- 
          
- 
                Notifications
    You must be signed in to change notification settings 
- Fork 33.6k
crypto: support JWK objects in create(Public|Private)Key #37254
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
| I think this will conflict with #37240, but opening here to get early feedback. | 
| cc @nodejs/crypto | 
3f77664    to
    42b091a      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
| 
 I don't think we should. What if another "plain object" key type emerges one day and the user passes an object that has both a  | 
| I've pulled the  | 
| @panva Is this a WIP or ready to be reviewed? | 
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
| 
 To be reviewed please. | 
| validateString(key.qi, 'key.qi'); | ||
| } | ||
|  | ||
| const handle = new KeyObjectHandle(); | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure how I feel about creating KeyObjectHandles in more places.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you have a concrete suggestion? I'm only using what's available.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not right now, sorry. We can probably improve that later. I don't think this internal inconsistency has any visible effect to the user, but I'm not entirely sure.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
7c9fedf    to
    b41c5d3      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
b41c5d3    to
    d54e775      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
| cc @nodejs/crypto | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with exception to the use of delete as commented.
d54e775    to
    bb9a212      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
bb9a212    to
    4485936      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
PR-URL: #37254 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Matteo Collina <[email protected]>
| Landed in 117e293 | 
PR-URL: #37254 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Matteo Collina <[email protected]>
Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * update archs files for OpenSSL-1.1.1+quic (James M Snell) #37601 * switch openssl to quictls/openssl (James M Snell) #37601 * doc: * update maintaining-openssl guide (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * add promisified readFile benchmark (Nitzan Uziely) #37608 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * test: * update dom/abort tests (James M Snell) #37693 * fixup test to account for quic openssl version (James M Snell) #37601 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * update archs files for OpenSSL-1.1.1+quic (James M Snell) #37601 * switch openssl to quictls/openssl (James M Snell) #37601 * doc: * update maintaining-openssl guide (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * add promisified readFile benchmark (Nitzan Uziely) #37608 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * test: * update dom/abort tests (James M Snell) #37693 * fixup test to account for quic openssl version (James M Snell) #37601 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * update archs files for OpenSSL-1.1.1+quic (James M Snell) #37601 * switch openssl to quictls/openssl (James M Snell) #37601 * doc: * update maintaining-openssl guide (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * add promisified readFile benchmark (Nitzan Uziely) #37608 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * test: * update dom/abort tests (James M Snell) #37693 * fixup test to account for quic openssl version (James M Snell) #37601 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * switch openssl to quictls/openssl (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * switch openssl to quictls/openssl (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * switch openssl to quictls/openssl (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * update to [email protected] (Guy Bedford) #37712 * switch openssl to quictls/openssl (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
PR-URL: #37766 Notable changes: * crypto: * add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 * support JWK objects in create\*Key (Filip Skokan) #37254 * deps: * update to [email protected] (Guy Bedford) #37712 * switch openssl to quictls/openssl (James M Snell) #37601 * fs: * improve fsPromises writeFile performance (Nitzan Uziely) #37610 * improve fsPromises readFile performance (Nitzan Uziely) #37608 * lib: * implement AbortSignal.abort() (James M Snell) #37693 * node-api: * define version 8 (Gabriel Schulhof) #37652 * worker: * add setEnvironmentData/getEnvironmentData (James M Snell) #37486
This enables
create(Public|Private)KeyJWK inputs.crypto.createPublicKey({ key: jwk, format: 'jwk' })RSA,EC(P-256, secp256k1, P-384, P-521),OKP(Ed25519, Ed448, X25519, X448)crypto.createPrivateKey({ key: jwk, format: 'jwk' })RSA,EC(P-256, secp256k1, P-384, P-521),OKP(Ed25519, Ed448, X25519, X448)crypto.createSecretKey(jwk)Allows "oct" JWKs, always creates a SecretKeyObjectEnabled key typesoct