From d740a9e43dad5b3824c3ff2f4aa66cc57a1db185 Mon Sep 17 00:00:00 2001
From: Divy Srivastava <dj.srivastava23@gmail.com>
Date: Fri, 24 Mar 2023 19:43:26 +0530
Subject: feat(ext/node): implement crypto.createSecretKey (#18413)

This commit adds the `crypto.createSecretKey` API.

Key management: This follows the same approach as our WebCrypto
CryptoKey impl where we use WeakMap for storing key material and a
handle is passed around, such that (only internal) JS can access the key
material and we don't have to explicitly close a Rust resource.

As a result, `createHmac` now accepts a secret KeyObject.

Closes https://github.com/denoland/deno/issues/17844
---
 cli/tests/unit_node/crypto_key.ts | 47 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 cli/tests/unit_node/crypto_key.ts

(limited to 'cli/tests')

diff --git a/cli/tests/unit_node/crypto_key.ts b/cli/tests/unit_node/crypto_key.ts
new file mode 100644
index 000000000..d1a33db9e
--- /dev/null
+++ b/cli/tests/unit_node/crypto_key.ts
@@ -0,0 +1,47 @@
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+import { createSecretKey, randomBytes } from "node:crypto";
+import { Buffer } from "node:buffer";
+import { assertEquals } from "../../../test_util/std/testing/asserts.ts";
+import { createHmac } from "node:crypto";
+
+Deno.test({
+  name: "create secret key",
+  fn() {
+    const key = createSecretKey(Buffer.alloc(0));
+    assertEquals(key.type, "secret");
+    assertEquals(key.asymmetricKeyType, undefined);
+    assertEquals(key.symmetricKeySize, 0);
+  },
+});
+
+Deno.test({
+  name: "export secret key",
+  fn() {
+    const material = Buffer.from(randomBytes(32));
+    const key = createSecretKey(material);
+    assertEquals(Buffer.from(key.export()), material);
+  },
+});
+
+Deno.test({
+  name: "export jwk secret key",
+  fn() {
+    const material = Buffer.from("secret");
+    const key = createSecretKey(material);
+    assertEquals(key.export({ format: "jwk" }), {
+      kty: "oct",
+      k: "c2VjcmV0",
+    });
+  },
+});
+
+Deno.test({
+  name: "createHmac with secret key",
+  fn() {
+    const key = createSecretKey(Buffer.from("secret"));
+    assertEquals(
+      createHmac("sha256", key).update("hello").digest().toString("hex"),
+      "88aab3ede8d3adf94d26ab90d3bafd4a2083070c3bcce9c014ee04a443847c0b",
+    );
+  },
+});
-- 
cgit v1.2.3