-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tracking issue for remaining node:crypto
APIs
#18455
Comments
I would like to start with the first method |
Towards #18455 This commit implements `checkPrimeSync` and `checkPrime` in node:crypto using the Miller-Rabin primality test (fun fact: it actually is a test for composite numbers) It first compares the candidate against many known small primes and if not, proceeds to run the Miller-Rabin primality test. http://nickle.org/examples/miller-rabin.5c used as reference implementation.
Towards #18455 This commit implements `checkPrimeSync` and `checkPrime` in node:crypto using the Miller-Rabin primality test (fun fact: it actually is a test for composite numbers) It first compares the candidate against many known small primes and if not, proceeds to run the Miller-Rabin primality test. http://nickle.org/examples/miller-rabin.5c used as reference implementation.
Towards #18455 This commit implements the keypair generation for asymmetric keys for the `generateKeyPair` API. See how key material is managed in this implementation: https://www.notion.so/denolandinc/node-crypto-design-99fc33f568d24e47a5e4b36002c5325d?pvs=4 Private and public key encoding depend on `KeyObject#export` which is not implemented. I've also skipped ED448 and X448 since we need a crate for that in WebCrypto too.
Towards denoland#18455 This commit implements the keypair generation for asymmetric keys for the `generateKeyPair` API. See how key material is managed in this implementation: https://www.notion.so/denolandinc/node-crypto-design-99fc33f568d24e47a5e4b36002c5325d?pvs=4 Private and public key encoding depend on `KeyObject#export` which is not implemented. I've also skipped ED448 and X448 since we need a crate for that in WebCrypto too.
Towards #18455 `safe`, `add` and `rem` options are not implemented because there is no rust crate that provides this functionality (except rust-openssl maybe) and its just not clear if this API is used widely.
node:crypto
APIsnode:crypto
APIs
|
Another one: #19836 |
Missing AES-GCM in cipher issues: |
Hey @littledivy, has there been any progress with
|
FYI, I wanted to note here for visibility that it seems this issue is fixed in Deno 1.38.1—however, it doesn't appear this is used on Deno Deploy just yet: #20938 (comment) |
It seems that the error is occurring from For anyone who encounters a similar error:When I validate the JWT using
When I debugged and checked the actual error.message, the content was as follows.
The above error is wrapped by firebase. The original error was something like this:
This error is actually coming from inside // https://github.com/auth0/node-jsonwebtoken/blob/bc28861f1fa981ed9c009e29c044a19760a0b128/verify.js#L122
try {
secretOrPublicKey = createPublicKey(secretOrPublicKey);
} catch (_) {
try {
secretOrPublicKey = createSecretKey(typeof secretOrPublicKey === 'string' ? Buffer.from(secretOrPublicKey) : secretOrPublicKey);
} catch (_) {
return done(new JsonWebTokenError('secretOrPublicKey is not valid key material'))
}
} In the end, I found out that the cause of the error was that |
I have converted the pending items into seperate issues. Closing this one. |
Hello, I am testing nodejs code that I wrote last year with Deno 2, I encounter an error when doing the following (I only extracted the errored code) import { generateKeyPairSync } from "node:crypto";
const passphrase: string = "mypassphrase";
const cipher: string = "aes-256-cbc";
const modulusLength: number = 4096;
const key = generateKeyPairSync("rsa", {
modulusLength,
publicKeyEncoding: {
type: "spki",
format: "pem",
},
privateKeyEncoding: {
type: "pkcs8",
format: "pem",
cipher,
passphrase,
},
});
console.log(key); Error:
I see above that the Thank you ! |
Can't believe you released Deno 2 without fixing setAutoPadding... Luckily Bun does have it implemented. |
@barthuijgen it is working on canary now |
Please leave a comment below if you are planning to contribute so we can avoid duplicate work.
Unimplemented
crypto.verify()
@kt3k fix(ext/node): add crypto.sign|verify methods #18765crypto.createVerify()
@kt3k fix(ext/node): implement crypto.createVerify #18703crypto.generateKeyPairSync()
@littledivy fix(ext/node): implement asymmetric keygen #18651crypto.generateKeyPair()
@littledivy fix(ext/node): implement asymmetric keygen #18651crypto.X509Certificate
@littledivy fix(ext/node): add X509Certificate #18625crypto.generatePrimeSync()
@littledivy fix(ext/node): prime generation #18861crypto.sign()
@kt3k fix(ext/node): add crypto.sign|verify methods #18765crypto.createSign()
@kt3k fix(ext/node): implement crypto.Sign (RSA/PEM/SHA{224,256,384,512}) #18471crypto.hkdfSync()
@littledivy fix(ext/node): implement hkdf-expand #18612crypto.hkdf()
@littledivy fix(ext/node): implement hkdf-expand #18612crypto.getCurves()
@levex feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support #18832crypto.getCipherInfo()
#21805crypto.generateKeySync()
@littledivy fix(ext/node): add symmetric keygen #18609crypto.generateKey()
@littledivy fix(ext/node): add symmetric keygen #18609crypto.diffieHellman()
#21806crypto.getDiffieHellman()
@levex feat(node/crypto): Builtin Diffie-Hellman Groups #19137crypto.createECDH()
@levex feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support #18832crypto.createDiffieHellmanGroup()
@levex feat(node/crypto): Builtin Diffie-Hellman Groups #19137crypto.createDiffieHellman()
@levex feat(node/crypto): Diffie Hellman Support #18943crypto.createPublicKey()
#21807crypto.createPrivateKey()
@littledivy fix(node): implement createPrivateKey #20981crypto.Decipheriv.prototype.setAutoPadding
crypto.checkPrimeSync()
@littledivy feat(ext/node): addcrypto.checkPrime
API #18465crypto.generatePrime()
@littledivy fix(ext/node): prime generation #18861crypto.checkPrime()
@littledivy feat(ext/node): addcrypto.checkPrime
API #18465crypto.Certificate
APIs #21808Port polyfill to Rust
crypto.scryptSync()
@levex refactor(node/crypto): scrypt polyfill to rust #18746crypto.scrypt()
@levex refactor(node/crypto): scrypt polyfill to rust #18746crypto.randomInt()
@levex refactor(node/crypto): port polyfill to Rust for randomInt, randomFill, randomFillSync #18658crypto.randomFill()
@levex refactor(node/crypto): port polyfill to Rust for randomInt, randomFill, randomFillSync #18658crypto.randomFillSync()
@levex refactor(node/crypto): port polyfill to Rust for randomInt, randomFill, randomFillSync #18658crypto.pbkdf2Sync()
@littledivy chore(ext/node): port pbkdf2 to Rust #18470crypto.pbkdf2()
@littledivy chore(ext/node): port pbkdf2 to Rust #18470OpenSSL-specific
crypto.setFips()
crypto.setEngine()
Identified bugs
The text was updated successfully, but these errors were encountered: