diff options
| author | Santhanam <72668511+porridgewithraisins@users.noreply.github.com> | 2023-06-19 13:26:58 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-19 13:26:58 +0530 |
| commit | 52da60ed530d39d651afa61f4411ee8a40ad0608 (patch) | |
| tree | 1c82713c0d2d135f1609e1ce7a3b72792ecf7e52 /cli/tests/unit_node/_fs/_fs_writeFile_test.ts | |
| parent | 0773463de1ba2c316decc99ac60440f6f7a91de1 (diff) | |
fix(deno/ext): Fix WebCrypto API's deriveKey (#19545)
Fixes a bug I noticed when deriving a key based from `ECDH`. Similar
issue is also mentioned in #14693, where they derive a key using
`PBKDF2`
- In the WebCrypto API, `deriveKey()` is equivalent to `deriveBits()`
followed by `importKey()`
- But, `deriveKey()` requires just `deriveKey` in the `usages` of the
`baseKey` parameter. The `deriveBits` usage is not required to be
allowed. This is the uniform behaviour in Node, Chrome and Firefox.
- The impl currently has userland-accessible `SubtleCrypto.deriveKey()`
and `SubtleCrypto.deriveBits()`, as well as an internal `deriveBits()`
(this is the one that accesses the ffi).
- Also, `SubtleCrypto.deriveKey()` checks if `deriveKey` is an allowed
usage and `SubtleCrypto.deriveBits()` checks if `deriveBits` is an
allowed usage, as required.
- However, the impl currently calls the userland accessible
`SubtleCrypto.deriveBits()` in `SubtleCrypto.deriveKey()`, leading to an
error being thrown if the `deriveBits` usage isn't present.
- Fixed this by making it call the internal `deriveBits()`
instead.
Diffstat (limited to 'cli/tests/unit_node/_fs/_fs_writeFile_test.ts')
0 files changed, 0 insertions, 0 deletions