add createHmac method

karthik2804 · karthik2804 · commit f933a0f594ad · 2023-01-30T11:45:37.000+05:30
Signed-off-by: karthik Ganeshram &lt;karthik.ganeshram@fermyon.com&gt;
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/spin-js-engine/Cargo.toml b/crates/spin-js-engine/Cargo.toml
@@ -10,6 +10,7 @@ crate-type = [ "cdylib" ]
 anyhow = "1"
 bytes = { version = "1.2.1", features = ["serde"] }
 glob = "0.3.0"
+hmac = "0.12.1"
 http = "0.2"
 quickjs-wasm-rs = { git = "https://github.com/shopify/javy" }
 quickjs-wasm-sys = { git = "https://github.com/shopify/javy" }
diff --git a/crates/spin-js-engine/src/js_sdk/modules/crypto.ts b/crates/spin-js-engine/src/js_sdk/modules/crypto.ts
@@ -7,6 +7,7 @@ declare var _random: {
     math_rand: () => number
     get_rand: () => number
     get_hash: (algorithm: string, content: ArrayBuffer) => ArrayBuffer
+    get_hmac: (algorithm: string, key: ArrayBuffer, content: ArrayBuffer) => ArrayBuffer
 }
 
 /** @internal */
@@ -37,14 +38,16 @@ export const crypto = {
     createHash: function (algorithm: string) {
         let data = new Uint8Array()
         return {
-            update(content: string | Uint8Array, inputEncoding: string = "string") {
-                if (inputEncoding == "string") {
-                    // @ts-ignore
-                    content = encoder.encode(content)
+            update(content: string | Uint8Array, inputEncoding: string = "utf8") {
+                if (typeof (content) == "string") {
+                    if (inputEncoding == "utf8") {
+                        content = encoder.encode(content)
+                    } else {
+                        throw new Error("Currently only utf8 strings are supported")
+                    }
                 }
-                let  mergedArray = new Uint8Array(data.length + content.length);
+                let mergedArray = new Uint8Array(data.length + content.length);
                 mergedArray.set(data);
-                // @ts-ignore
                 mergedArray.set(content, data.length);
                 data = mergedArray
             },
@@ -57,6 +60,31 @@ export const crypto = {
                     throw new Error("sha256 and sha512 are the only supported algorithms");
             }
         }
+    },
+    createHmac: function (algorithm: string, key: ArrayBuffer) {
+        let data = new Uint8Array()
+        return {
+            update(content: string | Uint8Array, inputEncoding: string = "utf8") {
+                if (typeof (content) == "string") {
+                    if (inputEncoding == "utf8") {
+                        content = encoder.encode(content)
+                    } else {
+                        throw new Error("Currently only utf8 strings are supported")
+                    }
+                }
+                let mergedArray = new Uint8Array(data.length + content.length);
+                mergedArray.set(data);
+                mergedArray.set(content, data.length);
+                data = mergedArray
+            },
+            digest() {
+                if (algorithm == "sha256") {
+                    return _random.get_hmac("sha256", key, data.buffer)
+                } else if (algorithm == "sha512") {
+                    return _random.get_hmac("sha512", key, data.buffer)
+                } else
+                    throw new Error("sha256 and sha512 are the only supported algorithms");
+            }
+        }
     }
-
-}
+}
diff --git a/crates/spin-js-engine/src/lib.rs b/crates/spin-js-engine/src/lib.rs
@@ -2,14 +2,15 @@
 
 use {
     anyhow::{anyhow, bail, Result},
+    hmac::{Hmac, Mac},
     http::{header::HeaderName, request, HeaderValue},
     once_cell::sync::{Lazy, OnceCell},
     quickjs_wasm_rs::{Context, Deserializer, Exception, Serializer, Value},
     rand::{thread_rng, Rng},
     send_wrapper::SendWrapper,
     serde::{Deserialize, Serialize},
     serde_bytes::ByteBuf,
-    sha2::Digest,
+    sha2::{Digest, Sha256, Sha512},
     spin_sdk::{
         config,
         http::{Request, Response},
@@ -281,6 +282,45 @@ fn get_hash(context: &Context, _this: &Value, args: &[Value]) -> Result<Value> {
     }
 }
 
+
+fn get_hmac(context: &Context, _this: &Value, args: &[Value]) -> Result<Value> {
+    match args {
+        [algorithm, key, content] => {
+            let algorithm = &deserialize_helper(algorithm)?;
+            let key_deserializer = &mut Deserializer::from(key.clone());
+            let key = ByteBuf::deserialize(key_deserializer)?;
+            let content_deserializer = &mut Deserializer::from(content.clone());
+            let content = ByteBuf::deserialize(content_deserializer)?;
+            
+            if algorithm == "sha256" {
+                let mut mac = Hmac::<Sha256>::new_from_slice(&key).expect("HMAC can take key of any size");
+                mac.update(&content);
+                let result = mac.finalize();
+                let code_bytes = result.into_bytes();
+                let mut serializer = Serializer::from_context(context)?;
+                code_bytes.serialize(&mut serializer)?;
+                Ok(serializer.value)
+            } else if algorithm == "sha512" {
+                let mut mac = Hmac::<Sha512>::new_from_slice(&key).expect("HMAC can take key of any size");
+                mac.update(&content);
+                let result = mac.finalize();
+                let code_bytes = result.into_bytes();
+                let mut serializer = Serializer::from_context(context)?;
+                code_bytes.serialize(&mut serializer)?;
+                Ok(serializer.value)
+            } else {
+                bail!("Invalid algorithm, only sha256 and sha512 are supported")
+            }
+        }
+        _ => {
+            bail!(
+                "expected a three arguments (algorithm, key, content), got {} arguments",
+                args.len()
+            )
+        }
+    }
+}
+
 fn math_rand(context: &Context, _this: &Value, _args: &[Value]) -> Result<Value> {
     context.value_from_f64(thread_rng().gen_range(0.0_f64..1.0))
 }
@@ -488,6 +528,7 @@ fn do_init() -> Result<()> {
     _random.set_property("math_rand", context.wrap_callback(math_rand)?)?;
     _random.set_property("get_rand", context.wrap_callback(get_rand)?)?;
     _random.set_property("get_hash", context.wrap_callback(get_hash)?)?;
+    _random.set_property("get_hmac", context.wrap_callback(get_hmac)?)?;
 
     global.set_property("_random", _random)?;
     global.set_property("spinSdk", spin_sdk)?;
diff --git a/types/lib/modules/overrides.d.ts b/types/lib/modules/overrides.d.ts
@@ -37,7 +37,7 @@ declare global {
         toString(): string
         values(): string[]
     }
-    interface Hash {
+    interface HashAndHmac {
         update(content: string | Uint8Array, inputEncoding?: string): void
         digest(): ArrayBuffer
     }
@@ -46,7 +46,8 @@ declare global {
         subtle: {
             digest(algorithm: string, content: ArrayBuffer): Promise<ArrayBuffer>
         }
-        createHash(algorithm: string): Hash
+        createHash(algorithm: string): HashAndHmac
+        createHmac(algorithm: string, key: ArrayBuffer): HashAndHmac
     }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ declare global {`
`37`	`37`	`toString(): string`
`38`	`38`	`values(): string[]`
`39`	`39`	`}`
`40`		`- interface Hash {`
	`40`	`+ interface HashAndHmac {`
`41`	`41`	`update(content: string \| Uint8Array, inputEncoding?: string): void`
`42`	`42`	`digest(): ArrayBuffer`
`43`	`43`	`}`
`@@ -46,7 +46,8 @@ declare global {`
`46`	`46`	`subtle: {`
`47`	`47`	`digest(algorithm: string, content: ArrayBuffer): Promise<ArrayBuffer>`
`48`	`48`	`}`
`49`		`- createHash(algorithm: string): Hash`
	`49`	`+ createHash(algorithm: string): HashAndHmac`
	`50`	`+ createHmac(algorithm: string, key: ArrayBuffer): HashAndHmac`
`50`	`51`	`}`
`51`	`52`	`}`
`52`	`53`