From cda64b65166cef5a4ac61f764164718ea8c2a191 Mon Sep 17 00:00:00 2001 From: James M Snell Date: Mon, 18 Jan 2021 23:03:58 -0800 Subject: [PATCH] crypto: add randomPrime/randomPrimeSync/checkPrime APIs for generating and checking pseudo-random primes Signed-off-by: James M Snell --- doc/api/crypto.md | 65 ++++++++++++ lib/crypto.js | 6 ++ lib/internal/crypto/random.js | 117 ++++++++++++++++++++ src/crypto/crypto_random.cc | 120 +++++++++++++++++++++ src/crypto/crypto_random.h | 37 +++++++ src/crypto/crypto_util.h | 2 + test/parallel/test-crypto-prime.js | 164 +++++++++++++++++++++++++++++ 7 files changed, 511 insertions(+) create mode 100644 test/parallel/test-crypto-prime.js diff --git a/doc/api/crypto.md b/doc/api/crypto.md index e43f3fa5dafc43..b731d8cfabe7ce 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1961,6 +1961,25 @@ is currently in use. Setting to true requires a FIPS build of Node.js. This property is deprecated. Please use `crypto.setFips()` and `crypto.getFips()` instead. +### `crypto.checkPrime(candidate[, options])` + + +* `candidate` {ArrayBuffer|SharedArrayBuffer|TypedArray|Buffer|DataView} A + possible prime encoded as a sequence of big endian octets of arbitrary + length. +* `options` {Object} + * `checks` {number} The number of primality checks to perform. + **Defaults**: `1` + * `fast` {boolean} `true` to use the fast check algorithm. + * `trialDivision` {boolean} When using the fast check algorithm, `true` + to enable trial division. +* Returns: {boolean} `true` if the number is prime with an error probability + less than `0.25^options.checks`. + +Checks the primality of the `candidate`. + ### `crypto.createCipher(algorithm, password[, options])` + +* `size` {number} The size (in bytes) of the prime to generate. +* `options` {Object} + * `add` {ArrayBuffer|SharedArrayBuffer|TypedArray|Buffer|DataView} + * `rem` {ArrayBuffer|SharedArrayBuffer|TypedArray|Buffer|DataView} + * `safe` {boolean} +* `callback` {Function} + * `err` {Error} + * `prime` {ArrayBuffer} + +Generates a pseudo-random prime of `size` bytes. + +If `options.safe` is true, the prime will be a safe prime -- that is, +prime - 1 / 2 will also be a prime. + +If `options.add` and `options.rem` are set, the prime will satisfy the +condition that prime % add = rem. + +The prime is encoded as a big-endian sequence of octets in an {ArrayBuffer}. + +### `crypto.randomPrimeSync(size[, options])` + + +* `size` {number} The size (in bytes) of the prime to generate. +* `options` {Object} + * `add` {ArrayBuffer|SharedArrayBuffer|TypedArray|Buffer|DataView} + * `rem` {ArrayBuffer|SharedArrayBuffer|TypedArray|Buffer|DataView} + * `safe` {boolean} +* Returns: {ArrayBuffer} + +Generates a pseudo-random prime of `size` bytes. + +If `options.safe` is true, the prime will be a safe prime -- that is, +prime - 1 / 2 will also be a prime. + +If `options.add` and `options.rem` are set, the prime will satisfy the +condition that prime % add = rem. + +The prime is encoded as a big-endian sequence of octets in an {ArrayBuffer}. + ### `crypto.randomUUID([options])`