Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Export feature for P-521 and X25519 cryptoKey #26431

Open
3 tasks
Srabutdotcom opened this issue Oct 20, 2024 · 2 comments
Open
3 tasks

Export feature for P-521 and X25519 cryptoKey #26431

Srabutdotcom opened this issue Oct 20, 2024 · 2 comments
Labels
crypto Related to node:crypto or WebCrypto ext/crypto related to the ext/crypto crate feat new feature (which has been agreed to/accepted) web related to Web APIs

Comments

@Srabutdotcom
Copy link

Srabutdotcom commented Oct 20, 2024
edited
Loading

It would be better if Deno fully support for Webcrypto API,..

I have tested that deno can create P-521 and X25519 cryptoKey like a charm.
P-521 cryptoKey

  • export to JWK failed on both private and public key - NotSupportedError: Unsupported namedCurve
  • export to RAW failed - TypeError: expected valid private EC key

X25519 cryptoKey

  • export to JWK failed on private key only - NotSupportedError: Not implemented
@lucacasonato lucacasonato added feat new feature (which has been agreed to/accepted) web related to Web APIs ext/crypto related to the ext/crypto crate crypto Related to node:crypto or WebCrypto labels Oct 21, 2024
@hertzg
Copy link

hertzg commented Jan 15, 2025
edited
Loading

The X25519 private key export as jwk works in latest node LTS and does not issue experimental warning anymore.
This is useful when one wants to "derive" a public key from a private key. When exporting to JWK the d field would contain the base64url encoded privateKey and the x field - publicKey.

Sample code to reproduce:

// node.mjs contents
const { privateKey } = await crypto.subtle.generateKey(
  { name: "X25519" },
  true,
  ["deriveKey", "deriveBits"]
);
const jwk = await crypto.subtle.exportKey("jwk", privateKey);
console.log(jwk);

When running under node v22.13.0:

$ node -v     
v22.13.0
$ node node.mjs
{
  key_ops: [ 'deriveKey', 'deriveBits' ],
  ext: true,
  crv: 'X25519',
  d: '2LAP7t3KsI7n2JxKpatigiSxFS8IcNInjTnn-Bxx6VE',
  x: 'ldy_Ujc9T1Ml4zwyjVKdffGMiYXJJ4QTtn0P6VA7_H4',
  kty: 'OKP'
}

When running under deno 2.1.5:

$ deno -v
deno 2.1.5
$ deno node.mjs 
error: Uncaught (in promise) NotSupportedError: Not implemented
const jwk = await crypto.subtle.exportKey("jwk", privateKey);
                                ^
    at exportKeyX25519 (ext:deno_crypto/00_crypto.js:4536:15)
    at SubtleCrypto.exportKey (ext:deno_crypto/00_crypto.js:1054:18)
    at file:///Users/hertzg/projects/wireguard-tools/node.mjs:6:33

@littledivy littledivy mentioned this issue Jan 26, 2025
Merged
littledivy added a commit that referenced this issue Jan 27, 2025
@littledivy
fix(ext/crypto): export private x25519 JWK key (#27828)
88490d0 
Ref #26431
bartlomieju pushed a commit that referenced this issue Jan 30, 2025
@littledivy @bartlomieju
fix(ext/crypto): export private x25519 JWK key (#27828)
14081fb 
Ref #26431
@hertzg
Copy link

hertzg commented Feb 5, 2025

This issue was mentioned from a pr #27828 ( thanks @littledivy ) and I can confirm the JWK export of x25519 private key works since deno 2.1.8.

$ deno -v
deno 2.1.8
$ deno run node.mjs
{
  kty: "OKP",
  crv: "X25519",
  key_ops: [ "deriveKey", "deriveBits" ],
  ext: true,
  x: "Pw0aODbPSnhp52nKS_iAyKV03LDzSnLVYrrllX3EGwA",
  d: "aLaBKkPJa3r_5DM44UToQQoZ1zVifqxH8LucGClaoo8"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
crypto Related to node:crypto or WebCrypto ext/crypto related to the ext/crypto crate feat new feature (which has been agreed to/accepted) web related to Web APIs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hertzg @lucacasonato @Srabutdotcom