feat: electron v6.x support

Author: panva

.travis.yml

@@ -1,12 +1,8 @@
 matrix:
   allow_failures:
-    - name: "Test Suite - Nightly build"
+    - name: "Test Suite - Node.js Nightly build"
     - name: "Linter"
   include:
-    - name: Linter
-      language: node_js
-      node_js: stable
-      script: npm run lint
     - name: "Test Suite + coverage - 12.0.0" #min
       language: node_js
       node_js: 12.0.0
@@ -22,10 +18,18 @@ matrix:
       os: windows
       script: npm test
       node_js: node
-    - name: "Test Suite - Nightly build"
+    - name: "Test Suite - Electron build"
+      language: node_js
+      node_js: stable
+      script: xvfb-run npx electron@beta ./test/electron
+    - name: "Test Suite - Node.js Nightly build"
       language: minimal
       env: NVM_NODEJS_ORG_MIRROR=https://nodejs.org/download/nightly/
       install:
         - nvm i node
         - npm i
       script: npm test
+    - name: Linter
+      language: node_js
+      node_js: stable
+      script: npm run lint

README.md

@@ -311,6 +311,18 @@ key = jose.JWK.asKey(fs.readFileSync('path/to/key/file'))
 key.crv === 'P-256K'
 ```
 
+#### Electron Support
+
+Electron v6.x runtime is supported to the extent of the crypto engine BoringSSL feature parity with
+standard Node.js OpenSSL. The following is disabled in Electron runtime because of its lack of
+[support](https://github.com/panva/jose/blob/master/test/electron/electron.test.js).
+
+- JWE `A128KW`, `A192KW` and `A256KW` algs are not available, this also means that other JWAs
+  depending on those are not working, those are `ECDH-ES+A128KW`, `ECDH-ES+A192KW`,
+  `ECDH-ES+A256KW`, `PBES2-HS256+A128KW`, `PBES2-HS384+A192KW`, `PBES2-HS512+A256KW`)
+- OKP curves `Ed448`, `X25519` and `X448` are not supported
+- EC curve `secp256k1` is not supported
+
 ## FAQ
 
 #### Semver?

lib/help/consts.js

@@ -31,3 +31,12 @@ module.exports.KEYLENGTHS = {
   A192GCM: 192,
   A256GCM: 256
 }
+
+/* c8 ignore next 7 */
+if ('electron' in process.versions) {
+  module.exports.OKP_CURVES.delete('Ed448')
+  module.exports.OKP_CURVES.delete('X25519')
+  module.exports.OKP_CURVES.delete('X448')
+  module.exports.EC_CURVES.delete(secp256k1)
+  module.exports.ECDH_ALGS.splice(1, module.exports.ECDH_ALGS.length - 1)
+}

lib/jwk/key/oct.js

@@ -91,7 +91,7 @@ class OctKey extends Key {
 
     switch (operation) {
       case 'deriveKey':
-        if (use === 'sig') {
+        if (use === 'sig' || 'electron' in process.versions) {
           return new Set()
         }
 
@@ -116,6 +116,11 @@ class OctKey extends Key {
           return new Set()
         }
 
+        /* c8 ignore next 3 */
+        if ('electron' in process.versions) {
+          return new Set([`A${this.length}GCMKW`])
+        }
+
         return new Set([`A${this.length}KW`, `A${this.length}GCMKW`])
       case undefined:
         return new Set([

lib/jwk/key/rsa.js

@@ -139,7 +139,7 @@ class RSAKey extends Key {
   }
 
   static async generate (len = 2048, privat = true) {
-    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0) {
+    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0 || (('electron' in process.versions) && len % 128 !== 0)) {
       throw new TypeError('invalid bit length')
     }
 
@@ -149,7 +149,7 @@ class RSAKey extends Key {
   }
 
   static generateSync (len = 2048, privat = true) {
-    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0) {
+    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0 || (('electron' in process.versions) && len % 128 !== 0)) {
       throw new TypeError('invalid bit length')
     }
 

package.json

@@ -7,6 +7,7 @@
     "decode",
     "decrypt",
     "eddsa",
+    "electron",
     "encrypt",
     "flattened",
     "general",

test/cookbook/5_10.including_additional_authentication_data.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.10')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_11.protecting_specific_header_fields.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.11')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_12.protecting_content_only.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.12')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_13.encrypting_to_multiple_recipients.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.13')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_3.key_wrap_using_pbes2-aes-keywrap_with-aes-cbc-hmac-sha2.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.3')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_4.key_agreement_with_key_wrapping_using_ecdh-es_and_aes-keywrap_with_aes-gcm.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.4')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_8.key_wrap_using_aes-keywrap_with_aes-gcm.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.8')
 const { enc: verifiers } = require('./verifiers')
 

test/cookbook/5_9.compressed_content.test.js

@@ -1,5 +1,7 @@
 const test = require('ava')
 
+if ('electron' in process.versions) return
+
 const recipe = require('./recipes').get('5.9')
 const { enc: verifiers } = require('./verifiers')
 

test/electron/electron.test.js

@@ -0,0 +1,25 @@
+const test = require('ava')
+
+if (!('electron' in process.versions)) return
+
+const crypto = require('crypto')
+
+const fixtures = require('../fixtures')
+
+;['aes128', 'aes192', 'aes256'].forEach((cipher) => {
+  test(`${cipher} is not supported`, t => {
+    t.false(crypto.getCiphers().includes(cipher))
+  })
+})
+
+test('secp256k1 is not supported', t => {
+  t.false(crypto.getCurves().includes('secp256k1'))
+})
+
+;['Ed448', 'X25519', 'X448'].forEach((okp) => {
+  test(`${okp} is not supported`, t => {
+    t.throws(() => {
+      crypto.createPrivateKey(fixtures.PEM[okp].private)
+    }, { instanceOf: Error, code: 'ERR_OSSL_EVP_UNSUPPORTED_ALGORITHM' })
+  })
+})

test/electron/index.js

@@ -0,0 +1,2 @@
+const exit = () => process.exit(process.exitCode)
+require('ava/lib/cli').run().then(exit, exit)

test/help/P-256K.key_utils.test.js

@@ -2,6 +2,9 @@
 require('../../P-256K')
 
 const test = require('ava')
+
+if ('electron' in process.versions) return
+
 const { createPublicKey, createPrivateKey } = require('crypto')
 
 const { keyObjectToJWK, jwkToPem } = require('../../lib/help/key_utils')

test/help/key_utils.test.js

@@ -57,56 +57,58 @@ test('Ed25519 Private key', t => {
   t.deepEqual(actual, expected)
 })
 
-test('Ed448 Public key', t => {
-  const expected = clone(fixtures.Ed448)
-  delete expected.d
-  const pem = createPublicKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
-
-test('Ed448 Private key', t => {
-  const expected = fixtures.Ed448
-  const pem = createPrivateKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
-
-test('X25519 Public key', t => {
-  const expected = clone(fixtures.X25519)
-  delete expected.d
-  const pem = createPublicKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
-
-test('X25519 Private key', t => {
-  const expected = fixtures.X25519
-  const pem = createPrivateKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
-
-test('X448 Public key', t => {
-  const expected = clone(fixtures.X448)
-  delete expected.d
-  const pem = createPublicKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
-
-test('X448 Private key', t => {
-  const expected = fixtures.X448
-  const pem = createPrivateKey(jwkToPem(expected))
-  const actual = keyObjectToJWK(pem)
-
-  t.deepEqual(actual, expected)
-})
+if (!('electron' in process.versions)) {
+  test('Ed448 Public key', t => {
+    const expected = clone(fixtures.Ed448)
+    delete expected.d
+    const pem = createPublicKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+
+  test('Ed448 Private key', t => {
+    const expected = fixtures.Ed448
+    const pem = createPrivateKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+
+  test('X25519 Public key', t => {
+    const expected = clone(fixtures.X25519)
+    delete expected.d
+    const pem = createPublicKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+
+  test('X25519 Private key', t => {
+    const expected = fixtures.X25519
+    const pem = createPrivateKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+
+  test('X448 Public key', t => {
+    const expected = clone(fixtures.X448)
+    delete expected.d
+    const pem = createPublicKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+
+  test('X448 Private key', t => {
+    const expected = fixtures.X448
+    const pem = createPrivateKey(jwkToPem(expected))
+    const actual = keyObjectToJWK(pem)
+
+    t.deepEqual(actual, expected)
+  })
+}
 
 test('EC P-256 Public key', t => {
   const expected = clone(fixtures['P-256'])