt

* length

* update lockfile

* decrypt

* fixy

* clippy hello?

* hmm

* fixs

* fix lint

* add AesCbcParams

* fixes

* fixy

* lockfile fixy

* fix dumb assertions

* re run CI

* rerun CI

* rerun CI

1 files changed, 71 insertions, 0 deletions

diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
index 4b4770e13..85849153d 100644
--- a/ext/crypto/00_crypto.js
+++ b/ext/crypto/00_crypto.js
@@ -117,9 +117,11 @@
     },
     "encrypt": {
       "RSA-OAEP": "RsaOaepParams",
+      "AES-CBC": "AesCbcParams",
     },
     "decrypt": {
       "RSA-OAEP": "RsaOaepParams",
+      "AES-CBC": "AesCbcParams",
     },
     "wrapKey": {
       // TODO(@littledivy): Enable this once implemented.
@@ -440,6 +442,41 @@
           // 6.
           return cipherText.buffer;
         }
+        case "AES-CBC": {
+          if (ArrayBufferIsView(normalizedAlgorithm.iv)) {
+            normalizedAlgorithm.iv = new Uint8Array(
+              normalizedAlgorithm.iv.buffer,
+              normalizedAlgorithm.iv.byteOffset,
+              normalizedAlgorithm.iv.byteLength,
+            );
+          } else {
+            normalizedAlgorithm.iv = new Uint8Array(
+              normalizedAlgorithm.iv,
+            );
+          }
+          normalizedAlgorithm.iv = TypedArrayPrototypeSlice(
+            normalizedAlgorithm.iv,
+          );
+
+          // 1.
+          if (normalizedAlgorithm.iv.byteLength !== 16) {
+            throw new DOMException(
+              "Initialization vector must be 16 bytes",
+              "OperationError",
+            );
+          }
+
+          // 2.
+          const cipherText = await core.opAsync("op_crypto_encrypt_key", {
+            key: keyData,
+            algorithm: "AES-CBC",
+            length: key[_algorithm].length,
+            iv: normalizedAlgorithm.iv,
+          }, data);
+
+          // 4.
+          return cipherText.buffer;
+        }
         default:
           throw new DOMException("Not implemented", "NotSupportedError");
       }
@@ -524,6 +561,40 @@
           // 6.
           return plainText.buffer;
         }
+        case "AES-CBC": {
+          if (ArrayBufferIsView(normalizedAlgorithm.iv)) {
+            normalizedAlgorithm.iv = new Uint8Array(
+              normalizedAlgorithm.iv.buffer,
+              normalizedAlgorithm.iv.byteOffset,
+              normalizedAlgorithm.iv.byteLength,
+            );
+          } else {
+            normalizedAlgorithm.iv = new Uint8Array(
+              normalizedAlgorithm.iv,
+            );
+          }
+          normalizedAlgorithm.iv = TypedArrayPrototypeSlice(
+            normalizedAlgorithm.iv,
+          );
+
+          // 1.
+          if (normalizedAlgorithm.iv.byteLength !== 16) {
+            throw new DOMException(
+              "Counter must be 16 bytes",
+              "OperationError",
+            );
+          }
+
+          const plainText = await core.opAsync("op_crypto_decrypt_key", {
+            key: keyData,
+            algorithm: "AES-CBC",
+            iv: normalizedAlgorithm.iv,
+            length: key[_algorithm].length,
+          }, data);
+
+          // 6.
+          return plainText.buffer;
+        }
         default:
           throw new DOMException("Not implemented", "NotSupportedError");
       }