fix: ECDH with null length

This commit is contained in:
Filip Skokan 2022-11-01 13:07:26 +01:00
parent 6b304aedf4
commit 48f5a8c19d
2 changed files with 24 additions and 1 deletions

View File

@ -91,7 +91,7 @@ export class EcCrypto {
return ok; return ok;
} }
public static async deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number): Promise<ArrayBuffer> { public static async deriveBits(algorithm: EcdhKeyDeriveParams, baseKey: CryptoKey, length: number | null): Promise<ArrayBuffer> {
const cryptoAlg = this.getOpenSSLNamedCurve((baseKey.algorithm as EcKeyAlgorithm).namedCurve); const cryptoAlg = this.getOpenSSLNamedCurve((baseKey.algorithm as EcKeyAlgorithm).namedCurve);
const ecdh = crypto.createECDH(cryptoAlg); const ecdh = crypto.createECDH(cryptoAlg);
@ -102,6 +102,10 @@ export class EcCrypto {
const asnPublicKey = AsnParser.parse((algorithm.public as CryptoKey).data, core.asn1.PublicKeyInfo); const asnPublicKey = AsnParser.parse((algorithm.public as CryptoKey).data, core.asn1.PublicKeyInfo);
const bits = ecdh.computeSecret(Buffer.from(asnPublicKey.publicKey)); const bits = ecdh.computeSecret(Buffer.from(asnPublicKey.publicKey));
if (length === null) {
return bits;
}
return new Uint8Array(bits).buffer.slice(0, length >> 3); return new Uint8Array(bits).buffer.slice(0, length >> 3);
} }

View File

@ -280,4 +280,23 @@ context("Crypto", () => {
}); });
}); });
context("ECDH deriveBits with null", () => {
it("P-256", async () => {
const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-256" }, false, ["deriveBits"]);
const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
assert.equal(bits.byteLength, 32);
});
it("P-384", async () => {
const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-384" }, false, ["deriveBits"]);
const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
assert.equal(bits.byteLength, 48);
});
it("P-521", async () => {
const keyPair = await crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-521" }, false, ["deriveBits"]);
const bits = await crypto.subtle.deriveBits({ name: keyPair.publicKey.algorithm.name, public: keyPair.publicKey } as globalThis.EcdhKeyDeriveParams, keyPair.privateKey, <number><unknown>null);
assert.equal(bits.byteLength, 66);
});
});
}); });