diff options
| author | Divy Srivastava <dj.srivastava23@gmail.com> | 2022-02-08 18:48:28 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-08 18:48:28 +0530 |
| commit | e218d567d5af0f778541c4b81f171d4fb1427db1 (patch) | |
| tree | c782c1c564d36cebaebd5c97d3fca28fc5470998 /ext/crypto/shared.rs | |
| parent | 4799aaac15285833341d1e0471a2559bd325982f (diff) | |
fix(ext/crypto): support EC p256 private key material in exportKey (#13547)
Co-authored-by: Luca Casonato <hello@lcas.dev>
Diffstat (limited to 'ext/crypto/shared.rs')
| -rw-r--r-- | ext/crypto/shared.rs | 31 |
1 files changed, 27 insertions, 4 deletions
diff --git a/ext/crypto/shared.rs b/ext/crypto/shared.rs index de287efb0..052744248 100644 --- a/ext/crypto/shared.rs +++ b/ext/crypto/shared.rs @@ -4,12 +4,16 @@ use deno_core::error::custom_error; use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::ZeroCopyBuf; +use elliptic_curve::sec1::ToEncodedPoint; +use p256::pkcs8::FromPrivateKey; use rsa::pkcs1::FromRsaPrivateKey; use rsa::pkcs1::ToRsaPublicKey; use rsa::RsaPrivateKey; use serde::Deserialize; use serde::Serialize; +use crate::ec_key::ECPrivateKey; + pub const RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier = rsa::pkcs8::ObjectIdentifier::new("1.2.840.113549.1.1.1"); pub const SHA1_RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier = @@ -112,9 +116,15 @@ impl RawKeyData { RawKeyData::Public(data) => { // public_key is a serialized EncodedPoint p256::EncodedPoint::from_bytes(&data) - .map_err(|_| type_error("expected valid private EC key")) + .map_err(|_| type_error("expected valid public EC key")) } - _ => Err(type_error("expected private key")), + RawKeyData::Private(data) => { + let signing_key = p256::SecretKey::from_pkcs8_der(data) + .map_err(|_| type_error("expected valid private EC key"))?; + Ok(signing_key.public_key().to_encoded_point(false)) + } + // Should never reach here. + RawKeyData::Secret(_) => unreachable!(), } } @@ -123,9 +133,22 @@ impl RawKeyData { RawKeyData::Public(data) => { // public_key is a serialized EncodedPoint p384::EncodedPoint::from_bytes(&data) - .map_err(|_| type_error("expected valid private EC key")) + .map_err(|_| type_error("expected valid public EC key")) } - _ => Err(type_error("expected private key")), + RawKeyData::Private(data) => { + let ec_key = ECPrivateKey::<p384::NistP384>::try_from(&**data) + .map_err(|_| { + custom_error( + "DOMExceptionOperationError", + "failed to decode private key", + ) + })?; + let point = p384::EncodedPoint::from_bytes(&ec_key.encoded_point) + .map_err(|_| data_error("expected valid public EC key"))?; + Ok(point) + } + // Should never reach here. + RawKeyData::Secret(_) => unreachable!(), } } |