From c5f226290ead93b7f43f664fc05c5fec90f38be8 Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Fri, 20 Aug 2021 22:33:02 +0200 Subject: [PATCH] fix(deno): ignore incomplete webcrypto api type errors --- package.json | 4 ++-- src/runtime/browser/aeskw.ts | 4 ++++ src/runtime/browser/check_cek_length.ts | 1 + src/runtime/browser/check_key_length.ts | 2 ++ src/runtime/browser/decrypt.ts | 2 ++ src/runtime/browser/ecdhes.ts | 4 ++++ src/runtime/browser/encrypt.ts | 2 ++ src/runtime/browser/generate.ts | 1 + src/runtime/browser/jwk_to_key.ts | 3 +++ src/runtime/browser/key_to_jwk.ts | 1 + src/runtime/browser/pbes2kw.ts | 4 ++++ src/runtime/browser/rsaes.ts | 5 +++++ 12 files changed, 31 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index c515041508..1cccff060a 100644 --- a/package.json +++ b/package.json @@ -333,7 +333,7 @@ "build-fast:node-webcrypto-cjs": "npm run-script runtime-node-webcrypto && npm run-script -s esbuild-find | xargs -0 esbuild --log-level=warning --platform=node --target=esnext --outdir=dist/node/webcrypto/cjs --format=cjs", "build-fast:node-webcrypto-esm": "npm run-script runtime-node-webcrypto && npm run-script -s esbuild-find | xargs -0 esbuild --log-level=warning --platform=node --target=esnext --outdir=dist/node/webcrypto/esm --format=esm && echo '{\"type\": \"module\"}'> dist/node/webcrypto/esm/package.json", "build:browser": "run-s runtime-browser 'build -- -p ./tsconfig/browser.json' && echo '{\"type\": \"module\"}'> dist/browser/package.json", - "build:deno": "npm run-script runtime-deno && find dist/deno -name '*.ts' -type f -print0 | xargs -0 sed -i '' -e \"s/\\.js'/.ts'/g\" -e \"s/\\.d'/.d.ts'/g\" && echo 'export class KeyObject extends CryptoKey {}' > dist/deno/types.d.ts && tail -n +5 src/types.d.ts >> dist/deno/types.d.ts", + "build:deno": "npm run-script runtime-deno && find dist/deno -name '*.ts' -type f -print0 | xargs -0 sed -i '' -e \"s/@deno\\-expect\\-error/@ts-ignore/g\" -e \"s/\\.js'/.ts'/g\" -e \"s/\\.d'/.d.ts'/g\" && echo 'export class KeyObject extends CryptoKey {}' > dist/deno/types.d.ts && tail -n +5 src/types.d.ts >> dist/deno/types.d.ts", "build:types": "npm run-script build -- -p ./tsconfig/types.json && cd src && find . -name '*.d.ts' -maxdepth 2 -type f -exec gcp --parents \"{}\" ../dist/types \\; && cd .. && node ./tools/strip-dts-comments && run-s -s types:find | xargs -0 sed -i '' -e \"s/\\.js'/'/g\" -e \"s/\\.d'/'/g\"", "build:node-cjs": "run-s runtime-node 'build -- -p ./tsconfig/node-cjs.json'", "build:node-esm": "run-s runtime-node 'build -- -p ./tsconfig/node-esm.json' && echo '{\"type\": \"module\"}'> dist/node/esm/package.json", @@ -357,7 +357,7 @@ "runtime:node:copy": "cp ./src/runtime/node/*.ts ./src/runtime", "runtime:refs": "run-s -s runtime:find | xargs -0 sed -i '' -e \"s/'\\.\\.\\//'\\.\\//g\" -e \"s/'\\.\\/\\.\\./'../g\"", "test": "npm run-script test-cjs && ava", - "test-deno": "deno test --jobs --no-check --allow-net test-deno", + "test-deno": "deno test --jobs --allow-net test-deno", "test-browser": "find test-browser -type f -name '*.js' -print0 | xargs -0 npx esbuild --log-level=warning --outdir=dist-browser-tests --bundle && karma start", "test-cjs": "rm -rf test/cjs && find test -type f -name '*.mjs' -print0 | xargs -0 npx esbuild --log-level=warning --target=esnext --outdir=test/cjs --format=cjs", "test-cryptokey": "CRYPTOKEY=true npm test", diff --git a/src/runtime/browser/aeskw.ts b/src/runtime/browser/aeskw.ts index ea2380bd3a..5dbc93eece 100644 --- a/src/runtime/browser/aeskw.ts +++ b/src/runtime/browser/aeskw.ts @@ -4,6 +4,7 @@ import crypto, { isCryptoKey } from './webcrypto.js' import invalidKeyInput from './invalid_key_input.js' function checkKeySize(key: CryptoKey, alg: string) { + // @deno-expect-error if ((key.algorithm).length !== parseInt(alg.substr(1, 3), 10)) { throw new TypeError(`invalid key size for alg: ${alg}`) } @@ -29,6 +30,7 @@ export const wrap: AesKwWrapFunction = async (alg: string, key: unknown, cek: Ui // we're importing the cek to end up with CryptoKey instance that can be wrapped, the algorithm used is irrelevant const cryptoKeyCek = await crypto.subtle.importKey('raw', cek, ...bogusWebCrypto) + // @deno-expect-error return new Uint8Array(await crypto.subtle.wrapKey('raw', cryptoKeyCek, cryptoKey, 'AES-KW')) } @@ -41,6 +43,7 @@ export const unwrap: AesKwUnwrapFunction = async ( checkKeySize(cryptoKey, alg) + // @deno-expect-error const cryptoKeyCek = await crypto.subtle.unwrapKey( 'raw', encryptedKey, @@ -49,5 +52,6 @@ export const unwrap: AesKwUnwrapFunction = async ( ...bogusWebCrypto, ) + // @deno-expect-error return new Uint8Array(await crypto.subtle.exportKey('raw', cryptoKeyCek)) } diff --git a/src/runtime/browser/check_cek_length.ts b/src/runtime/browser/check_cek_length.ts index caceff1005..67d918a9a4 100644 --- a/src/runtime/browser/check_cek_length.ts +++ b/src/runtime/browser/check_cek_length.ts @@ -32,6 +32,7 @@ const checkCekLength = (enc: string, cek: Uint8Array | CryptoKey) => { // CryptoKey if (isCryptoKey(cek)) { + // @deno-expect-error const { length } = cek.algorithm if (length !== expected) { throw new JWEInvalid('Invalid Content Encryption Key length') diff --git a/src/runtime/browser/check_key_length.ts b/src/runtime/browser/check_key_length.ts index c5d58e8b9c..512311086f 100644 --- a/src/runtime/browser/check_key_length.ts +++ b/src/runtime/browser/check_key_length.ts @@ -1,6 +1,7 @@ export default (alg: string, key: CryptoKey) => { if (alg.startsWith('HS')) { const bitlen = parseInt(alg.substr(-3), 10) + // @deno-expect-error const { length } = key.algorithm if (typeof length !== 'number' || length < bitlen) { throw new TypeError(`${alg} requires symmetric keys to be ${bitlen} bits or larger`) @@ -8,6 +9,7 @@ export default (alg: string, key: CryptoKey) => { } if (alg.startsWith('RS') || alg.startsWith('PS')) { + // @deno-expect-error const { modulusLength } = key.algorithm if (typeof modulusLength !== 'number' || modulusLength < 2048) { throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`) diff --git a/src/runtime/browser/decrypt.ts b/src/runtime/browser/decrypt.ts index 337ecc7e9e..72d8e5f010 100644 --- a/src/runtime/browser/decrypt.ts +++ b/src/runtime/browser/decrypt.ts @@ -53,6 +53,7 @@ async function cbcDecrypt( let plaintext!: Uint8Array try { plaintext = new Uint8Array( + // @deno-expect-error await crypto.subtle.decrypt({ iv, name: 'AES-CBC' }, encKey, ciphertext), ) } catch { @@ -79,6 +80,7 @@ async function gcmDecrypt( try { return new Uint8Array( + // @deno-expect-error await crypto.subtle.decrypt( { additionalData: aad, diff --git a/src/runtime/browser/ecdhes.ts b/src/runtime/browser/ecdhes.ts index e5919f65d5..3abf0e1089 100644 --- a/src/runtime/browser/ecdhes.ts +++ b/src/runtime/browser/ecdhes.ts @@ -35,12 +35,14 @@ export const deriveKey: EcdhESDeriveKeyFunction = async ( } const sharedSecret = new Uint8Array( + // @deno-expect-error await crypto.subtle.deriveBits( { name: 'ECDH', public: publicKey, }, privateKey, + // @deno-expect-error Math.ceil(parseInt((privateKey.algorithm).namedCurve.substr(-3), 10) / 8) << 3, ), @@ -56,6 +58,7 @@ export const generateEpk: GenerateEpkFunction = async (key: unknown) => { return ( await crypto.subtle.generateKey( + // @deno-expect-error { name: 'ECDH', namedCurve: (key.algorithm).namedCurve }, true, ['deriveBits'], @@ -67,5 +70,6 @@ export const ecdhAllowed: EcdhAllowedFunction = (key: unknown) => { if (!isCryptoKey(key)) { throw new TypeError(invalidKeyInput(key, 'CryptoKey')) } + // @deno-expect-error return ['P-256', 'P-384', 'P-521'].includes((key.algorithm).namedCurve) } diff --git a/src/runtime/browser/encrypt.ts b/src/runtime/browser/encrypt.ts index bf157087dc..a28a837422 100644 --- a/src/runtime/browser/encrypt.ts +++ b/src/runtime/browser/encrypt.ts @@ -33,6 +33,7 @@ async function cbcEncrypt( ) const ciphertext = new Uint8Array( + // @deno-expect-error await crypto.subtle.encrypt( { iv, @@ -63,6 +64,7 @@ async function gcmEncrypt( : cek const encrypted = new Uint8Array( + // @deno-expect-error await crypto.subtle.encrypt( { additionalData: aad, diff --git a/src/runtime/browser/generate.ts b/src/runtime/browser/generate.ts index c63eb193eb..3f91782a79 100644 --- a/src/runtime/browser/generate.ts +++ b/src/runtime/browser/generate.ts @@ -6,6 +6,7 @@ import type { GenerateSecretOptions } from '../../util/generate_secret.js' export async function generateSecret(alg: string, options?: GenerateSecretOptions) { let length: number + // @deno-expect-error let algorithm: AesKeyGenParams | HmacKeyGenParams let keyUsages: KeyUsage[] switch (alg) { diff --git a/src/runtime/browser/jwk_to_key.ts b/src/runtime/browser/jwk_to_key.ts index 7b6970a6af..94ede6d071 100644 --- a/src/runtime/browser/jwk_to_key.ts +++ b/src/runtime/browser/jwk_to_key.ts @@ -5,9 +5,11 @@ import type { JWK } from '../../types.d' import { decode as base64url } from './base64url.js' function subtleMapping(jwk: JWK): { + // @deno-expect-error algorithm: RsaHashedImportParams | EcKeyAlgorithm | Algorithm keyUsages: KeyUsage[] } { + // @deno-expect-error let algorithm: RsaHashedImportParams | EcKeyAlgorithm | Algorithm let keyUsages: KeyUsage[] @@ -116,6 +118,7 @@ const parse: JWKParseFunction = async (jwk: JWK): Promise => { keyData = base64url(jwk.k!) } return crypto.subtle.importKey( + // @deno-expect-error format, keyData, algorithm, diff --git a/src/runtime/browser/key_to_jwk.ts b/src/runtime/browser/key_to_jwk.ts index cc877e8e5f..c7dca0f663 100644 --- a/src/runtime/browser/key_to_jwk.ts +++ b/src/runtime/browser/key_to_jwk.ts @@ -17,6 +17,7 @@ const keyToJWK: JWKConvertFunction = async (key: unknown): Promise => { if (!key.extractable) { throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK') } + // @deno-expect-error const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key) return jwk diff --git a/src/runtime/browser/pbes2kw.ts b/src/runtime/browser/pbes2kw.ts index 544837e77d..419766a8e7 100644 --- a/src/runtime/browser/pbes2kw.ts +++ b/src/runtime/browser/pbes2kw.ts @@ -45,8 +45,10 @@ export const encrypt: Pbes2KWEncryptFunction = async ( let derived: CryptoKey | Uint8Array if (cryptoKey.usages.includes('deriveBits')) { + // @deno-expect-error derived = new Uint8Array(await crypto.subtle.deriveBits(subtleAlg, cryptoKey, keylen)) } else if (cryptoKey.usages.includes('deriveKey')) { + // @deno-expect-error derived = await crypto.subtle.deriveKey(subtleAlg, cryptoKey, wrapAlg, false, ['wrapKey']) } else { throw new TypeError('PBKDF2 key "usages" must include "deriveBits" or "deriveKey"') @@ -83,8 +85,10 @@ export const decrypt: Pbes2KWDecryptFunction = async ( let derived: CryptoKey | Uint8Array if (cryptoKey.usages.includes('deriveBits')) { + // @deno-expect-error derived = new Uint8Array(await crypto.subtle.deriveBits(subtleAlg, cryptoKey, keylen)) } else if (cryptoKey.usages.includes('deriveKey')) { + // @deno-expect-error derived = await crypto.subtle.deriveKey(subtleAlg, cryptoKey, wrapAlg, false, ['unwrapKey']) } else { throw new TypeError('PBKDF2 key "usages" must include "deriveBits" or "deriveKey"') diff --git a/src/runtime/browser/rsaes.ts b/src/runtime/browser/rsaes.ts index ecb5ef619e..078fc59cb6 100644 --- a/src/runtime/browser/rsaes.ts +++ b/src/runtime/browser/rsaes.ts @@ -12,6 +12,7 @@ export const encrypt: RsaEsEncryptFunction = async (alg: string, key: unknown, c checkKeyLength(alg, key) if (key.usages.includes('encrypt')) { + // @deno-expect-error return new Uint8Array(await crypto.subtle.encrypt(subtleAlgorithm(alg), key, cek)) } @@ -19,6 +20,7 @@ export const encrypt: RsaEsEncryptFunction = async (alg: string, key: unknown, c // we're importing the cek to end up with CryptoKey instance that can be wrapped, the algorithm used is irrelevant const cryptoKeyCek = await crypto.subtle.importKey('raw', cek, ...bogusWebCrypto) return new Uint8Array( + // @deno-expect-error await crypto.subtle.wrapKey('raw', cryptoKeyCek, key, subtleAlgorithm(alg)), ) } @@ -39,10 +41,12 @@ export const decrypt: RsaEsDecryptFunction = async ( checkKeyLength(alg, key) if (key.usages.includes('decrypt')) { + // @deno-expect-error return new Uint8Array(await crypto.subtle.decrypt(subtleAlgorithm(alg), key, encryptedKey)) } if (key.usages.includes('unwrapKey')) { + // @deno-expect-error const cryptoKeyCek = await crypto.subtle.unwrapKey( 'raw', encryptedKey, @@ -51,6 +55,7 @@ export const decrypt: RsaEsDecryptFunction = async ( ...bogusWebCrypto, ) + // @deno-expect-error return new Uint8Array(await crypto.subtle.exportKey('raw', cryptoKeyCek)) }