Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support #18832

Merged
merged 24 commits into from
Apr 27, 2023
Merged

feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support #18832

merged 24 commits into from
Apr 27, 2023

Conversation

levex
Copy link
Contributor

@levex levex commented Apr 25, 2023
edited
Loading

WIP.

  • getCurves() supported
  • computeSecret() for establishing a shared secret between two parties
  • generateKeys() for generating a keypair

Curves:

  • secp256k1
  • prime256v1 / secp256r1
  • k256 et al
  • p384 et al

TODO:

  • Support all above curves
  • encoding parameter in ECDH class
  • formatting parameter in ECDH class
  • ECDH::convertKeys support
  • Clean up mutable references in ops

My gist for testing some of this:
https://gist.github.com/levex/6a22f20eea40e0eb337a02ba906f79d8
(will be updated as the PR progresses)

@levex levex changed the title feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support WIP: feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support Apr 25, 2023
@levex levex marked this pull request as draft April 25, 2023 00:45
@levex levex mentioned this pull request Apr 25, 2023
Closed
39 tasks
ry
ry reviewed Apr 25, 2023
View reviewed changes
Cargo.lock
"p256",
"p384",
"p256 0.11.1",
"p384 0.11.2",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to avoid these duplicate dependencies?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They are not duplicates - each is a pure rust implementation of an elliptic curve.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nevermind I see what you mean

petamoriken
petamoriken reviewed Apr 26, 2023
View reviewed changes
ext/node/polyfills/internal/crypto/util.ts Outdated
Comment on lines 57 to 88
export const ellipticCurves: Array<EllipticCurve> = [
{
name: "secp256k1",
ephemeral: false,
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // Weierstrass-class EC used by Bitcoin
{
name: "prime256v1",
ephemeral: true,
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // NIST P-256 EC
{
name: "secp256r1",
ephemeral: true,
privateKeySize: 32,
publicKeySize: 65,
sharedSecretSize: 32,
}, // NIST P-256 EC (same as above)
{
name: "secp384r1",
ephemeral: true,
privateKeySize: 48,
publicKeySize: 97,
sharedSecretSize: 48,
}, // NIST P-384 EC
{
name: "secp224r1",
ephemeral: true,
privateKeySize: 28,
publicKeySize: 57,
sharedSecretSize: 28,
}, // NIST P-224 EC
];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps as const satisfies Array<EllipticCurve> would be better.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because the type becomes clearer. Please see this TS Playground.

littledivy
littledivy requested changes Apr 26, 2023
View reviewed changes
Copy link
Member

@littledivy littledivy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We cannot use Resources to represent curve structures because there is no API to clean up memory.

Please use the exisiting infra for storing key material in JS and passing that to ops.
See https://www.notion.so/denolandinc/node-crypto-design-99fc33f568d24e47a5e4b36002c5325d

Example PR: 9496dfc

littledivy
littledivy reviewed Apr 27, 2023
View reviewed changes
Copy link
Member

@littledivy littledivy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you avoid the duplicate deps? Btw we already use p[256,384,512] in ext/crypto so extract them out to the workspace Cargo.toml so its the same version.

littledivy
littledivy reviewed Apr 27, 2023
View reviewed changes
ext/node/polyfills/internal/crypto/util.ts Outdated
Comment on lines 158 to 161
export function getCurves(): readonly string[] {
notImplemented("crypto.getCurves");
return ellipticCurves.map((x) => x.name);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

const curveNames = ellipticCurves.map((x) => x.name);
export function getCurves(): readonly string[] {
  return curveNames;
}

ext/node/polyfills/internal/crypto/diffiehellman.ts Outdated Show resolved Hide resolved
ext/node/polyfills/internal/crypto/diffiehellman.ts Outdated Show resolved Hide resolved
ext/node/polyfills/internal/crypto/diffiehellman.ts Outdated Show resolved Hide resolved
levex
levex commented Apr 27, 2023
View reviewed changes
third_party Outdated
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops

@levex levex changed the title WIP: feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support feat(node/crypto): Elliptic Curve Diffie-Hellman (ECDH) support Apr 27, 2023
@levex levex marked this pull request as ready for review April 27, 2023 13:50
@littledivy
Copy link
Member

Looks good! Please add / enable Node compat tests for this

littledivy
littledivy reviewed Apr 27, 2023
View reviewed changes
Cargo.toml Show resolved Hide resolved
@ry
Copy link
Member

ry commented Apr 27, 2023

Nice work Lev!

@levex levex merged commit c3d670d into denoland:main Apr 27, 2023
@levex levex deleted the node-crypto-ecdh branch April 27, 2023 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bartlomieju bartlomieju bartlomieju left review comments

@petamoriken petamoriken petamoriken left review comments

@kt3k kt3k kt3k left review comments

@ry ry ry left review comments

@littledivy littledivy littledivy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@levex @littledivy @ry @kt3k @petamoriken @bartlomieju