Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Web Crypto API - subtle.deriveKey doesn't return promise with ArrayBuffer + doc example bug #38115

Closed
JoakimCh opened this issue Apr 6, 2021 · 4 comments
Closed

Web Crypto API - subtle.deriveKey doesn't return promise with ArrayBuffer + doc example bug #38115

JoakimCh opened this issue Apr 6, 2021 · 4 comments
Labels
doc Issues and PRs related to the documentations. good first issue Issues that are suitable for first-time contributors. webcrypto

Comments

@JoakimCh
Copy link

JoakimCh commented Apr 6, 2021
edited
Loading

The documentation says that it should, but instead it returns a promise with Buffer.

Also the example in the documentation called "Deriving bits and keys" has a bug. In subtle.importKey it is missing 'deriveKey' causing subtle.deriveKey to fail.

Buggy version:

async function pbkdf2Key(pass, salt, iterations = 1000, length = 256) {
  const ec = new TextEncoder();
  const keyMaterial = await subtle.importKey(
    'raw',
    ec.encode(pass),
    'PBKDF2',
    false,
    ['deriveBits']);
  const key = await subtle.deriveKey({
    name: 'PBKDF2',
    hash: 'SHA-512',
    salt: ec.encode(salt),
    iterations
  }, keyMaterial, {
    name: 'AES-GCM',
    length: 256
  }, true, ['encrypt', 'decrypt']);
  return key;
}

Fixed version (updated based on feedback from jasnell):

async function pbkdf2Key(pass, salt, iterations = 1000, length = 256) {
  const ec = new TextEncoder();
  const keyMaterial = await subtle.importKey(
    'raw',
    ec.encode(pass),
    'PBKDF2',
    false,
    ['deriveKey']);
  const key = await subtle.deriveKey({
    name: 'PBKDF2',
    hash: 'SHA-512',
    salt: ec.encode(salt),
    iterations
  }, keyMaterial, {
    name: 'AES-GCM',
    length: 256
  }, true, ['encrypt', 'decrypt']);
  return key;
}
@aduh95
Copy link
Contributor

aduh95 commented Apr 6, 2021

Would you be interested in sending a PR?

@jasnell
Copy link
Member

jasnell commented Apr 6, 2021

The deriveBits in the example can be replaced with deriveKey :-)

@JoakimCh
Copy link
Author

JoakimCh commented Apr 6, 2021

@aduh95 Would you be interested in sending a PR?

Sadly I'm not very good with Git yet, hence I would prefer that someone else does that.

@aduh95 aduh95 added doc Issues and PRs related to the documentations. good first issue Issues that are suitable for first-time contributors. webcrypto labels Apr 6, 2021
hassaanp added a commit to hassaanp/node that referenced this issue Apr 7, 2021
@hassaanp
doc: replaced intended deriveKey to parameter instead of deriveBits
b081766 
Example intends to use deriveKey but uses deriveBits to the subtle.importKey method which does not produce the required response.

Fixes: nodejs#38115
@hassaanp hassaanp mentioned this issue Apr 7, 2021
Closed
panva added a commit to panva/node that referenced this issue Apr 8, 2021
@panva
crypto: fix webcrypto derive(Bits|Key) resolve values and docs
1adaaa3 
fixes nodejs#38115
@panva panva mentioned this issue Apr 8, 2021
Closed
@panva panva closed this as completed in 896dc39 Apr 12, 2021
@panva
Copy link
Member

panva commented Apr 12, 2021

Resolved by 896dc39

BethGriggs pushed a commit that referenced this issue Apr 15, 2021
@panva @BethGriggs
crypto: fix webcrypto derive(Bits|Key) resolve values and docs
4323865 
fixes #38115

PR-URL: #38148
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
doc Issues and PRs related to the documentations. good first issue Issues that are suitable for first-time contributors. webcrypto
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

doc: replaced intended deriveKey parameter instead of deriveBits hassaanp/node
4 participants
@panva @jasnell @JoakimCh @aduh95