From 70ff22227ad303e57228dc8351688531499a833a Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Sat, 25 Jan 2020 16:43:53 +0100
Subject: [PATCH] fix: contactKDF iteration count fixed for key sizes larger
 than 256 bits

---
 lib/jwa/ecdh/derive.js        | 2 +-
 test/jwe/smoke.P-256K.test.js | 1 -
 test/jwe/smoke.test.js        | 2 --
 3 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/jwa/ecdh/derive.js b/lib/jwa/ecdh/derive.js
index 2dbbd789b8..a2166c6a08 100644
--- a/lib/jwa/ecdh/derive.js
+++ b/lib/jwa/ecdh/derive.js
@@ -2,7 +2,7 @@ const { createHash } = require('crypto')
 const ecdhComputeSecret = require('./compute_secret')
 
 const concat = (key, length, value) => {
-  const iterations = Math.ceil(length / 256)
+  const iterations = Math.ceil(length / 32)
   let res
 
   for (let iter = 1; iter <= iterations; iter++) {
diff --git a/test/jwe/smoke.P-256K.test.js b/test/jwe/smoke.P-256K.test.js
index c57d5073a8..7eb408435d 100644
--- a/test/jwe/smoke.P-256K.test.js
+++ b/test/jwe/smoke.P-256K.test.js
@@ -26,7 +26,6 @@ const dKey = asKey(key)
 
 ;[...eKey.algorithms('wrapKey'), ...eKey.algorithms('deriveKey')].forEach((alg) => {
   ENCS.forEach((enc) => {
-    if (alg === 'ECDH-ES' && ['A192CBC-HS384', 'A256CBC-HS512'].includes(enc)) return
     test(`key ${type} > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc)
     test(`key ${type} > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc)
   })
diff --git a/test/jwe/smoke.test.js b/test/jwe/smoke.test.js
index bfb26aa17e..97af0acd0f 100644
--- a/test/jwe/smoke.test.js
+++ b/test/jwe/smoke.test.js
@@ -28,7 +28,6 @@ Object.entries(fixtures.PEM).forEach(([type, { private: key, public: pub }]) =>
 
   ;[...eKey.algorithms('wrapKey'), ...eKey.algorithms('deriveKey')].forEach((alg) => {
     ENCS.forEach((enc) => {
-      if (alg === 'ECDH-ES' && ['A192CBC-HS384', 'A256CBC-HS512'].includes(enc)) return
       test(`key ${type} > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc)
       test(`key ${type} > alg ${alg} > ${enc} (key as bare input)`, success, pub, key, alg, enc)
       if (keyObjectSupported) {
@@ -71,7 +70,6 @@ Object.entries(fixtures.PEM).forEach(([type, { private: key, public: pub }]) =>
   const eKey = asKey({ kty: 'RSA', e: rsa.e, n: rsa.n })
   eKey.algorithms('wrapKey').forEach((alg) => {
     ENCS.forEach((enc) => {
-      if (alg === 'ECDH-ES' && ['A192CBC-HS384', 'A256CBC-HS512'].includes(enc)) return
       test(`key RSA (min) > alg ${alg} > ${enc}`, success, eKey, dKey, alg, enc)
       test(`key RSA (min) > alg ${alg} > ${enc} (negative cases)`, failure, eKey, dKey, alg, enc)
     })