crypto: multiple webcrypto fixes#43431

panva · 2022-06-14T19:33:14Z

While working on updating WPTs (#43421 put on hold) I have found the following issues.

digest() invalid algorithm which happens to collide with other normalizeHashName names was accepted
empty usages in generateKey() were accepted
generateKey() publicExponent was not used
deriveBits() ECDH / X25519 / X448 returned incorrect slice when non multiple of 8 length was requested
generateKey() AES-KW accepted invalid usages

Review individual commits

nodejs-github-bot · 2022-06-14T19:33:18Z

Review requested:

@nodejs/crypto

tniessen

Nice work!

lib/internal/crypto/aes.js

aduh95 · 2022-06-15T09:16:03Z

test/parallel/test-webcrypto-digest.js

+(async()=>{
+awaitassert.rejects(subtle.digest('RSA-OAEP',Buffer.alloc(1)),{
+name: 'NotSupportedError',
+});
+})().then(common.mustCall());


nit: the async wrapper is technically not needed (although it's fine to keep it if you prefer as is)
Suggested change
(async()=>{
awaitassert.rejects(subtle.digest('RSA-OAEP',Buffer.alloc(1)),{
name: 'NotSupportedError',
});
})().then(common.mustCall());
assert.rejects(subtle.digest('RSA-OAEP',Buffer.alloc(1)),{
name: 'NotSupportedError',
}).then(common.mustCall());

PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

PR-URL: nodejs/node#43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

panva added 5 commits June 14, 2022 21:12

crypto: fix webcrypto deriveBits for non-byte lengths
4df7bc5

crypto: fix webcrypto AES-KW keys accepting encrypt/decrypt usages
7bb4988

crypto: fix webcrypto RSA generateKey() use of publicExponent
514e8a5

crypto: fix webcrypto digest() invalid algorithm
55be639

crypto: fix webcrypto generateKey() with empty usages
6de6ec9

panva added crypto Issues and PRs related to the crypto subsystem. experimental Issues and PRs related to experimental features. webcrypto commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. labels Jun 14, 2022

panva requested review from jasnell and tniessen June 14, 2022 19:33

nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Jun 14, 2022

panva mentioned this pull request Jun 14, 2022
crypto: update webcrypto WPT #43421
Closed

tniessen approved these changes Jun 14, 2022
View reviewed changes

lib/internal/crypto/aes.jsShow resolvedHide resolved

panva added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels Jun 14, 2022

jasnell approved these changes Jun 14, 2022
View reviewed changes

github-actionsbot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 14, 2022

This comment was marked as outdated.
Sign in to view

github-actionsbot mentioned this pull request Jun 15, 2022
CI Reliability 2022-06-15 nodejs/reliability#301
Open
17 tasks

This comment was marked as outdated.
Sign in to view

aduh95 approved these changes Jun 15, 2022
View reviewed changes

panva added a commit that referenced this pull request Jun 16, 2022
crypto: fix webcrypto digest() invalid algorithm
288304c
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

panva added a commit that referenced this pull request Jun 16, 2022
crypto: fix webcrypto generateKey() with empty usages
677bd66
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

This was referenced Jun 17, 2022
CI Reliability 2022-06-17 nodejs/reliability#303
Open
CI Reliability 2022-06-18 nodejs/reliability#304
Open

F3n67u mentioned this pull request Jun 18, 2022
Investigate flaky test-http-server-close-idle #43466
Closed

github-actionsbot mentioned this pull request Jun 19, 2022
CI Reliability 2022-06-19 nodejs/reliability#305
Open
30 tasks

targos pushed a commit that referenced this pull request Jul 12, 2022
crypto: fix webcrypto deriveBits for non-byte lengths
3ee0bb8
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 12, 2022
crypto: fix webcrypto digest() invalid algorithm
64a9dd7
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 12, 2022
crypto: fix webcrypto generateKey() with empty usages
679f191
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos mentioned this pull request Jul 12, 2022
v18.6.0 release proposal #43789
Merged

targos pushed a commit that referenced this pull request Jul 18, 2022
crypto: fix webcrypto deriveBits for non-byte lengths
968b7d5
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 18, 2022
crypto: fix webcrypto digest() invalid algorithm
8f687d7
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 18, 2022
crypto: fix webcrypto generateKey() with empty usages
821d419
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 31, 2022
crypto: fix webcrypto deriveBits for non-byte lengths
52ea869
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 31, 2022
crypto: fix webcrypto digest() invalid algorithm
bef600e
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos pushed a commit that referenced this pull request Jul 31, 2022
crypto: fix webcrypto generateKey() with empty usages
8dca8d7
PR-URL: #43431 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>

targos mentioned this pull request Aug 3, 2022
v16.17.0 release proposal #44098
Merged

panva deleted the webcrypto-fixes branch October 13, 2022 09:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

crypto: multiple webcrypto fixes#43431

crypto: multiple webcrypto fixes #43431

Uh oh!

panva commented Jun 14, 2022•
edited
Loading

Uh oh!

nodejs-github-bot commented Jun 14, 2022

Uh oh!

tniessen left a comment

Uh oh!

Uh oh!

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

aduh95Jun 15, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

Uh oh!

crypto: multiple webcrypto fixes#43431

crypto: multiple webcrypto fixes #43431

Uh oh!

Conversation

panva commented Jun 14, 2022• edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

nodejs-github-bot commented Jun 14, 2022

Uh oh!

tniessen left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

aduh95Jun 15, 2022

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

panva commented Jun 14, 2022•
edited
Loading