diff options
| -rw-r--r-- | cli/tests/unit/webcrypto_test.ts | 16 | ||||
| -rw-r--r-- | ext/crypto/shared.rs | 31 | ||||
| -rw-r--r-- | tools/wpt/expectation.json | 68 |
3 files changed, 83 insertions, 32 deletions
diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts index ba6aaa327..0e7e2829a 100644 --- a/cli/tests/unit/webcrypto_test.ts +++ b/cli/tests/unit/webcrypto_test.ts @@ -1668,3 +1668,19 @@ Deno.test(async function testAesGcmTagLength() { ); }); }); + +Deno.test(async function ecPrivateKeyMaterialExportSpki() { + // `generateKey` generates a key pair internally stored as "private" key. + const keys = await crypto.subtle.generateKey( + { name: "ECDSA", namedCurve: "P-256" }, + true, + ["sign", "verify"], + ); + + assert(keys.privateKey instanceof CryptoKey); + assert(keys.publicKey instanceof CryptoKey); + + // `exportKey` should be able to perform necessary conversion to export spki. + const spki = await crypto.subtle.exportKey("spki", keys.publicKey); + assert(spki instanceof ArrayBuffer); +}); diff --git a/ext/crypto/shared.rs b/ext/crypto/shared.rs index de287efb0..052744248 100644 --- a/ext/crypto/shared.rs +++ b/ext/crypto/shared.rs @@ -4,12 +4,16 @@ use deno_core::error::custom_error; use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::ZeroCopyBuf; +use elliptic_curve::sec1::ToEncodedPoint; +use p256::pkcs8::FromPrivateKey; use rsa::pkcs1::FromRsaPrivateKey; use rsa::pkcs1::ToRsaPublicKey; use rsa::RsaPrivateKey; use serde::Deserialize; use serde::Serialize; +use crate::ec_key::ECPrivateKey; + pub const RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier = rsa::pkcs8::ObjectIdentifier::new("1.2.840.113549.1.1.1"); pub const SHA1_RSA_ENCRYPTION_OID: rsa::pkcs8::ObjectIdentifier = @@ -112,9 +116,15 @@ impl RawKeyData { RawKeyData::Public(data) => { // public_key is a serialized EncodedPoint p256::EncodedPoint::from_bytes(&data) - .map_err(|_| type_error("expected valid private EC key")) + .map_err(|_| type_error("expected valid public EC key")) } - _ => Err(type_error("expected private key")), + RawKeyData::Private(data) => { + let signing_key = p256::SecretKey::from_pkcs8_der(data) + .map_err(|_| type_error("expected valid private EC key"))?; + Ok(signing_key.public_key().to_encoded_point(false)) + } + // Should never reach here. + RawKeyData::Secret(_) => unreachable!(), } } @@ -123,9 +133,22 @@ impl RawKeyData { RawKeyData::Public(data) => { // public_key is a serialized EncodedPoint p384::EncodedPoint::from_bytes(&data) - .map_err(|_| type_error("expected valid private EC key")) + .map_err(|_| type_error("expected valid public EC key")) } - _ => Err(type_error("expected private key")), + RawKeyData::Private(data) => { + let ec_key = ECPrivateKey::<p384::NistP384>::try_from(&**data) + .map_err(|_| { + custom_error( + "DOMExceptionOperationError", + "failed to decode private key", + ) + })?; + let point = p384::EncodedPoint::from_bytes(&ec_key.encoded_point) + .map_err(|_| data_error("expected valid public EC key"))?; + Ok(point) + } + // Should never reach here. + RawKeyData::Secret(_) => unreachable!(), } } diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json index f5cb0171d..56e95fb82 100644 --- a/tools/wpt/expectation.json +++ b/tools/wpt/expectation.json @@ -852,28 +852,28 @@ }, "wrapKey_unwrapKey": { "wrapKey_unwrapKey.https.any.html": [ - "setup", + "Can wrap and unwrap ECDH public key keys using spki and AES-CTR", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR", "Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR", + "Can wrap and unwrap ECDH public key keys using spki and AES-CBC", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC", "Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC", + "Can wrap and unwrap ECDSA public key keys using spki and AES-GCM", + "Can wrap and unwrap ECDSA public key keys using jwk and AES-GCM", "Can wrap and unwrap ECDSA private key keys using pkcs8 and AES-GCM", "Can wrap and unwrap ECDSA private key keys as non-extractable using pkcs8 and AES-GCM", "Can wrap and unwrap ECDSA private key keys using jwk and AES-GCM", "Can wrap and unwrap ECDSA private key keys as non-extractable using jwk and AES-GCM", "Can unwrap ECDSA private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap ECDH public key keys using spki and AES-GCM", + "Can wrap and unwrap ECDH public key keys using jwk and AES-GCM", "Can wrap and unwrap ECDH private key keys using pkcs8 and AES-GCM", "Can wrap and unwrap ECDH private key keys as non-extractable using pkcs8 and AES-GCM", "Can wrap and unwrap ECDH private key keys using jwk and AES-GCM", "Can wrap and unwrap ECDH private key keys as non-extractable using jwk and AES-GCM", "Can unwrap ECDH private key non-extractable keys using jwk and AES-GCM", - "Can wrap and unwrap HMAC keys using raw and AES-GCM", - "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM", - "Can wrap and unwrap HMAC keys using jwk and AES-GCM", - "Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM", - "Can unwrap HMAC non-extractable keys using jwk and AES-GCM", "Can wrap and unwrap AES-CTR keys using raw and AES-GCM", "Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-GCM", "Can wrap and unwrap AES-CTR keys using jwk and AES-GCM", @@ -894,13 +894,11 @@ "Can wrap and unwrap AES-KW keys using jwk and AES-GCM", "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM", "Can unwrap AES-KW non-extractable keys using jwk and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM", - "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM", - "Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap HMAC keys using raw and AES-GCM", + "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM", + "Can wrap and unwrap HMAC keys using jwk and AES-GCM", + "Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM", + "Can unwrap HMAC non-extractable keys using jwk and AES-GCM", "Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM", "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM", "Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM", @@ -915,24 +913,37 @@ "Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM", "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM", "Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM", + "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM", + "Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW", + "Can wrap and unwrap ECDH public key keys using spki and RSA-OAEP", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP", "Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP" ], "wrapKey_unwrapKey.https.any.worker.html": [ - "setup", + "Can wrap and unwrap ECDH public key keys using spki and AES-CTR", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR", "Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR", + "Can wrap and unwrap ECDH public key keys using spki and AES-CBC", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC", "Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC", + "Can wrap and unwrap ECDSA public key keys using spki and AES-GCM", + "Can wrap and unwrap ECDSA public key keys using jwk and AES-GCM", "Can wrap and unwrap ECDSA private key keys using pkcs8 and AES-GCM", "Can wrap and unwrap ECDSA private key keys as non-extractable using pkcs8 and AES-GCM", "Can wrap and unwrap ECDSA private key keys using jwk and AES-GCM", "Can wrap and unwrap ECDSA private key keys as non-extractable using jwk and AES-GCM", "Can unwrap ECDSA private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap ECDH public key keys using spki and AES-GCM", + "Can wrap and unwrap ECDH public key keys using jwk and AES-GCM", "Can wrap and unwrap ECDH private key keys using pkcs8 and AES-GCM", "Can wrap and unwrap ECDH private key keys as non-extractable using pkcs8 and AES-GCM", "Can wrap and unwrap ECDH private key keys using jwk and AES-GCM", @@ -963,20 +974,6 @@ "Can wrap and unwrap AES-KW keys using jwk and AES-GCM", "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM", "Can unwrap AES-KW non-extractable keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM", - "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM", - "Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM", - "Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM", - "Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM", - "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM", - "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM", - "Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM", - "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM", - "Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM", "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM", "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM", "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM", @@ -984,7 +981,22 @@ "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM", "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM", "Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM", + "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM", + "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM", + "Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM", + "Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM", + "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM", + "Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM", + "Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM", + "Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM", + "Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW", + "Can wrap and unwrap ECDH public key keys using spki and RSA-OAEP", "Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP", "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP", "Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP" |