diff options
Diffstat (limited to 'ext/crypto')
| -rw-r--r-- | ext/crypto/00_crypto.js | 28 | ||||
| -rw-r--r-- | ext/crypto/ed25519.rs | 31 | ||||
| -rw-r--r-- | ext/crypto/lib.rs | 28 | ||||
| -rw-r--r-- | ext/crypto/x25519.rs | 20 |
4 files changed, 65 insertions, 42 deletions
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index 1008f4cf6..5253c5784 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -884,7 +884,7 @@ class SubtleCrypto { // https://briansmith.org/rustdoc/src/ring/ec/curve25519/ed25519/signing.rs.html#260 const SIGNATURE_LEN = 32 * 2; // ELEM_LEN + SCALAR_LEN const signature = new Uint8Array(SIGNATURE_LEN); - if (!ops.op_sign_ed25519(keyData, data, signature)) { + if (!ops.op_crypto_sign_ed25519(keyData, data, signature)) { throw new DOMException( "Failed to sign", "OperationError", @@ -1363,7 +1363,7 @@ class SubtleCrypto { ); } - return ops.op_verify_ed25519(keyData, data, signature); + return ops.op_crypto_verify_ed25519(keyData, data, signature); } } @@ -1997,7 +1997,7 @@ async function generateKey(normalizedAlgorithm, extractable, usages) { } const privateKeyData = new Uint8Array(32); const publicKeyData = new Uint8Array(32); - ops.op_generate_x25519_keypair(privateKeyData, publicKeyData); + ops.op_crypto_generate_x25519_keypair(privateKeyData, publicKeyData); const handle = {}; WeakMapPrototypeSet(KEY_STORE, handle, privateKeyData); @@ -2042,7 +2042,7 @@ async function generateKey(normalizedAlgorithm, extractable, usages) { const privateKeyData = new Uint8Array(ED25519_SEED_LEN); const publicKeyData = new Uint8Array(ED25519_PUBLIC_KEY_LEN); if ( - !ops.op_generate_ed25519_keypair(privateKeyData, publicKeyData) + !ops.op_crypto_generate_ed25519_keypair(privateKeyData, publicKeyData) ) { throw new DOMException("Failed to generate key", "OperationError"); } @@ -2179,7 +2179,7 @@ function importKeyEd25519( } const publicKeyData = new Uint8Array(32); - if (!ops.op_import_spki_ed25519(keyData, publicKeyData)) { + if (!ops.op_crypto_import_spki_ed25519(keyData, publicKeyData)) { throw new DOMException("Invalid key data", "DataError"); } @@ -2210,7 +2210,7 @@ function importKeyEd25519( } const privateKeyData = new Uint8Array(32); - if (!ops.op_import_pkcs8_ed25519(keyData, privateKeyData)) { + if (!ops.op_crypto_import_pkcs8_ed25519(keyData, privateKeyData)) { throw new DOMException("Invalid key data", "DataError"); } @@ -2397,7 +2397,7 @@ function importKeyX25519( } const publicKeyData = new Uint8Array(32); - if (!ops.op_import_spki_x25519(keyData, publicKeyData)) { + if (!ops.op_crypto_import_spki_x25519(keyData, publicKeyData)) { throw new DOMException("Invalid key data", "DataError"); } @@ -2428,7 +2428,7 @@ function importKeyX25519( } const privateKeyData = new Uint8Array(32); - if (!ops.op_import_pkcs8_x25519(keyData, privateKeyData)) { + if (!ops.op_crypto_import_pkcs8_x25519(keyData, privateKeyData)) { throw new DOMException("Invalid key data", "DataError"); } @@ -4055,7 +4055,7 @@ function exportKeyEd25519(format, key, innerKey) { ); } - const spkiDer = ops.op_export_spki_ed25519(innerKey); + const spkiDer = ops.op_crypto_export_spki_ed25519(innerKey); return TypedArrayPrototypeGetBuffer(spkiDer); } case "pkcs8": { @@ -4067,7 +4067,7 @@ function exportKeyEd25519(format, key, innerKey) { ); } - const pkcs8Der = ops.op_export_pkcs8_ed25519( + const pkcs8Der = ops.op_crypto_export_pkcs8_ed25519( new Uint8Array([0x04, 0x22, ...new SafeArrayIterator(innerKey)]), ); pkcs8Der[15] = 0x20; @@ -4075,7 +4075,7 @@ function exportKeyEd25519(format, key, innerKey) { } case "jwk": { const x = key[_type] === "private" - ? ops.op_jwk_x_ed25519(innerKey) + ? ops.op_crypto_jwk_x_ed25519(innerKey) : ops.op_crypto_base64url_encode(innerKey); const jwk = { kty: "OKP", @@ -4118,7 +4118,7 @@ function exportKeyX25519(format, key, innerKey) { ); } - const spkiDer = ops.op_export_spki_x25519(innerKey); + const spkiDer = ops.op_crypto_export_spki_x25519(innerKey); return TypedArrayPrototypeGetBuffer(spkiDer); } case "pkcs8": { @@ -4130,7 +4130,7 @@ function exportKeyX25519(format, key, innerKey) { ); } - const pkcs8Der = ops.op_export_pkcs8_x25519( + const pkcs8Der = ops.op_crypto_export_pkcs8_x25519( new Uint8Array([0x04, 0x22, ...new SafeArrayIterator(innerKey)]), ); pkcs8Der[15] = 0x20; @@ -4476,7 +4476,7 @@ async function deriveBits(normalizedAlgorithm, baseKey, length) { const u = WeakMapPrototypeGet(KEY_STORE, uHandle); const secret = new Uint8Array(32); - const isIdentity = ops.op_derive_bits_x25519(k, u, secret); + const isIdentity = ops.op_crypto_derive_bits_x25519(k, u, secret); // 6. if (isIdentity) { diff --git a/ext/crypto/ed25519.rs b/ext/crypto/ed25519.rs index 898366bbc..784583c6b 100644 --- a/ext/crypto/ed25519.rs +++ b/ext/crypto/ed25519.rs @@ -12,7 +12,10 @@ use spki::der::Decode; use spki::der::Encode; #[op(fast)] -pub fn op_generate_ed25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) -> bool { +pub fn op_crypto_generate_ed25519_keypair( + pkey: &mut [u8], + pubkey: &mut [u8], +) -> bool { let mut rng = OsRng; rng.fill_bytes(pkey); @@ -25,7 +28,11 @@ pub fn op_generate_ed25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) -> bool { } #[op(fast)] -pub fn op_sign_ed25519(key: &[u8], data: &[u8], signature: &mut [u8]) -> bool { +pub fn op_crypto_sign_ed25519( + key: &[u8], + data: &[u8], + signature: &mut [u8], +) -> bool { let pair = match Ed25519KeyPair::from_seed_unchecked(key) { Ok(p) => p, Err(_) => return false, @@ -35,7 +42,11 @@ pub fn op_sign_ed25519(key: &[u8], data: &[u8], signature: &mut [u8]) -> bool { } #[op(fast)] -pub fn op_verify_ed25519(pubkey: &[u8], data: &[u8], signature: &[u8]) -> bool { +pub fn op_crypto_verify_ed25519( + pubkey: &[u8], + data: &[u8], + signature: &[u8], +) -> bool { ring::signature::UnparsedPublicKey::new(&ring::signature::ED25519, pubkey) .verify(data, signature) .is_ok() @@ -46,7 +57,7 @@ pub const ED25519_OID: const_oid::ObjectIdentifier = const_oid::ObjectIdentifier::new_unwrap("1.3.101.112"); #[op(fast)] -pub fn op_import_spki_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { +pub fn op_crypto_import_spki_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { // 2-3. let pk_info = match spki::SubjectPublicKeyInfo::from_der(key_data) { Ok(pk_info) => pk_info, @@ -66,7 +77,7 @@ pub fn op_import_spki_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { } #[op(fast)] -pub fn op_import_pkcs8_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { +pub fn op_crypto_import_pkcs8_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { // 2-3. // This should probably use OneAsymmetricKey instead let pk_info = match PrivateKeyInfo::from_der(key_data) { @@ -92,7 +103,9 @@ pub fn op_import_pkcs8_ed25519(key_data: &[u8], out: &mut [u8]) -> bool { } #[op] -pub fn op_export_spki_ed25519(pubkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { +pub fn op_crypto_export_spki_ed25519( + pubkey: &[u8], +) -> Result<ZeroCopyBuf, AnyError> { let key_info = spki::SubjectPublicKeyInfo { algorithm: spki::AlgorithmIdentifier { // id-Ed25519 @@ -105,7 +118,9 @@ pub fn op_export_spki_ed25519(pubkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { } #[op] -pub fn op_export_pkcs8_ed25519(pkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { +pub fn op_crypto_export_pkcs8_ed25519( + pkey: &[u8], +) -> Result<ZeroCopyBuf, AnyError> { // This should probably use OneAsymmetricKey instead let pk_info = rsa::pkcs8::PrivateKeyInfo { public_key: None, @@ -123,7 +138,7 @@ pub fn op_export_pkcs8_ed25519(pkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { // 'x' from Section 2 of RFC 8037 // https://www.rfc-editor.org/rfc/rfc8037#section-2 #[op] -pub fn op_jwk_x_ed25519(pkey: &[u8]) -> Result<String, AnyError> { +pub fn op_crypto_jwk_x_ed25519(pkey: &[u8]) -> Result<String, AnyError> { let pair = Ed25519KeyPair::from_seed_unchecked(pkey)?; Ok(base64::encode_config( pair.public_key().as_ref(), diff --git a/ext/crypto/lib.rs b/ext/crypto/lib.rs index 6056b02a4..695cc3abd 100644 --- a/ext/crypto/lib.rs +++ b/ext/crypto/lib.rs @@ -88,20 +88,20 @@ deno_core::extension!(deno_crypto, op_crypto_unwrap_key, op_crypto_base64url_decode, op_crypto_base64url_encode, - x25519::op_generate_x25519_keypair, - x25519::op_derive_bits_x25519, - x25519::op_import_spki_x25519, - x25519::op_import_pkcs8_x25519, - ed25519::op_generate_ed25519_keypair, - ed25519::op_import_spki_ed25519, - ed25519::op_import_pkcs8_ed25519, - ed25519::op_sign_ed25519, - ed25519::op_verify_ed25519, - ed25519::op_export_spki_ed25519, - ed25519::op_export_pkcs8_ed25519, - ed25519::op_jwk_x_ed25519, - x25519::op_export_spki_x25519, - x25519::op_export_pkcs8_x25519, + x25519::op_crypto_generate_x25519_keypair, + x25519::op_crypto_derive_bits_x25519, + x25519::op_crypto_import_spki_x25519, + x25519::op_crypto_import_pkcs8_x25519, + ed25519::op_crypto_generate_ed25519_keypair, + ed25519::op_crypto_import_spki_ed25519, + ed25519::op_crypto_import_pkcs8_ed25519, + ed25519::op_crypto_sign_ed25519, + ed25519::op_crypto_verify_ed25519, + ed25519::op_crypto_export_spki_ed25519, + ed25519::op_crypto_export_pkcs8_ed25519, + ed25519::op_crypto_jwk_x_ed25519, + x25519::op_crypto_export_spki_x25519, + x25519::op_crypto_export_pkcs8_x25519, ], esm = [ "00_crypto.js", "01_webidl.js" ], options = { diff --git a/ext/crypto/x25519.rs b/ext/crypto/x25519.rs index 0ecdf4ddc..99914e14e 100644 --- a/ext/crypto/x25519.rs +++ b/ext/crypto/x25519.rs @@ -12,7 +12,7 @@ use spki::der::Decode; use spki::der::Encode; #[op(fast)] -pub fn op_generate_x25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) { +pub fn op_crypto_generate_x25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) { // u-coordinate of the base point. const X25519_BASEPOINT_BYTES: [u8; 32] = [ 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -32,7 +32,11 @@ pub fn op_generate_x25519_keypair(pkey: &mut [u8], pubkey: &mut [u8]) { const MONTGOMERY_IDENTITY: MontgomeryPoint = MontgomeryPoint([0; 32]); #[op(fast)] -pub fn op_derive_bits_x25519(k: &[u8], u: &[u8], secret: &mut [u8]) -> bool { +pub fn op_crypto_derive_bits_x25519( + k: &[u8], + u: &[u8], + secret: &mut [u8], +) -> bool { let k: [u8; 32] = k.try_into().expect("Expected byteLength 32"); let u: [u8; 32] = u.try_into().expect("Expected byteLength 32"); let sh_sec = x25519_dalek::x25519(k, u); @@ -49,7 +53,7 @@ pub const X25519_OID: const_oid::ObjectIdentifier = const_oid::ObjectIdentifier::new_unwrap("1.3.101.110"); #[op(fast)] -pub fn op_import_spki_x25519(key_data: &[u8], out: &mut [u8]) -> bool { +pub fn op_crypto_import_spki_x25519(key_data: &[u8], out: &mut [u8]) -> bool { // 2-3. let pk_info = match spki::SubjectPublicKeyInfo::from_der(key_data) { Ok(pk_info) => pk_info, @@ -69,7 +73,7 @@ pub fn op_import_spki_x25519(key_data: &[u8], out: &mut [u8]) -> bool { } #[op(fast)] -pub fn op_import_pkcs8_x25519(key_data: &[u8], out: &mut [u8]) -> bool { +pub fn op_crypto_import_pkcs8_x25519(key_data: &[u8], out: &mut [u8]) -> bool { // 2-3. // This should probably use OneAsymmetricKey instead let pk_info = match PrivateKeyInfo::from_der(key_data) { @@ -95,7 +99,9 @@ pub fn op_import_pkcs8_x25519(key_data: &[u8], out: &mut [u8]) -> bool { } #[op] -pub fn op_export_spki_x25519(pubkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { +pub fn op_crypto_export_spki_x25519( + pubkey: &[u8], +) -> Result<ZeroCopyBuf, AnyError> { let key_info = spki::SubjectPublicKeyInfo { algorithm: spki::AlgorithmIdentifier { // id-X25519 @@ -108,7 +114,9 @@ pub fn op_export_spki_x25519(pubkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { } #[op] -pub fn op_export_pkcs8_x25519(pkey: &[u8]) -> Result<ZeroCopyBuf, AnyError> { +pub fn op_crypto_export_pkcs8_x25519( + pkey: &[u8], +) -> Result<ZeroCopyBuf, AnyError> { // This should probably use OneAsymmetricKey instead let pk_info = rsa::pkcs8::PrivateKeyInfo { public_key: None, |