LibWeb: Test subtleties in HKDF 'salt' interpretation

This also doubles as HKDF implementation test.
Author: https://github.com/BenWiederhake Commit: 6d68d6ddb2 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/1877 Reviewed-by: https://github.com/ADKaster ✅ Reviewed-by: https://github.com/alimpfard ✅ Reviewed-by: https://github.com/stelar7
2025-10-23 16:40:03 +00:00 · 2024-10-20 06:30:41 +02:00 · 2024-10-20 06:30:41 +02:00 · 6d68d6ddb2 · 2024-10-23 18:21:48 +00:00
commit 6d68d6ddb2
parent f670c68ded
3 changed files with 44 additions and 1 deletions
--- a/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Userland/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@ -1467,7 +1467,10 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<JS::ArrayBuffer>> HKDF::derive_bits(Algorit
    //    * the contents of the salt member of normalizedAlgorithm as salt,
    //    * the contents of the info member of normalizedAlgorithm as info,
    //    * length divided by 8 as the value of L,
-    // FIXME: salt null versus salt empty?!
+    // Note: Although HKDF technically supports absent salt (treating it as hashLen many NUL bytes),
+    // all major browsers instead raise a TypeError, for example:
+    //     "Failed to execute 'deriveBits' on 'SubtleCrypto': HkdfParams: salt: Not a BufferSource"
+    // Because we are forced by neither peer pressure nor the spec, we don't support it either.
    auto const& hash_algorithm = TRY(normalized_algorithm.hash.visit(
        [](String const& name) -> JS::ThrowCompletionOr<String> { return name; },
        [&](JS::Handle<JS::Object> const& obj) -> JS::ThrowCompletionOr<String> {