crypto: remove webcrypto HKDF and PBKDF2 default-applied lengths

panva · danielleadams · commit 7565a75ee5b9 · 2023-01-03T08:38:08.000-05:00
PR-URL: #44945 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
diff --git a/lib/internal/crypto/hkdf.js b/lib/internal/crypto/hkdf.js
@@ -2,7 +2,6 @@
 
 const {
   FunctionPrototypeCall,
-  Promise,
 } = primordials;
 
 const {
@@ -15,7 +14,6 @@ const {
   validateFunction,
   validateInteger,
   validateString,
-  validateUint32,
 } = require('internal/validators');
 
 const { kMaxLength } = require('buffer');
@@ -35,6 +33,7 @@ const {
 
 const {
   lazyDOMException,
+  promisify,
 } = require('internal/util');
 
 const {
@@ -139,40 +138,33 @@ function hkdfSync(hash, key, salt, info, length) {
   return bits;
 }
 
+const hkdfPromise = promisify(hkdf);
 async function hkdfDeriveBits(algorithm, baseKey, length) {
   const { hash } = algorithm;
   const salt = getArrayBufferOrView(algorithm.salt, 'algorithm.salt');
   const info = getArrayBufferOrView(algorithm.info, 'algorithm.info');
   if (hash === undefined)
     throw new ERR_MISSING_OPTION('algorithm.hash');
 
-  let byteLength = 512 / 8;
-  if (length !== undefined) {
-    if (length === 0)
-      throw lazyDOMException('length cannot be zero', 'OperationError');
-    if (length === null)
-      throw lazyDOMException('length cannot be null', 'OperationError');
-    validateUint32(length, 'length');
-    if (length % 8) {
-      throw lazyDOMException(
-        'length must be a multiple of 8',
-        'OperationError');
-    }
-    byteLength = length / 8;
+  if (length === 0)
+    throw lazyDOMException('length cannot be zero', 'OperationError');
+  if (length === null)
+    throw lazyDOMException('length cannot be null', 'OperationError');
+  if (length % 8) {
+    throw lazyDOMException(
+      'length must be a multiple of 8',
+      'OperationError');
   }
 
-  return new Promise((resolve, reject) => {
-    hkdf(
-      normalizeHashName(hash.name),
-      baseKey[kKeyObject],
-      salt,
-      info,
-      byteLength,
-      (err, bits) => {
-        if (err) return reject(err);
-        resolve(bits);
-      });
-  });
+  try {
+    return await hkdfPromise(
+      normalizeHashName(hash.name), baseKey[kKeyObject], salt, info, length / 8,
+    );
+  } catch (err) {
+    throw lazyDOMException(
+      'The operation failed for an operation-specific reason',
+      { name: 'OperationError', cause: err });
+  }
 }
 
 module.exports = {
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
@@ -2,7 +2,6 @@
 
 const {
   FunctionPrototypeCall,
-  Promise,
 } = primordials;
 
 const { Buffer } = require('buffer');
@@ -18,7 +17,6 @@ const {
   validateInt32,
   validateInteger,
   validateString,
-  validateUint32,
 } = require('internal/validators');
 
 const { ERR_MISSING_OPTION } = require('internal/errors').codes;
@@ -32,6 +30,7 @@ const {
 
 const {
   lazyDOMException,
+  promisify,
 } = require('internal/util');
 
 function pbkdf2(password, salt, iterations, keylen, digest, callback) {
@@ -100,6 +99,7 @@ function check(password, salt, iterations, keylen, digest) {
   return { password, salt, iterations, keylen, digest };
 }
 
+const pbkdf2Promise = promisify(pbkdf2);
 async function pbkdf2DeriveBits(algorithm, baseKey, length) {
   const { iterations } = algorithm;
   let { hash } = algorithm;
@@ -116,27 +116,26 @@ async function pbkdf2DeriveBits(algorithm, baseKey, length) {
 
   const raw = baseKey[kKeyObject].export();
 
-  let byteLength = 64;  // the default
-  if (length !== undefined) {
-    if (length === 0)
-      throw lazyDOMException('length cannot be zero', 'OperationError');
-    if (length === null)
-      throw lazyDOMException('length cannot be null', 'OperationError');
-    validateUint32(length, 'length');
-    if (length % 8) {
-      throw lazyDOMException(
-        'length must be a multiple of 8',
-        'OperationError');
-    }
-    byteLength = length / 8;
+  if (length === 0)
+    throw lazyDOMException('length cannot be zero', 'OperationError');
+  if (length === null)
+    throw lazyDOMException('length cannot be null', 'OperationError');
+  if (length % 8) {
+    throw lazyDOMException(
+      'length must be a multiple of 8',
+      'OperationError');
+  }
+
+  let result;
+  try {
+    result = await pbkdf2Promise(raw, salt, iterations, length / 8, hash);
+  } catch (err) {
+    throw lazyDOMException(
+      'The operation failed for an operation-specific reason',
+      { name: 'OperationError', cause: err });
   }
 
-  return new Promise((resolve, reject) => {
-    pbkdf2(raw, salt, iterations, byteLength, hash, (err, result) => {
-      if (err) return reject(err);
-      resolve(result.buffer);
-    });
-  });
+  return result.buffer;
 }
 
 module.exports = {
diff --git a/test/parallel/test-webcrypto-derivebits-hkdf.js b/test/parallel/test-webcrypto-derivebits-hkdf.js
@@ -257,6 +257,10 @@ async function testDeriveBitsBadLengths(
   };
 
   return Promise.all([
+    assert.rejects(
+      subtle.deriveBits(algorithm, baseKeys[size], undefined), {
+        name: 'OperationError',
+      }),
     assert.rejects(
       subtle.deriveBits(algorithm, baseKeys[size], 0), {
         message: /length cannot be zero/,
diff --git a/test/pummel/test-webcrypto-derivebits-pbkdf2.js b/test/pummel/test-webcrypto-derivebits-pbkdf2.js
@@ -445,6 +445,10 @@ async function testDeriveBitsBadLengths(
   };
 
   return Promise.all([
+    assert.rejects(
+      subtle.deriveBits(algorithm, baseKeys[size], undefined), {
+        name: 'OperationError',
+      }),
     assert.rejects(
       subtle.deriveBits(algorithm, baseKeys[size], 0), {
         message: /length cannot be zero/,
