goscript 0.2.0 → 0.2.2

package/gs/crypto/aes/index.ts

@@ -0,0 +1,76 @@
+import * as $ from '@goscript/builtin/index.js'
+import type * as cipher from '@goscript/crypto/cipher/index.js'
+import { ecb } from '@noble/ciphers/aes.js'
+
+export const BlockSize = 16
+
+export type KeySizeError = number
+
+export class AESBlock implements cipher.Block {
+  private keyPromise: Promise<CryptoKey> | null = null
+
+  constructor(private readonly key: Uint8Array) {}
+
+  BlockSize(): number {
+    return BlockSize
+  }
+
+  Encrypt(dst: $.Bytes, src: $.Bytes): void {
+    const srcBytes = $.bytesToUint8Array(src)
+    if (srcBytes.length < BlockSize) {
+      $.panic('crypto/aes: input not full block')
+    }
+    if ($.len(dst) < BlockSize) {
+      $.panic('crypto/aes: output not full block')
+    }
+    const out = ecb(this.key, { disablePadding: true }).encrypt(
+      srcBytes.subarray(0, BlockSize),
+    )
+    $.copy(dst as Uint8Array, out)
+  }
+
+  Decrypt(dst: $.Bytes, src: $.Bytes): void {
+    const srcBytes = $.bytesToUint8Array(src)
+    if (srcBytes.length < BlockSize) {
+      $.panic('crypto/aes: input not full block')
+    }
+    if ($.len(dst) < BlockSize) {
+      $.panic('crypto/aes: output not full block')
+    }
+    const out = ecb(this.key, { disablePadding: true }).decrypt(
+      srcBytes.subarray(0, BlockSize),
+    )
+    $.copy(dst as Uint8Array, out)
+  }
+
+  async webCryptoKey(): Promise<CryptoKey> {
+    this.keyPromise ??= subtleCrypto().importKey(
+      'raw',
+      this.key as unknown as BufferSource,
+      'AES-GCM',
+      false,
+      ['encrypt', 'decrypt'],
+    )
+    return this.keyPromise
+  }
+}
+
+export function KeySizeError_Error(k: KeySizeError): string {
+  return `crypto/aes: invalid key size ${k}`
+}
+
+export function NewCipher(key: $.Bytes): [cipher.Block | null, $.GoError] {
+  const k = $.len(key)
+  if (k !== 16 && k !== 24 && k !== 32) {
+    return [null, $.newError(KeySizeError_Error(k))]
+  }
+  return [new AESBlock($.bytesToUint8Array(key).slice()), null]
+}
+
+function subtleCrypto(): SubtleCrypto {
+  const subtle = globalThis.crypto?.subtle
+  if (subtle == null) {
+    throw new Error('crypto/aes: WebCrypto AES-GCM is unavailable')
+  }
+  return subtle
+}

package/gs/crypto/cipher/index.ts

@@ -0,0 +1,345 @@
+import * as $ from '@goscript/builtin/index.js'
+
+export type Block = {
+  BlockSize(): number
+  Decrypt(dst: $.Bytes, src: $.Bytes): void
+  Encrypt(dst: $.Bytes, src: $.Bytes): void
+}
+
+$.registerInterfaceType('cipher.Block', null, [
+  {
+    name: 'BlockSize',
+    args: [],
+    returns: [{ name: '_r0', type: { kind: $.TypeKind.Basic, name: 'int' } }],
+  },
+  {
+    name: 'Decrypt',
+    args: [
+      {
+        name: 'dst',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'src',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+    ],
+    returns: [],
+  },
+  {
+    name: 'Encrypt',
+    args: [
+      {
+        name: 'dst',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'src',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+    ],
+    returns: [],
+  },
+])
+
+export type AEAD = {
+  NonceSize(): number
+  Open(
+    dst: $.Bytes,
+    nonce: $.Bytes,
+    ciphertext: $.Bytes,
+    additionalData: $.Bytes,
+  ): [$.Bytes, $.GoError] | Promise<[$.Bytes, $.GoError]>
+  Overhead(): number
+  Seal(
+    dst: $.Bytes,
+    nonce: $.Bytes,
+    plaintext: $.Bytes,
+    additionalData: $.Bytes,
+  ): $.Bytes | Promise<$.Bytes>
+}
+
+$.registerInterfaceType('cipher.AEAD', null, [
+  {
+    name: 'NonceSize',
+    args: [],
+    returns: [{ name: '_r0', type: { kind: $.TypeKind.Basic, name: 'int' } }],
+  },
+  {
+    name: 'Open',
+    args: [
+      {
+        name: 'dst',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'nonce',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'ciphertext',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'additionalData',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+    ],
+    returns: [
+      {
+        name: '_r0',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      { name: '_r1', type: 'error' },
+    ],
+  },
+  {
+    name: 'Overhead',
+    args: [],
+    returns: [{ name: '_r0', type: { kind: $.TypeKind.Basic, name: 'int' } }],
+  },
+  {
+    name: 'Seal',
+    args: [
+      {
+        name: 'dst',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'nonce',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'plaintext',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+      {
+        name: 'additionalData',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+    ],
+    returns: [
+      {
+        name: '_r0',
+        type: {
+          kind: $.TypeKind.Slice,
+          elemType: { kind: $.TypeKind.Basic, name: 'uint8' },
+        },
+      },
+    ],
+  },
+])
+
+export type Stream = {
+  XORKeyStream(dst: $.Bytes, src: $.Bytes): void
+}
+
+export type BlockMode = {
+  BlockSize(): number
+  CryptBlocks(dst: $.Bytes, src: $.Bytes): void
+}
+
+type WebCryptoBlock = Block & {
+  webCryptoKey(): Promise<CryptoKey>
+}
+
+class webCryptoGCM implements AEAD {
+  constructor(
+    private readonly block: WebCryptoBlock,
+    private readonly nonceSize: number,
+    private readonly tagSize: number,
+  ) {}
+
+  NonceSize(): number {
+    return this.nonceSize
+  }
+
+  Overhead(): number {
+    return this.tagSize
+  }
+
+  async Seal(
+    dst: $.Bytes,
+    nonce: $.Bytes,
+    plaintext: $.Bytes,
+    additionalData: $.Bytes,
+  ): Promise<$.Bytes> {
+    if ($.len(nonce) !== this.nonceSize) {
+      throw new Error('crypto/cipher: incorrect nonce length given to GCM')
+    }
+    const encrypted = await globalThis.crypto.subtle.encrypt(
+      this.algorithm(nonce, additionalData),
+      await this.block.webCryptoKey(),
+      $.bytesToUint8Array(plaintext) as unknown as BufferSource,
+    )
+    return appendBytes(dst, new Uint8Array(encrypted))
+  }
+
+  async Open(
+    dst: $.Bytes,
+    nonce: $.Bytes,
+    ciphertext: $.Bytes,
+    additionalData: $.Bytes,
+  ): Promise<[$.Bytes, $.GoError]> {
+    if ($.len(nonce) !== this.nonceSize) {
+      throw new Error('crypto/cipher: incorrect nonce length given to GCM')
+    }
+    try {
+      const decrypted = await globalThis.crypto.subtle.decrypt(
+        this.algorithm(nonce, additionalData),
+        await this.block.webCryptoKey(),
+        $.bytesToUint8Array(ciphertext) as unknown as BufferSource,
+      )
+      return [appendBytes(dst, new Uint8Array(decrypted)), null]
+    } catch {
+      return [null, $.newError('cipher: message authentication failed')]
+    }
+  }
+
+  private algorithm(nonce: $.Bytes, additionalData: $.Bytes): AesGcmParams {
+    const params: AesGcmParams = {
+      name: 'AES-GCM',
+      iv: $.bytesToUint8Array(nonce) as unknown as BufferSource,
+      tagLength: this.tagSize * 8,
+    }
+    if ($.len(additionalData) !== 0) {
+      params.additionalData = $.bytesToUint8Array(
+        additionalData,
+      ) as unknown as BufferSource
+    }
+    return params
+  }
+}
+
+export function NewGCM(block: Block | null): [AEAD | null, $.GoError] {
+  return NewGCMWithNonceSize(block, 12)
+}
+
+export function NewGCMWithNonceSize(
+  block: Block | null,
+  size: number,
+): [AEAD | null, $.GoError] {
+  return newGCM(block, size, 16)
+}
+
+export function NewGCMWithTagSize(
+  block: Block | null,
+  tagSize: number,
+): [AEAD | null, $.GoError] {
+  if (tagSize < 12 || tagSize > 16) {
+    return [null, $.newError('crypto/cipher: incorrect GCM tag size')]
+  }
+  return newGCM(block, 12, tagSize)
+}
+
+export function NewGCMWithRandomNonce(
+  _block: Block | null,
+): [AEAD | null, $.GoError] {
+  return [
+    null,
+    $.newError(
+      'crypto/cipher: NewGCMWithRandomNonce is not implemented in GoScript',
+    ),
+  ]
+}
+
+export function NewCBCDecrypter(_b: Block | null, _iv: $.Bytes): BlockMode {
+  throw new Error('crypto/cipher: CBC is not implemented in GoScript')
+}
+
+export function NewCBCEncrypter(_b: Block | null, _iv: $.Bytes): BlockMode {
+  throw new Error('crypto/cipher: CBC is not implemented in GoScript')
+}
+
+export function NewCFBDecrypter(_b: Block | null, _iv: $.Bytes): Stream {
+  throw new Error('crypto/cipher: CFB is not implemented in GoScript')
+}
+
+export function NewCFBEncrypter(_b: Block | null, _iv: $.Bytes): Stream {
+  throw new Error('crypto/cipher: CFB is not implemented in GoScript')
+}
+
+export function NewCTR(_b: Block | null, _iv: $.Bytes): Stream {
+  throw new Error('crypto/cipher: CTR is not implemented in GoScript')
+}
+
+export function NewOFB(_b: Block | null, _iv: $.Bytes): Stream {
+  throw new Error('crypto/cipher: OFB is not implemented in GoScript')
+}
+
+export class StreamReader {
+  constructor(_init?: Partial<{ S: Stream; R: unknown }>) {}
+}
+
+export class StreamWriter {
+  constructor(_init?: Partial<{ S: Stream; W: unknown }>) {}
+}
+
+function newGCM(
+  block: Block | null,
+  nonceSize: number,
+  tagSize: number,
+): [AEAD | null, $.GoError] {
+  if (block == null || block.BlockSize() !== 16) {
+    return [null, $.newError('cipher: NewGCM requires 128-bit block cipher')]
+  }
+  if (nonceSize <= 0) {
+    return [null, $.newError('crypto/cipher: incorrect GCM nonce size')]
+  }
+  if (!isWebCryptoBlock(block)) {
+    return [
+      null,
+      $.newError(
+        'crypto/cipher: AES-GCM requires a WebCrypto AES block in GoScript',
+      ),
+    ]
+  }
+  return [new webCryptoGCM(block, nonceSize, tagSize), null]
+}
+
+function isWebCryptoBlock(block: Block): block is WebCryptoBlock {
+  return typeof (block as Partial<WebCryptoBlock>).webCryptoKey === 'function'
+}
+
+function appendBytes(dst: $.Bytes, bytes: Uint8Array): $.Bytes {
+  return $.append(dst as any, ...bytes) as $.Bytes
+}

package/gs/crypto/cipher/meta.json

@@ -0,0 +1,6 @@
+{
+  "asyncMethods": {
+    "AEAD.Open": true,
+    "AEAD.Seal": true
+  }
+}

package/gs/github.com/aperturerobotics/protobuf-go-lite/index.test.ts

@@ -38,6 +38,8 @@ import {
   EqualVTSliceImplicit,
   type EqualVT,
   IsEqualVTSlice,
+  MarshalBoundMessageVT,
+  MarshalBoundMessageToSizedBufferVT,
   SizeBoolNonZero,
   SizeBoolPacked,
   SizeBoolPtr,
@@ -76,6 +78,7 @@ import {
   SizeZigzagSlice,
   SizeZigzagValue,
   Skip,
+  UnmarshalBoundMessageVT,
 } from './index.js'
 
 class TestValue {
@@ -146,6 +149,115 @@ class TestCloneMessage implements CloneMessage {
   }
 }
 
+class BrokenBoundMessage {}
+
+;(BrokenBoundMessage as any).__protobufTypeScriptMessage = {
+  typeName: 'test.BrokenBoundMessage',
+  fields: { list: () => [] },
+  fromBinary: () => ({}),
+  toBinary: () => {
+    throw new Error('invalid uint 32: undefined')
+  },
+}
+
+class BytesBoundMessage {
+  Config: $.Slice<number>
+
+  constructor(config: $.Slice<number>) {
+    this.Config = config
+  }
+}
+
+;(BytesBoundMessage as any).__protobufTypeScriptMessage = {
+  typeName: 'test.BytesBoundMessage',
+  fields: {
+    list: () => [{ localName: 'config', kind: 'scalar', T: 12 }],
+  },
+  fromBinary: () => ({}),
+  toBinary: (value: { config?: Uint8Array }) => {
+    expect(value.config).toBeInstanceOf(Uint8Array)
+    expect(Array.from(value.config ?? [])).toEqual([1, 2, 3])
+    return new Uint8Array([9])
+  },
+}
+
+class TimestampBoundMessage {
+  public get Seconds(): number {
+    return this._fields.Seconds.value
+  }
+  public set Seconds(value: number) {
+    this._fields.Seconds.value = value
+  }
+
+  public get Nanos(): number {
+    return this._fields.Nanos.value
+  }
+  public set Nanos(value: number) {
+    this._fields.Nanos.value = value
+  }
+
+  public _fields: {
+    Seconds: $.VarRef<number>
+    Nanos: $.VarRef<number>
+  }
+
+  constructor(init?: Partial<{ Seconds?: number; Nanos?: number }>) {
+    this._fields = {
+      Seconds: $.varRef(init?.Seconds ?? 0),
+      Nanos: $.varRef(init?.Nanos ?? 0),
+    }
+  }
+}
+
+const timestampMessageType = {
+  typeName: 'google.protobuf.Timestamp',
+  fields: {
+    list: () => [
+      { localName: 'seconds', kind: 'scalar' },
+      { localName: 'nanos', kind: 'scalar' },
+    ],
+  },
+}
+
+class TimestampParentBoundMessage {
+  public get Timestamp(): TimestampBoundMessage | null {
+    return this._fields.Timestamp.value
+  }
+  public set Timestamp(value: TimestampBoundMessage | null) {
+    this._fields.Timestamp.value = value
+  }
+
+  public _fields: {
+    Timestamp: $.VarRef<TimestampBoundMessage | null>
+  }
+
+  constructor(init?: Partial<{ Timestamp?: TimestampBoundMessage | null }>) {
+    this._fields = {
+      Timestamp: $.varRef(init?.Timestamp ?? null),
+    }
+  }
+}
+
+;(TimestampParentBoundMessage as any).__protobufTypeScriptMessage = {
+  typeName: 'test.TimestampParentBoundMessage',
+  fields: {
+    list: () => [
+      {
+        localName: 'timestamp',
+        kind: 'message',
+        T: timestampMessageType,
+      },
+    ],
+  },
+  fromBinary: () => ({
+    timestamp: new Date(Date.UTC(2026, 4, 31, 12, 34, 56, 789)),
+  }),
+  toBinary: () => new Uint8Array(),
+}
+;(TimestampParentBoundMessage as any).__protobufTypeScriptFields = {
+  timestamp: TimestampBoundMessage,
+}
+
 describe('protobuf-go-lite EqualVT helpers', () => {
   it('accepts compiler-emitted runtime type arguments', () => {
     const equal = CompareEqualVT<TestValue>({
@@ -245,6 +357,56 @@ describe('protobuf-go-lite runtime interfaces', () => {
   })
 })
 
+describe('protobuf-go-lite TypeScript binding helpers', () => {
+  it('adds message type context to binary marshal errors', () => {
+    const [, err] = MarshalBoundMessageVT(
+      BrokenBoundMessage as any,
+      new BrokenBoundMessage(),
+    )
+
+    expect(err?.Error()).toBe(
+      'marshal test.BrokenBoundMessage: invalid uint 32: undefined',
+    )
+  })
+
+  it('normalizes Go byte slices before binary marshal', () => {
+    const [bytes, err] = MarshalBoundMessageVT(
+      BytesBoundMessage as any,
+      new BytesBoundMessage([1, 2, 3]),
+    )
+
+    expect(err).toBeNull()
+    expect(Array.from(bytes ?? [])).toEqual([9])
+  })
+
+  it('returns bytes written after marshaling into a sized buffer', () => {
+    const target = new Uint8Array([0, 0, 0])
+    const [n, err] = MarshalBoundMessageToSizedBufferVT(
+      BytesBoundMessage as any,
+      new BytesBoundMessage([1, 2, 3]),
+      target,
+    )
+
+    expect(err).toBeNull()
+    expect(n).toBe(1)
+    expect(Array.from(target)).toEqual([0, 0, 9])
+  })
+
+  it('hydrates protobuf-es-lite timestamp Date fields into Go timestamp structs', () => {
+    const target = new TimestampParentBoundMessage()
+
+    const err = UnmarshalBoundMessageVT(
+      TimestampParentBoundMessage as any,
+      target,
+      new Uint8Array(),
+    )
+
+    expect(err).toBeNull()
+    expect(target.Timestamp?.Seconds).toBe(1780230896)
+    expect(target.Timestamp?.Nanos).toBe(789000000)
+  })
+})
+
 describe('protobuf-go-lite wire helpers', () => {
   it('encodes and decodes varints', () => {
     const buf = new Uint8Array(4)