From 0b3bf18a889d0bb08f941d5b0436dbc3986d1b7c Mon Sep 17 00:00:00 2001 From: Oleg Bespalov Date: Thu, 31 Oct 2024 15:20:50 +0100 Subject: [PATCH 1/3] webcrypto: RSA support --- .../webcrypto/hmackeygenparams.md | 2 +- .../webcrypto/rsahashedkeygenparams.md | 41 +++++++++++++++++++ .../webcrypto/rsaoaepparams.md | 19 +++++++++ .../k6-experimental/webcrypto/rsapssparams.md | 22 ++++++++++ .../webcrypto/subtlecrypto/generatekey.md | 14 +++---- .../webcrypto/subtlecrypto/sign.md | 2 +- .../webcrypto/subtlecrypto/verify.md | 2 +- .../webcrypto/supported-encrypt-decrypt.md | 2 +- .../supported-key-methods-formats.md | 1 + .../shared/webcrypto/supported-key-methods.md | 2 +- .../shared/webcrypto/supported-sign-verify.md | 2 +- 11 files changed, 96 insertions(+), 13 deletions(-) create mode 100644 docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md create mode 100644 docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md create mode 100644 docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/hmackeygenparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/hmackeygenparams.md index 92559f4466..61bafce456 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/hmackeygenparams.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/hmackeygenparams.md @@ -12,7 +12,7 @@ The `HmacKeyGenParams` object represents the object that should be passed as the | Property | Type | Description | | :---------------- | :------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| name | `string` | The should be set to `HMAC`. | +| name | `string` | This should be set to `HMAC`. | | hash | `string` | The name of the digest function to use. Possible values are `SHA-1`, `SHA-256`, `SHA-384` and `SHA-512`. | | length (optional) | `number` | The length of the key in bits. If this is omitted, the length of the key is equal to the block size of the hash function you have chosen. We recommend to leave this parameter empty, unless you have a good reason to use something different. | diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md new file mode 100644 index 0000000000..a8e3281464 --- /dev/null +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md @@ -0,0 +1,41 @@ +--- +title: 'RSAHashedKeyGenParams' +description: 'RSAHashedKeyGenParams represents the object that should be passed as the algorithm parameter into the generateKey operation, when generating an RSA key pair.' +weight: 12 +--- + +# RSAHashedKeyGenParams + +The `RSAHashedKeyGenParams` object represents object that should be passed as the algorithm parameter into the [generateKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey) operation when generating an RSA key pair. + +## Properties + +| Property | Type | Description | +| :---------------- | :------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| name | `string` | This should be set to `RSASSA-PKCS1-v1_5`, `RSA-PSS` or `RSA-OAEP`. | +| modulusLength | `number` | The length in bits of the RSA modulus. This should be at least 2048. Some organizations are now recommending that it should be 4096. | +| publicExponent | `Uint8Array` | The public exponent. Unless you have a good reason to use something else, specify 65537 here `new Uint8Array([1, 0, 1])` | +| hash | `string` | The name of the digest function to use. Possible values are `SHA-1`, `SHA-256`, `SHA-384` and `SHA-512`. | + +## Example + +{{< code >}} + +```javascript +import { crypto } from 'k6/experimental/webcrypto'; + +export default async function () { + const keyPair = await crypto.subtle.generateKey( + { + name: "RSA-PSS", + modulusLength: 2048, + publicExponent: new Uint8Array([1, 0, 1]), + hash: { name: "SHA-256" }, + }, + true, + ["sign", "verify"] + ); +} +``` + +{{< /code >}} diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md new file mode 100644 index 0000000000..dd302999ef --- /dev/null +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md @@ -0,0 +1,19 @@ +--- +title: 'RsaOaepParams' +description: 'RsaOaepParams represents the object that should be passed as the algorithm parameter into the encrypt and decrypt operation when using the RSA-OAEP algorithm.' +weight: 06 +--- + +# RsaOaepParams + +The `RsaOaepParams` object represents the object that should be passed as the algorithm parameter into the [encrypt](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/encrypt) and [decrypt](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/decrypt) operation when using the RSA-OAEP algorithm. + +For more details, head to the [MDN Web Crypto API documentation on RSA-OAEP](https://developer.mozilla.org/en-US/docs/Web/API/RsaOaepParams). + +## Properties + +| Property | Type | Description | +| :------------------------ | :----------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| name | `string` | Should be set to `RSA-OAEP`. | +| label (optional) | `ArrayBuffer`, `TypedArray`, or `DataView` | It's an array of bytes that does not itself need to be encrypted but which should be bound to the ciphertext. A digest of the label is part of the input to the encryption operation. Unless your application calls for a label, you can just omit this argument, and it will not affect the security of the encryption operation. | + | diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md new file mode 100644 index 0000000000..221eb7013b --- /dev/null +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md @@ -0,0 +1,22 @@ +--- +title: 'RsaPssParams' +description: 'RsaPssParams is a parameter used for sign or verify operations.' +weight: 11 +--- + +# RsaPssParams + +The `RsaPssParams` represents the object that should be passed as the algorithm parameter into [`sign`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/sign/) or [`verify`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/verify/) when using the RSA-PSS algorithm. + +## Properties + +| Property | Type | Description | +| :------- | :------- | :---------------------------------------------------------------------------------------------------- | +| name | `string` | An algorithm name. Should be `RSA-PSS`. | +| saltLength | `number` | A long integer representing the length of the random salt to use, in bytes. | + +{{< admonition type="caution" >}} + +Since under the hood we use Golang's SDK the salt length 0 is not supported. In that case the maximum possible salt length will be used. + +{{< /admonition >}} \ No newline at end of file diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey.md index c3cb9f6dd2..fdae3524dc 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey.md @@ -6,7 +6,7 @@ weight: 05 # generateKey -The `generateKey()` generates a new cryptographic key and returns it as a [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) object that can be used with the Web Crypto API. +The `generateKey()` generates a new cryptographic key and returns it as a [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) object or a [CryptoKeyPair](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokeypair) object that can be used with the Web Crypto API. ## Usage @@ -28,20 +28,20 @@ generateKey(algorithm, extractable, keyUsages) ## Return Value -A `Promise` that resolves with the generated key as a [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) object or a [CryptoKeyPair](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokeypair). +A `Promise` that resolves with the generated key as a [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) object or a [CryptoKeyPair](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokeypair) object. ### Algorithm specific input -| | HMAC | AES | ECDH | ECDSA | -| :--------------------- | :----------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------- | -| Parameters type to use | [`HmacKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams) | [`AesKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aeskeygenparams) | [`EcKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/eckeygenparams) | [`EcKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/eckeygenparams) | -| Possible key usages | `sign`, `verify` | `encrypt`, `decrypt` | `deriveKey`, `deriveBits` | `sign`, `verify` | +| | HMAC | AES | ECDH | ECDSA | RSA-OAEP | RSASSA-PKCS1-v1_5 | RSA-PSS | +| :--------------------- | :----------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------- |----- |----- |----- | +| Parameters type to use | [`HmacKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams) | [`AesKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aeskeygenparams) | [`EcKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/eckeygenparams) | [`EcKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/eckeygenparams) | [`RSAHashedKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams) | [`RSAHashedKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams) | [`RSAHashedKeyGenParams`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams) | +| Possible key usages | `sign`, `verify` | `encrypt`, `decrypt` | `deriveKey`, `deriveBits` | `sign`, `verify` | `encrypt`, `decrypt` | `sign`, `verify` | `sign`, `verify` | ## Throws | Type | Description | | :------------ | :------------------------------------------------------------------------------------------- | -| `SyntaxError` | Raised when the `keyUsages` parameter is empty but the key is of type `secret` or `private`. | +| `SyntaxError` | Raised when the `keyUsages` parameter is empty, but the key is of type `secret` or `private`. | ## Example diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/sign.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/sign.md index 96255a273d..86cabbd4c5 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/sign.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/sign.md @@ -18,7 +18,7 @@ sign(algorithm, key, data) | Name | Type | Description | | :---------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------- | -| `algorithm` | `string` or object with a single `name` string property or an [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/), or [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) object | The signature algorithm to use. Currently supported: `HMAC` and `ECDSA`. | +| `algorithm` | `string` or object with a single `name` string property (`{name: "RSASSA-PKCS1-v1_5"}`) or an [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/), [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/), or [RsaPssParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsapssparams/) object. | The signature algorithm to use. | | `key` | [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) | The key to use for signing. | | `data` | `ArrayBuffer`, `TypedArray`, or `DataView` | The data to be signed. | diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/verify.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/verify.md index d41acecbce..ad58aff134 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/verify.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/subtlecrypto/verify.md @@ -18,7 +18,7 @@ verify(algorithm, key, signature, data) | Name | Type | Description | | :---------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------- | -| `algorithm` | `string` or object with a single `name` string property or an [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/), or [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) object | The algorithm to use. Currently supported: `HMAC` and `ECDSA`. | +| `algorithm` | `string` or object with a single `name` string property (`{name: "RSASSA-PKCS1-v1_5"}`) or an [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/), [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/), or [RsaPssParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsapssparams/) object. | The signature algorithm to use. | | `key` | [CryptoKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/cryptokey) | The key that will be used to verify the signature. | | `signature` | `ArrayBuffer` | The signature to verify. | | `data` | `ArrayBuffer` | The data whose signature is to be verified. | diff --git a/docs/sources/k6/next/shared/webcrypto/supported-encrypt-decrypt.md b/docs/sources/k6/next/shared/webcrypto/supported-encrypt-decrypt.md index 0243b74b96..64049cda7f 100644 --- a/docs/sources/k6/next/shared/webcrypto/supported-encrypt-decrypt.md +++ b/docs/sources/k6/next/shared/webcrypto/supported-encrypt-decrypt.md @@ -4,4 +4,4 @@ title: webcrypto/supported encrypt/decrypt | AES-CBC | AES-CTR | AES-GCM | RSA-OAEP | | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :------- | -| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ❌ | +| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ✅ [RsaOaepParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsaoaepparams) | diff --git a/docs/sources/k6/next/shared/webcrypto/supported-key-methods-formats.md b/docs/sources/k6/next/shared/webcrypto/supported-key-methods-formats.md index e4fcc38452..d2545a7477 100644 --- a/docs/sources/k6/next/shared/webcrypto/supported-key-methods-formats.md +++ b/docs/sources/k6/next/shared/webcrypto/supported-key-methods-formats.md @@ -3,4 +3,5 @@ title: webcrypto/supported key methods formats --- - `ECDH` and `ECDSA` algorithms have support for `pkcs8`, `spki`, `raw` and `jwk` formats. +- `RSA-OAEP`, `RSASSA-PKCS1-v1_5` and `RSA-PSS` algorithms have support for `pkcs8`, `spki` and `jwk` formats. - `AES-*` and `HMAC` algorithms have currently support for `raw` and `jwk` formats. diff --git a/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md b/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md index 39c8249e7a..143148a9af 100644 --- a/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md +++ b/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md @@ -4,4 +4,4 @@ title: webcrypto/supported key methods | AES-CBC | AES-CTR | AES-GCM | AES-KW | ECDH | ECDSA | HMAC | RSA-OAEP | RSASSA-PKCS1-v1_5 | RSA-PSS | | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :----- | :------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------- | :------- | :---------------- | :------ | -| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ❌ | ✅ [EcdhKeyDeriveParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdhkeyderiveparams/) | ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ❌ | ❌ | ❌ | +| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ❌ | ✅ [EcdhKeyDeriveParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdhkeyderiveparams/) | ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | diff --git a/docs/sources/k6/next/shared/webcrypto/supported-sign-verify.md b/docs/sources/k6/next/shared/webcrypto/supported-sign-verify.md index 4e649c2e04..e7b6dc1483 100644 --- a/docs/sources/k6/next/shared/webcrypto/supported-sign-verify.md +++ b/docs/sources/k6/next/shared/webcrypto/supported-sign-verify.md @@ -4,4 +4,4 @@ title: webcrypto/supported sign/verify | ECDSA | HMAC | RSASSA-PKCS1-v1_5 | RSA-PSS | | :--------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------- | :---------------- | :------ | -| ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ❌ | ❌ | +| ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ✅ | ✅ [RsaPssParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsapssparams/) | From 02ba83acb2c395b6d97a1ddc5d1ab87d2b749a81 Mon Sep 17 00:00:00 2001 From: Oleg Bespalov Date: Tue, 5 Nov 2024 08:22:13 +0100 Subject: [PATCH 2/3] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Joan López de la Franca Beltran <5459617+joanlopez@users.noreply.github.com> --- .../webcrypto/rsahashedkeygenparams.md | 20 +++++++++---------- .../webcrypto/rsaoaepparams.md | 10 +++++----- .../k6-experimental/webcrypto/rsapssparams.md | 10 +++++----- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md index a8e3281464..e7e5a816c1 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams.md @@ -6,16 +6,16 @@ weight: 12 # RSAHashedKeyGenParams -The `RSAHashedKeyGenParams` object represents object that should be passed as the algorithm parameter into the [generateKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey) operation when generating an RSA key pair. +The `RSAHashedKeyGenParams` object represents the object that should be passed as the algorithm parameter into the [generateKey](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey) operation when generating an RSA key pair. ## Properties -| Property | Type | Description | -| :---------------- | :------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| name | `string` | This should be set to `RSASSA-PKCS1-v1_5`, `RSA-PSS` or `RSA-OAEP`. | -| modulusLength | `number` | The length in bits of the RSA modulus. This should be at least 2048. Some organizations are now recommending that it should be 4096. | -| publicExponent | `Uint8Array` | The public exponent. Unless you have a good reason to use something else, specify 65537 here `new Uint8Array([1, 0, 1])` | -| hash | `string` | The name of the digest function to use. Possible values are `SHA-1`, `SHA-256`, `SHA-384` and `SHA-512`. | +| Property | Type | Description | +| :------------- | :----------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | +| name | `string` | This should be set to `RSASSA-PKCS1-v1_5`, `RSA-PSS` or `RSA-OAEP`. | +| modulusLength | `number` | The length in bits of the RSA modulus. This should be at least 2048. Some organizations are now recommending that it should be 4096. | +| publicExponent | `Uint8Array` | The public exponent. Unless you have a good reason to use something else, specify `65537` here, which represented as a `Uint8Array` is `new Uint8Array([1, 0, 1])` | +| hash | `string` | `object` | The name or an object with a `name` property of the digest function to use. Possible values are `SHA-1`, `SHA-256`, `SHA-384` and `SHA-512`. | ## Example @@ -27,13 +27,13 @@ import { crypto } from 'k6/experimental/webcrypto'; export default async function () { const keyPair = await crypto.subtle.generateKey( { - name: "RSA-PSS", + name: 'RSA-PSS', modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), - hash: { name: "SHA-256" }, + hash: { name: 'SHA-256' }, }, true, - ["sign", "verify"] + ['sign', 'verify'] ); } ``` diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md index dd302999ef..1eef8f19b3 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsaoaepparams.md @@ -12,8 +12,8 @@ For more details, head to the [MDN Web Crypto API documentation on RSA-OAEP](htt ## Properties -| Property | Type | Description | -| :------------------------ | :----------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| name | `string` | Should be set to `RSA-OAEP`. | -| label (optional) | `ArrayBuffer`, `TypedArray`, or `DataView` | It's an array of bytes that does not itself need to be encrypted but which should be bound to the ciphertext. A digest of the label is part of the input to the encryption operation. Unless your application calls for a label, you can just omit this argument, and it will not affect the security of the encryption operation. | - | +| Property | Type | Description | +| :--------------- | :----------------------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| name | `string` | Should be set to `RSA-OAEP`. | +| label (optional) | `ArrayBuffer`, `TypedArray`, or `DataView` | It's an array of bytes that does not itself need to be encrypted but which should be bound to the ciphertext. A digest of the label is part of the input to the encryption operation. Unless your application calls for a label, you can just omit this argument, and it will not affect the security of the encryption operation. | +| | diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md index 221eb7013b..a7fe8035c2 100644 --- a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsapssparams.md @@ -10,13 +10,13 @@ The `RsaPssParams` represents the object that should be passed as the algorithm ## Properties -| Property | Type | Description | -| :------- | :------- | :---------------------------------------------------------------------------------------------------- | -| name | `string` | An algorithm name. Should be `RSA-PSS`. | -| saltLength | `number` | A long integer representing the length of the random salt to use, in bytes. | +| Property | Type | Description | +| :--------- | :------- | :-------------------------------------------------------------------------- | +| name | `string` | An algorithm name. Should be `RSA-PSS`. | +| saltLength | `number` | A long integer representing the length of the random salt to use, in bytes. | {{< admonition type="caution" >}} Since under the hood we use Golang's SDK the salt length 0 is not supported. In that case the maximum possible salt length will be used. -{{< /admonition >}} \ No newline at end of file +{{< /admonition >}} From 96c826677897a0f8a323e096024c7dd39904e9d3 Mon Sep 17 00:00:00 2001 From: Oleg Bespalov Date: Tue, 5 Nov 2024 11:14:49 +0100 Subject: [PATCH 3/3] webcrypto: mentioning RsaHashedImportParams --- .../webcrypto/rsahashedimportparams.md | 16 ++++++++++++++++ .../shared/webcrypto/supported-key-methods.md | 6 +++--- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedimportparams.md diff --git a/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedimportparams.md b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedimportparams.md new file mode 100644 index 0000000000..bccde9b8a0 --- /dev/null +++ b/docs/sources/k6/next/javascript-api/k6-experimental/webcrypto/rsahashedimportparams.md @@ -0,0 +1,16 @@ +--- +title: 'RsaHashedImportParams' +description: 'RsaHashedImportParams represents the object that should be passed as the algorithm parameter into the importKey operation, when using the RSA algorithm.' +weight: 12 +--- + +# RsaHashedImportParams + +The `RsaHashedImportParams` represents the object that should be passed as the algorithm parameter into [`importKey`](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/subtlecrypto/importkey/) when using the RSA algorithm. + +## Properties + +| Property | Type | Description | +| :------- | :------- | :------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| name | `string` | This should be set to `RSASSA-PKCS1-v1_5`, `RSA-PSS` or `RSA-OAEP`. | +| hash | `string` | `object` | The name or an object with a `name` property of the digest function to use. Possible values are `SHA-1`, `SHA-256`, `SHA-384` and `SHA-512`. | diff --git a/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md b/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md index 143148a9af..9ff5c14160 100644 --- a/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md +++ b/docs/sources/k6/next/shared/webcrypto/supported-key-methods.md @@ -2,6 +2,6 @@ title: webcrypto/supported key methods --- -| AES-CBC | AES-CTR | AES-GCM | AES-KW | ECDH | ECDSA | HMAC | RSA-OAEP | RSASSA-PKCS1-v1_5 | RSA-PSS | -| :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :----- | :------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------- | :------- | :---------------- | :------ | -| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ❌ | ✅ [EcdhKeyDeriveParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdhkeyderiveparams/) | ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | ✅ [RSAHashedKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedkeygenparams/) | +| AES-CBC | AES-CTR | AES-GCM | AES-KW | ECDH | ECDSA | HMAC | RSA-OAEP | RSASSA-PKCS1-v1_5 | RSA-PSS | +| :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | :----- | :------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------- | +| ✅ [AesCbcParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aescbcparams) | ✅ [AesCtrParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesctrparams) | ✅ [AesGcmParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/aesgcmparams) | ❌ | ✅ [EcdhKeyDeriveParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdhkeyderiveparams/) | ✅ [EcdsaParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/ecdsaparams/) | ✅ [HmacKeyGenParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/hmackeygenparams/) | ✅ [RsaHashedImportParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedimportparams/) | ✅ [RsaHashedImportParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedimportparams/) | ✅ [RsaHashedImportParams](https://grafana.com/docs/k6//javascript-api/k6-experimental/webcrypto/rsahashedimportparams/) |