bun.sh

mirrors/bun.sh

Fork 0

mirror of https://github.com/oven-sh/bun synced 2026-02-09 18:38:55 +00:00

Commit Graph

Author	SHA1	Message	Date
robobun	df5d0fcfa1	fix: ensure EC private key JWK "d" field has correct length (#24400 ) ## Summary Fixes incorrect JWK "d" field length for exported elliptic curve private keys. The "d" field is now correctly padded to ensure RFC 7518 compliance. ## Problem When exporting EC private keys to JWK format, the "d" field would sometimes be shorter than required by RFC 7518 because `convertToBytes()` doesn't pad the result when the BIGNUM has leading zeros. This caused incompatibility with Chrome's strict validation, though Node.js and Firefox would accept the malformed keys. Expected lengths per RFC 7518: - P-256: 32 bytes → 43 base64url characters - P-384: 48 bytes → 64 base64url characters - P-521: 66 bytes → 88 base64url characters ## Solution Changed `src/bun.js/bindings/webcrypto/CryptoKeyECOpenSSL.cpp:420` to use `convertToBytesExpand(privateKey, keySizeInBytes)` instead of `convertToBytes(privateKey)`, ensuring the private key is padded with leading zeros when necessary. This matches the behavior already used for the x and y public key coordinates. ## Test plan - ✅ Added regression test in `test/regression/issue/24399.test.ts` that generates multiple keys for each curve and verifies correct "d" field length - ✅ Test fails with `USE_SYSTEM_BUN=1 bun test` (reproduces the bug) - ✅ Test passes with `bun bd test` (verifies the fix) - ✅ Existing crypto tests pass Fixes #24399 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Bot <claude-bot@bun.sh> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2025-11-05 13:49:13 -08:00

Author

SHA1

Message

Date

robobun

df5d0fcfa1

fix: ensure EC private key JWK "d" field has correct length (#24400 )

## Summary

Fixes incorrect JWK "d" field length for exported elliptic curve private
keys. The "d" field is now correctly padded to ensure RFC 7518
compliance.

## Problem

When exporting EC private keys to JWK format, the "d" field would
sometimes be shorter than required by RFC 7518 because
`convertToBytes()` doesn't pad the result when the BIGNUM has leading
zeros. This caused incompatibility with Chrome's strict validation,
though Node.js and Firefox would accept the malformed keys.

Expected lengths per RFC 7518:
- P-256: 32 bytes → 43 base64url characters
- P-384: 48 bytes → 64 base64url characters  
- P-521: 66 bytes → 88 base64url characters

## Solution

Changed `src/bun.js/bindings/webcrypto/CryptoKeyECOpenSSL.cpp:420` to
use `convertToBytesExpand(privateKey, keySizeInBytes)` instead of
`convertToBytes(privateKey)`, ensuring the private key is padded with
leading zeros when necessary. This matches the behavior already used for
the x and y public key coordinates.

## Test plan

- ✅ Added regression test in `test/regression/issue/24399.test.ts` that
generates multiple keys for each curve and verifies correct "d" field
length
- ✅ Test fails with `USE_SYSTEM_BUN=1 bun test` (reproduces the bug)
- ✅ Test passes with `bun bd test` (verifies the fix)
- ✅ Existing crypto tests pass

Fixes #24399

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Claude Bot <claude-bot@bun.sh>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

2025-11-05 13:49:13 -08:00

1 Commits