crypto: prepare webcrypto key import/export for modern algorithms #59284
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Review requested:
|
panva
force-pushed
the
webcrypto-export-refactor
branch
from
201f541 to
5045296
Compare
panva
changed the title
panva
force-pushed
the
webcrypto-export-refactor
branch
from
5045296 to
890b133
Compare
panva
force-pushed
the
webcrypto-export-refactor
branch
from
890b133 to
dac91a9
Compare
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #59284 +/- ##
==========================================
- Coverage 90.01% 89.97% -0.04%
==========================================
Files 649 649
Lines 192182 192208 +26
Branches 37660 37659 -1
==========================================
- Hits 172988 172941 -47
- Misses 11832 11873 +41
- Partials 7362 7394 +32
🚀 New features to boost your workflow:
|
anonrig
approved these changes
Aug 2, 2025
panva
added
the
author ready
RafaelGSS
approved these changes
Aug 5, 2025
panva
added
the
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in 700a965 |
panva
added a commit
to panva/node
that referenced
this pull request
Aug 7, 2025
PR-URL: nodejs#59284 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
targos
pushed a commit
that referenced
this pull request
Aug 8, 2025
PR-URL: #59284 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
mete0rfish
pushed a commit
to mete0rfish/node-contribute
that referenced
this pull request
Aug 9, 2025
PR-URL: nodejs#59284 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
panva
added a commit
to panva/node
that referenced
this pull request
Aug 9, 2025
PR-URL: nodejs#59284 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
PR-URL: #59284 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Aug 16, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `24.5.0` -> `24.6.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v24.6.0`](https://github.com/nodejs/node/releases/tag/v24.6.0): 2025-08-14, Version 24.6.0 (Current), @​RafaelGSS [Compare Source](nodejs/node@v24.5.0...v24.6.0) ##### Notable Changes - \[[`471fe712b3`](nodejs/node@471fe712b3)] - **(SEMVER-MINOR)** **cli**: add NODE\_USE\_SYSTEM\_CA=1 (Joyee Cheung) [#​59276](nodejs/node#59276) - \[[`38aedfbf73`](nodejs/node@38aedfbf73)] - **(SEMVER-MINOR)** **crypto**: support ML-DSA KeyObject, sign, and verify (Filip Skokan) [#​59259](nodejs/node#59259) - \[[`201304537e`](nodejs/node@201304537e)] - **(SEMVER-MINOR)** **zlib**: add dictionary support to zstdCompress and zstdDecompress (lluisemper) [#​59240](nodejs/node#59240) - \[[`e79c93a5d0`](nodejs/node@e79c93a5d0)] - **(SEMVER-MINOR)** **http**: add server.keepAliveTimeoutBuffer option (Haram Jeong) [#​59243](nodejs/node#59243) - \[[`c144d69efc`](nodejs/node@c144d69efc)] - **lib**: docs deprecate \_http\_\* (Sebastian Beltran) [#​59293](nodejs/node#59293) - \[[`aeb4de55a7`](nodejs/node@aeb4de55a7)] - **(SEMVER-MINOR)** **fs**: port SonicBoom module to fs module as Utf8Stream (James M Snell) [#​58897](nodejs/node#58897) ##### Commits - \[[`f7484575ff`](nodejs/node@f7484575ff)] - **assert**: change utils to use index instead of for...of (방진혁) [#​59278](nodejs/node#59278) - \[[`269cd16185`](nodejs/node@269cd16185)] - **benchmark**: remove deprecated \_extend from benchmark (Rafael Gonzaga) [#​59228](nodejs/node#59228) - \[[`848e49c20b`](nodejs/node@848e49c20b)] - **benchmark**: add fs warmup to writefile-promises (Bruno Rodrigues) [#​59215](nodejs/node#59215) - \[[`8c609be1b1`](nodejs/node@8c609be1b1)] - **benchmark**: add calibrate-n script (Rafael Gonzaga) [#​59186](nodejs/node#59186) - \[[`6a3bf772d8`](nodejs/node@6a3bf772d8)] - **build**: fix node\_use\_sqlite for GN builds (Shelley Vohr) [#​59017](nodejs/node#59017) - \[[`471fe712b3`](nodejs/node@471fe712b3)] - **(SEMVER-MINOR)** **cli**: add NODE\_USE\_SYSTEM\_CA=1 (Joyee Cheung) [#​59276](nodejs/node#59276) - \[[`38aedfbf73`](nodejs/node@38aedfbf73)] - **(SEMVER-MINOR)** **crypto**: support ML-DSA KeyObject, sign, and verify (Filip Skokan) [#​59259](nodejs/node#59259) - \[[`a312e706cf`](nodejs/node@a312e706cf)] - **crypto**: prepare webcrypto key import/export for modern algorithms (Filip Skokan) [#​59284](nodejs/node#59284) - \[[`3a7c2c3a47`](nodejs/node@3a7c2c3a47)] - **deps**: update ada to 3.2.7 (Node.js GitHub Bot) [#​59336](nodejs/node#59336) - \[[`8d9ceeaf6a`](nodejs/node@8d9ceeaf6a)] - **deps**: update archs files for openssl-3.5.2 (Node.js GitHub Bot) [#​59371](nodejs/node#59371) - \[[`33b06df354`](nodejs/node@33b06df354)] - **deps**: upgrade openssl sources to openssl-3.5.2 (Node.js GitHub Bot) [#​59371](nodejs/node#59371) - \[[`fa70f1af77`](nodejs/node@fa70f1af77)] - **deps**: support madvise(3C) across ALL illumos revisions (Dan McDonald) [#​58237](nodejs/node#58237) - \[[`f834a6be59`](nodejs/node@f834a6be59)] - **deps**: update undici to 7.13.0 (Node.js GitHub Bot) [#​59338](nodejs/node#59338) - \[[`db2417487e`](nodejs/node@db2417487e)] - **deps**: update sqlite to 3.50.4 (Node.js GitHub Bot) [#​59337](nodejs/node#59337) - \[[`41978adb08`](nodejs/node@41978adb08)] - **deps**: V8: backport [`493cb53`](nodejs/node@493cb53691be) (Chengzhong Wu) [#​59238](nodejs/node#59238) - \[[`05667991ca`](nodejs/node@05667991ca)] - **deps**: V8: backport [`1c3e018`](nodejs/node@1c3e018e7d48) (Renegade334) [#​58818](nodejs/node#58818) - \[[`fd61588bb4`](nodejs/node@fd61588bb4)] - **doc**: rename x509.extKeyUsage to x509.keyUsage (Filip Skokan) [#​59332](nodejs/node#59332) - \[[`a271ae4360`](nodejs/node@a271ae4360)] - **doc**: fix Pbkdf2Params hash attribute heading (Filip Skokan) [#​59395](nodejs/node#59395) - \[[`72cfff165b`](nodejs/node@72cfff165b)] - **doc**: fix missing reference links for server.keepAliveTimeoutBuffer (Lee Jiho) [#​59356](nodejs/node#59356) - \[[`8341916772`](nodejs/node@8341916772)] - **doc**: fix grammar in global dispatcher usage (Eng Zer Jun) [#​59344](nodejs/node#59344) - \[[`e3e489706b`](nodejs/node@e3e489706b)] - **doc**: run license-builder (github-actions\[bot]) [#​59343](nodejs/node#59343) - \[[`46527e8cea`](nodejs/node@46527e8cea)] - **doc**: correct orthography `eg.` → `e.g.` (Jacob Smith) [#​59329](nodejs/node#59329) - \[[`d140c3713e`](nodejs/node@d140c3713e)] - **doc**: clarify the need of compiler compatible with c++20 (Rafael Gonzaga) [#​59297](nodejs/node#59297) - \[[`95e9cabf9d`](nodejs/node@95e9cabf9d)] - **doc**: clarify release candidate stability index (Filip Skokan) [#​59295](nodejs/node#59295) - \[[`a056dd36d2`](nodejs/node@a056dd36d2)] - **doc**: add WDYT to glossary (btea) [#​59280](nodejs/node#59280) - \[[`1e2c52f5c4`](nodejs/node@1e2c52f5c4)] - **doc**: add manpage entry for --use-system-ca (Joyee Cheung) [#​59273](nodejs/node#59273) - \[[`31a46fdeb4`](nodejs/node@31a46fdeb4)] - **doc**: add path.join and path.normalize clarification (Rafael Gonzaga) [#​59262](nodejs/node#59262) - \[[`cff3725ff9`](nodejs/node@cff3725ff9)] - **doc**: fix typo in `test/common/README.md` (Yoo) [#​59180](nodejs/node#59180) - \[[`31a9283591`](nodejs/node@31a9283591)] - **doc**: add note on process memoryUsage (fengmk2) [#​59026](nodejs/node#59026) - \[[`5a98bff6b8`](nodejs/node@5a98bff6b8)] - **doc**: format safely for `doc-kit` (Aviv Keller) [#​59229](nodejs/node#59229) - \[[`95b8b7ea5c`](nodejs/node@95b8b7ea5c)] - **domain**: remove deprecated API call (Alex Yang) [#​59339](nodejs/node#59339) - \[[`2990f178bd`](nodejs/node@2990f178bd)] - **fs**: fix glob TypeError on restricted dirs (Sylphy-0xd3ac) [#​58674](nodejs/node#58674) - \[[`e2fb4caf9c`](nodejs/node@e2fb4caf9c)] - **fs**: correct error message when FileHandle is transferred (Alex Yang) [#​59156](nodejs/node#59156) - \[[`aeb4de55a7`](nodejs/node@aeb4de55a7)] - **(SEMVER-MINOR)** **fs**: port SonicBoom module to fs module as Utf8Stream (James M Snell) [#​58897](nodejs/node#58897) - \[[`e79c93a5d0`](nodejs/node@e79c93a5d0)] - **(SEMVER-MINOR)** **http**: add server.keepAliveTimeoutBuffer option (Haram Jeong) [#​59243](nodejs/node#59243) - \[[`0fb005a53f`](nodejs/node@0fb005a53f)] - **http2**: set Http2Stream#sentHeaders for raw headers (Darshan Sen) [#​59244](nodejs/node#59244) - \[[`e055539604`](nodejs/node@e055539604)] - **lib**: add trace-sigint APIs (theanarkh) [#​59040](nodejs/node#59040) - \[[`d2183d860a`](nodejs/node@d2183d860a)] - **lib**: optimize writable stream buffer clearing (Yoo) [#​59406](nodejs/node#59406) - \[[`47543a7e17`](nodejs/node@47543a7e17)] - **lib**: handle windows reserved device names on UNC (Rafael Gonzaga) [#​59286](nodejs/node#59286) - \[[`c6911f0717`](nodejs/node@c6911f0717)] - **lib**: do not modify prototype deprecated asyncResource (RafaelGSS) [#​59195](nodejs/node#59195) - \[[`3c88b769bb`](nodejs/node@3c88b769bb)] - **lib**: restructure assert to become a class (Miguel Marcondes Filho) [#​58253](nodejs/node#58253) - \[[`e91b54df59`](nodejs/node@e91b54df59)] - **lib**: handle superscript variants on windows device (Rafael Gonzaga) [#​59261](nodejs/node#59261) - \[[`4ee467905d`](nodejs/node@4ee467905d)] - **lib**: use validateString (hotpineapple) [#​59296](nodejs/node#59296) - \[[`c144d69efc`](nodejs/node@c144d69efc)] - **lib**: docs deprecate \_http\_\* (Sebastian Beltran) [#​59293](nodejs/node#59293) - \[[`c89b67e681`](nodejs/node@c89b67e681)] - **lib**: add type names in source mapped stack traces (Chengzhong Wu) [#​58976](nodejs/node#58976) - \[[`5b2363be8d`](nodejs/node@5b2363be8d)] - **lib**: prefer AsyncIteratorPrototype primordial (René) [#​59097](nodejs/node#59097) - \[[`41b4f4d694`](nodejs/node@41b4f4d694)] - **meta**: clarify pr objection process further (James M Snell) [#​59096](nodejs/node#59096) - \[[`0eb5962f1e`](nodejs/node@0eb5962f1e)] - **meta**: add mailmap entry for aditi-1400 (Aditi) [#​59316](nodejs/node#59316) - \[[`a2b72c2304`](nodejs/node@a2b72c2304)] - **meta**: add tsc and build team as codeowners building.md (Rafael Gonzaga) [#​59298](nodejs/node#59298) - \[[`d69f3ee1e0`](nodejs/node@d69f3ee1e0)] - **meta**: add nodejs/path to path files (Rafael Gonzaga) [#​59289](nodejs/node#59289) - \[[`1e37eab865`](nodejs/node@1e37eab865)] - **node-api**: reword "implementation in an alternative VM" as implementable (Chengzhong Wu) [#​59036](nodejs/node#59036) - \[[`64add6302a`](nodejs/node@64add6302a)] - **src**: use simdjson to parse SEA configuration (Joyee Cheung) [#​59323](nodejs/node#59323) - \[[`e9c6636585`](nodejs/node@e9c6636585)] - **src**: mark realm leaf classes final (Anna Henningsen) [#​59355](nodejs/node#59355) - \[[`42ef8147d1`](nodejs/node@42ef8147d1)] - **src**: warn about FastOneByteString invalidation (James M Snell) [#​59275](nodejs/node#59275) - \[[`8686b8037a`](nodejs/node@8686b8037a)] - **src**: remove unused DSAKeyExportJob (Filip Skokan) [#​59291](nodejs/node#59291) - \[[`1e5f632666`](nodejs/node@1e5f632666)] - **src**: use C++20 `contains()` method (iknoom) [#​59304](nodejs/node#59304) - \[[`22d4683cfe`](nodejs/node@22d4683cfe)] - **src**: added CHECK\_NOT\_NULL check for multiple eq\_wrap\_async (F3lixTheCat) [#​59267](nodejs/node#59267) - \[[`6a47ff4943`](nodejs/node@6a47ff4943)] - **src**: clear all linked module caches once instantiated (Chengzhong Wu) [#​59117](nodejs/node#59117) - \[[`33728cb4ca`](nodejs/node@33728cb4ca)] - **src**: add nullptr checks in `StreamPipe::New` (Burkov Egor) [#​57613](nodejs/node#57613) - \[[`4a907bdad1`](nodejs/node@4a907bdad1)] - **src**: add percentage support to --max-old-space-size (Asaf Federman) [#​59082](nodejs/node#59082) - \[[`7c189d4f55`](nodejs/node@7c189d4f55)] - **test**: deflake sequential/test-tls-session-timeout (Joyee Cheung) [#​59423](nodejs/node#59423) - \[[`fb0a6fb57f`](nodejs/node@fb0a6fb57f)] - **test**: exclude mock from coverage (Shima Ryuhei) [#​59348](nodejs/node#59348) - \[[`7e10f95f13`](nodejs/node@7e10f95f13)] - **test**: split test-fs-cp.js (Joyee Cheung) [#​59408](nodejs/node#59408) - \[[`41bcf5f659`](nodejs/node@41bcf5f659)] - **test**: update WPT resources,WebCryptoAPI,webstorage (Filip Skokan) [#​59311](nodejs/node#59311) - \[[`f9f3dc94cb`](nodejs/node@f9f3dc94cb)] - **test**: add known issue test for fs.cpSync dereference bug (James M Snell) [#​58941](nodejs/node#58941) - \[[`244d0c38a8`](nodejs/node@244d0c38a8)] - **test**: deflake stream-readable-to-web test (Ethan Arrowood) [#​58948](nodejs/node#58948) - \[[`564e604a1a`](nodejs/node@564e604a1a)] - **test**: make test-inspector-network-resource sequential (Shima Ryuhei) [#​59104](nodejs/node#59104) - \[[`7ab13b7477`](nodejs/node@7ab13b7477)] - **test**: don't use expose internals in test-http-outgoing-buffer.js (Meghan Denny) [#​59219](nodejs/node#59219) - \[[`319df3859a`](nodejs/node@319df3859a)] - **test,crypto**: skip unsupported ciphers (Shelley Vohr) [#​59388](nodejs/node#59388) - \[[`713c70c32a`](nodejs/node@713c70c32a)] - **test\_runner**: remove unused callee convertion (Alex Yang) [#​59221](nodejs/node#59221) - \[[`e4ca30e115`](nodejs/node@e4ca30e115)] - **tools**: disable nullability-completeness warnings (Michaël Zasso) [#​59392](nodejs/node#59392) - \[[`dab7f6b542`](nodejs/node@dab7f6b542)] - **tools**: check for std::vector\<v8::Local> in lint (Aditi) [#​58497](nodejs/node#58497) - \[[`7b94982eb0`](nodejs/node@7b94982eb0)] - **tools**: allow selecting test subsystems with numbers in their names (Darshan Sen) [#​59242](nodejs/node#59242) - \[[`16bbcd8881`](nodejs/node@16bbcd8881)] - **typings**: improve internal binding types (Nam Yooseong) [#​59351](nodejs/node#59351) - \[[`76bc4d659b`](nodejs/node@76bc4d659b)] - **typings**: improve internal binding types (Michaël Zasso) [#​59176](nodejs/node#59176) - \[[`eecd3272a6`](nodejs/node@eecd3272a6)] - **worker**: add name for worker (theanarkh) [#​59213](nodejs/node#59213) - \[[`84c3513ce2`](nodejs/node@84c3513ce2)] - **worker**: implements nits in Web Locks code (Antoine du Hamel) [#​59270](nodejs/node#59270) - \[[`bd68fbd753`](nodejs/node@bd68fbd753)] - **worker**: add cpuUsage for worker (theanarkh) [#​59177](nodejs/node#59177) - \[[`201304537e`](nodejs/node@201304537e)] - **(SEMVER-MINOR)** **zlib**: add dictionary support to zstdCompress and zstdDecompress (lluisemper) [#​59240](nodejs/node#59240) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS43MS4wIiwidXBkYXRlZEluVmVyIjoiNDEuNzEuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90Il19-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR does not change any observable behaviour in codes or import/export key results. It refactors the code in preparation for the upcoming https://redirect.github.com/WICG/proposals/issues/220 webcrypto extension.
This will keep the diffs from future modern algos implementation PRs cleaner.