diff options
Diffstat (limited to 'ext/node')
| -rw-r--r-- | ext/node/lib.rs | 1 | ||||
| -rw-r--r-- | ext/node/ops/crypto/keys.rs | 73 | ||||
| -rw-r--r-- | ext/node/polyfills/internal/crypto/keys.ts | 28 |
3 files changed, 101 insertions, 1 deletions
diff --git a/ext/node/lib.rs b/ext/node/lib.rs index bf7db1475..3ec2d26bf 100644 --- a/ext/node/lib.rs +++ b/ext/node/lib.rs @@ -233,6 +233,7 @@ deno_core::extension!(deno_node, ops::crypto::op_node_verify_ed25519, ops::crypto::keys::op_node_create_private_key, ops::crypto::keys::op_node_create_ed_raw, + ops::crypto::keys::op_node_create_rsa_jwk, ops::crypto::keys::op_node_create_ec_jwk, ops::crypto::keys::op_node_create_public_key, ops::crypto::keys::op_node_create_secret_key, diff --git a/ext/node/ops/crypto/keys.rs b/ext/node/ops/crypto/keys.rs index 7334fb8eb..cc011dfad 100644 --- a/ext/node/ops/crypto/keys.rs +++ b/ext/node/ops/crypto/keys.rs @@ -582,6 +582,61 @@ impl KeyObjectHandle { Ok(KeyObjectHandle::AsymmetricPublic(key)) } + pub fn new_rsa_jwk( + jwk: RsaJwkKey, + is_public: bool, + ) -> Result<KeyObjectHandle, AnyError> { + use base64::prelude::BASE64_URL_SAFE_NO_PAD; + + let n = BASE64_URL_SAFE_NO_PAD.decode(jwk.n.as_bytes())?; + let e = BASE64_URL_SAFE_NO_PAD.decode(jwk.e.as_bytes())?; + + if is_public { + let public_key = RsaPublicKey::new( + rsa::BigUint::from_bytes_be(&n), + rsa::BigUint::from_bytes_be(&e), + )?; + + Ok(KeyObjectHandle::AsymmetricPublic(AsymmetricPublicKey::Rsa( + public_key, + ))) + } else { + let d = BASE64_URL_SAFE_NO_PAD.decode( + jwk + .d + .ok_or_else(|| type_error("missing RSA private component"))? + .as_bytes(), + )?; + let p = BASE64_URL_SAFE_NO_PAD.decode( + jwk + .p + .ok_or_else(|| type_error("missing RSA private component"))? + .as_bytes(), + )?; + let q = BASE64_URL_SAFE_NO_PAD.decode( + jwk + .q + .ok_or_else(|| type_error("missing RSA private component"))? + .as_bytes(), + )?; + + let mut private_key = RsaPrivateKey::from_components( + rsa::BigUint::from_bytes_be(&n), + rsa::BigUint::from_bytes_be(&e), + rsa::BigUint::from_bytes_be(&d), + vec![ + rsa::BigUint::from_bytes_be(&p), + rsa::BigUint::from_bytes_be(&q), + ], + )?; + private_key.precompute()?; // precompute CRT params + + Ok(KeyObjectHandle::AsymmetricPrivate( + AsymmetricPrivateKey::Rsa(private_key), + )) + } + } + pub fn new_ec_jwk( jwk: &JwkEcKey, is_public: bool, @@ -1178,6 +1233,24 @@ pub fn op_node_create_ed_raw( KeyObjectHandle::new_ed_raw(curve, key, is_public) } +#[derive(serde::Deserialize)] +pub struct RsaJwkKey { + n: String, + e: String, + d: Option<String>, + p: Option<String>, + q: Option<String>, +} + +#[op2] +#[cppgc] +pub fn op_node_create_rsa_jwk( + #[serde] jwk: RsaJwkKey, + is_public: bool, +) -> Result<KeyObjectHandle, AnyError> { + KeyObjectHandle::new_rsa_jwk(jwk, is_public) +} + #[op2] #[cppgc] pub fn op_node_create_ec_jwk( diff --git a/ext/node/polyfills/internal/crypto/keys.ts b/ext/node/polyfills/internal/crypto/keys.ts index 49a618b65..c91c23cc3 100644 --- a/ext/node/polyfills/internal/crypto/keys.ts +++ b/ext/node/polyfills/internal/crypto/keys.ts @@ -16,6 +16,7 @@ import { op_node_create_ed_raw, op_node_create_private_key, op_node_create_public_key, + op_node_create_rsa_jwk, op_node_create_secret_key, op_node_derive_public_key_from_private_key, op_node_export_private_key_der, @@ -324,7 +325,32 @@ function getKeyObjectHandleFromJwk(key, ctx) { return op_node_create_ec_jwk(key, isPublic); } - throw new TypeError("rsa jwk imports not implemented"); + // RSA + validateString(key.n, "key.n"); + validateString(key.e, "key.e"); + + const jwk = { + kty: key.kty, + n: key.n, + e: key.e, + }; + + if (!isPublic) { + validateString(key.d, "key.d"); + validateString(key.p, "key.p"); + validateString(key.q, "key.q"); + validateString(key.dp, "key.dp"); + validateString(key.dq, "key.dq"); + validateString(key.qi, "key.qi"); + jwk.d = key.d; + jwk.p = key.p; + jwk.q = key.q; + jwk.dp = key.dp; + jwk.dq = key.dq; + jwk.qi = key.qi; + } + + return op_node_create_rsa_jwk(jwk, isPublic); } export function prepareAsymmetricKey( |