From 9b4b730e9a07d7e05f8902c00ac01cf564e541be Mon Sep 17 00:00:00 2001 From: Joey Bright Date: Fri, 1 May 2026 22:08:04 -0700 Subject: [PATCH 1/4] Removed unused Ecdh functions This algorithm is only used for deriving keys in the Web Crypto API, which is not yet supported by this module. --- src/Crypto.gren | 126 ------------------------------------------------ 1 file changed, 126 deletions(-) diff --git a/src/Crypto.gren b/src/Crypto.gren index 415db1a9..8ac0f8cd 100644 --- a/src/Crypto.gren +++ b/src/Crypto.gren @@ -720,13 +720,6 @@ type EcdsaKey = EcdsaKey -{-| Represents a key generated and for use with the ECDH algorithm used to -derive keys and bits. --} -type EcdhKey - = EcdhKey - - {-| Parameters required to generates an AES key. - `namedCurve` is the curve used to generate the key. It must be one of the @@ -762,17 +755,6 @@ generateEcdsaKeyPair _context { namedCurve, extractable } = [ "sign", "verify" ] -{-| Generate a new key using the ECDH algorithm. --} -generateEcdhKeyPair : SecureContext -> EcKeyParams -> Task x (KeyPair EcdhKey EcKeyParams) -generateEcdhKeyPair _context { namedCurve, extractable } = - Gren.Kernel.Crypto.generateEcKey - "ECDH" - (ecNamedCurveToString namedCurve) - (extractableToBool extractable) - [ "deriveKey", "deriveBits" ] - - -- HMAC KEYS @@ -999,36 +981,6 @@ exportEcdsaPrivateKeyAsJwk (PrivateKey key)= exportKeyAsJwk key -{-|-} -exportEcdhPublicKeyAsRaw : PublicKey EcdhKey EcKeyParams -> Task {} Bytes -exportEcdhPublicKeyAsRaw (PublicKey key) = - exportPublicKeyAsRaw key - - -{-|-} -exportEcdhPublicKeyAsSpki : PublicKey EcdhKey EcKeyParams -> Task {} Bytes -exportEcdhPublicKeyAsSpki (PublicKey key) = - exportPublicKeyAsSpki key - - -{-|-} -exportEcdhPublicKeyAsJwk : PublicKey EcdhKey EcKeyParams -> Task {} Json.Encode.Value -exportEcdhPublicKeyAsJwk (PublicKey key) = - exportPublicKeyAsJwk key - - -{-|-} -exportEcdhPrivateKeyAsPkcs8 : PrivateKey EcdhKey EcKeyParams -> Task ExportKeyError Bytes -exportEcdhPrivateKeyAsPkcs8 (PrivateKey key) = - exportKeyAsPkcs8 key - - -{-|-} -exportEcdhPrivateKeyAsJwk : PrivateKey EcdhKey EcKeyParams -> Task ExportKeyError Json.Encode.Value -exportEcdhPrivateKeyAsJwk (PrivateKey key) = - exportKeyAsJwk key - - {-|-} exportHmacKeyAsRaw : Key HmacKey HmacKeyParams -> Task ExportKeyError Bytes exportHmacKeyAsRaw = @@ -1401,45 +1353,6 @@ importEcdsaPublicKeyFromJwk _context namedCurve jwk = [ "verify" ] -{-|-} -importEcdhPublicKeyFromRaw : SecureContext -> EcNamedCurve -> Bytes -> Task ImportEcKeyError (PublicKey EcdhKey EcKeyParams) -importEcdhPublicKeyFromRaw _context namedCurve bytes = - Gren.Kernel.Crypto.importEcKey - "public" - "raw" - bytes - "ECDH" - (ecNamedCurveToString namedCurve) - True - [] - - -{-|-} -importEcdhPublicKeyFromSpki : SecureContext -> EcNamedCurve -> Bytes -> Task ImportEcKeyError (PublicKey EcdhKey EcKeyParams) -importEcdhPublicKeyFromSpki _context namedCurve bytes = - Gren.Kernel.Crypto.importEcKey - "public" - "spki" - bytes - "ECDH" - (ecNamedCurveToString namedCurve) - True - [] - - -{-|-} -importEcdhPublicKeyFromJwk : SecureContext -> EcNamedCurve -> Json.Encode.Value -> Task ImportEcKeyError (PublicKey EcdhKey EcKeyParams) -importEcdhPublicKeyFromJwk _context namedCurve jwk = - Gren.Kernel.Crypto.importEcKey - "public" - "jwk" - (Gren.Kernel.Json.unwrap jwk) - "ECDH" - (ecNamedCurveToString namedCurve) - True - [] - - {-|-} importEcdsaPrivateKeyFromPkcs8 : SecureContext -> Extractable -> EcNamedCurve -> Bytes -> Task ImportEcKeyError (PrivateKey EcdsaKey EcKeyParams) importEcdsaPrivateKeyFromPkcs8 _context extractable namedCurve bytes = @@ -1479,45 +1392,6 @@ importEcdsaPrivateKeyFromJwk _context extractable namedCurve jwk = [ "sign" ] -{-|-} -importEcdhPrivateKeyFromPkcs8 : SecureContext -> Extractable -> EcNamedCurve -> Bytes -> Task ImportEcKeyError (PrivateKey EcdhKey EcKeyParams) -importEcdhPrivateKeyFromPkcs8 _context extractable namedCurve bytes = - Gren.Kernel.Crypto.importEcKey - "private" - "pkcs8" - bytes - "ECDH" - (ecNamedCurveToString namedCurve) - (extractableToBool extractable) - [ "deriveKey", "deriveBits" ] - - -{-|-} -importEcdhPrivateKeyFromSpki : SecureContext -> Extractable -> EcNamedCurve -> Bytes -> Task ImportEcKeyError (PrivateKey EcdhKey EcKeyParams) -importEcdhPrivateKeyFromSpki _context extractable namedCurve bytes = - Gren.Kernel.Crypto.importEcKey - "private" - "spki" - bytes - "ECDH" - (ecNamedCurveToString namedCurve) - (extractableToBool extractable) - [ "deriveKey", "deriveBits" ] - - -{-|-} -importEcdhPrivateKeyFromJwk : SecureContext -> Extractable -> EcNamedCurve -> Json.Encode.Value -> Task ImportEcKeyError (PrivateKey EcdhKey EcKeyParams) -importEcdhPrivateKeyFromJwk _context extractable namedCurve jwk = - Gren.Kernel.Crypto.importEcKey - "private" - "jwk" - (Gren.Kernel.Json.unwrap jwk) - "ECDH" - (ecNamedCurveToString namedCurve) - (extractableToBool extractable) - [ "deriveKey", "deriveBits" ] - - {-| Errors that can happen when importing a key using an HMAC algorithm. There are three known reasons an errors can happen when importing HMAC keys: From b8308bbcee77aaf2c72df8f6ea018e4eba42b5bd Mon Sep 17 00:00:00 2001 From: Joey Bright Date: Fri, 1 May 2026 22:08:19 -0700 Subject: [PATCH 2/4] Removed unused arguments --- src/Crypto.gren | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Crypto.gren b/src/Crypto.gren index 8ac0f8cd..d7b8360f 100644 --- a/src/Crypto.gren +++ b/src/Crypto.gren @@ -1865,7 +1865,7 @@ is just some `Bytes`). The `Signature` can be used with the cooresponding verifi to verify that the passed `Bytes` were signed with the passed key. -} signWithRsaPss : RsaPssParams -> PrivateKey RsaPssKey RsaKeyParams -> Bytes -> Task RsaPssSigningError Signature -signWithRsaPss { salt } (PrivateKey (Key { key, data = { modulusLength, hash, extractable }})) bytes = +signWithRsaPss { salt } (PrivateKey (Key { key, data = { hash }})) bytes = let clampedSaltBytes = clamp 0 2147483647 salt From 42122716d3350495f4478cd6a6254de9f09c3209 Mon Sep 17 00:00:00 2001 From: Joey Bright Date: Fri, 1 May 2026 22:08:26 -0700 Subject: [PATCH 3/4] Removed unused helper function --- src/Crypto.gren | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/src/Crypto.gren b/src/Crypto.gren index d7b8360f..b67b2604 100644 --- a/src/Crypto.gren +++ b/src/Crypto.gren @@ -2082,17 +2082,3 @@ digestAlgorithmToString digestAlgorithm = Sha512 -> "SHA-512" - - -{-|-} -digestAlgorithmToBytes : DigestAlgorithm -> Int -digestAlgorithmToBytes digestAlgorithm = - when digestAlgorithm is - Sha256 -> - 32 - - Sha384 -> - 48 - - Sha512 -> - 64 From e0d566bad62b541f25e17a0eef533ddadea41a04 Mon Sep 17 00:00:00 2001 From: Joey Bright Date: Wed, 6 May 2026 17:55:01 -0700 Subject: [PATCH 4/4] Removed import that doesn't exist anymore --- src/Crypto.gren | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Crypto.gren b/src/Crypto.gren index 4e1090b2..4444abec 100644 --- a/src/Crypto.gren +++ b/src/Crypto.gren @@ -31,7 +31,7 @@ module Crypto exposing , generateRsaOaepKeyPair, generateRsaPssKeyPair, generateRsaSsaPkcs1V1_5KeyPair , AesCtrKey, AesCbcKey, AesGcmKey, AesKeyParams, AesLength(..) , generateAesCtrKey, generateAesCbcKey, generateAesGcmKey - , EcdsaKey, EcdhKey, EcKeyParams, EcNamedCurve(..) + , EcdsaKey, EcKeyParams, EcNamedCurve(..) , generateEcdsaKeyPair , HmacKey, HmacKeyParams, HmacKeyGenerationError(..) , generateHmacKey