◐ Shell
clean mode source ↗

[v24.x backport] raw key formats support in KeyObject APIs by panva · Pull Request #62455 · nodejs/node

panva

@panva added crypto

Issues and PRs related to the crypto subsystem.

v24.x

Issues that can be reproduced on v24.x or PRs targeting the v24.x-staging branch.

labels

Mar 27, 2026

@nodejs-github-bot nodejs-github-bot added c++

Issues and PRs that require attention from people who are familiar with C++.

lib / src

Issues and PRs related to general changes in the lib or src directory.

needs-ci

PRs that need a full CI run.

labels

Mar 27, 2026

@panva panva marked this pull request as draft

March 28, 2026 18:13

@panva panva changed the title [v24.x backport] crypto: add raw key formats support to the KeyObject APIs [v24.x backport] raw key formats support in KeyObject APIs

Mar 28, 2026

@panva panva marked this pull request as ready for review

March 31, 2026 08:40

@panva panva mentioned this pull request

Mar 31, 2026 
Signed-off-by: Filip Skokan <panva.ip@gmail.com>
PR-URL: nodejs#62480
Backport-PR-URL: nodejs#62455
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

@panva panva deleted the backport-62240-to-v24.x branch

April 10, 2026 08:02

codebytere added a commit to electron/electron that referenced this pull request

Apr 17, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

codebytere added a commit to electron/electron that referenced this pull request

Apr 20, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

codebytere added a commit to electron/electron that referenced this pull request

Apr 21, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

codebytere added a commit to electron/electron that referenced this pull request

Apr 21, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

codebytere added a commit to electron/electron that referenced this pull request

Apr 21, 2026 
* chore: bump node in DEPS to v24.15.0

* fix(patch): adapt V8 sandboxed pointers for buffer kMaxLength

Upstream replaced the hardcoded buffer length limit with a runtime
kMaxLength variable, making the patch's regex workaround for sandbox
vs non-sandbox limits unnecessary. Dropped the test-buffer-concat.js
hunk.

Ref: nodejs/node#61721

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt deprecated GetIsolate for upstream refactors

Upstream removed Uint32ToName from node_contextify.cc and
node_webstorage.cc, and renamed LookupAndCompile to
LookupAndCompileFunction in node_builtins.cc. Updated the
GetIsolate deprecation patch to match.

Ref: nodejs/node#60846
Ref: nodejs/node#60518

* chore: remove upstreamed patch

The fix_generate_config_gypi_needs_to_generate_valid_json patch
applied with "No changes -- Patch already applied", confirming
the fix has been incorporated upstream.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* node#60518: src: build v8 tick processor as built-in source text modules

Upstream restructured BuiltinLoader to auto-detect parameters by
source type, removing the custom parameters overload. Added a new
LookupAndCompileFunction overload for embedder scripts and updated
node_util.cc to use it. Also suppressed exit-time-destructors
warning from builtin_info.h in node_includes.h.

Ref: nodejs/node#60518

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): add LookupAndCompileFunction overload for embedder scripts

Ref: nodejs/node#60518

* fix(patch): stop using v8::PropertyCallbackInfo<T>::This() in sqlite

Ref: nodejs/node#60616

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt new crypto tests for BoringSSL

Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

* fix(patch): guard DH key test for BoringSSL

BoringSSL does not support loading DH private keys from PEM, causing
createPrivateKey to throw UNSUPPORTED_ALGORITHM.

Ref: nodejs/node#62240

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): correct thenable snapshot for Chromium V8

The snapshot used `*` wildcards which don't match the actual output.
Regenerated with NODE_REGENERATE_SNAPSHOTS=1 to capture the correct
concrete frame + <node-internal-frames> output.

Ref: https://chromium-review.googlesource.com/c/v8/v8/+/6826001

* fix(patch): GN build files for new merve dep

Ref: nodejs/node#61984

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): adapt fileExists patch to resolve.js module reorg

Ref: nodejs/node#61769

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore: update patches (trivial only)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

codebytere added a commit to electron/electron that referenced this pull request

Apr 22, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

codebytere added a commit to electron/electron that referenced this pull request

Apr 22, 2026 
* chore: bump node in DEPS to v24.15.0

* fix(patch): adapt V8 sandboxed pointers for buffer kMaxLength

Upstream replaced the hardcoded buffer length limit with a runtime
kMaxLength variable, making the patch's regex workaround for sandbox
vs non-sandbox limits unnecessary. Dropped the test-buffer-concat.js
hunk.

Ref: nodejs/node#61721

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt deprecated GetIsolate for upstream refactors

Upstream removed Uint32ToName from node_contextify.cc and
node_webstorage.cc, and renamed LookupAndCompile to
LookupAndCompileFunction in node_builtins.cc. Updated the
GetIsolate deprecation patch to match.

Ref: nodejs/node#60846
Ref: nodejs/node#60518

* chore: remove upstreamed patch

The fix_generate_config_gypi_needs_to_generate_valid_json patch
applied with "No changes -- Patch already applied", confirming
the fix has been incorporated upstream.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* node#60518: src: build v8 tick processor as built-in source text modules

Upstream restructured BuiltinLoader to auto-detect parameters by
source type, removing the custom parameters overload. Added a new
LookupAndCompileFunction overload for embedder scripts and updated
node_util.cc to use it. Also suppressed exit-time-destructors
warning from builtin_info.h in node_includes.h.

Ref: nodejs/node#60518

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): add LookupAndCompileFunction overload for embedder scripts

Ref: nodejs/node#60518

* fix(patch): stop using v8::PropertyCallbackInfo<T>::This() in sqlite

Ref: nodejs/node#60616

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): correct thenable snapshot for Chromium V8

The snapshot used `*` wildcards which don't match the actual output.
Regenerated with NODE_REGENERATE_SNAPSHOTS=1 to capture the correct
concrete frame + <node-internal-frames> output.

Ref: https://chromium-review.googlesource.com/c/v8/v8/+/6826001

* fix(patch): GN build files for new merve dep

Ref: nodejs/node#61984

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): adapt fileExists patch to resolve.js module reorg

Ref: nodejs/node#61769

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): adapt new crypto tests for BoringSSL

Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

* fix(patch): guard DH key test for BoringSSL

BoringSSL does not support loading DH private keys from PEM, causing
createPrivateKey to throw UNSUPPORTED_ALGORITHM.

Ref: nodejs/node#62240

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt cppgc_heap patch to upstream CppHeap handling

Upstream Node moved CppHeap creation to run unconditionally before
Isolate::Initialize via settings.cpp_heap. The patch's embedder-set
params->cpp_heap was being overwritten by the new upstream default.
Fold the patch into the upstream block so settings.cpp_heap still
wins, an embedder-set params->cpp_heap is preserved, and a default
is only created when neither is provided.

Ref: nodejs/node#58070

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore: update patches (trivial only)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): normalize brotli decoder error codes for Chromium's brotli

Electron uses Chromium's brotli (via the unbundling patch), which
returns just the NAME from BrotliDecoderErrorString() instead of the
full "_ERROR_..." prefix Node's bundled brotli emits. Upstream's
web-compression spec-compliance fix (nodejs/node#62107) classifies
brotli failures as TypeError via the "ERR__ERROR_" prefix, which
doesn't match Chromium's output — so DecompressionStream surfaced a
plain Error and the WPT decompression-bad-chunks suite failed for
brotli. Normalize the emitted error code on the C++ side so the JS
layer works against either brotli build.

Ref: nodejs/node#62107

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

codebytere added a commit to electron/electron that referenced this pull request

Apr 23, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

codebytere added a commit to electron/electron that referenced this pull request

Apr 28, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

jkleinsc pushed a commit to electron/electron that referenced this pull request

May 5, 2026 
Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

jkleinsc pushed a commit to electron/electron that referenced this pull request

May 6, 2026 
* chore: bump node in DEPS to v24.15.0

* fix(patch): adapt V8 sandboxed pointers for buffer kMaxLength

Upstream replaced the hardcoded buffer length limit with a runtime
kMaxLength variable, making the patch's regex workaround for sandbox
vs non-sandbox limits unnecessary. Dropped the test-buffer-concat.js
hunk.

Ref: nodejs/node#61721

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt deprecated GetIsolate for upstream refactors

Upstream removed Uint32ToName from node_contextify.cc and
node_webstorage.cc, and renamed LookupAndCompile to
LookupAndCompileFunction in node_builtins.cc. Updated the
GetIsolate deprecation patch to match.

Ref: nodejs/node#60846
Ref: nodejs/node#60518

* chore: remove upstreamed patch

The fix_generate_config_gypi_needs_to_generate_valid_json patch
applied with "No changes -- Patch already applied", confirming
the fix has been incorporated upstream.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* node#60518: src: build v8 tick processor as built-in source text modules

Upstream restructured BuiltinLoader to auto-detect parameters by
source type, removing the custom parameters overload. Added a new
LookupAndCompileFunction overload for embedder scripts and updated
node_util.cc to use it. Also suppressed exit-time-destructors
warning from builtin_info.h in node_includes.h.

Ref: nodejs/node#60518

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): add LookupAndCompileFunction overload for embedder scripts

Ref: nodejs/node#60518

* fix(patch): correct thenable snapshot for Chromium V8

The snapshot used `*` wildcards which don't match the actual output.
Regenerated with NODE_REGENERATE_SNAPSHOTS=1 to capture the correct
concrete frame + <node-internal-frames> output.

Ref: https://chromium-review.googlesource.com/c/v8/v8/+/6826001

* fix(patch): GN build files for new merve dep

Ref: nodejs/node#61984

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): adapt fileExists patch to resolve.js module reorg

Ref: nodejs/node#61769

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): adapt new crypto tests for BoringSSL

Guard aes-128-ccm test in test-crypto-authenticated.js behind cipher
availability check. Skip Ed448/X448/DSA tests in
test-crypto-key-objects-raw.js. Skip AES-KW tests in
test-webcrypto-promise-prototype-pollution.mjs.

Ref: nodejs/node#62240
Ref: nodejs/node#62455

* fix(patch): guard DH key test for BoringSSL

BoringSSL does not support loading DH private keys from PEM, causing
createPrivateKey to throw UNSUPPORTED_ALGORITHM.

Ref: nodejs/node#62240

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(patch): adapt cppgc_heap patch to upstream CppHeap handling

Upstream Node moved CppHeap creation to run unconditionally before
Isolate::Initialize via settings.cpp_heap. The patch's embedder-set
params->cpp_heap was being overwritten by the new upstream default.
Fold the patch into the upstream block so settings.cpp_heap still
wins, an embedder-set params->cpp_heap is preserved, and a default
is only created when neither is provided.

Ref: nodejs/node#58070

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): normalize brotli decoder error codes for Chromium's brotli

Electron uses Chromium's brotli (via the unbundling patch), which
returns just the NAME from BrotliDecoderErrorString() instead of the
full "_ERROR_..." prefix Node's bundled brotli emits. Upstream's
web-compression spec-compliance fix (nodejs/node#62107) classifies
brotli failures as TypeError via the "ERR__ERROR_" prefix, which
doesn't match Chromium's output — so DecompressionStream surfaced a
plain Error and the WPT decompression-bad-chunks suite failed for
brotli. Normalize the emitted error code on the C++ side so the JS
layer works against either brotli build.

Ref: nodejs/node#62107

* fix(patch): restore dropped hunks in crypto BoringSSL test patch

The cherry-pick from roller/node/41-x-y dropped the diff headers for
test-tls-client-auth.js and test-tls-peer-certificate.js (leaving
their hunks orphaned inside test-crypto.js), and dropped the
test-crypto-pqc-key-objects-ml-dsa.js block entirely. This left the
exported patch malformed (git am failed with "patch fragment without
header"). Restore the well-formed patch body so git am can apply it.

Ref: Unable to locate reference

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore: update patches (trivial only)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(patch): include <cstdlib> for abort() in builtin_info.cc

node/src/builtin_info.cc (from upstream PR 60518) calls abort()
without including <cstdlib>. Upstream Node's own build tolerates
this via implicit transitive inclusion, but Electron's stricter
Chromium-style build fails with "use of undeclared identifier
'abort'". Add the explicit include.

Ref: nodejs/node#60518

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* test: disable test-buffer-pool-untransferable on Electron 40

The test calls ArrayBuffer.prototype.transfer() on the Buffer pool's
backing ArrayBuffer and expects a TypeError. On the V8 shipped with
Electron 40's Chromium, this code path hits a "v8::FromJust Maybe
value is Nothing" fatal error inside ArrayBufferTransfer instead of
throwing — a V8 bug that was fixed in a newer V8 revision (the test
passes on main/42). This Electron line can't pick up that fix, so
skip the test.

Ref: Unable to locate reference

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>