import * as mod from "https://deno.land/std@0.198.0/crypto/crypto.ts";
Extensions to the Web Crypto supporting additional encryption APIs, but also delegating to the built-in APIs when possible.
Provides additional digest algorithms that are not part of the WebCrypto
standard as well as a subtle.digest
and subtle.digestSync
methods. It
also provides a subtle.timingSafeEqual()
method to compare array buffers
or data views in a way that isn't prone to timing based attacks.
The "polyfill" delegates to WebCrypto
where possible.
The KeyStack
export implements the KeyRing
interface
for managing rotatable keys for signing data to prevent tampering, like with
HTTP cookies.
Supported algorithms
Here is a list of supported algorithms. If the algorithm name in WebCrypto and Wasm/Rust is the same, this library prefers to use algorithms that are supported by WebCrypto.
WebCrypto
// https://deno.land/std/crypto/crypto.ts
const webCryptoDigestAlgorithms = [
"SHA-384",
"SHA-256",
"SHA-512",
// insecure (length-extendable and collidable):
"SHA-1",
] as const;
Wasm/Rust
// https://deno.land/std/crypto/_wasm/mod.ts
export const digestAlgorithms = [
"BLAKE2B-224",
"BLAKE2B-256",
"BLAKE2B-384",
"BLAKE2B",
"BLAKE2S",
"BLAKE3",
"KECCAK-224",
"KECCAK-256",
"KECCAK-384",
"KECCAK-512",
"SHA-384",
"SHA3-224",
"SHA3-256",
"SHA3-384",
"SHA3-512",
"SHAKE128",
"SHAKE256",
"TIGER",
// insecure (length-extendable):
"RIPEMD-160",
"SHA-224",
"SHA-256",
"SHA-512",
// insecure (collidable and length-extendable):
"MD4",
"MD5",
"SHA-1",
] as const;
Timing safe comparison
When checking the values of cryptographic hashes are equal, default comparisons can be susceptible to timing based attacks, where attacker is able to find out information about the host system by repeatedly checking response times to equality comparisons of values.
It is likely some form of timing safe equality will make its way to the
WebCrypto standard (see:
w3c/webcrypto#270), but until
that time, timingSafeEqual()
is provided:
import { crypto } from "https://deno.land/std@0.198.0/crypto/mod.ts";
import { assert } from "https://deno.land/std@0.198.0/assert/assert.ts";
const a = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello world"),
);
const b = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello world"),
);
const c = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello deno"),
);
assert(crypto.subtle.timingSafeEqual(a, b));
assert(!crypto.subtle.timingSafeEqual(a, c));
In addition to the method being part of the crypto.subtle
interface, it is
also loadable directly:
import { timingSafeEqual } from "https://deno.land/std@0.198.0/crypto/timing_safe_equal.ts";
import { assert } from "https://deno.land/std@0.198.0/assert/assert.ts";
const a = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello world"),
);
const b = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello world"),
);
assert(timingSafeEqual(a, b));
Examples
Example 1
Example 1
import { crypto } from "https://deno.land/std@0.198.0/crypto/mod.ts";
// This will delegate to the runtime's WebCrypto implementation.
console.log(
new Uint8Array(
await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("hello world"),
),
),
);
// This will use a bundled Wasm/Rust implementation.
console.log(
new Uint8Array(
await crypto.subtle.digest(
"BLAKE3",
new TextEncoder().encode("hello world"),
),
),
);
Convert hash to a string
Convert hash to a string
import {
crypto,
toHashString,
} from "https://deno.land/std@0.198.0/crypto/mod.ts";
const hash = await crypto.subtle.digest(
"SHA-384",
new TextEncoder().encode("You hear that Mr. Anderson?"),
);
// Hex encoding by default
console.log(toHashString(hash));
// Or with base64 encoding
console.log(toHashString(hash, "base64"));
Variables
An wrapper for WebCrypto adding support for additional non-standard algorithms, but delegating to the runtime WebCrypto implementation whenever possible. |
Interfaces
Extensions to the Web | |
Extensions to the web standard |