Skip to content

crypto: fix subtle.getPublicKey error for secret type key inputs #59558

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

crypto: fix subtle.getPublicKey error for secret type key inputs #59558

wants to merge 1 commit into from
+8 −2

Conversation

panva
Copy link
Member

@panva panva commented Aug 20, 2025

As per https://wicg.github.io/webcrypto-modern-algos/#SubtleCrypto-method-getPublicKey

  1. If the cryptographic algorithm identified by algorithm does not support deriving a public key from a private key, then return a Promise rejected with a NotSupportedError.

Any secret-type key input should give NotSupportedError.

  1. If the [[type]] internal slot of key is not "private", then throw an InvalidAccessError.

Public-type key input should give InvalidAccessError.

@panva panva added confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem. experimental Issues and PRs related to experimental features. webcrypto dont-land-on-v20.x PRs that should not land on the v20.x-staging branch and should not be released in v20.x. dont-land-on-v22.x PRs that should not land on the v22.x-staging branch and should not be released in v22.x. labels Aug 20, 2025
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added the needs-ci PRs that need a full CI run. label Aug 20, 2025
@codecov Codecov
Copy link

codecov bot commented Aug 20, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.86%. Comparing base (d30090b) to head (450b16f).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #59558      +/-   ##
==========================================
+ Coverage   89.74%   89.86%   +0.11%     
==========================================
  Files         667      667              
  Lines      195301   195321      +20     
  Branches    38261    38341      +80     
==========================================
+ Hits       175280   175517     +237     
+ Misses      12465    12257     -208     
+ Partials     7556     7547       -9
Files with missing lines Coverage Δ
lib/internal/crypto/webcrypto.js 97.40% <100.00%> (+0.07%) ⬆️

... and 44 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/68772/

@panva panva added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Aug 20, 2025
@panva panva force-pushed the fix-getPublicKey-order branch from c49bbb9 to 450b16f Compare August 21, 2025 14:25
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/68798/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/68805/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anonrig anonrig anonrig approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem. dont-land-on-v20.x PRs that should not land on the v20.x-staging branch and should not be released in v20.x. dont-land-on-v22.x PRs that should not land on the v22.x-staging branch and should not be released in v22.x. experimental Issues and PRs related to experimental features. needs-ci PRs that need a full CI run. webcrypto
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@panva @nodejs-github-bot @anonrig