crypto: multiple webcrypto fixes #43431

panva · 2022-06-14T19:33:14Z

While working on updating WPTs (#43421 put on hold) I have found the following issues.

digest() invalid algorithm which happens to collide with other normalizeHashName names was accepted
empty usages in generateKey() were accepted
generateKey() publicExponent was not used
deriveBits() ECDH / X25519 / X448 returned incorrect slice when non multiple of 8 length was requested
generateKey() AES-KW accepted invalid usages

Review individual commits

nodejs-github-bot · 2022-06-14T19:33:18Z

Review requested:

@nodejs/crypto

tniessen

Nice work!

lib/internal/crypto/aes.js

aduh95 · 2022-06-15T09:16:03Z

test/parallel/test-webcrypto-digest.js

+(async () => {
+  await assert.rejects(subtle.digest('RSA-OAEP', Buffer.alloc(1)), {
+    name: 'NotSupportedError',
+  });
+})().then(common.mustCall());


nit: the async wrapper is technically not needed (although it's fine to keep it if you prefer as is)

Suggested change

(async () => {

await assert.rejects(subtle.digest('RSA-OAEP', Buffer.alloc(1)), {

name: 'NotSupportedError',

});

})().then(common.mustCall());

assert.rejects(subtle.digest('RSA-OAEP', Buffer.alloc(1)), {

name: 'NotSupportedError',

}).then(common.mustCall());

PR-URL: #43431 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

PR-URL: nodejs/node#43431 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

panva added 5 commits June 14, 2022 21:12

crypto: fix webcrypto deriveBits for non-byte lengths

4df7bc5

crypto: fix webcrypto AES-KW keys accepting encrypt/decrypt usages

7bb4988

crypto: fix webcrypto RSA generateKey() use of publicExponent

514e8a5

crypto: fix webcrypto digest() invalid algorithm

55be639

crypto: fix webcrypto generateKey() with empty usages

6de6ec9

panva added crypto Issues and PRs related to the crypto subsystem. experimental Issues and PRs related to experimental features. webcrypto commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. labels Jun 14, 2022

panva requested review from jasnell and tniessen June 14, 2022 19:33

nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Jun 14, 2022

panva mentioned this pull request Jun 14, 2022

crypto: update webcrypto WPT #43421

Closed

tniessen approved these changes Jun 14, 2022

View reviewed changes

lib/internal/crypto/aes.js Show resolved Hide resolved

panva added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels Jun 14, 2022

jasnell approved these changes Jun 14, 2022

View reviewed changes

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 14, 2022

This comment was marked as outdated.

# to view

github-actions bot mentioned this pull request Jun 15, 2022

CI Reliability 2022-06-15 nodejs/reliability#301

Open

17 tasks

This comment was marked as outdated.

# to view

aduh95 approved these changes Jun 15, 2022

View reviewed changes

This was referenced Jun 17, 2022

CI Reliability 2022-06-17 nodejs/reliability#303

Open

CI Reliability 2022-06-18 nodejs/reliability#304

Open

F3n67u mentioned this pull request Jun 18, 2022

Investigate flaky test-http-server-close-idle #43466

Closed

github-actions bot mentioned this pull request Jun 19, 2022

CI Reliability 2022-06-19 nodejs/reliability#305

Open

30 tasks

targos mentioned this pull request Jul 12, 2022

v18.6.0 release proposal #43789

Merged

targos mentioned this pull request Aug 3, 2022

v16.17.0 release proposal #44098

Merged

panva deleted the webcrypto-fixes branch October 13, 2022 09:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

crypto: multiple webcrypto fixes #43431

crypto: multiple webcrypto fixes #43431

panva commented Jun 14, 2022 •

edited

Loading

nodejs-github-bot commented Jun 14, 2022

tniessen left a comment

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

aduh95 Jun 15, 2022

crypto: multiple webcrypto fixes #43431

crypto: multiple webcrypto fixes #43431

Conversation

panva commented Jun 14, 2022 • edited Loading

nodejs-github-bot commented Jun 14, 2022

tniessen left a comment

Choose a reason for hiding this comment

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

aduh95 Jun 15, 2022

Choose a reason for hiding this comment

panva commented Jun 14, 2022 •

edited

Loading