diff options
| author | Divy Srivastava <dj.srivastava23@gmail.com> | 2023-09-05 22:31:50 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-06 11:01:50 +0530 |
| commit | 9befa566ec3ef4594fd7ffb2cbdf5b34d9705e16 (patch) | |
| tree | b70936cb5bb1e1f73a84ccf3dc9f5edfe085f7a3 /ext/node/ops/crypto/mod.rs | |
| parent | a0af53fea134f712408fa2d2d20078dd8ca7d0e6 (diff) | |
fix(ext/node): implement AES GCM cipher (#20368)
Adds support for AES-GCM 128/256 bit keys in `node:crypto` and
`setAAD()`, `setAuthTag()` and `getAuthTag()`
Uses https://github.com/littledivy/aead-gcm-stream
Fixes https://github.com/denoland/deno/issues/19836
https://github.com/denoland/deno/issues/20353
Diffstat (limited to 'ext/node/ops/crypto/mod.rs')
| -rw-r--r-- | ext/node/ops/crypto/mod.rs | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/ext/node/ops/crypto/mod.rs b/ext/node/ops/crypto/mod.rs index c0b4f55f8..ce2ff0ebc 100644 --- a/ext/node/ops/crypto/mod.rs +++ b/ext/node/ops/crypto/mod.rs @@ -236,6 +236,20 @@ pub fn op_node_create_cipheriv( } #[op(fast)] +pub fn op_node_cipheriv_set_aad( + state: &mut OpState, + rid: u32, + aad: &[u8], +) -> bool { + let context = match state.resource_table.get::<cipher::CipherContext>(rid) { + Ok(context) => context, + Err(_) => return false, + }; + context.set_aad(aad); + true +} + +#[op(fast)] pub fn op_node_cipheriv_encrypt( state: &mut OpState, rid: u32, @@ -256,7 +270,7 @@ pub fn op_node_cipheriv_final( rid: u32, input: &[u8], output: &mut [u8], -) -> Result<(), AnyError> { +) -> Result<Option<Vec<u8>>, AnyError> { let context = state.resource_table.take::<cipher::CipherContext>(rid)?; let context = Rc::try_unwrap(context) .map_err(|_| type_error("Cipher context is already in use"))?; @@ -279,6 +293,20 @@ pub fn op_node_create_decipheriv( } #[op(fast)] +pub fn op_node_decipheriv_set_aad( + state: &mut OpState, + rid: u32, + aad: &[u8], +) -> bool { + let context = match state.resource_table.get::<cipher::DecipherContext>(rid) { + Ok(context) => context, + Err(_) => return false, + }; + context.set_aad(aad); + true +} + +#[op(fast)] pub fn op_node_decipheriv_decrypt( state: &mut OpState, rid: u32, @@ -299,11 +327,12 @@ pub fn op_node_decipheriv_final( rid: u32, input: &[u8], output: &mut [u8], + auth_tag: &[u8], ) -> Result<(), AnyError> { let context = state.resource_table.take::<cipher::DecipherContext>(rid)?; let context = Rc::try_unwrap(context) .map_err(|_| type_error("Cipher context is already in use"))?; - context.r#final(input, output) + context.r#final(input, output, auth_tag) } #[op] |