deno
deno copied to clipboard
denoland
Bug: crypto.subtle PBKDF2 "baseKey usages does not contain deriveBit"
Below script gives: InvalidAccessError: baseKey usages does not contain deriveBit
const encoder = new TextEncoder();
const pass = encoder.encode('something')
const key = await crypto.subtle.importKey(
'raw',
pass,
{name: 'PBKDF2'},
false,
['deriveKey']
);
const iterations = 10000;
const hash = 'SHA-256';
const algorithm = 'AES-CBC';
const length = 256;
const salt = encoder.encode('somesalt');
const result = await crypto.subtle.deriveKey(
{
name: 'PBKDF2',
salt: salt,
iterations,
hash
},
key,
{ name: algorithm, length },
false, // we don't need to export our key!!!
['encrypt', 'decrypt']
);
console.log(result)
Try this...
const key = await crypto.subtle.importKey(
'raw',
pass,
{name: 'PBKDF2'},
false,
['deriveBits', 'deriveKey']
);
That worked, but it seems to be a bug. Both browsers and CF workers handle it with only deriveKey.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
Can this issue be reopened? This is still an issue in the latest version of Deno (v1.32.5).
I just tested OP's code and it works as-is in web browser (Chrome 112), Node.js (v20.0.0), and bun (v0.5.9). Looks like only Deno has this bug.
Having the same issue, using deno 1.33.2 (release, aarch64-apple-darwin), v8 11.4.183.1, typescript 5.0.3. The issue does not happen in the browser or Node 19.5.0
I plan on making a PR that would fix this. Currently, the relevant part of the implementation of the spec throws an Unimplemented error.
@timonson Yes. The PR was merged. It was also part of yesterday's 1.35.0 release.