Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: node crypto module #92

Merged
merged 27 commits into from
Jan 25, 2024
Merged

feat: node crypto module #92

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
e7d8b1f
prepare tests
Puellaquae Dec 8, 2022
ed66014
impl: fips
Puellaquae Dec 8, 2022
9d486a9
test: crypto-[randomuuid. randomfillsync-regression, timing-safe-equal]
Puellaquae Dec 13, 2022
d4b7db1
impl: crypto-random
Puellaquae Dec 14, 2022
1b1f736
impl: pdkdf2_internal
Puellaquae Dec 14, 2022
8c5fdcb
test: crypto-pbkdf2
Puellaquae Dec 15, 2022
0f92de6
impl: scrypt_internal
Puellaquae Dec 18, 2022
eef9d3f
test: crypto-scrypt
Puellaquae Dec 19, 2022
7d52886
impl: hkdf-internal
Puellaquae Dec 20, 2022
3ebea94
test: hkdf, remove wasi-crypto-guest dependency
Puellaquae Dec 24, 2022
4889ad3
impl: hash-internal
Puellaquae Dec 26, 2022
d2cd612
test: crypto-hash, crypto-hmac
Puellaquae Dec 28, 2022
2619b7b
impl: cipheriv, decipheriv
Puellaquae Dec 29, 2022
349f66b
test: crypto-cipheriv-decipheriv
Puellaquae Jan 3, 2023
98903ad
ci: use ubuntu20.04 wasi_crypto plugin
Puellaquae Jan 10, 2023
7d3d5b1
ci: upstream install.sh changed
Puellaquae Jan 10, 2023
b901ff6
add feature to enable crypto
Puellaquae Jan 13, 2023
585f2d3
test: add fixtures
Puellaquae Jan 16, 2023
c105d3c
Merge branch 'main' into crypto-dev
Puellaquae Jan 16, 2023
3b8e22d
remove unnecessary finalizer
Puellaquae Jan 16, 2023
16a0369
impl: SecretKey
Puellaquae Jan 16, 2023
026898e
Merge branch 'main' into crypto-dev
Puellaquae Jan 4, 2024
920f2c7
fix: fit new runtime api
Puellaquae Jan 18, 2024
73e7cab
fix: add assertPass check
Puellaquae Jan 24, 2024
906f4c8
refactor: separate wasi-crypto binding as a crate
Puellaquae Jan 24, 2024
b98e71a
refactor: rename crypto/mod.rs to crypto.rs
Puellaquae Jan 24, 2024
7a1999d
ci: install wasi_crypto plugin
Puellaquae Jan 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions .github/workflows/examples.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
- name: Install WasmEdge
run: |
VERSION=0.13.4
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | sudo bash -s -- -e all --version=$VERSION --plugins=wasi_nn-tensorflowlite -p /usr/local
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | sudo bash -s -- -e all --version=$VERSION --plugins=wasi_nn-tensorflowlite --plugins=wasi_crypto -p /usr/local
wget https://github.com/WasmEdge/WasmEdge/releases/download/$VERSION/WasmEdge-plugin-wasmedge_rustls-$VERSION-ubuntu20.04_x86_64.tar.gz
sudo chmod +x /usr/local/lib/wasmedge

Expand Down Expand Up @@ -191,8 +191,7 @@ jobs:
run: |
cargo test test_fs --target=wasm32-wasi --release

#- name: Node fs module test (maybe timeout)
# timeout-minutes: 5
# continue-on-error: true
# run: |
# cargo test test_fs --target=wasm32-wasi --release -- --ignored
- name: Node crypto module test
#timeout-minutes: 10
run: |
cargo test test_crypto --target=wasm32-wasi --release --features=nodejs_crypto
8 changes: 1 addition & 7 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ env_logger = "0.10.0"
rustls = { version = "0.21.0", optional = true }
tokio-rustls-wasi = { version = "0.24.1", optional = true }
webpki-roots = { version = "0.25.0", optional = true }
crypto-wasi = { version = "0.1.1", optional = true }

[features]
default = ["tls"]
Expand All @@ -38,3 +39,4 @@ img = ["image", "imageproc"]
tensorflow = ["img"]
wasi_nn = ["img"]
cjs = []
nodejs_crypto = ["crypto-wasi"]
1 change: 1 addition & 0 deletions modules/assert.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,7 @@ function parseCode(code, offset) {
}

function getErrMessage(message, fn) {
return "assert.getErrMessage unsupported";
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What support is missing for this function?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error message format from quickjs is a little different from v8, this function can't get the correct result.

const tmpLimit = Error.stackTraceLimit;
const errorStackTraceLimitIsWritable = isErrorStackTraceLimitWritable();
// Make sure the limit is set to 1. Otherwise it could fail (<= 0) or it
Expand Down
11 changes: 10 additions & 1 deletion modules/buffer.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2328,4 +2328,13 @@ var kMaxLength = exports.kMaxLength;

globalThis.Buffer = Buffer

export { Buffer, INSPECT_MAX_BYTES, exports as default, kMaxLength };
class FastBuffer extends Uint8Array {
// Using an explicit constructor here is necessary to avoid relying on
// `Array.prototype[Symbol.iterator]`, which can be mutated by users.
// eslint-disable-next-line no-useless-constructor
constructor(bufferOrLength, byteOffset, length) {
super(bufferOrLength, byteOffset, length);
}
}

export { Buffer, INSPECT_MAX_BYTES, exports as default, kMaxLength, FastBuffer };
285 changes: 285 additions & 0 deletions modules/crypto.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,285 @@
// Copyright 2018-2022 the Deno authors. All rights reserved. MIT license.
// Copyright Joyent, Inc. and Node.js contributors. All rights reserved. MIT license.

import { ERR_CRYPTO_FIPS_FORCED, ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH, ERR_INVALID_ARG_TYPE } from "./internal/errors";
import { crypto as constants } from "./internal_binding/constants";
import { getOptionValue } from "./internal/options";
import { isAnyArrayBuffer, isArrayBufferView } from "./internal/util/types";
import {
timing_safe_equal,
} from "_node:crypto";
function timingSafeEqual(a, b) {
if (!isAnyArrayBuffer(a) && !isArrayBufferView(a)) {
throw new ERR_INVALID_ARG_TYPE("buf1", ["ArrayBuffer", "Buffer", "TypedArray", "DataView"], a);
}
if (!isAnyArrayBuffer(b) && !isArrayBufferView(b)) {
throw new ERR_INVALID_ARG_TYPE("buf2", ["ArrayBuffer", "Buffer", "TypedArray", "DataView"], b);
}
if (a.byteLength != b.byteLength) {
throw new ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH();
}
return timing_safe_equal(a.buffer, b.buffer);
}

import {
checkPrime,
checkPrimeSync,
generatePrime,
generatePrimeSync,
randomBytes,
randomFill,
randomFillSync,
randomInt,
randomUUID,
} from "./internal/crypto/random";
import { pbkdf2, pbkdf2Sync } from "./internal/crypto/pbkdf2";
import { scrypt, scryptSync } from "./internal/crypto/scrypt";
import { hkdf, hkdfSync } from "./internal/crypto/hkdf";
/*import {
generateKey,
generateKeyPair,
generateKeyPairSync,
generateKeySync,
} from "./internal/crypto/keygen";*/
import {
createPrivateKey,
createPublicKey,
createSecretKey,
KeyObject,
} from "./internal/crypto/keys";/*
import {
DiffieHellman,
diffieHellman,
DiffieHellmanGroup,
ECDH,
} from "./internal/crypto/diffiehellman";*/
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why comment this code when you have diffiehellman.js?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It hasn't implemented for wasi and tested. It's just copied from nodejs now.

import {
Cipheriv,
Decipheriv,
getCipherInfo,
privateDecrypt,
privateEncrypt,
publicDecrypt,
publicEncrypt,
} from "./internal/crypto/cipher";
/*
import {
Sign,
signOneShot,
Verify,
verifyOneShot,
} from "./internal/crypto/sig";*/
import { Hash, Hmac } from "./internal/crypto/hash";/*
import { X509Certificate } from "./internal/crypto/x509";
*/import {
getCiphers,
getCurves,
getHashes,
secureHeapUsed,
setEngine,
} from "./internal/crypto/util";/*
import Certificate from "./internal/crypto/certificate";
*/
const webcrypto = undefined;
const fipsForced = getOptionValue("--force-fips");

function createCipheriv(cipher, key, iv, options) {
return new Cipheriv(cipher, key, iv, options);
}

function createDecipheriv(algorithm, key, iv, options) {
return new Decipheriv(algorithm, key, iv, options);
}
/*
function createDiffieHellman(sizeOrKey, keyEncoding, generator, generatorEncoding) {
return new DiffieHellman(
sizeOrKey,
keyEncoding,
generator,
generatorEncoding,
);
}

function createDiffieHellmanGroup(name) {
return new DiffieHellmanGroup(name);
}

function createECDH(curve) {
return new ECDH(curve);
}
*/
function createHash(hash, options) {
return new Hash(hash, options);
}

function createHmac(hmac, key, options) {
return new Hmac(hmac, key, options);
}
/*
function createSign(algorithm, options) {
return new Sign(algorithm, options);
}

function createVerify(algorithm, options) {
return new Verify(algorithm, options);
}
*/
function setFipsForced(val) {
if (val) {
return;
}

throw new ERR_CRYPTO_FIPS_FORCED();
}

function getFipsForced() {
return 1;
}

Object.defineProperty(constants, "defaultCipherList", {
value: getOptionValue("--tls-cipher-list"),
});
/*
const getDiffieHellman = createDiffieHellmanGroup;
*/
function getFipsCrypto() {
throw new Error("crypto.getFipsCrypto is unimplemented")
}
function setFipsCrypto(_val) {
throw new Error("crypto.setFipsCrypto is unimplemented")
}
const getFips = fipsForced ? getFipsForced : getFipsCrypto;
const setFips = fipsForced ? setFipsForced : setFipsCrypto;
/*
const sign = signOneShot;
const verify = verifyOneShot;
*/
export default {
/*Certificate,*/
checkPrime,
checkPrimeSync,
Cipheriv,
constants,
createCipheriv,
createDecipheriv,/*
createDiffieHellman,
createDiffieHellmanGroup,
createECDH,*/
createHash,
createHmac,
createPrivateKey,
createPublicKey,
createSecretKey,/*
createSign,
createVerify,*/
Decipheriv,/*
DiffieHellman,
diffieHellman,
DiffieHellmanGroup,
ECDH,
generateKey,
generateKeyPair,
generateKeyPairSync,
generateKeySync,*/
generatePrime,
generatePrimeSync,
getCipherInfo,
getCiphers,
getCurves,/*
getDiffieHellman,*/
getFips,
getHashes,
Hash,
hkdf,
hkdfSync,
Hmac,/*
KeyObject,*/
pbkdf2,
pbkdf2Sync,
privateDecrypt,
privateEncrypt,
publicDecrypt,
publicEncrypt,
randomBytes,
randomFill,
randomFillSync,
randomInt,
randomUUID,
scrypt,
scryptSync,
secureHeapUsed,
setEngine,
setFips,/*
Sign,
sign,*/
timingSafeEqual,
/*Verify,
verify,
webcrypto,
X509Certificate,*/
};

export {
/*Certificate,*/
checkPrime,
checkPrimeSync,
Cipheriv,
constants,
createCipheriv,
createDecipheriv,
/*createDiffieHellman,
createDiffieHellmanGroup,
createECDH,*/
createHash,
createHmac,
createPrivateKey,
createPublicKey,
createSecretKey,/*
createSign,
createVerify,*/
Decipheriv,/*
DiffieHellman,
diffieHellman,
DiffieHellmanGroup,
ECDH,
generateKey,
generateKeyPair,
generateKeyPairSync,
generateKeySync,*/
generatePrime,
generatePrimeSync,
getCipherInfo,
getCiphers,
getCurves,/*
getDiffieHellman,*/
getFips,
getHashes,
Hash,
hkdf,
hkdfSync,
Hmac,/*
KeyObject,*/
pbkdf2,
pbkdf2Sync,
privateDecrypt,
privateEncrypt,
publicDecrypt,
publicEncrypt,
randomBytes,
randomFill,
randomFillSync,
randomInt,
randomUUID,
scrypt,
scryptSync,
secureHeapUsed,
setEngine,
setFips,
/*Sign,
sign,*/
timingSafeEqual,
/*Verify,
verify,*/
webcrypto,
/*X509Certificate,*/
};
Loading
Loading