Description
There are several open issues about node:crypto
- Poor performance for crypto's privateEncrypt/publicDecrypt #6076
- jwks-rsa and/or express-jwt not working with bun #10511
- Mineflayer error: Cant Authenticate with Microsoft #10049
- Export named 'diffieHellman' not found in module 'crypto' when running in Nuxt server with
bun --bun dev#9569 - Import named 'diffieHellman' not found in module 'crypto' #6782
joseis not working in sveltekit #7560- node-rsa decrypt 20x slowser then node #4859
- Bun v1.2.2 seems not to support
JsonWebToken(jsonwebtokenpackage) #13682
Our current implementation of node:crypto is an incrementally modified fork of the browserify crypto polyfill with a lot of BoringSSL bindings added in key places.
The browserify crypto polyfill was a great starting point, but we've outgrown it.
When you skim through the code, you'll note that very little of it makes sense in the context of Bun
Lines 2238 to 2258 in 1bec6c3
It has a JavaScript implementation of MD5, SHA1, crypto.randomBytes, DES, AES, diffieHelman, etc. We have BoringSSL. We even expose BoringSSL's MD5, SHA1, etc. Let's use it.
Let's also get rid of the commonJS wrappers in it. The only JavaScript code in node:crypto should be related to streams, or wrapping a native implementation in a stream. Everything else should be in native code.
The other issue here is in the particular stream implementations themselves. There are likely many small subtly incompatible bugs in the various classes exposed by node:crypto. We need to be running node's tests against our crypto implementation. Ideally, we'd be running other test suites too for this.
Activity