diff --git a/lib/internal/crypto/argon2.js b/lib/internal/crypto/argon2.js index 3ae009e04a3302..1d2b8b7cac91e9 100644 --- a/lib/internal/crypto/argon2.js +++ b/lib/internal/crypto/argon2.js @@ -4,6 +4,7 @@ const { FunctionPrototypeCall, MathPow, StringPrototypeToLowerCase, + TypedArrayPrototypeGetBuffer, Uint8Array, } = primordials; @@ -231,7 +232,7 @@ async function argon2DeriveBits(algorithm, baseKey, length) { { name: 'OperationError', cause: err }); } - return result.buffer; + return TypedArrayPrototypeGetBuffer(result); } module.exports = { diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js index b6ba8cfc78541e..58e2bc0c91ec3c 100644 --- a/lib/internal/crypto/diffiehellman.js +++ b/lib/internal/crypto/diffiehellman.js @@ -6,6 +6,7 @@ const { MathCeil, ObjectDefineProperty, SafeSet, + TypedArrayPrototypeGetBuffer, Uint8Array, } = primordials; @@ -377,7 +378,7 @@ async function ecdhDeriveBits(algorithm, baseKey, length) { const masked = new Uint8Array(slice); masked[sliceLength - 1] = masked[sliceLength - 1] & masks[mod]; - return masked.buffer; + return TypedArrayPrototypeGetBuffer(masked); } module.exports = { diff --git a/lib/internal/crypto/ml_dsa.js b/lib/internal/crypto/ml_dsa.js index 966f5b0d222fd0..fd04230f29c088 100644 --- a/lib/internal/crypto/ml_dsa.js +++ b/lib/internal/crypto/ml_dsa.js @@ -2,6 +2,8 @@ const { SafeSet, + TypedArrayPrototypeGetBuffer, + TypedArrayPrototypeSet, Uint8Array, } = primordials; @@ -119,35 +121,30 @@ function mlDsaExportKey(key, format) { switch (format) { case kWebCryptoKeyFormatRaw: { if (key[kKeyType] === 'private') { - return key[kKeyObject][kHandle].rawSeed().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].rawSeed()); } - return key[kKeyObject][kHandle].rawPublicKey().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].rawPublicKey()); } case kWebCryptoKeyFormatSPKI: { - return key[kKeyObject][kHandle].export(kKeyFormatDER, kWebCryptoKeyFormatSPKI).buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].export(kKeyFormatDER, kWebCryptoKeyFormatSPKI)); } case kWebCryptoKeyFormatPKCS8: { const seed = key[kKeyObject][kHandle].rawSeed(); const buffer = new Uint8Array(54); - buffer.set([ - 0x30, 0x34, 0x02, 0x01, 0x00, 0x30, 0x0B, 0x06, + const orc = { + '__proto__': null, + 'ML-DSA-44': 0x11, + 'ML-DSA-65': 0x12, + 'ML-DSA-87': 0x13, + }[key[kAlgorithm].name]; + TypedArrayPrototypeSet(buffer, [ + 0x30, 0x34, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, - 0x03, 0x00, 0x04, 0x22, 0x80, 0x20, + 0x03, orc, 0x04, 0x22, 0x80, 0x20, ], 0); - switch (key[kAlgorithm].name) { - case 'ML-DSA-44': - buffer.set([0x11], 17); - break; - case 'ML-DSA-65': - buffer.set([0x12], 17); - break; - case 'ML-DSA-87': - buffer.set([0x13], 17); - break; - } - buffer.set(seed, 22); - return buffer.buffer; + TypedArrayPrototypeSet(buffer, seed, 22); + return TypedArrayPrototypeGetBuffer(buffer); } default: return undefined; diff --git a/lib/internal/crypto/ml_kem.js b/lib/internal/crypto/ml_kem.js index 4dfa1fa31a0425..5f6efc01125a4b 100644 --- a/lib/internal/crypto/ml_kem.js +++ b/lib/internal/crypto/ml_kem.js @@ -3,6 +3,8 @@ const { PromiseWithResolvers, SafeSet, + TypedArrayPrototypeGetBuffer, + TypedArrayPrototypeSet, Uint8Array, } = primordials; @@ -90,35 +92,30 @@ function mlKemExportKey(key, format) { switch (format) { case kWebCryptoKeyFormatRaw: { if (key[kKeyType] === 'private') { - return key[kKeyObject][kHandle].rawSeed().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].rawSeed()); } - return key[kKeyObject][kHandle].rawPublicKey().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].rawPublicKey()); } case kWebCryptoKeyFormatSPKI: { - return key[kKeyObject][kHandle].export(kKeyFormatDER, kWebCryptoKeyFormatSPKI).buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].export(kKeyFormatDER, kWebCryptoKeyFormatSPKI)); } case kWebCryptoKeyFormatPKCS8: { const seed = key[kKeyObject][kHandle].rawSeed(); const buffer = new Uint8Array(86); - buffer.set([ - 0x30, 0x54, 0x02, 0x01, 0x00, 0x30, 0x0B, 0x06, + const orc = { + '__proto__': null, + 'ML-KEM-512': 0x01, + 'ML-KEM-768': 0x02, + 'ML-KEM-1024': 0x03, + }[key[kAlgorithm].name]; + TypedArrayPrototypeSet(buffer, [ + 0x30, 0x54, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, - 0x04, 0x00, 0x04, 0x42, 0x80, 0x40, + 0x04, orc, 0x04, 0x42, 0x80, 0x40, ], 0); - switch (key[kAlgorithm].name) { - case 'ML-KEM-512': - buffer.set([0x01], 17); - break; - case 'ML-KEM-768': - buffer.set([0x02], 17); - break; - case 'ML-KEM-1024': - buffer.set([0x03], 17); - break; - } - buffer.set(seed, 22); - return buffer.buffer; + TypedArrayPrototypeSet(buffer, seed, 22); + return TypedArrayPrototypeGetBuffer(buffer); } default: return undefined; @@ -241,7 +238,11 @@ function mlKemEncapsulate(encapsulationKey) { { name: 'OperationError', cause: error })); } else { const { 0: sharedKey, 1: ciphertext } = result; - resolve({ sharedKey: sharedKey.buffer, ciphertext: ciphertext.buffer }); + + resolve({ + sharedKey: TypedArrayPrototypeGetBuffer(sharedKey), + ciphertext: TypedArrayPrototypeGetBuffer(ciphertext), + }); } }; job.run(); @@ -270,7 +271,7 @@ function mlKemDecapsulate(decapsulationKey, ciphertext) { 'The operation failed for an operation-specific reason', { name: 'OperationError', cause: error })); } else { - resolve(result.buffer); + resolve(TypedArrayPrototypeGetBuffer(result)); } }; job.run(); diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js index ebdba7334f6556..2b11535edb3ec7 100644 --- a/lib/internal/crypto/pbkdf2.js +++ b/lib/internal/crypto/pbkdf2.js @@ -3,6 +3,7 @@ const { ArrayBuffer, FunctionPrototypeCall, + TypedArrayPrototypeGetBuffer, } = primordials; const { Buffer } = require('buffer'); @@ -121,7 +122,7 @@ async function pbkdf2DeriveBits(algorithm, baseKey, length) { { name: 'OperationError', cause: err }); } - return result.buffer; + return TypedArrayPrototypeGetBuffer(result); } module.exports = { diff --git a/lib/internal/crypto/random.js b/lib/internal/crypto/random.js index 84f16f4e6653ed..c9030124e7f71f 100644 --- a/lib/internal/crypto/random.js +++ b/lib/internal/crypto/random.js @@ -19,6 +19,7 @@ const { NumberPrototypeToString, StringFromCharCodeApply, StringPrototypePadStart, + TypedArrayPrototypeGetBuffer, } = primordials; const { @@ -104,12 +105,12 @@ function randomBytes(size, callback) { const buf = new FastBuffer(size); if (callback === undefined) { - randomFillSync(buf.buffer, 0, size); + randomFillSync(TypedArrayPrototypeGetBuffer(buf), 0, size); return buf; } // Keep the callback as a regular function so this is propagated. - randomFill(buf.buffer, 0, size, function(error) { + randomFill(TypedArrayPrototypeGetBuffer(buf), 0, size, function(error) { if (error) return FunctionPrototypeCall(callback, this, error); FunctionPrototypeCall(callback, this, null, buf); }); diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js index 18b5253e2aa463..745c94ba10f591 100644 --- a/lib/internal/crypto/webcrypto.js +++ b/lib/internal/crypto/webcrypto.js @@ -11,6 +11,7 @@ const { StringPrototypeSlice, StringPrototypeStartsWith, SymbolToStringTag, + TypedArrayPrototypeGetBuffer, } = primordials; const { @@ -530,12 +531,12 @@ async function exportKeyRawSecret(key, format) { case 'AES-KW': // Fall through case 'HMAC': - return key[kKeyObject][kHandle].export().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].export()); case 'AES-OCB': // Fall through case 'ChaCha20-Poly1305': if (format === 'raw-secret') { - return key[kKeyObject][kHandle].export().buffer; + return TypedArrayPrototypeGetBuffer(key[kKeyObject][kHandle].export()); } return undefined; default: