Merge pull request #1119 from grafana/experimental/webcrypto

Document the k6/experimental/webcrypto module

Author: oleiade

src/data/markdown/docs/02 javascript api/07 k6-experimental.md

@@ -11,4 +11,5 @@ excerpt: "k6 experimental APIs"
 | [redis](/javascript-api/k6-experimental/redis/) | Functionality to interact with [Redis](https://redis.io/). |
 | [timers](/javascript-api/k6-experimental/timers/) | `setTimeout`, `clearTimeout`, `setInterval`, `clearInterval`  |
 | [tracing](/javascript-api/k6-experimental/tracing/) | Support for instrumenting HTTP requests with tracing information. |
+| [webcrypto](/javascript-api/k6-experimental/webcrypto/) | Implements the [WebCrypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API). |
 | [websockets](/javascript-api/k6-experimental/websockets/) | Implements the browser's [WebSocket API](https://developer.mozilla.org/en-US/docs/Web/API/WebSocket).  |

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto.md

@@ -0,0 +1,90 @@
+---
+title: 'webcrypto'
+excerpt: "k6 webcrypto experimental API"
+---
+
+<ExperimentalBlockquote />
+
+With this experimental module, you can use the [WebCrypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) in your k6 scripts. However, note that this API is not yet fully implemented and some algorithms and features might still be missing.
+
+The Web Crypto API is a JavaScript API for performing cryptographic operations such as encryption, decryption, digital signature generation and verification, and key generation and management. It provides a standard interface to access cryptographic functionality, which can help ensure that cryptographic operations are performed correctly and securely.
+
+## API
+
+The module exports a top-level `crypto` object with the following properties and methods:
+
+| Interface/Function                                                                         | Description                                                                                                                                                                                   |
+| :----------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [getRandomValues](/javascript-api/k6-experimental/webcrypto/crypto/getrandomvalues) | Fills the passed `TypedArray` with cryptographically sound random values.                                                                                                                     |
+| [randomUUID](/javascript-api/k6-experimental/webcrypto/crypto/randomuuid)           | Returns a randomly generated, 36 character long v4 UUID.                                                                                                                                      |
+| [subtle](/javascript-api/k6-experimental/webcrypto/subtlecrypto)                    | The [SubtleCrypto](/javascript-api/k6-experimental/webcrypto/subtlecrypto) interface provides access to common cryptographic primitives, such as hashing, signing, encryption, or decryption. |
+
+## Example
+
+<CodeGroup labels={["example-webcrypto-module.js"]} lineNumbers={[]} showCopyButton={[true]}>
+
+```javascript
+import { crypto } from "k6/experimental/webcrypto";
+
+export default async function () {
+  const plaintext = stringToArrayBuffer("Hello, World!");
+
+  /**
+   * Generate a symmetric key using the AES-CBC algorithm.
+   */
+  const key = await crypto.subtle.generateKey(
+    {
+      name: "AES-CBC",
+      length: 256,
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+
+  /**
+   * Encrypt the plaintext using the AES-CBC key with
+   * have generated.
+   */
+  const iv = crypto.getRandomValues(new Uint8Array(16));
+  const ciphertext = await crypto.subtle.encrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    plaintext
+  );
+
+  /**
+   * Decrypt the ciphertext using the same key to verify
+   * that the resulting plaintext is the same as the original.
+   */
+  const deciphered = await crypto.subtle.decrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    ciphertext,
+  );
+
+  console.log("deciphered text == original plaintext: ", arrayBufferToHex(deciphered) === arrayBufferToHex(plaintext))
+}
+
+function arrayBufferToHex(buffer) {
+  return [...new Uint8Array(buffer)]
+    .map((x) => x.toString(16).padStart(2, "0"))
+    .join("");
+}
+
+function stringToArrayBuffer(str) {
+  const buf = new ArrayBuffer(str.length * 2); // 2 bytes for each char
+  const bufView = new Uint16Array(buf);
+  for (let i = 0, strLen = str.length; i < strLen; i++) {
+    bufView[i] = str.charCodeAt(i);
+  }
+  return buf;
+}
+```
+
+</CodeGroup>

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto/01 Crypto.md

@@ -0,0 +1,19 @@
+---
+title: 'Crypto'
+excerpt: 'Crypto offers basic cryptography features.'
+---
+
+`Crypto` allows access to a cryptographically strong random number generator and to cryptographic primitives.
+
+## Properties
+
+| Name            | Type                                                                   | Description                                                                                                                         |
+| :-------------- | :--------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------- |
+| `Crypto.subtle` | [SubtleCrypto](/javascript-api/k6-experimental/webcrypto/subtlecrypto) | The SubtleCrypto interface provides access to common cryptographic primitives, such as hashing, signing, encryption, or decryption. |
+
+## Methods
+
+| Name | Type | Description |
+| :--- | :--- | :---------- |
+| `Crypto.getRandomValues()` | [ArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBufferView) | Returns an array of cryptographically secure random values. |
+| `Crypto.randomUUID()` | [ArrayBuffer]() | Returns a randomly generated, 36 character long v4 UUID. |

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto/01 Crypto/01 getRandomValues.md

@@ -0,0 +1,47 @@
+---
+title: 'getRandomValues'
+excerpt: 'getRandomValues fills the passed TypedArray with cryptographically sound random values.'
+---
+
+The `getRandomValues()` method fills the passed `TypedArray` with cryptographically sound random values.
+
+## Usage
+
+```
+getRandomValues(typedArray)
+```
+
+## Parameters
+
+| Name         | Type         | Description                                                                                                                                                                                                      |
+| :----------- | :----------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `typedArray` | `TypedArray` | An integer-based `TypedArray` to fill with random values. Accepted `TypedArray` specific types are: `Int8Array`, `Uint8Array`, `Uint8ClampedArray`, `Int16Array`, `Uint16Array`, `Int32Array`, or `Uint32Array`. |
+
+## Return Value
+
+The same array is passed as the `typedArray` parameter with its contents replaced with the newly generated random numbers. The `typedArray` parameter is modified in place, and no copy is made.
+
+## Throws
+
+| Type                 | Description                                                          |
+| :------------------- | :------------------------------------------------------------------- |
+| `QuotaExceededError` | Thrown when `typedArray` is too large and its `byteLength` exceeds 65536. |
+
+## Example
+
+<CodeGroup labels={["example-webcrypto-getrandomvalues.js"]} lineNumbers={[]} showCopyButton={[true]}>
+
+```javascript
+import { crypto } from "k6/experimental/webcrypto";
+
+export default function () {
+  const array = new Uint32Array(10);
+  crypto.getRandomValues(array);
+
+  for (const num of array) {
+    console.log(num);
+  }
+}
+```
+
+</CodeGroup>

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto/01 Crypto/02 randomUUID.md

@@ -0,0 +1,32 @@
+---
+title: 'randomUUID'
+excerpt: 'randomUUID produces a 36-characters long string containing a cryptographically random UUID v4.'
+---
+
+The `randomUUID` method produces a 36-characters long string that contains a cryptographically random UUID v4.
+
+## Usage
+
+```
+randomUUID()
+```
+
+## Return Value
+
+A string containing a 36-character cryptographically random UUID v4.
+
+## Example
+
+<CodeGroup labels={["example-webcrypto-randomuuid.js"]} lineNumbers={[]} showCopyButton={[true]}>
+
+```javascript
+import { crypto } from "k6/experimental/webcrypto";
+
+export default function () {
+  const myUUID = crypto.randomUUID();
+
+  console.log(myUUID);
+}
+```
+
+</CodeGroup>

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto/02 SubtleCrypto.md

@@ -0,0 +1,89 @@
+---
+title: 'SubtleCrypto'
+excerpt: 'SubtleCrypto offers low-level cryptographic functions.'
+---
+
+The `SubtleCrypto` interface provides a set of low-level cryptographic primitives such as encryption, decryption, digital signature generation and verification, and key generation and management. It is useful for using secure and efficient cryptographic operations within k6 scripts.
+
+## Methods
+
+| Method                                                                            | Description                                                                                 |
+| :-------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------ |
+| [encrypt](/javascript-api/k6-experimental/webcrypto/subtlecrypto/encrypt)         | Encrypts the given plaintext data using the specified algorithm and key.                    |
+| [decrypt](/javascript-api/k6-experimental/webcrypto/subtlecrypto/decrypt)         | Decrypts the given ciphertext data using the specified algorithm and key.                   |
+| [sign](/javascript-api/k6-experimental/webcrypto/subtlecrypto/sign)               | Signs the given data using the specified algorithm and key.                                 |
+| [verify](/javascript-api/k6-experimental/webcrypto/subtlecrypto/verify)           | Verifies the signature of the given data using the specified algorithm and key.             |
+| [digest](/javascript-api/k6-experimental/webcrypto/subtlecrypto/digest)           | Computes the digest (hash) of the given data using the specified algorithm.                 |
+| [generateKey](/javascript-api/k6-experimental/webcrypto/subtlecrypto/generatekey) | Generates a new cryptographic key for use with the specified algorithm.                     |
+| [importKey](/javascript-api/k6-experimental/webcrypto/subtlecrypto/importkey)     | Imports a raw key material into the Web Crypto API, generating a new key object to use with the specified algorithm.
+| [exportKey](/javascript-api/k6-experimental/webcrypto/subtlecrypto/exportkey)     | Exports the raw key material of the given key object.                                       |
+
+## Example
+
+<CodeGroup labels={["example-webcrypto-subtlecrypto.js"]} lineNumbers={[]} showCopyButton={[true]}>
+
+```javascript
+import { crypto } from "k6/experimental/webcrypto";
+
+export default async function () {
+  const plaintext = stringToArrayBuffer("Hello, World!");
+
+  /**
+   * Generate a symmetric key using the AES-CBC algorithm.
+   */
+  const key = await crypto.subtle.generateKey(
+    {
+      name: "AES-CBC",
+      length: 256,
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+
+  /**
+   * Encrypt the plaintext using the AES-CBC key with
+   * have generated.
+   */
+  const iv = crypto.getRandomValues(new Uint8Array(16));
+  const ciphertext = await crypto.subtle.encrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    plaintext
+  );
+
+  /**
+   * Decrypt the ciphertext using the same key to verify
+   * that the resulting plaintext is the same as the original.
+   */
+  const deciphered = await crypto.subtle.decrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    ciphertext,
+  );
+
+  console.log("deciphered text == original plaintext: ", arrayBufferToHex(deciphered) === arrayBufferToHex(plaintext))
+}
+
+function arrayBufferToHex(buffer) {
+  return [...new Uint8Array(buffer)]
+    .map((x) => x.toString(16).padStart(2, "0"))
+    .join("");
+}
+
+function stringToArrayBuffer(str) {
+  const buf = new ArrayBuffer(str.length * 2); // 2 bytes for each char
+  const bufView = new Uint16Array(buf);
+  for (let i = 0, strLen = str.length; i < strLen; i++) {
+    bufView[i] = str.charCodeAt(i);
+  }
+  return buf;
+}
+```
+
+</CodeGroup>

src/data/markdown/docs/02 javascript api/07 k6-experimental/06 webcrypto/02 SubtleCrypto/01 decrypt.md

@@ -0,0 +1,101 @@
+---
+title: 'decrypt'
+excerpt: 'decrypt decrypts some encrypted data'
+---
+
+The `decrypt()` method decrypts some encrypted data.
+
+## Usage
+
+```
+decrypt(algorithm, key, data)
+```
+
+## Parameters
+
+| Name        | Type                                                             | Description                                                                                                                                                 |
+| :---------- | :--------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `algorithm` | [AesCtrParams](/javascript-api/k6-experimental/webcrypto/aesctrparams), [AesCbcParams](/javascript-api/k6-experimental/webcrypto/aescbcparams), or [AesGcmParams](/javascript-api/k6-experimental/webcrypto/aesgcmparams) object         | Defines the algorithm to use and any extra-parameters. The values given for the extra parameters must match those used in the corresponding [encrypt] call. |
+| `key`       | [CryptoKey](/javascript-api/k6-experimental/webcrypto/cryptokey) | The [key](/javascript-api/k6-experimental/webcrypto/cryptokey) to use for decryption.                                                                       |
+| `data`      | `ArrayBuffer`, `TypedArray`, or `DataView`                       | The encrypted data to be decrypted (also known as _ciphertext_).                                                                                            |
+
+## Return Value
+
+A `Promise` that resolves to a new `ArrayBuffer` containing the decrypted data.
+
+## Throws
+
+| Type                 | Description                                                                                                                                                                                  |
+| :------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `InvalidAccessError` | Raised when the requested operation is not valid with the provided key. For instance when an invalid encryption algorithm is used, or a key not matching the selected algorithm is provided. |
+| `OperationError`     | Raised when the operation failed for an operation-specific reason. For instance, if the algorithm size is invalid, or errors occurred during the process of decrypting the ciphertext.       |
+
+## Example
+
+<CodeGroup labels={["example-webcrypto-decrypt.js"]} lineNumbers={[]} showCopyButton={[true]}>
+
+```javascript
+import { crypto } from "k6/experimental/webcrypto";
+
+export default async function () {
+  const plaintext = stringToArrayBuffer("Hello, World!");
+
+  /**
+   * Generate a symmetric key using the AES-CBC algorithm.
+   */
+  const key = await crypto.subtle.generateKey(
+    {
+      name: "AES-CBC",
+      length: 256,
+    },
+    true,
+    ["encrypt", "decrypt"]
+  );
+
+  /**
+   * Encrypt the plaintext using the AES-CBC key with
+   * have generated.
+   */
+  const iv = crypto.getRandomValues(new Uint8Array(16));
+  const ciphertext = await crypto.subtle.encrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    plaintext
+  );
+
+  /**
+   * Decrypt the ciphertext using the same key to verify
+   * that the resulting plaintext is the same as the original.
+   */
+  const deciphered = await crypto.subtle.decrypt(
+    {
+      name: "AES-CBC",
+      iv: iv,
+    },
+    key,
+    ciphertext,
+  );
+
+  console.log("deciphered text == original plaintext: ", arrayBufferToHex(deciphered) === arrayBufferToHex(plaintext))
+}
+
+function arrayBufferToHex(buffer) {
+  return [...new Uint8Array(buffer)]
+    .map((x) => x.toString(16).padStart(2, "0"))
+    .join("");
+}
+
+function stringToArrayBuffer(str) {
+  const buf = new ArrayBuffer(str.length * 2); // 2 bytes for each char
+  const bufView = new Uint16Array(buf);
+  for (let i = 0, strLen = str.length; i < strLen; i++) {
+    bufView[i] = str.charCodeAt(i);
+  }
+  return buf;
+}
+```
+
+</CodeGroup>