From 896dc39951b0a130d41b8be36cd96aa21bb36b13 Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Thu, 8 Apr 2021 10:25:25 +0200 Subject: [PATCH] crypto: fix webcrypto derive(Bits|Key) resolve values and docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixes #38115 PR-URL: https://github.com/nodejs/node/pull/38148 Reviewed-By: Tobias Nießen Reviewed-By: James M Snell --- doc/api/webcrypto.md | 4 ++-- lib/internal/crypto/pbkdf2.js | 2 +- lib/internal/crypto/scrypt.js | 2 +- test/parallel/test-webcrypto-derivebits-ecdh.js | 1 + test/parallel/test-webcrypto-derivebits-hkdf.js | 1 + test/parallel/test-webcrypto-derivebits-node-dh.js | 1 + test/parallel/test-webcrypto-derivebits-pbkdf2.js | 1 + test/parallel/test-webcrypto-derivebits.js | 3 +++ 8 files changed, 11 insertions(+), 4 deletions(-) diff --git a/doc/api/webcrypto.md b/doc/api/webcrypto.md index 43327f58e5b6ae..55a1c729e631c2 100644 --- a/doc/api/webcrypto.md +++ b/doc/api/webcrypto.md @@ -275,7 +275,7 @@ async function pbkdf2Key(pass, salt, iterations = 1000, length = 256) { ec.encode(pass), 'PBKDF2', false, - ['deriveBits']); + ['deriveKey']); const key = await subtle.deriveKey({ name: 'PBKDF2', hash: 'SHA-512', @@ -536,7 +536,7 @@ added: v15.0.0 * `derivedKeyAlgorithm`: {HmacKeyGenParams|AesKeyGenParams} * `extractable`: {boolean} * `keyUsages`: {string[]} See [Key usages][]. -* Returns: {Promise} containing {ArrayBuffer} +* Returns: {Promise} containing {CryptoKey} Using the method and parameters specified in `algorithm`, and the keying diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js index 0e516113776a73..d600f8f036284b 100644 --- a/lib/internal/crypto/pbkdf2.js +++ b/lib/internal/crypto/pbkdf2.js @@ -122,7 +122,7 @@ async function pbkdf2DeriveBits(algorithm, baseKey, length) { return new Promise((resolve, reject) => { pbkdf2(raw, salt, iterations, byteLength, hash, (err, result) => { if (err) return reject(err); - resolve(result); + resolve(result.buffer); }); }); } diff --git a/lib/internal/crypto/scrypt.js b/lib/internal/crypto/scrypt.js index 97bc93a6143d19..458723df28ffca 100644 --- a/lib/internal/crypto/scrypt.js +++ b/lib/internal/crypto/scrypt.js @@ -167,7 +167,7 @@ async function scryptDeriveBits(algorithm, baseKey, length) { return new Promise((resolve, reject) => { scrypt(raw, salt, byteLength, { N, r, p, maxmem }, (err, result) => { if (err) return reject(err); - resolve(result); + resolve(result.buffer); }); }); } diff --git a/test/parallel/test-webcrypto-derivebits-ecdh.js b/test/parallel/test-webcrypto-derivebits-ecdh.js index cff174003a2c74..64cbae7cec6a03 100644 --- a/test/parallel/test-webcrypto-derivebits-ecdh.js +++ b/test/parallel/test-webcrypto-derivebits-ecdh.js @@ -98,6 +98,7 @@ async function prepareKeys() { public: publicKey }, privateKey, 8 * size); + assert(bits instanceof ArrayBuffer); assert.strictEqual(Buffer.from(bits).toString('hex'), result); } diff --git a/test/parallel/test-webcrypto-derivebits-hkdf.js b/test/parallel/test-webcrypto-derivebits-hkdf.js index 630c9f790ca236..42d958e5f5f821 100644 --- a/test/parallel/test-webcrypto-derivebits-hkdf.js +++ b/test/parallel/test-webcrypto-derivebits-hkdf.js @@ -237,6 +237,7 @@ async function testDeriveBits( baseKeys[size], 256); + assert(bits instanceof ArrayBuffer); assert.strictEqual( Buffer.from(bits).toString('hex'), kDerivations[size][saltSize][hash][infoSize]); diff --git a/test/parallel/test-webcrypto-derivebits-node-dh.js b/test/parallel/test-webcrypto-derivebits-node-dh.js index 1498d4fb07a1dc..2503bc17032e0d 100644 --- a/test/parallel/test-webcrypto-derivebits-node-dh.js +++ b/test/parallel/test-webcrypto-derivebits-node-dh.js @@ -112,6 +112,7 @@ async function prepareKeys() { public: publicKey }, privateKey, null); + assert(bits instanceof ArrayBuffer); assert.strictEqual(Buffer.from(bits).toString('hex'), result); } diff --git a/test/parallel/test-webcrypto-derivebits-pbkdf2.js b/test/parallel/test-webcrypto-derivebits-pbkdf2.js index 94754a195e1b8c..ed8279dae134dc 100644 --- a/test/parallel/test-webcrypto-derivebits-pbkdf2.js +++ b/test/parallel/test-webcrypto-derivebits-pbkdf2.js @@ -421,6 +421,7 @@ async function testDeriveBits( const bits = await subtle.deriveBits(algorithm, baseKeys[size], 256); + assert(bits instanceof ArrayBuffer); assert.strictEqual( Buffer.from(bits).toString('hex'), kDerivations[size][saltSize][hash][iterations]); diff --git a/test/parallel/test-webcrypto-derivebits.js b/test/parallel/test-webcrypto-derivebits.js index 707693f6426e51..95c38f454fbb93 100644 --- a/test/parallel/test-webcrypto-derivebits.js +++ b/test/parallel/test-webcrypto-derivebits.js @@ -31,6 +31,8 @@ const { internalBinding } = require('internal/test/binding'); }, alice.privateKey, 128), ]); + assert(secret1 instanceof ArrayBuffer); + assert(secret2 instanceof ArrayBuffer); assert.deepStrictEqual(secret1, secret2); } @@ -114,6 +116,7 @@ if (typeof internalBinding('crypto').ScryptJob === 'function') { name: 'NODE-SCRYPT', salt: ec.encode(salt), }, key, length); + assert(secret instanceof ArrayBuffer); assert.strictEqual(Buffer.from(secret).toString('hex'), expected); }