Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: remove experimental Curve448 WebCryptoAPI algorithms #55209

Closed
wants to merge 2 commits into from
Closed

crypto: remove experimental Curve448 WebCryptoAPI algorithms #55209

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6bc1db3
crypto: remove experimental Curve448 WebCryptoAPI algorithms
panva Oct 1, 2024
2731ae6
Update doc/api/webcrypto.md
panva Oct 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 26 additions & 51 deletions doc/api/webcrypto.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@

<!-- YAML
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v20.0.0
- v18.17.0
Expand Down Expand Up @@ -113,7 +116,7 @@ async function generateEcKey(namedCurve = 'P-521') {
}
```

#### Ed25519/Ed448/X25519/X448 key pairs
#### Ed25519/X25519 key pairs

> Stability: 1 - Experimental

Expand Down Expand Up @@ -360,10 +363,8 @@ implementation and the APIs supported for each:
| `'RSA-OAEP'` | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | | | | | |
| `'ECDSA'` | ✔ | ✔ | ✔ | | | | | | | ✔ | ✔ | |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | | | | | | | ✔ | ✔ | |
| `'Ed448'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | | | | | | | ✔ | ✔ | |
| `'ECDH'` | ✔ | ✔ | ✔ | | | | | ✔ | ✔ | | | |
| `'X25519'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | | | | | ✔ | ✔ | | | |
| `'X448'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | | | | | ✔ | ✔ | | | |
| `'AES-CTR'` | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | | | | | |
| `'AES-CBC'` | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | | | | | |
| `'AES-GCM'` | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | | | | | |
Expand Down Expand Up @@ -504,10 +505,8 @@ Valid key usages depend on the key algorithm (identified by
| `'AES-KW'` | | | | | | | ✔ | ✔ |
| `'ECDH'` | | | | | ✔ | ✔ | | |
| `'X25519'` <span class="experimental-inline"></span>[^1] | | | | | ✔ | ✔ | | |
| `'X448'` <span class="experimental-inline"></span>[^1] | | | | | ✔ | ✔ | | |
| `'ECDSA'` | | | ✔ | ✔ | | | | |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] | | | ✔ | ✔ | | | | |
| `'Ed448'` <span class="experimental-inline"></span>[^1] | | | ✔ | ✔ | | | | |
| `'HDKF'` | | | | | ✔ | ✔ | | |
| `'HMAC'` | | | ✔ | ✔ | | | | |
| `'PBKDF2'` | | | | | ✔ | ✔ | | |
Expand Down Expand Up @@ -574,6 +573,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'X448'` algorithm.
- version:
- v22.5.0
- v20.17.0
Expand Down Expand Up @@ -604,7 +606,7 @@ The Node.js implementation requires that `length`, when a number, is a multiple
of `8`.

When `length` is not provided or `null` the maximum number of bits for a given
algorithm is generated. This is allowed for the `'ECDH'`, `'X25519'`, and `'X448'`
algorithm is generated. This is allowed for the `'ECDH'` and `'X25519'`
algorithms, for other algorithms `length` is required to be a number.

If successful, the returned promise will be resolved with an {ArrayBuffer}
Expand All @@ -614,7 +616,6 @@ The algorithms currently supported include:

* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HKDF'`
* `'PBKDF2'`

Expand All @@ -623,6 +624,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'X448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -654,7 +658,6 @@ The algorithms currently supported include:

* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HKDF'`
* `'PBKDF2'`

Expand Down Expand Up @@ -710,6 +713,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -746,7 +752,6 @@ specification.
| `'ECDH'` | ✔ | ✔ | ✔ | ✔ |
| `'ECDSA'` | ✔ | ✔ | ✔ | ✔ |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'Ed448'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'HDKF'` | | | | |
| `'HMAC'` | | | ✔ | ✔ |
| `'PBKDF2'` | | | | |
Expand Down Expand Up @@ -782,10 +787,8 @@ include:
* `'RSA-OAEP'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]

The {CryptoKey} (secret key) generating algorithms supported include:

Expand All @@ -800,6 +803,9 @@ The {CryptoKey} (secret key) generating algorithms supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -841,10 +847,8 @@ The algorithms currently supported include:
| `'AES-KW'` | | | ✔ | ✔ |
| `'ECDH'` | ✔ | ✔ | ✔ | ✔ |
| `'X25519'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'X448'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'ECDSA'` | ✔ | ✔ | ✔ | ✔ |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'Ed448'` <span class="experimental-inline"></span>[^1] | ✔ | ✔ | ✔ | ✔ |
| `'HDKF'` | | | | ✔ |
| `'HMAC'` | | | ✔ | ✔ |
| `'PBKDF2'` | | | | ✔ |
Expand All @@ -857,6 +861,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'Ed448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand All @@ -866,7 +873,7 @@ changes:

<!--lint disable maximum-line-length remark-lint-->

* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams|Ed448Params}
* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams}
* `key`: {CryptoKey}
* `data`: {ArrayBuffer|TypedArray|DataView|Buffer}
* Returns: {Promise} Fulfills with an {ArrayBuffer}
Expand All @@ -884,7 +891,6 @@ The algorithms currently supported include:
* `'RSA-PSS'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`

### `subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)`
Expand Down Expand Up @@ -932,10 +938,8 @@ The unwrapped key algorithms supported include:
* `'RSA-OAEP'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`
* `'AES-CTR'`
* `'AES-CBC'`
Expand All @@ -947,6 +951,9 @@ The unwrapped key algorithms supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/55209
description: Removed the `'Ed448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand All @@ -956,7 +963,7 @@ changes:

<!--lint disable maximum-line-length remark-lint-->

* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams|Ed448Params}
* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams}
* `key`: {CryptoKey}
* `signature`: {ArrayBuffer|TypedArray|DataView|Buffer}
* `data`: {ArrayBuffer|TypedArray|DataView|Buffer}
Expand All @@ -975,7 +982,6 @@ The algorithms currently supported include:
* `'RSA-PSS'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`

### `subtle.wrapKey(format, key, wrappingKey, wrapAlgo)`
Expand Down Expand Up @@ -1188,7 +1194,7 @@ added: v15.0.0
added: v15.0.0
-->

* Type: {string} Must be `'ECDH'`, `'X25519'`, or `'X448'`.
* Type: {string} Must be `'ECDH'` or `'X25519'`
panva marked this conversation as resolved.
Show resolved Hide resolved

#### `ecdhKeyDeriveParams.public`

Expand Down Expand Up @@ -1279,37 +1285,6 @@ added: v15.0.0

* Type: {string} Must be one of `'P-256'`, `'P-384'`, `'P-521'`.

### Class: `Ed448Params`

<!-- YAML
added: v15.0.0
-->

#### `ed448Params.name`

<!-- YAML
added:
- v18.4.0
- v16.17.0
-->

* Type: {string} Must be `'Ed448'`.

#### `ed448Params.context`

<!-- YAML
added:
- v18.4.0
- v16.17.0
-->

* Type: {ArrayBuffer|TypedArray|DataView|Buffer|undefined}

The `context` member represents the optional context data to associate with
the message.
The Node.js Web Crypto API implementation only supports zero-length context
which is equivalent to not providing context at all.

### Class: `HkdfParams`

<!-- YAML
Expand Down
39 changes: 0 additions & 39 deletions lib/internal/crypto/cfrg.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,9 @@ function verifyAcceptableCfrgKeyUse(name, isPublic, usages) {
let checkSet;
switch (name) {
case 'X25519':
// Fall through
case 'X448':
checkSet = isPublic ? [] : ['deriveKey', 'deriveBits'];
break;
case 'Ed25519':
// Fall through
case 'Ed448':
checkSet = isPublic ? ['verify'] : ['sign'];
break;
default:
Expand All @@ -86,18 +82,6 @@ function createCFRGRawKey(name, keyData, isPublic) {
`${name} raw keys must be exactly 32-bytes`, 'DataError');
}
break;
case 'Ed448':
if (keyData.byteLength !== 57) {
throw lazyDOMException(
`${name} raw keys must be exactly 57-bytes`, 'DataError');
}
break;
case 'X448':
if (keyData.byteLength !== 56) {
throw lazyDOMException(
`${name} raw keys must be exactly 56-bytes`, 'DataError');
}
break;
}

const keyType = isPublic ? kKeyTypePublic : kKeyTypePrivate;
Expand All @@ -114,17 +98,13 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
const usageSet = new SafeSet(keyUsages);
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
if (hasAnyNotIn(usageSet, ['sign', 'verify'])) {
throw lazyDOMException(
`Unsupported key usage for an ${name} key`,
'SyntaxError');
}
break;
case 'X25519':
// Fall through
case 'X448':
if (hasAnyNotIn(usageSet, ['deriveKey', 'deriveBits'])) {
throw lazyDOMException(
`Unsupported key usage for an ${name} key`,
Expand All @@ -137,15 +117,9 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
case 'Ed25519':
genKeyType = 'ed25519';
break;
case 'Ed448':
genKeyType = 'ed448';
break;
case 'X25519':
genKeyType = 'x25519';
break;
case 'X448':
genKeyType = 'x448';
break;
}

const keyPair = await generateKeyPair(genKeyType).catch((err) => {
Expand All @@ -158,14 +132,10 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
let privateUsages;
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
publicUsages = getUsagesUnion(usageSet, 'verify');
privateUsages = getUsagesUnion(usageSet, 'sign');
break;
case 'X25519':
// Fall through
case 'X448':
publicUsages = [];
privateUsages = getUsagesUnion(usageSet, 'deriveKey', 'deriveBits');
break;
Expand Down Expand Up @@ -250,13 +220,9 @@ async function cfrgImportKey(
let checkUse;
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
checkUse = 'sig';
break;
case 'X25519':
// Fall through
case 'X448':
checkUse = 'enc';
break;
}
Expand Down Expand Up @@ -331,11 +297,6 @@ function eddsaSignVerify(key, data, { name, context }, signature) {
if (key.type !== type)
throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');

if (name === 'Ed448' && context?.byteLength) {
throw lazyDOMException(
'Non zero-length context is not yet supported.', 'NotSupportedError');
}

return jobPromise(() => new SignJob(
kCryptoJobAsync,
mode,
Expand Down
5 changes: 2 additions & 3 deletions lib/internal/crypto/diffiehellman.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -311,10 +311,9 @@ async function ecdhDeriveBits(algorithm, baseKey, length) {

if (
key.algorithm.name !== 'ECDH' &&
key.algorithm.name !== 'X25519' &&
key.algorithm.name !== 'X448'
key.algorithm.name !== 'X25519'
) {
throw lazyDOMException('Keys must be ECDH, X25519, or X448 keys', 'InvalidAccessError');
throw lazyDOMException('Keys must be ECDH or X25519 keys', 'InvalidAccessError');
}

if (key.algorithm.name !== baseKey.algorithm.name) {
Expand Down
12 changes: 0 additions & 12 deletions lib/internal/crypto/util.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -262,17 +262,6 @@ const experimentalAlgorithms = ObjectEntries({
verify: null,
importKey: null,
},
'X448': {
generateKey: null,
importKey: null,
deriveBits: 'EcdhKeyDeriveParams',
},
'Ed448': {
generateKey: null,
sign: 'Ed448Params',
verify: 'Ed448Params',
importKey: null,
},
});

for (let i = 0; i < experimentalAlgorithms.length; i++) {
Expand Down Expand Up @@ -304,7 +293,6 @@ const simpleAlgorithmDictionaries = {
salt: 'BufferSource',
info: 'BufferSource',
},
Ed448Params: { context: 'BufferSource' },
Pbkdf2Params: { hash: 'HashAlgorithmIdentifier', salt: 'BufferSource' },
RsaOaepParams: { label: 'BufferSource' },
RsaHashedImportParams: { hash: 'HashAlgorithmIdentifier' },
Expand Down
Loading
Loading