Skip to content

Commit

Permalink
crypto: remove experimental Curve448 WebCryptoAPI algorithms
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Oct 1, 2024
1 parent cebf21d commit 40465c9
Show file tree
Hide file tree
Showing 20 changed files with 93 additions and 391 deletions.
77 changes: 26 additions & 51 deletions doc/api/webcrypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@

<!-- YAML
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v20.0.0
- v18.17.0
Expand Down Expand Up @@ -113,7 +116,7 @@ async function generateEcKey(namedCurve = 'P-521') {
}
```

#### Ed25519/Ed448/X25519/X448 key pairs
#### Ed25519/X25519 key pairs

> Stability: 1 - Experimental
Expand Down Expand Up @@ -360,10 +363,8 @@ implementation and the APIs supported for each:
| `'RSA-OAEP'` |||||||| | | | | |
| `'ECDSA'` |||| | | | | | ||| |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] |||| | | | | | ||| |
| `'Ed448'` <span class="experimental-inline"></span>[^1] |||| | | | | | ||| |
| `'ECDH'` |||| | | | ||| | | |
| `'X25519'` <span class="experimental-inline"></span>[^1] |||| | | | ||| | | |
| `'X448'` <span class="experimental-inline"></span>[^1] |||| | | | ||| | | |
| `'AES-CTR'` |||||||| | | | | |
| `'AES-CBC'` |||||||| | | | | |
| `'AES-GCM'` |||||||| | | | | |
Expand Down Expand Up @@ -504,10 +505,8 @@ Valid key usages depend on the key algorithm (identified by
| `'AES-KW'` | | | | | | |||
| `'ECDH'` | | | | ||| | |
| `'X25519'` <span class="experimental-inline"></span>[^1] | | | | ||| | |
| `'X448'` <span class="experimental-inline"></span>[^1] | | | | ||| | |
| `'ECDSA'` | | ||| | | | |
| `'Ed25519'` <span class="experimental-inline"></span>[^1] | | ||| | | | |
| `'Ed448'` <span class="experimental-inline"></span>[^1] | | ||| | | | |
| `'HDKF'` | | | | ||| | |
| `'HMAC'` | | ||| | | | |
| `'PBKDF2'` | | | | ||| | |
Expand Down Expand Up @@ -574,6 +573,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'X448'` algorithm.
- version:
- v22.5.0
- v20.17.0
Expand Down Expand Up @@ -604,7 +606,7 @@ The Node.js implementation requires that `length`, when a number, is a multiple
of `8`.

When `length` is not provided or `null` the maximum number of bits for a given
algorithm is generated. This is allowed for the `'ECDH'`, `'X25519'`, and `'X448'`
algorithm is generated. This is allowed for the `'ECDH'` and `'X25519'`
algorithms, for other algorithms `length` is required to be a number.

If successful, the returned promise will be resolved with an {ArrayBuffer}
Expand All @@ -614,7 +616,6 @@ The algorithms currently supported include:

* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HKDF'`
* `'PBKDF2'`

Expand All @@ -623,6 +624,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'X448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -654,7 +658,6 @@ The algorithms currently supported include:

* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HKDF'`
* `'PBKDF2'`

Expand Down Expand Up @@ -710,6 +713,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -746,7 +752,6 @@ specification.
| `'ECDH'` |||||
| `'ECDSA'` |||||
| `'Ed25519'` <span class="experimental-inline"></span>[^1] |||||
| `'Ed448'` <span class="experimental-inline"></span>[^1] |||||
| `'HDKF'` | | | | |
| `'HMAC'` | | |||
| `'PBKDF2'` | | | | |
Expand Down Expand Up @@ -782,10 +787,8 @@ include:
* `'RSA-OAEP'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]

The {CryptoKey} (secret key) generating algorithms supported include:

Expand All @@ -800,6 +803,9 @@ The {CryptoKey} (secret key) generating algorithms supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'Ed448'` and `'X448'` algorithms.
- version:
- v18.4.0
- v16.17.0
Expand Down Expand Up @@ -841,10 +847,8 @@ The algorithms currently supported include:
| `'AES-KW'` | | |||
| `'ECDH'` |||||
| `'X25519'` <span class="experimental-inline"></span>[^1] |||||
| `'X448'` <span class="experimental-inline"></span>[^1] |||||
| `'ECDSA'` |||||
| `'Ed25519'` <span class="experimental-inline"></span>[^1] |||||
| `'Ed448'` <span class="experimental-inline"></span>[^1] |||||
| `'HDKF'` | | | ||
| `'HMAC'` | | |||
| `'PBKDF2'` | | | ||
Expand All @@ -857,6 +861,9 @@ The algorithms currently supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'Ed448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand All @@ -866,7 +873,7 @@ changes:

<!--lint disable maximum-line-length remark-lint-->

* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams|Ed448Params}
* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams}
* `key`: {CryptoKey}
* `data`: {ArrayBuffer|TypedArray|DataView|Buffer}
* Returns: {Promise} Fulfills with an {ArrayBuffer}
Expand All @@ -884,7 +891,6 @@ The algorithms currently supported include:
* `'RSA-PSS'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`

### `subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)`
Expand Down Expand Up @@ -932,10 +938,8 @@ The unwrapped key algorithms supported include:
* `'RSA-OAEP'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'ECDH'`
* `'X25519'` <span class="experimental-inline"></span>[^1]
* `'X448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`
* `'AES-CTR'`
* `'AES-CBC'`
Expand All @@ -947,6 +951,9 @@ The unwrapped key algorithms supported include:
<!-- YAML
added: v15.0.0
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/REPLACEME
description: Removed the `'Ed448'` algorithm.
- version:
- v18.4.0
- v16.17.0
Expand All @@ -956,7 +963,7 @@ changes:

<!--lint disable maximum-line-length remark-lint-->

* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams|Ed448Params}
* `algorithm`: {AlgorithmIdentifier|RsaPssParams|EcdsaParams}
* `key`: {CryptoKey}
* `signature`: {ArrayBuffer|TypedArray|DataView|Buffer}
* `data`: {ArrayBuffer|TypedArray|DataView|Buffer}
Expand All @@ -975,7 +982,6 @@ The algorithms currently supported include:
* `'RSA-PSS'`
* `'ECDSA'`
* `'Ed25519'` <span class="experimental-inline"></span>[^1]
* `'Ed448'` <span class="experimental-inline"></span>[^1]
* `'HMAC'`

### `subtle.wrapKey(format, key, wrappingKey, wrapAlgo)`
Expand Down Expand Up @@ -1188,7 +1194,7 @@ added: v15.0.0
added: v15.0.0
-->

* Type: {string} Must be `'ECDH'`, `'X25519'`, or `'X448'`.
* Type: {string} Must be `'ECDH'` or `'X25519'`

#### `ecdhKeyDeriveParams.public`

Expand Down Expand Up @@ -1279,37 +1285,6 @@ added: v15.0.0

* Type: {string} Must be one of `'P-256'`, `'P-384'`, `'P-521'`.

### Class: `Ed448Params`

<!-- YAML
added: v15.0.0
-->

#### `ed448Params.name`

<!-- YAML
added:
- v18.4.0
- v16.17.0
-->

* Type: {string} Must be `'Ed448'`.

#### `ed448Params.context`

<!-- YAML
added:
- v18.4.0
- v16.17.0
-->

* Type: {ArrayBuffer|TypedArray|DataView|Buffer|undefined}

The `context` member represents the optional context data to associate with
the message.
The Node.js Web Crypto API implementation only supports zero-length context
which is equivalent to not providing context at all.

### Class: `HkdfParams`

<!-- YAML
Expand Down
39 changes: 0 additions & 39 deletions lib/internal/crypto/cfrg.js
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,9 @@ function verifyAcceptableCfrgKeyUse(name, isPublic, usages) {
let checkSet;
switch (name) {
case 'X25519':
// Fall through
case 'X448':
checkSet = isPublic ? [] : ['deriveKey', 'deriveBits'];
break;
case 'Ed25519':
// Fall through
case 'Ed448':
checkSet = isPublic ? ['verify'] : ['sign'];
break;
default:
Expand All @@ -86,18 +82,6 @@ function createCFRGRawKey(name, keyData, isPublic) {
`${name} raw keys must be exactly 32-bytes`, 'DataError');
}
break;
case 'Ed448':
if (keyData.byteLength !== 57) {
throw lazyDOMException(
`${name} raw keys must be exactly 57-bytes`, 'DataError');
}
break;
case 'X448':
if (keyData.byteLength !== 56) {
throw lazyDOMException(
`${name} raw keys must be exactly 56-bytes`, 'DataError');
}
break;
}

const keyType = isPublic ? kKeyTypePublic : kKeyTypePrivate;
Expand All @@ -114,17 +98,13 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
const usageSet = new SafeSet(keyUsages);
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
if (hasAnyNotIn(usageSet, ['sign', 'verify'])) {
throw lazyDOMException(
`Unsupported key usage for an ${name} key`,
'SyntaxError');
}
break;
case 'X25519':
// Fall through
case 'X448':
if (hasAnyNotIn(usageSet, ['deriveKey', 'deriveBits'])) {
throw lazyDOMException(
`Unsupported key usage for an ${name} key`,
Expand All @@ -137,15 +117,9 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
case 'Ed25519':
genKeyType = 'ed25519';
break;
case 'Ed448':
genKeyType = 'ed448';
break;
case 'X25519':
genKeyType = 'x25519';
break;
case 'X448':
genKeyType = 'x448';
break;
}

const keyPair = await generateKeyPair(genKeyType).catch((err) => {
Expand All @@ -158,14 +132,10 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
let privateUsages;
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
publicUsages = getUsagesUnion(usageSet, 'verify');
privateUsages = getUsagesUnion(usageSet, 'sign');
break;
case 'X25519':
// Fall through
case 'X448':
publicUsages = [];
privateUsages = getUsagesUnion(usageSet, 'deriveKey', 'deriveBits');
break;
Expand Down Expand Up @@ -250,13 +220,9 @@ async function cfrgImportKey(
let checkUse;
switch (name) {
case 'Ed25519':
// Fall through
case 'Ed448':
checkUse = 'sig';
break;
case 'X25519':
// Fall through
case 'X448':
checkUse = 'enc';
break;
}
Expand Down Expand Up @@ -331,11 +297,6 @@ function eddsaSignVerify(key, data, { name, context }, signature) {
if (key.type !== type)
throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');

if (name === 'Ed448' && context?.byteLength) {
throw lazyDOMException(
'Non zero-length context is not yet supported.', 'NotSupportedError');
}

return jobPromise(() => new SignJob(
kCryptoJobAsync,
mode,
Expand Down
5 changes: 2 additions & 3 deletions lib/internal/crypto/diffiehellman.js
Original file line number Diff line number Diff line change
Expand Up @@ -311,10 +311,9 @@ async function ecdhDeriveBits(algorithm, baseKey, length) {

if (
key.algorithm.name !== 'ECDH' &&
key.algorithm.name !== 'X25519' &&
key.algorithm.name !== 'X448'
key.algorithm.name !== 'X25519'
) {
throw lazyDOMException('Keys must be ECDH, X25519, or X448 keys', 'InvalidAccessError');
throw lazyDOMException('Keys must be ECDH or X25519 keys', 'InvalidAccessError');
}

if (key.algorithm.name !== baseKey.algorithm.name) {
Expand Down
12 changes: 0 additions & 12 deletions lib/internal/crypto/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -262,17 +262,6 @@ const experimentalAlgorithms = ObjectEntries({
verify: null,
importKey: null,
},
'X448': {
generateKey: null,
importKey: null,
deriveBits: 'EcdhKeyDeriveParams',
},
'Ed448': {
generateKey: null,
sign: 'Ed448Params',
verify: 'Ed448Params',
importKey: null,
},
});

for (let i = 0; i < experimentalAlgorithms.length; i++) {
Expand Down Expand Up @@ -304,7 +293,6 @@ const simpleAlgorithmDictionaries = {
salt: 'BufferSource',
info: 'BufferSource',
},
Ed448Params: { context: 'BufferSource' },
Pbkdf2Params: { hash: 'HashAlgorithmIdentifier', salt: 'BufferSource' },
RsaOaepParams: { label: 'BufferSource' },
RsaHashedImportParams: { hash: 'HashAlgorithmIdentifier' },
Expand Down
Loading

0 comments on commit 40465c9

Please sign in to comment.