Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement X509Certificate in node:crypto #16173

Merged
merged 63 commits into from
Jan 17, 2025
Merged

Implement X509Certificate in node:crypto #16173

merged 63 commits into from
Jan 17, 2025

Conversation

Jarred-Sumner
Copy link
Collaborator

@Jarred-Sumner Jarred-Sumner commented Jan 5, 2025
edited
Loading

What does this PR do?

Fixes #13802
Fixes #7560
Fixes #10049
Fixes #9569
Fixes #6782

This implements X509Certificate in node:crypto, diffieHelman, and a few more methods.

This also pulls in ncrypyto (thanks @jasnell!)

TODO before merging:

  • Figure out why fingerprint256 is erroring in the legacy object
  • Make the error from boringssl better (error:0b00008b:X.509 certificate routines:OPENSSL_internal:INVALID_FIELD_FOR_VERSION is not good)
  • Get test-crypto-x509 to pass. Currently, it fails due to fingerprint256 and after that, it fails due to new X509Certificate throwing when it shouldn't (possibly a boringssl issue)
  • Double check the lifetimes of the X256* is handled correctly. I think we might want to use their reference-counting stuff instead of just freeing it immediately.

How did you verify your code works?

Jarred-Sumner
Jarred-Sumner commented Jan 5, 2025
View reviewed changes
src/js/node/tls.ts
@@ -281,28 +281,6 @@ function createSecureContext(options) {
// javascript object representations before passing them back to the user. Can
// be used on any cert object, but changing the name would be semver-major.
function translatePeerCertificate(c) {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i moved this function to the implementation

Jarred-Sumner
Jarred-Sumner commented Jan 5, 2025
View reviewed changes
src/js/node/tls.ts
@@ -498,10 +476,10 @@ const TLSSocket = (function (InternalTLSSocket) {
}
}
getPeerX509Certificate() {
throw Error("Not implented in Bun yet");
return this._handle?.getPeerX509Certificate?.();
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this doesn't actually seem to work and i'm not sure why

Jarred-Sumner
Jarred-Sumner commented Jan 5, 2025
View reviewed changes
test/js/node/tls/node-tls-connect.test.ts
@@ -241,7 +241,7 @@ for (const { name, connect } of tests) {
expect(cert.ca).toBeFalse();
expect(cert.bits).toBe(2048);
expect(cert.modulus).toBe(
"BEEE8773AF7C8861EC11351188B9B1798734FB0729B674369BE3285A29FE5DACBFAB700D09D7904CF1027D89298BD68BE0EF1DF94363012B0DEB97F632CB76894BCC216535337B9DB6125EF68996DD35B4BEA07E86C41DA071907A86651E84F8C72141F889CC0F770554791E9F07BBE47C375D2D77B44DBE2AB0ED442BC1F49ABE4F8904977E3DFD61CD501D8EFF819FF1792AEDFFACA7D281FD1DB8C5D972D22F68FA7103CA11AC9AAED1CDD12C33C0B8B47964B37338953D2415EDCE8B83D52E2076CA960385CC3A5CA75A75951AAFDB2AD3DB98A6FDD4BAA32F575FEA7B11F671A9EAA95D7D9FAF958AC609F3C48DEC5BDDCF1BC1542031ED9D4B281D7DD1",
"beee8773af7c8861ec11351188b9b1798734fb0729b674369be3285a29fe5dacbfab700d09d7904cf1027d89298bd68be0ef1df94363012b0deb97f632cb76894bcc216535337b9db6125ef68996dd35b4bea07e86c41da071907a86651e84f8c72141f889cc0f770554791e9f07bbe47c375d2d77b44dbe2ab0ed442bc1f49abe4f8904977e3dfd61cd501d8eff819ff1792aedffaca7d281fd1db8c5d972d22f68fa7103ca11ac9aaed1cdd12c33c0b8b47964b37338953d2415edce8b83d52e2076ca960385cc3a5ca75a75951aafdb2ad3db98a6fdd4baa32f575fea7b11f671a9eaa95d7d9faf958ac609f3c48dec5bddcf1bc1542031ed9d4b281d7dd1",
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo: check if node does it uppercase or lowercase

@robobun
Copy link

robobun commented Jan 5, 2025
edited
Loading

Updated 6:16 AM PT - Jan 17th, 2025

@Jarred-Sumner, your commit 95981c9 has 2 failures in #9917:

🧪   try this PR locally:

bunx bun-pr 16173

Jarred-Sumner
Jarred-Sumner commented Jan 15, 2025
View reviewed changes
src/bun.js/bindings/JSBuffer.h
@@ -20,6 +20,7 @@

#pragma once

#include "JavaScriptCore/ArrayBuffer.h"
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
#include "JavaScriptCore/ArrayBuffer.h"

@dylan-conway dylan-conway self-assigned this Jan 15, 2025
@dylan-conway dylan-conway marked this pull request as ready for review January 15, 2025 22:41
This was referenced Jan 17, 2025
Closed
Closed
Closed
Closed
@Jarred-Sumner Jarred-Sumner merged commit 7242c1b into main Jan 17, 2025
68 of 69 checks passed
@Jarred-Sumner Jarred-Sumner deleted the jarred/x509 branch January 17, 2025 13:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dylan-conway dylan-conway

Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@Jarred-Sumner @robobun @dylan-conway