Merge webcrypto into k6 #4188
Merged
Merge webcrypto into k6 #4188
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Define module API to match WebCrypto's
The Web Crypto API specification has a pretty loose set of expectations towards errors. However, making our implementation pass the Web Platform Tests outlined that they're expected to be in a quite specific format. In order to provide a good support for errors in the Web Crypto API, we define its expected errors as custom errors.
Implement support for the crypto.getRandomValues operation
Implement support for the crypto.randomUUID operation
Implement support for the `crypto.subtle.digest` operation
The previous implementation of the normalization function was really thorough, complex, and close to the specification. Up to a level where the complexity was not necessarily worth it compared to the sought end result. This commit reduces the algorithm normalization to its bare minimum requirements.
The pre-existing CryptoKey type was intended as a contract-type declaration of type matching the specification's. It was not bound to any specific implementation, and as a result, not battle tested. This commit realigns its definition with the real-world use-case brought by the `subtle.crypto.generateKey` operation's implementation. The two main changes are the switch from a generic type to a `any` type for the `CryptoKey.handle` and `Cryptoattribute. This attribute is not exposed to the user, and is heavily contextual. We will in practice know from the context what type it is supposed to be castable to. The second change is to define a dedicated generic type for the algorithm field. There are a variety of Algorithm object types defined by the specs, and we need to be able to distinguish and export them to dedicated objects easily for them to be convinient to use.
olegbespalov
added
dependencies
olegbespalov
requested review from
inancgumus and
joanlopez
and removed request for
a team
mstoykov
reviewed
Jan 16, 2025
inancgumus
reviewed
Jan 16, 2025
| > [!IMPORTANT] | ||
| > We do run the tests based on these examples, that's why we have a simple convention for each example: | ||
| > | ||
| > * It should do any `console.log`. Since we try to detect that output (log) contain `INFO` keyword. |
There was a problem hiding this comment.
What does "do" mean in this sentence: "It should do any console.log." I'm curious if it means "do" or "do not."
Suggested change
| > * It should do any `console.log`. Since we try to detect that output (log) contain `INFO` keyword. | |
| > * It should do any `console.log`. Since we try to detect that output (log) contains the `INFO` keyword. |
There was a problem hiding this comment.
In that contains that mean perform, like it's expected to have at least one console.log
There was a problem hiding this comment.
I could fix this after merge if needed
Comment on lines
+20
to
+27
| + // promise_test(function(test) { | ||
| + // return subtle.deriveBits({name: "ECDH", public: publicKeys[namedCurve]}, privateKeys[namedCurve], 8 * sizes[namedCurve] - 11) | ||
| + // .then(function(derivation) { | ||
| + // assert_true(equalBuffers(derivation, derivations[namedCurve], 8 * sizes[namedCurve] - 11), "Derived correct bits"); | ||
| + // }, function(err) { | ||
| + // assert_unreached("deriveBits failed with error " + err.name + ": " + err.message); | ||
| + // }); | ||
| + // }, namedCurve + " non-multiple of 8 bits"); |
There was a problem hiding this comment.
Should we consider removing that if it's not needed? I noticed there are some other parts like this commented out, but I didn't highlight all of them before understanding our reasons for keeping the code in the comments.
There was a problem hiding this comment.
It's needed, it's commented because comments easier to uncomment once support will be there
|
@inancgumus yeah, it's big, but don't worry from many aspects it's the code that has been already reviewed and this PR same as the PR of moving browser code |
inancgumus
approved these changes
Jan 16, 2025
Comment on lines
+5
to
+9
| > [!IMPORTANT] | ||
| > We do run the tests based on these examples, that's why we have a simple convention for each example: | ||
| > | ||
| > * It should do any `console.log`. Since we try to detect that output (log) contain `INFO` keyword. | ||
| > * It should NOT `try/catch` exceptions. Since we try to detect if keywords like `"Uncaught"` and `"ERRO"` should not appear in the output (logs). |
There was a problem hiding this comment.
Based on your comment, I'd suggest the following for clarity, but I have no strong opinion. The current text is also fine, except for the typo.
Suggested change
| > [!IMPORTANT] | |
| > We do run the tests based on these examples, that's why we have a simple convention for each example: | |
| > | |
| > * It should do any `console.log`. Since we try to detect that output (log) contain `INFO` keyword. | |
| > * It should NOT `try/catch` exceptions. Since we try to detect if keywords like `"Uncaught"` and `"ERRO"` should not appear in the output (logs). | |
| > [!IMPORTANT] | |
| > We do run the tests based on these examples; that's why we have a simple convention for each example: | |
| > | |
| > * Success condition: Example SHOULD output an `INFO` keyword using `console.log` at least once. | |
| > * Failure condition: Example SHOULD NOT `try/catch` exceptions so that we can detect failures. The log output SHOULD NOT contain any keywords like `"Uncaught"` and `"ERRO"`. |
mstoykov
approved these changes
Jan 17, 2025
joanlopez
reviewed
Jan 17, 2025
| @@ -18,9 +18,16 @@ jobs: | |||
| with: | |||
| go-version: 1.23.x | |||
| check-latest: true | |||
| - name: Run tests | |||
| # TODO: combine WebPlatform tests checkout & patch into the singe step | |||
There was a problem hiding this comment.
Suggested change
| # TODO: combine WebPlatform tests checkout & patch into the singe step | |
| # TODO: combine WebPlatform tests checkout & patch into the single step |
joanlopez
reviewed
Jan 17, 2025
| @@ -34,3 +34,6 @@ script.js | |||
|
|
|||
| /packaging/.env | |||
| /packaging/*.gpg | |||
|
|
|||
| # web platform tests | |||
| js/modules/k6/webcrypto/tests/wpt/ | |||
There was a problem hiding this comment.
Nit; I'd move this line next to the other one related with the WPT tests.
joanlopez
approved these changes
Jan 17, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What?
Move xk6-webcrypto inside the k6 codebase
Why?
k6's WebCrypto soon will be promoted out of experimental, and as the team we decided that the codebase should be located in the k6
Checklist
make lint) and all checks pass.make tests) and all tests pass.Related PR(s)/Issue(s)
https://github.com/grafana/xk6-webcrypto/
Part of #3154