1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-24 16:19:12 -05:00

fix(crypto): handling large key length in HKDF (#12692)

This commit is contained in:
upendra1997 2021-11-11 14:34:17 +05:30 committed by GitHub
parent a2c8f554c4
commit e00bfecf96
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 2 deletions

View file

@ -513,6 +513,31 @@ unitTest(async function testHkdfDeriveBits() {
assertEquals(result.byteLength, 128 / 8);
});
unitTest(async function testHkdfDeriveBitsWithLargeKeySize() {
const key = await crypto.subtle.importKey(
"raw",
new Uint8Array([0x00]),
"HKDF",
false,
["deriveBits"],
);
assertRejects(
() =>
crypto.subtle.deriveBits(
{
name: "HKDF",
hash: "SHA-1",
salt: new Uint8Array(),
info: new Uint8Array(),
},
key,
((20 * 255) << 3) + 8,
),
DOMException,
"The length provided for HKDF is too large",
);
});
unitTest(async function testDeriveKey() {
// Test deriveKey
const rawKey = await crypto.getRandomValues(new Uint8Array(16));

View file

@ -876,10 +876,14 @@ pub async fn op_crypto_derive_bits(
let salt = hkdf::Salt::new(algorithm, salt);
let prk = salt.extract(&secret);
let info = &[&*info];
let okm = prk.expand(info, HkdfOutput(length))?;
let okm = prk.expand(info, HkdfOutput(length)).map_err(|_e| {
custom_error(
"DOMExceptionOperationError",
"The length provided for HKDF is too large",
)
})?;
let mut r = vec![0u8; length];
okm.fill(&mut r)?;
Ok(r.into())
}
_ => Err(type_error("Unsupported algorithm".to_string())),