| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Upgrade to rust 1.82 and LLVM 19 . Removes one webusb test because
`requestAdapter` not working on new ubuntu 24 runners
|
|
Fixes https://github.com/denoland/deno/issues/26480
Ref
https://github.com/denoland/deno_core/commit/d2945fb65bca56ebfa7bb80556a4c8f4330d2315
|
|
Fixes https://github.com/denoland/deno/issues/26188
|
|
Fixes https://github.com/denoland/deno/issues/25681
|
|
Fixes #25646
|
|
addresses the first part of #25279
|
|
Fixes https://github.com/denoland/deno/issues/24129
|
|
Fixes https://github.com/denoland/deno/issues/18928
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
|
|
Fixes https://github.com/denoland/deno/issues/25260
Fixes https://github.com/denoland/deno/issues/25254
Fixes https://github.com/denoland/deno/issues/23693
Verified that `web-push` GCM decryption works in the browser. See
`aead-gcm-stream` changes
[here](https://github.com/littledivy/aead-gcm-stream/commit/a9ffd0c07c14e4b566c87bf51a20ff799b9e7f5e)
|
|
Ref https://github.com/denoland/deno/issues/24129
`kty: "okp"` is defined in
[rfc8037](https://www.rfc-editor.org/rfc/rfc8037.html)
|
|
**Changes**:
- Remove unsafe usage, rewrite Rust representation with `yoke`.
- Implement `X509Certificate.prototype.publicKey()`
Fixes https://github.com/denoland/deno/issues/23307
|
|
Fixes https://github.com/denoland/deno/issues/22919
|
|
|
|
- Return auth tag for GCM ciphers from auto padding shortcircuit
- Use _ring_ for ed25519 signing
---------
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
Co-Authored-By: Luca Casonato <hello@lcas.dev>
Fixes https://github.com/denoland/deno/issues/21804
Ref https://github.com/denoland/deno/issues/20924
---------
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
|
|
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
Closes #21806
|
|
This completely rewrites how we handle key material in ext/node. Changes
in this
PR:
- **Signing**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC
- ED25519 🆕
- **Verifying**
- RSA
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- ED25519 🆕
- **Private key import**
- Passphrase encrypted private keys 🆕
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- DSA 🆕
- EC
- PEM
- DER (SEC1) 🆕
- DER (PKCS#8) 🆕
- X25519 🆕
- ED25519 🆕
- DH
- **Public key import**
- RSA
- PEM
- DER (PKCS#1) 🆕
- DER (PKCS#8) 🆕
- RSA-PSS 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Private key export**
- RSA 🆕
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Public key export**
- RSA
- DSA 🆕
- EC 🆕
- X25519 🆕
- ED25519 🆕
- DH 🆕
- **Key pair generation**
- Overhauled, but supported APIs unchanged
This PR adds a lot of new individual functionality. But most importantly
because
of the new key material representation, it is now trivial to add new
algorithms
(as shown by this PR).
Now, when adding a new algorithm, it is also widely supported - for
example
previously we supported ED25519 key pair generation, but we could not
import,
export, sign or verify with ED25519. We can now do all of those things.
|
|
Previously we had many different code paths all
handling digests in different places, all with
wildly different digest support. This commit
rewrites this to use a single digest handling
mechanism for all digest operations.
It adds various aliases for digest algorithms,
like node does. For example
`sha1WithRSAEncryption` is an alias for `sha1`.
It also adds support for `md5-sha1` digests in
various places.
|
|
- Symbol.asyncDispose no longer needs to be polyfilled
- assorted updates for cppgc api changes
|
|
Changes in this PR:
- Added new fixed size hash algorithms (blake2b512, blake2s256,
sha512-224, sha512-256, sha3-224, sha3-256, sha3-384, sha3-512, sm3)
- Added variable size hash algorithms (the concept), with the algorithms
shake128 and shake256
- Use cppgc instead of resources for the hasher
- Enable Node's crypto.Hash tests and fix found bugs
|
|
|
|
|
|
|
|
Initial support for exporting rsa public KeyObject.
Current assumption is that RSA keys are stored in pkcs1 der format in
key storage.
Ref https://github.com/denoland/deno/issues/23471
Ref https://github.com/denoland/deno/issues/18928
Ref https://github.com/denoland/deno/issues/21124
|
|
|
|
|
|
`crypto.createPrivateKey()` (#22984)
Towards #22489
Signed-off-by: Asher Gomez <ashersaupingomez@gmail.com>
|
|
Towards https://github.com/denoland/deno/issues/22921
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
Fixes https://github.com/denoland/deno/issues/18972
Support for web-push VAPID keys & jws signing
- Fixes EC keygen to return raw private key and uncompressed public key
point.
- Support for `EC PRIVATE KEY`
|
|
|
|
Ref https://github.com/denoland/deno/pull/22511
|
|
Closes #21807
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
(#22882)
Towards fixing #21761
|
|
`cli::util::checksum` was showing up on flame graphs because it was
concatenating allocated strings. We can use `faster-hex` to improve it.
|
|
Towards #21804
|
|
|
|
|
|
Introduces the first cppgc backed Resource into Deno.
This fixes the memory leak when using `X509Certificate`
**Comparison**:
```js
import { X509Certificate } from 'node:crypto';
const r = Deno.readFileSync('cli/tests/node_compat/test/fixtures/keys/agent1-cert.pem');
setInterval(() => {
for (let i = 0; i < 10000; i++) {
const cert = new X509Certificate(r);
}
}, 1000);
```
Memory usage after 5 secs
`main`: 1692MB
`cppgc`: peaks at 400MB
|
|
|
|
|
|
|
|
Add support for signing with a RSA PEM private key: `pkcs8` and `pkcs1`.
Fixes https://github.com/denoland/deno/issues/18972
Ref #21124
Verified fix with `npm:sshpk`. Unverfied but fixes
`npm:google-auth-library`, `npm:web-push` & `oracle/oci-typescript-sdk`
---------
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
|
|
Saves ~40s in fresh debug build
|
|
Towards #18455
|
|
|
|
Ref https://github.com/denoland/deno/issues/18071
|
|
|
|
|
