src: update crypto objects to use DictionaryTemplate

PR-URL: #59942
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>

Author: jasnell

src/crypto/crypto_common.cc

@@ -37,7 +37,7 @@ using ncrypto::X509Pointer;
 using ncrypto::X509View;
 using v8::ArrayBuffer;
 using v8::BackingStoreInitializationMode;
-using v8::Context;
+using v8::DictionaryTemplate;
 using v8::EscapableHandleScope;
 using v8::Integer;
 using v8::Local;
@@ -180,76 +180,69 @@ Local<Value> maybeString(Environment* env,
 MaybeLocal<Object> GetCipherInfo(Environment* env, const SSLPointer& ssl) {
   if (ssl.getCipher() == nullptr) return MaybeLocal<Object>();
   EscapableHandleScope scope(env->isolate());
-  Local<Object> info = Object::New(env->isolate());
-
-  if (info->Set(env->context(),
-                env->name_string(),
-                maybeString(env, ssl.getCipherName()))
-          .IsNothing() ||
-      info->Set(env->context(),
-                env->standard_name_string(),
-                maybeString(env, ssl.getCipherStandardName()))
-          .IsNothing() ||
-      info->Set(env->context(),
-                env->version_string(),
-                maybeString(env, ssl.getCipherVersion()))
-          .IsNothing()) {
-    return MaybeLocal<Object>();
+
+  auto tmpl = env->cipherinfo_template();
+  if (tmpl.IsEmpty()) {
+    static constexpr std::string_view names[] = {
+        "name", "standardName", "version"};
+    tmpl = DictionaryTemplate::New(env->isolate(), names);
+    env->set_cipherinfo_template(tmpl);
   }
 
-  return scope.Escape(info);
+  MaybeLocal<Value> values[] = {
+      maybeString(env, ssl.getCipherName()),
+      maybeString(env, ssl.getCipherStandardName()),
+      maybeString(env, ssl.getCipherVersion()),
+  };
+
+  return scope.EscapeMaybe(NewDictionaryInstance(env->context(), tmpl, values));
 }
 
 MaybeLocal<Object> GetEphemeralKey(Environment* env, const SSLPointer& ssl) {
   CHECK(!ssl.isServer());
 
   EscapableHandleScope scope(env->isolate());
-  Local<Object> info = Object::New(env->isolate());
+
+  auto tmpl = env->ephemeral_key_template();
+  if (tmpl.IsEmpty()) {
+    static constexpr std::string_view names[] = {"type", "name", "size"};
+    tmpl = DictionaryTemplate::New(env->isolate(), names);
+    env->set_ephemeral_key_template(tmpl);
+  }
+
+  MaybeLocal<Value> values[] = {
+      Undefined(env->isolate()),  // type
+      Undefined(env->isolate()),  // name
+      Undefined(env->isolate()),  // size
+  };
   EVPKeyPointer key = ssl.getPeerTempKey();
-  if (!key) return scope.Escape(info);
-
-  Local<Context> context = env->context();
-
-  int kid = key.id();
-  switch (kid) {
-    case EVP_PKEY_DH:
-      if (info->Set(context, env->type_string(), env->dh_string())
-              .IsNothing() ||
-          info->Set(context,
-                    env->size_string(),
-                    Integer::New(env->isolate(), key.bits()))
-              .IsNothing()) {
-        return MaybeLocal<Object>();
+  if (EVPKeyPointer key = ssl.getPeerTempKey()) {
+    int kid = key.id();
+    switch (kid) {
+      case EVP_PKEY_DH: {
+        values[0] = env->dh_string();
+        values[2] = Integer::New(env->isolate(), key.bits());
+        break;
       }
-      break;
-    case EVP_PKEY_EC:
-    case EVP_PKEY_X25519:
-    case EVP_PKEY_X448:
-      {
+      case EVP_PKEY_EC:
+      case EVP_PKEY_X25519:
+      case EVP_PKEY_X448: {
         const char* curve_name;
         if (kid == EVP_PKEY_EC) {
           int nid = ECKeyPointer::GetGroupName(key);
           curve_name = OBJ_nid2sn(nid);
         } else {
           curve_name = OBJ_nid2sn(kid);
         }
-        if (info->Set(context, env->type_string(), env->ecdh_string())
-                .IsNothing() ||
-            info->Set(context,
-                      env->name_string(),
-                      OneByteString(env->isolate(), curve_name))
-                .IsNothing() ||
-            info->Set(context,
-                      env->size_string(),
-                      Integer::New(env->isolate(), key.bits()))
-                .IsNothing()) {
-          return MaybeLocal<Object>();
-        }
+        values[0] = env->ecdh_string();
+        values[1] = OneByteString(env->isolate(), curve_name);
+        values[2] = Integer::New(env->isolate(), key.bits());
+        break;
       }
-      break;
+    }
   }
 
-  return scope.Escape(info);
+  return scope.EscapeMaybe(NewDictionaryInstance(env->context(), tmpl, values));
 }
 
 MaybeLocal<Object> ECPointToBuffer(Environment* env,

src/crypto/crypto_x509.cc

@@ -33,6 +33,7 @@ using v8::BackingStoreOnFailureMode;
 using v8::Boolean;
 using v8::Context;
 using v8::Date;
+using v8::DictionaryTemplate;
 using v8::EscapableHandleScope;
 using v8::Function;
 using v8::FunctionCallbackInfo;
@@ -46,6 +47,7 @@ using v8::NewStringType;
 using v8::Object;
 using v8::String;
 using v8::Uint32;
+using v8::Undefined;
 using v8::Value;
 
 namespace crypto {
@@ -735,116 +737,86 @@ MaybeLocal<Value> GetCurveName(Environment* env, const int nid) {
 
 MaybeLocal<Object> X509ToObject(Environment* env, const X509View& cert) {
   EscapableHandleScope scope(env->isolate());
-  Local<Object> info = Object::New(env->isolate());
-
-  if (!Set<Value>(env,
-                  info,
-                  env->subject_string(),
-                  GetX509NameObject(env, cert.getSubjectName())) ||
-      !Set<Value>(env,
-                  info,
-                  env->issuer_string(),
-                  GetX509NameObject(env, cert.getIssuerName())) ||
-      !Set<Value>(env,
-                  info,
-                  env->subjectaltname_string(),
-                  GetSubjectAltNameString(env, cert)) ||
-      !Set<Value>(env,
-                  info,
-                  env->infoaccess_string(),
-                  GetInfoAccessString(env, cert)) ||
-      !Set<Boolean>(env,
-                    info,
-                    env->ca_string(),
-                    Boolean::New(env->isolate(), cert.isCA()))) [[unlikely]] {
-    return {};
-  }
 
-  if (!cert.ifRsa([&](const ncrypto::Rsa& rsa) {
-        auto pub_key = rsa.getPublicKey();
-        if (!Set<Value>(env,
-                        info,
-                        env->modulus_string(),
-                        GetModulusString(env, pub_key.n)) ||
-            !Set<Value>(env,
-                        info,
-                        env->bits_string(),
-                        Integer::New(env->isolate(),
-                                     BignumPointer::GetBitCount(pub_key.n))) ||
-            !Set<Value>(env,
-                        info,
-                        env->exponent_string(),
-                        GetExponentString(env, pub_key.e)) ||
-            !Set<Object>(env, info, env->pubkey_string(), GetPubKey(env, rsa)))
-            [[unlikely]] {
-          return false;
-        }
-        return true;
-      })) [[unlikely]] {
-    return {};
+  auto tmpl = env->x509_dictionary_template();
+  if (tmpl.IsEmpty()) {
+    static constexpr std::string_view names[] = {
+        "subject",
+        "issuer",
+        "subjectaltname",
+        "infoAccess",
+        "ca",
+        "modulus",
+        "exponent",
+        "pubkey",
+        "bits",
+        "valid_from",
+        "valid_to",
+        "fingerprint",
+        "fingerprint256",
+        "fingerprint512",
+        "ext_key_usage",
+        "serialNumber",
+        "raw",
+        "asn1Curve",
+        "nistCurve",
+    };
+    tmpl = DictionaryTemplate::New(env->isolate(), names);
+    env->set_x509_dictionary_template(tmpl);
   }
 
-  if (!cert.ifEc([&](const ncrypto::Ec& ec) {
-        const auto group = ec.getGroup();
-
-        if (!Set<Value>(
-                env, info, env->bits_string(), GetECGroupBits(env, group)) ||
-            !Set<Value>(
-                env, info, env->pubkey_string(), GetECPubKey(env, group, ec)))
-            [[unlikely]] {
-          return false;
-        }
-
-        const int nid = ec.getCurve();
-        if (nid != 0) [[likely]] {
-          // Curve is well-known, get its OID and NIST nick-name (if it has
-          // one).
-
-          if (!Set<Value>(env,
-                          info,
-                          env->asn1curve_string(),
-                          GetCurveName<OBJ_nid2sn>(env, nid)) ||
-              !Set<Value>(env,
-                          info,
-                          env->nistcurve_string(),
-                          GetCurveName<EC_curve_nid2nist>(env, nid)))
-              [[unlikely]] {
-            return false;
-          }
-        }
-        // Unnamed curves can be described by their mathematical properties,
-        // but aren't used much (at all?) with X.509/TLS. Support later if
-        // needed.
-        return true;
-      })) [[unlikely]] {
-    return {};
-  }
+  MaybeLocal<Value> values[] = {
+      GetX509NameObject(env, cert.getSubjectName()),
+      GetX509NameObject(env, cert.getIssuerName()),
+      GetSubjectAltNameString(env, cert),
+      GetInfoAccessString(env, cert),
+      Boolean::New(env->isolate(), cert.isCA()),
+      Undefined(env->isolate()),  // modulus
+      Undefined(env->isolate()),  // exponent
+      Undefined(env->isolate()),  // pubkey
+      Undefined(env->isolate()),  // bits
+      GetValidFrom(env, cert),
+      GetValidTo(env, cert),
+      GetFingerprintDigest(env, Digest::SHA1, cert),
+      GetFingerprintDigest(env, Digest::SHA256, cert),
+      GetFingerprintDigest(env, Digest::SHA512, cert),
+      GetKeyUsage(env, cert),
+      GetSerialNumber(env, cert),
+      GetDer(env, cert),
+      Undefined(env->isolate()),  // asn1curve
+      Undefined(env->isolate()),  // nistcurve
+  };
+
+  cert.ifRsa([&](const ncrypto::Rsa& rsa) {
+    auto pub_key = rsa.getPublicKey();
+    values[5] = GetModulusString(env, pub_key.n);   // modulus
+    values[6] = GetExponentString(env, pub_key.e);  // exponent
+    values[7] = GetPubKey(env, rsa);                // pubkey
+    values[8] = Integer::New(env->isolate(),
+                             BignumPointer::GetBitCount(pub_key.n));  // bits
+    // TODO(@jasnell): The true response is a left-over from the original
+    // non DictionaryTemplate-based implementation. It can be removed later.
+    return true;
+  });
 
-  if (!Set<Value>(
-          env, info, env->valid_from_string(), GetValidFrom(env, cert)) ||
-      !Set<Value>(env, info, env->valid_to_string(), GetValidTo(env, cert)) ||
-      !Set<Value>(env,
-                  info,
-                  env->fingerprint_string(),
-                  GetFingerprintDigest(env, Digest::SHA1, cert)) ||
-      !Set<Value>(env,
-                  info,
-                  env->fingerprint256_string(),
-                  GetFingerprintDigest(env, Digest::SHA256, cert)) ||
-      !Set<Value>(env,
-                  info,
-                  env->fingerprint512_string(),
-                  GetFingerprintDigest(env, Digest::SHA512, cert)) ||
-      !Set<Value>(
-          env, info, env->ext_key_usage_string(), GetKeyUsage(env, cert)) ||
-      !Set<Value>(
-          env, info, env->serial_number_string(), GetSerialNumber(env, cert)) ||
-      !Set<Value>(env, info, env->raw_string(), GetDer(env, cert)))
-      [[unlikely]] {
-    return {};
-  }
+  cert.ifEc([&](const ncrypto::Ec& ec) {
+    const auto group = ec.getGroup();
+    values[7] = GetECPubKey(env, group, ec);  // pubkey
+    values[8] = GetECGroupBits(env, group);   // bits
+    const int nid = ec.getCurve();
+    if (nid != 0) {
+      // Curve is well-known, get its OID and NIST nick-name (if it has
+      // one).
+      values[17] = GetCurveName<OBJ_nid2sn>(env, nid);         // asn1curve
+      values[18] = GetCurveName<EC_curve_nid2nist>(env, nid);  // nistcurve
+    }
+    // Unnamed curves can be described by their mathematical properties,
+    // but aren't used much (at all?) with X.509/TLS. Support later if
+    // needed.
+    return true;
+  });
 
-  return scope.Escape(info);
+  return scope.EscapeMaybe(NewDictionaryInstance(env->context(), tmpl, values));
 }
 }  // namespace