Skip to content

Instantly share code, notes, and snippets.

@panva

panva/crypto-key-from-key-object.patch Secret

Last active February 4, 2021 15:12
Show Gist options
  • Save panva/c1e98ab8aa332f170e36b27e73905b72 to your computer and use it in GitHub Desktop.
Save panva/c1e98ab8aa332f170e36b27e73905b72 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
crypto-key-from-key-object.patch
diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js
index ab3ee099cd..2dbe0667bd 100644
--- a/lib/internal/crypto/aes.js
+++ b/lib/internal/crypto/aes.js
@@ -245,7 +245,7 @@ async function aesGenerateKey(algorithm, extractable, keyUsages) {
});
}
-async function aesImportKey(
+function aesImportKey(
algorithm,
format,
keyData,
diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js
index bcf9b1e509..69661a3f71 100644
--- a/lib/internal/crypto/diffiehellman.js
+++ b/lib/internal/crypto/diffiehellman.js
@@ -539,7 +539,7 @@ function dhExportKey(key, format) {
key[kKeyObject][kHandle]));
}
-async function dhImportKey(
+function dhImportKey(
format,
keyData,
algorithm,
diff --git a/lib/internal/crypto/dsa.js b/lib/internal/crypto/dsa.js
index 0baabc4680..190852af08 100644
--- a/lib/internal/crypto/dsa.js
+++ b/lib/internal/crypto/dsa.js
@@ -134,7 +134,7 @@ function dsaExportKey(key, format) {
key[kKeyObject][kHandle]));
}
-async function dsaImportKey(
+function dsaImportKey(
format,
keyData,
algorithm,
diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
index 8807970736..506c49a798 100644
--- a/lib/internal/crypto/ec.js
+++ b/lib/internal/crypto/ec.js
@@ -238,7 +238,7 @@ function ecExportKey(key, format) {
key[kKeyObject][kHandle]));
}
-async function ecImportKey(
+function ecImportKey(
format,
keyData,
algorithm,
diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
index c4c60f3d22..089eb4c599 100644
--- a/lib/internal/crypto/keys.js
+++ b/lib/internal/crypto/keys.js
@@ -4,6 +4,7 @@ const {
ArrayFrom,
ObjectDefineProperty,
ObjectSetPrototypeOf,
+ SafeSet,
Symbol,
Uint8Array,
} = primordials;
@@ -23,6 +24,8 @@ const {
} = internalBinding('crypto');
const {
+ validateArray,
+ validateBoolean,
validateObject,
validateOneOf,
} = require('internal/validators');
@@ -41,10 +44,14 @@ const {
} = require('internal/errors');
const {
+ bigIntArrayToUnsignedBigInt,
+ getArrayBufferOrView,
+ hasAnyNotIn,
kHandle,
kKeyObject,
- getArrayBufferOrView,
- bigIntArrayToUnsignedBigInt,
+ lazyDOMException,
+ lazyRequire,
+ normalizeAlgorithm,
} = require('internal/crypto/util');
const {
@@ -120,6 +127,78 @@ const [
throw new ERR_INVALID_ARG_TYPE('key', 'CryptoKey', key);
return key[kKeyObject];
}
+
+ toCryptoKey(algorithm, extractable, keyUsages) {
+ validateBoolean(extractable, 'extractable');
+ validateArray(keyUsages, 'keyUsages');
+
+ const keyData = this;
+ const format = 'node.keyObject';
+ algorithm = normalizeAlgorithm(algorithm);
+
+ switch (algorithm.name) {
+ case 'RSASSA-PKCS1-V1_5':
+ // Fall through
+ case 'RSA-PSS':
+ // Fall through
+ case 'RSA-OAEP':
+ return lazyRequire('internal/crypto/rsa')
+ .rsaImportKey(format, keyData, algorithm, extractable, keyUsages);
+ case 'NODE-ED25519':
+ // Fall through
+ case 'NODE-ED448':
+ // Fall through
+ case 'ECDSA':
+ // Fall through
+ case 'ECDH':
+ return lazyRequire('internal/crypto/ec')
+ .ecImportKey(format, keyData, algorithm, extractable, keyUsages);
+ case 'HMAC':
+ return lazyRequire('internal/crypto/mac')
+ .hmacImportKey(format, keyData, algorithm, extractable, keyUsages);
+ case 'AES-CTR':
+ // Fall through
+ case 'AES-CBC':
+ // Fall through
+ case 'AES-GCM':
+ // Fall through
+ case 'AES-KW':
+ return lazyRequire('internal/crypto/aes')
+ .aesImportKey(algorithm, format, keyData, extractable, keyUsages);
+ case 'HKDF':
+ // Fall through
+ case 'NODE-SCRYPT':
+ // Fall through
+ case 'PBKDF2':
+ const { name } = algorithm;
+ const usagesSet = new SafeSet(keyUsages);
+ if (extractable)
+ throw lazyDOMException(`${name} keys are not extractable`,
+ 'SyntaxError');
+
+ if (hasAnyNotIn(usagesSet, 'deriveKey', 'deriveBits')) {
+ throw lazyDOMException(
+ `Unsupported key usage for a ${name} key`,
+ 'SyntaxError');
+ }
+
+ if (keyData.type === 'secret')
+ return new InternalCryptoKey(keyData, { name }, keyUsages,
+ extractable);
+
+ throw lazyDOMException(
+ `Unable to import ${name} key with format ${format}`,
+ 'NotSupportedError');
+ case 'NODE-DSA':
+ return lazyRequire('internal/crypto/dsa')
+ .dsaImportKey(format, keyData, algorithm, extractable, keyUsages);
+ case 'NODE-DH':
+ return lazyRequire('internal/crypto/diffiehellman')
+ .dhImportKey(format, keyData, algorithm, extractable, keyUsages);
+ }
+
+ throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
+ }
}
class SecretKeyObject extends KeyObject {
diff --git a/lib/internal/crypto/mac.js b/lib/internal/crypto/mac.js
index af6b95340f..3c729cfb88 100644
--- a/lib/internal/crypto/mac.js
+++ b/lib/internal/crypto/mac.js
@@ -78,7 +78,7 @@ async function hmacGenerateKey(algorithm, extractable, keyUsages) {
});
}
-async function hmacImportKey(
+function hmacImportKey(
format,
keyData,
algorithm,
diff --git a/lib/internal/crypto/rsa.js b/lib/internal/crypto/rsa.js
index 1c90b57f43..4a57999684 100644
--- a/lib/internal/crypto/rsa.js
+++ b/lib/internal/crypto/rsa.js
@@ -229,7 +229,7 @@ function rsaExportKey(key, format) {
kRsaVariants[key.algorithm.name]));
}
-async function rsaImportKey(
+function rsaImportKey(
format,
keyData,
algorithm,
diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
index 2e14fcc90c..fe998867bd 100644
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -390,7 +390,7 @@ async function exportKey(format, key) {
'Export format is unsupported', 'NotSupportedError');
}
-async function importGenericSecretKey(
+function importGenericSecretKey(
{ name, length },
format,
keyData,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment