diff options
| author | Dmitry Volyntsev <xeioex@nginx.com> | 2025-05-07 20:49:21 -0700 |
|---|---|---|
| committer | Dmitry Volyntsev <xeioexception@gmail.com> | 2025-05-08 09:30:06 -0700 |
| commit | 37b4c07719e12363f33de8a591a7a61815122c91 (patch) | |
| tree | 61c2f8212728f5be35a235346f41eee30ef183ea | |
| parent | 7bbb8c2753ea236a1202f4664532f06da97a0d0e (diff) | |
| download | njs-37b4c07719e12363f33de8a591a7a61815122c91.tar.gz njs-37b4c07719e12363f33de8a591a7a61815122c91.zip | |
WebCrypto: fixed extractable handling for crypto.subtle.deriveKey().
| -rw-r--r-- | external/njs_webcrypto_module.c | 1 | ||||
| -rw-r--r-- | external/qjs_webcrypto_module.c | 1 | ||||
| -rw-r--r-- | test/webcrypto/derive.t.mjs | 8 |
3 files changed, 9 insertions, 1 deletions
diff --git a/external/njs_webcrypto_module.c b/external/njs_webcrypto_module.c index 6f4b49e1..dcca91ce 100644 --- a/external/njs_webcrypto_module.c +++ b/external/njs_webcrypto_module.c @@ -1722,6 +1722,7 @@ free: } } + dkey->extractable = njs_value_bool(njs_arg(args, nargs, 4)); dkey->u.s.raw.start = k; dkey->u.s.raw.length = length; diff --git a/external/qjs_webcrypto_module.c b/external/qjs_webcrypto_module.c index 29aea329..937f96c3 100644 --- a/external/qjs_webcrypto_module.c +++ b/external/qjs_webcrypto_module.c @@ -1948,6 +1948,7 @@ free: } } + dkey->extractable = JS_ToBool(cx, argv[3]); dkey->u.s.raw.start = k; dkey->u.s.raw.length = length; diff --git a/test/webcrypto/derive.t.mjs b/test/webcrypto/derive.t.mjs index 4d865da3..e9a2aac1 100644 --- a/test/webcrypto/derive.t.mjs +++ b/test/webcrypto/derive.t.mjs @@ -22,7 +22,11 @@ async function test(params) { if (params.derive === "key") { let key = await crypto.subtle.deriveKey(params.algorithm, keyMaterial, params.derivedAlgorithm, - true, params.usage); + params.extractable, params.usage); + + if (key.extractable !== params.extractable) { + throw Error(`${params.algorithm.name} failed extractable ${params.extractable} vs ${key.extractable}`); + } if (has_usage(params.usage, "encrypt")) { r = await crypto.subtle.encrypt(params.derivedAlgorithm, key, @@ -81,11 +85,13 @@ let derive_tsuite = { length: 256, iv: "55667788556677885566778855667788" }, + extractable: true, usage: [ "encrypt", "decrypt" ] }, tests: [ { expected: "e7b55c9f9fda69b87648585f76c58109174aaa400cfa" }, + { extractable: false, expected: "e7b55c9f9fda69b87648585f76c58109174aaa400cfa" }, { pass: "pass2", expected: "e87d1787f2807ea0e1f7e1cb265b23004c575cf2ad7e" }, { algorithm: { iterations: 10000 }, expected: "5add0059931ed1db1ca24c26dbe4de5719c43ed18a54" }, { algorithm: { hash: "SHA-512" }, expected: "544d64e5e246fdd2ba290ea932b2d80ef411c76139f4" }, |