mirror of
https://github.com/oven-sh/bun
synced 2026-02-09 18:38:55 +00:00
df5d0fcfa1
## Summary Fixes incorrect JWK "d" field length for exported elliptic curve private keys. The "d" field is now correctly padded to ensure RFC 7518 compliance. ## Problem When exporting EC private keys to JWK format, the "d" field would sometimes be shorter than required by RFC 7518 because `convertToBytes()` doesn't pad the result when the BIGNUM has leading zeros. This caused incompatibility with Chrome's strict validation, though Node.js and Firefox would accept the malformed keys. Expected lengths per RFC 7518: - P-256: 32 bytes → 43 base64url characters - P-384: 48 bytes → 64 base64url characters - P-521: 66 bytes → 88 base64url characters ## Solution Changed `src/bun.js/bindings/webcrypto/CryptoKeyECOpenSSL.cpp:420` to use `convertToBytesExpand(privateKey, keySizeInBytes)` instead of `convertToBytes(privateKey)`, ensuring the private key is padded with leading zeros when necessary. This matches the behavior already used for the x and y public key coordinates. ## Test plan - ✅ Added regression test in `test/regression/issue/24399.test.ts` that generates multiple keys for each curve and verifies correct "d" field length - ✅ Test fails with `USE_SYSTEM_BUN=1 bun test` (reproduces the bug) - ✅ Test passes with `bun bd test` (verifies the fix) - ✅ Existing crypto tests pass Fixes #24399 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Bot <claude-bot@bun.sh> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2.2 KiB
2.2 KiB