crypto: add AES-OCB Web Cryptography algorithm

crypto: add AES-OCB Web Cryptography algorithm · nodejs/node@152c5ef

@@ -2,6 +2,9 @@

2233<!-- YAML44changes:5+ - version: REPLACEME6+ pr-url: https://github.com/nodejs/node/pull/595397+ description: AES-OCB algorithm is now supported.58 - version: REPLACEME69 pr-url: https://github.com/nodejs/node/pull/59569710 description: ML-KEM algorithms are now supported.

@@ -103,6 +106,7 @@ WICG proposal:

103106104107Algorithms:105108109+* `'AES-OCB'`[^openssl30]106110* `'ChaCha20-Poly1305'`107111* `'cSHAKE128'`108112* `'cSHAKE256'`

@@ -500,6 +504,7 @@ implementation and the APIs supported for each:

500504

| `'AES-CTR'`                          | ✔                          | ✔                        | ✔                        |                             |

501505

| `'AES-GCM'`                          | ✔                          | ✔                        | ✔                        |                             |

502506

| `'AES-KW'`                           | ✔                          | ✔                        | ✔                        |                             |

507

+| `'AES-OCB'`                          | ✔                          | ✔                        | ✔                        |                             |

503508

| `'ChaCha20-Poly1305'`[^modern-algos] | ✔                          | ✔                        | ✔                        |                             |

504509

| `'ECDH'`                             | ✔                          | ✔                        | ✔                        | ✔                           |

505510

| `'ECDSA'`                            | ✔                          | ✔                        | ✔                        | ✔                           |

@@ -538,6 +543,7 @@ implementation and the APIs supported for each:

538543

| `'AES-CTR'`                          | ✔          |                    |                        | ✔            |                   |        |

539544

| `'AES-GCM'`                          | ✔          |                    |                        | ✔            |                   |        |

540545

| `'AES-KW'`                           |            |                    |                        | ✔            |                   |        |

546

+| `'AES-OCB'`                          | ✔          |                    |                        | ✔            |                   |        |

541547

| `'ChaCha20-Poly1305'`[^modern-algos] | ✔          |                    |                        | ✔            |                   |        |

542548

| `'cSHAKE128'`[^modern-algos]         |            |                    |                        |              |                   | ✔      |

543549

| `'cSHAKE256'`[^modern-algos]         |            |                    |                        |              |                   | ✔      |

@@ -706,6 +712,7 @@ Valid key usages depend on the key algorithm (identified by

706712

| `'AES-CTR'`                          | ✔          |                    |                        | ✔            |                   |

707713

| `'AES-GCM'`                          | ✔          |                    |                        | ✔            |                   |

708714

| `'AES-KW'`                           |            |                    |                        | ✔            |                   |

715

+| `'AES-OCB'`                          | ✔          |                    |                        | ✔            |                   |

709716

| `'ChaCha20-Poly1305'`[^modern-algos] | ✔          |                    |                        | ✔            |                   |

710717

| `'ECDH'`                             |            |                    | ✔                      |              |                   |

711718

| `'ECDSA'`                            |            | ✔                  |                        |              |                   |

@@ -824,6 +831,9 @@ The algorithms currently supported include:

824831<!-- YAML825832added: v15.0.0826833changes:834+ - version: REPLACEME835+ pr-url: https://github.com/nodejs/node/pull/59539836+ description: AES-OCB algorithm is now supported.827837 - version: REPLACEME828838 pr-url: https://github.com/nodejs/node/pull/59365829839 description: ChaCha20-Poly1305 algorithm is now supported.

@@ -844,6 +854,7 @@ The algorithms currently supported include:

844854* `'AES-CBC'`845855* `'AES-CTR'`846856* `'AES-GCM'`857+* `'AES-OCB'`[^modern-algos]847858* `'ChaCha20-Poly1305'`[^modern-algos]848859* `'RSA-OAEP'`849860

@@ -1014,6 +1025,9 @@ The algorithms currently supported include:

10141025<!-- YAML10151026added: v15.0.010161027changes:1028+ - version: REPLACEME1029+ pr-url: https://github.com/nodejs/node/pull/595391030+ description: AES-OCB algorithm is now supported.10171031 - version: REPLACEME10181032 pr-url: https://github.com/nodejs/node/pull/5936510191033 description: ChaCha20-Poly1305 algorithm is now supported.

@@ -1034,6 +1048,7 @@ The algorithms currently supported include:

10341048* `'AES-CBC'`10351049* `'AES-CTR'`10361050* `'AES-GCM'`1051+* `'AES-OCB'`[^modern-algos]10371052* `'ChaCha20-Poly1305'`[^modern-algos]10381053* `'RSA-OAEP'`10391054

@@ -1085,6 +1100,7 @@ specification.

10851100

| `'AES-CTR'`                          |          |           | ✔       | ✔       | ✔              |                |              |

10861101

| `'AES-GCM'`                          |          |           | ✔       | ✔       | ✔              |                |              |

10871102

| `'AES-KW'`                           |          |           | ✔       | ✔       | ✔              |                |              |

1103

+| `'AES-OCB'`[^modern-algos]           |          |           | ✔       |         | ✔              |                |              |

10881104

| `'ChaCha20-Poly1305'`[^modern-algos] |          |           | ✔       |         | ✔              |                |              |

10891105

| `'ECDH'`                             | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |

10901106

| `'ECDSA'`                            | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |

@@ -1170,6 +1186,7 @@ The {CryptoKey} (secret key) generating algorithms supported include:

11701186* `'AES-CTR'`11711187* `'AES-GCM'`11721188* `'AES-KW'`1189+* `'AES-OCB'`[^modern-algos]11731190* `'ChaCha20-Poly1305'`[^modern-algos]11741191* `'HMAC'`11751192

@@ -1227,6 +1244,7 @@ The algorithms currently supported include:

12271244

| `'AES-CTR'`                          |          |           | ✔       | ✔       | ✔              |                |              |

12281245

| `'AES-GCM'`                          |          |           | ✔       | ✔       | ✔              |                |              |

12291246

| `'AES-KW'`                           |          |           | ✔       | ✔       | ✔              |                |              |

1247

+| `'AES-OCB'`[^modern-algos]           |          |           | ✔       |         | ✔              |                |              |

12301248

| `'ChaCha20-Poly1305'`[^modern-algos] |          |           | ✔       |         | ✔              |                |              |

12311249

| `'ECDH'`                             | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |

12321250

| `'ECDSA'`                            | ✔        | ✔         | ✔       | ✔       |                | ✔              |              |

@@ -1293,6 +1311,9 @@ The algorithms currently supported include:

12931311<!-- YAML12941312added: v15.0.012951313changes:1314+ - version: REPLACEME1315+ pr-url: https://github.com/nodejs/node/pull/595391316+ description: AES-OCB algorithm is now supported.12961317 - version: REPLACEME12971318 pr-url: https://github.com/nodejs/node/pull/5936512981319 description: ChaCha20-Poly1305 algorithm is now supported.

@@ -1329,6 +1350,7 @@ The wrapping algorithms currently supported include:

13291350* `'AES-CTR'`13301351* `'AES-GCM'`13311352* `'AES-KW'`1353+* `'AES-OCB'`[^modern-algos]13321354* `'ChaCha20-Poly1305'`[^modern-algos]13331355* `'RSA-OAEP'`13341356

@@ -1338,6 +1360,7 @@ The unwrapped key algorithms supported include:

13381360* `'AES-CTR'`13391361* `'AES-GCM'`13401362* `'AES-KW'`1363+* `'AES-OCB'`[^modern-algos]13411364* `'ChaCha20-Poly1305'`[^modern-algos]13421365* `'ECDH'`13431366* `'ECDSA'`

@@ -1403,6 +1426,9 @@ The algorithms currently supported include:

14031426<!-- YAML14041427added: v15.0.014051428changes:1429+ - version: REPLACEME1430+ pr-url: https://github.com/nodejs/node/pull/595391431+ description: AES-OCB algorithm is now supported.14061432 - version: REPLACEME14071433 pr-url: https://github.com/nodejs/node/pull/5936514081434 description: ChaCha20-Poly1305 algorithm is now supported.

@@ -1435,6 +1461,7 @@ The wrapping algorithms currently supported include:

14351461* `'AES-CTR'`14361462* `'AES-GCM'`14371463* `'AES-KW'`1464+* `'AES-OCB'`[^modern-algos]14381465* `'ChaCha20-Poly1305'`[^modern-algos]14391466* `'RSA-OAEP'`14401467

@@ -1492,7 +1519,7 @@ given key.

14921519added: v15.0.014931520-->149415211495-* Type: {string} Must be `'AES-GCM'` or `'ChaCha20-Poly1305'`.1522+* Type: {string} Must be `'AES-GCM'`, `'AES-OCB'`, or `'ChaCha20-Poly1305'`.1496152314971524#### `aeadParams.tagLength`14981525

@@ -1514,8 +1541,7 @@ added: v15.0.0

15141541added: v15.0.015151542-->151615431517-* Type: {string} Must be one of `'AES-CBC'`, `'AES-CTR'`, `'AES-GCM'`, or1518- `'AES-KW'`1544+* Type: {string} Must be one of `'AES-CBC'`, `'AES-CTR'`, `'AES-GCM'`, `'AES-OCB'`, or `'AES-KW'`1519154515201546#### `aesDerivedKeyParams.length`15211547

@@ -2391,6 +2417,8 @@ The length (in bytes) of the random salt to use.

2391241723922418[^modern-algos]: See [Modern Algorithms in the Web Cryptography API][]239324192420+[^openssl30]: Requires OpenSSL >= 3.02421+23942422[^openssl35]: Requires OpenSSL >= 3.52395242323962424[JSON Web Key]: https://tools.ietf.org/html/rfc7517