From 225d516466a37a3695e051ca29456e424cb99aa2 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Sat, 15 Oct 2022 07:23:35 +0200
Subject: fix(ext/crypto): correct HMAC get key length op (#16201)

fixes #16180

`HMAC`'s `get key length` `op` uses the hash function's block size, not
output size.

refs
https://github.com/cloudflare/workerd/issues/68#issuecomment-1271189657
---
 cli/tests/unit/webcrypto_test.ts | 2 +-
 ext/crypto/00_crypto.js          | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index 48d7012db..13fb2d3f7 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -675,7 +675,7 @@ Deno.test(async function testDeriveKey() {
   const algorithm = derivedKey.algorithm as HmacKeyAlgorithm;
   assertEquals(algorithm.name, "HMAC");
   assertEquals(algorithm.hash.name, "SHA-256");
-  assertEquals(algorithm.length, 256);
+  assertEquals(algorithm.length, 512);
 });
 
 Deno.test(async function testAesCbcEncryptDecrypt() {
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
index 7b21c9287..857283623 100644
--- a/ext/crypto/00_crypto.js
+++ b/ext/crypto/00_crypto.js
@@ -393,16 +393,16 @@
         if (algorithm.length === undefined) {
           switch (algorithm.hash.name) {
             case "SHA-1":
-              length = 160;
+              length = 512;
               break;
             case "SHA-256":
-              length = 256;
+              length = 512;
               break;
             case "SHA-384":
-              length = 384;
+              length = 1024;
               break;
             case "SHA-512":
-              length = 512;
+              length = 1024;
               break;
             default:
               throw new DOMException(
-- 
cgit v1.2.3