3 files changed, 39 insertions, 5 deletions
diff --git a/ext/node/Cargo.toml b/ext/node/Cargo.toml
index b555111cd..1cd742def 100644
--- a/ext/node/Cargo.toml
+++ b/ext/node/Cargo.toml
@@ -18,6 +18,7 @@ aes.workspace = true
 cbc.workspace = true
 deno_core.workspace = true
 digest = { version = "0.10.5", features = ["core-api", "std"] }
+ecb.workspace = true
 hex.workspace = true
 idna = "0.3.0"
 indexmap.workspace = true
diff --git a/ext/node/crypto/cipher.rs b/ext/node/crypto/cipher.rs
index 54cd61132..4f3f7f20d 100644
--- a/ext/node/crypto/cipher.rs
+++ b/ext/node/crypto/cipher.rs
@@ -7,6 +7,7 @@ use aes::cipher::KeyIvInit;
 use deno_core::error::type_error;
 use deno_core::error::AnyError;
 use deno_core::Resource;
+use digest::KeyInit;
 
 use std::borrow::Cow;
 use std::cell::RefCell;
@@ -14,12 +15,14 @@ use std::rc::Rc;
 
 enum Cipher {
   Aes128Cbc(Box<cbc::Encryptor<aes::Aes128>>),
-  // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128ECB, Aes128GCM, etc.
+  Aes128Ecb(Box<ecb::Encryptor<aes::Aes128>>),
+  // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128GCM, etc.
 }
 
 enum Decipher {
   Aes128Cbc(Box<cbc::Decryptor<aes::Aes128>>),
-  // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128ECB, Aes128GCM, etc.
+  Aes128Ecb(Box<ecb::Decryptor<aes::Aes128>>),
+  // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128GCM, etc.
 }
 
 pub struct CipherContext {
@@ -99,6 +102,7 @@ impl Cipher {
       "aes-128-cbc" => {
         Aes128Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into())))
       }
+      "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Encryptor::new(key.into()))),
       _ => return Err(type_error(format!("Unknown cipher {algorithm_name}"))),
     })
   }
@@ -113,6 +117,12 @@ impl Cipher {
           encryptor.encrypt_block_b2b_mut(input.into(), output.into());
         }
       }
+      Aes128Ecb(encryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          encryptor.encrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
     }
   }
 
@@ -127,6 +137,12 @@ impl Cipher {
           .map_err(|_| type_error("Cannot pad the input data"))?;
         Ok(())
       }
+      Aes128Ecb(encryptor) => {
+        let _ = (*encryptor)
+          .encrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot pad the input data"))?;
+        Ok(())
+      }
     }
   }
 }
@@ -142,6 +158,7 @@ impl Decipher {
       "aes-128-cbc" => {
         Aes128Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into())))
       }
+      "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Decryptor::new(key.into()))),
       _ => return Err(type_error(format!("Unknown cipher {algorithm_name}"))),
     })
   }
@@ -156,6 +173,12 @@ impl Decipher {
           decryptor.decrypt_block_b2b_mut(input.into(), output.into());
         }
       }
+      Aes128Ecb(decryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          decryptor.decrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
     }
   }
 
@@ -170,6 +193,12 @@ impl Decipher {
           .map_err(|_| type_error("Cannot unpad the input data"))?;
         Ok(())
       }
+      Aes128Ecb(decryptor) => {
+        let _ = (*decryptor)
+          .decrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot unpad the input data"))?;
+        Ok(())
+      }
     }
   }
 }
diff --git a/ext/node/polyfills/internal/crypto/cipher.ts b/ext/node/polyfills/internal/crypto/cipher.ts
index 670c1bcce..050cf5904 100644
--- a/ext/node/polyfills/internal/crypto/cipher.ts
+++ b/ext/node/polyfills/internal/crypto/cipher.ts
@@ -18,7 +18,7 @@ import type {
 } from "ext:deno_node/internal/crypto/types.ts";
 import { getDefaultEncoding } from "ext:deno_node/internal/crypto/util.ts";
 
-const { ops } = globalThis.__bootstrap.core;
+const { ops, encode } = globalThis.__bootstrap.core;
 
 export type CipherCCMTypes =
   | "aes-128-ccm"
@@ -116,6 +116,10 @@ export interface DecipherOCB extends Decipher {
   ): this;
 }
 
+function toU8(input: string | Uint8Array): Uint8Array {
+  return typeof input === "string" ? encode(input) : input;
+}
+
 export class Cipheriv extends Transform implements Cipher {
   /** CipherContext resource id */
   #context: number;
@@ -141,7 +145,7 @@ export class Cipheriv extends Transform implements Cipher {
       ...options,
     });
     this.#cache = new BlockModeCache(false);
-    this.#context = ops.op_node_create_cipheriv(cipher, key, iv);
+    this.#context = ops.op_node_create_cipheriv(cipher, toU8(key), toU8(iv));
   }
 
   final(encoding: string = getDefaultEncoding()): Buffer | string {
@@ -257,7 +261,7 @@ export class Decipheriv extends Transform implements Cipher {
       ...options,
     });
     this.#cache = new BlockModeCache(true);
-    this.#context = ops.op_node_create_decipheriv(cipher, key, iv);
+    this.#context = ops.op_node_create_decipheriv(cipher, toU8(key), toU8(iv));
   }
 
   final(encoding: string = getDefaultEncoding()): Buffer | string {