mirror of
https://github.com/servo/servo
synced 2026-05-08 16:12:15 +02:00
33443d21aa
We currently use the crate `aws-lc-rs` for HKDF in the WebCrypto API. When generating output bytes from the output of HKDF-Expand operation (OKM, Output Key Material), it enforces the requested output length must match the length of key type (see error condition of `Okm::fill` at https://docs.rs/aws-lc-rs/1.14.1/aws_lc_rs/hkdf/struct.Okm.html#method.fill). However, according to the WebCrypto API specification, user should be allowed to choose the output length (https://w3c.github.io/webcrypto/#hkdf-operations-derive-bits). The restriction from `aws-lc-rs` causes several HKDF-related WPT tests to fail. This patch switches to use a more flexible crate `hkdf` (https://crates.io/crates/hkdf) for implementing HKDF in our WebCrypto API, and allowing variable length output. This helps to make those HKDF-related WPT tests pass. Testing: Pass some WPT tests that were expected to fail. --------- Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>