Skip to content

crypto: harden KeyObject internal slots and CryptoKey algorithm slots#63111

Open
panva wants to merge 3 commits intonodejs:mainfrom
panva:harden-keyobject
Open

crypto: harden KeyObject internal slots and CryptoKey algorithm slots#63111
panva wants to merge 3 commits intonodejs:mainfrom
panva:harden-keyobject

Conversation

@panva
Copy link
Copy Markdown
Member

@panva panva commented May 4, 2026

crypto: harden KeyObject internal slots

Move KeyObject type and handle storage behind NativeKeyObject and expose it to JS through a module-private slot reader, mirroring the CryptoKey hardening from #62924. Cache the native slot tuple in a private field and lazily derive secret and asymmetric metadata from the cached KeyObjectHandle.

Update internal crypto, QUIC, and comparison callers to use private helpers instead of public KeyObject accessors.

Add regression coverage for brand checks, hidden slots, clone and transfer behavior, own-property reflection, and post-clone crypto operations.

crypto: harden CryptoKey algorithm slots

Clone CryptoKey algorithm dictionaries into null-prototype objects before caching them internally. Copy nested hash dictionaries and publicExponent bytes so internal consumers and transferred keys do not observe user-mutable input objects or polluted Object.prototype fields.

tools: prevent lib code from reading KeyObject and CryptoKey accessors

Add ESLint rules that reject public KeyObject and CryptoKey accessor reads after internal brand checks. Internal code must use the private key helpers so it reads native-backed slots instead of user-replaceable properties.

Add a separate rule that rejects instanceof checks against KeyObject and CryptoKey constructors, including the global CryptoKey constructor.

panva added 3 commits May 4, 2026 11:52
@panva
crypto: harden KeyObject internal slots
8c9df1a 
Move KeyObject type and handle storage behind NativeKeyObject and
expose it to JS through a module-private slot reader, mirroring the
CryptoKey hardening. Cache the native slot tuple in a private field
and lazily derive secret and asymmetric metadata from the cached
KeyObjectHandle.

Update internal crypto, QUIC, and comparison callers to use private
helpers instead of public KeyObject accessors. Keep getKeyObjectSlots
restricted to internal/crypto/keys with an ESLint guard.

Add regression coverage for brand checks, hidden slots, clone and
transfer behavior, own-property reflection, and post-clone crypto
operations. Extend the CryptoKey brand test to assert getSlots is not
reachable through the public constructor or prototype chain.

Signed-off-by: Filip Skokan <panva.ip@gmail.com>
@panva
crypto: harden CryptoKey algorithm slots
046ee73 
Clone CryptoKey algorithm dictionaries into null-prototype objects
before storing or caching them internally. Copy nested hash dictionaries
and publicExponent bytes so internal consumers and transferred keys do
not observe user-mutable input objects or polluted Object.prototype
fields.

Keep public algorithm and inspect output as ordinary objects. Make the
clone path check only own hash and publicExponent properties.

Signed-off-by: Filip Skokan <panva.ip@gmail.com>
@panva
tools: prevent lib code from reading KeyObject and CryptoKey accessors
717e624 
Add ESLint rules that reject public KeyObject and CryptoKey accessor
reads after internal brand checks. Internal code must use the private
key helpers so it reads native-backed slots instead of user-replaceable
properties.

Add a separate rule that rejects instanceof checks against KeyObject
and CryptoKey constructors, including the global CryptoKey constructor.

Signed-off-by: Filip Skokan <panva.ip@gmail.com>
@panva panva added crypto Issues and PRs related to the crypto subsystem. webcrypto commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. web-standards Issues and PRs related to Web APIs labels May 4, 2026
@nodejs-github-bot
Copy link
Copy Markdown
Collaborator

nodejs-github-bot commented May 4, 2026

Review requested:

  • @nodejs/crypto
  • @nodejs/quic

@nodejs-github-bot nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels May 4, 2026
@panva panva added the security Issues and PRs related to security. label May 4, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented May 4, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 96.30682% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 89.66%. Comparing base (25f80fb) to head (717e624).
⚠️ Report is 13 commits behind head on main.

Files with missing lines Patch % Lines
src/crypto/crypto_keys.cc 71.42% 1 Missing and 7 partials ⚠️
lib/internal/crypto/keys.js 98.09% 5 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff            @@
##             main   #63111    +/-   ##
========================================
  Coverage   89.65%   89.66%            
========================================
  Files         712      712            
  Lines      220822   221056   +234     
  Branches    42373    42417    +44     
========================================
+ Hits       197985   198204   +219     
+ Misses      14661    14660     -1     
- Partials     8176     8192    +16
Files with missing lines Coverage Δ
lib/internal/crypto/aes.js 92.50% <100.00%> (+0.02%) ⬆️
lib/internal/crypto/cfrg.js 94.90% <100.00%> (+0.03%) ⬆️
lib/internal/crypto/chacha20_poly1305.js 98.42% <100.00%> (ø)
lib/internal/crypto/ec.js 95.63% <100.00%> (+0.02%) ⬆️
lib/internal/crypto/hkdf.js 96.06% <100.00%> (+0.02%) ⬆️
lib/internal/crypto/mac.js 98.98% <100.00%> (+<0.01%) ⬆️
lib/internal/crypto/ml_dsa.js 97.56% <100.00%> (+0.01%) ⬆️
lib/internal/crypto/ml_kem.js 94.69% <100.00%> (+0.03%) ⬆️
lib/internal/crypto/rsa.js 94.39% <100.00%> (+0.03%) ⬆️
lib/internal/crypto/x509.js 91.70% <100.00%> (+0.04%) ⬆️
... and 6 more

... and 48 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@panva panva added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels May 4, 2026
@github-actions github-actions Bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 4, 2026
@nodejs-github-bot
Copy link
Copy Markdown
Collaborator

nodejs-github-bot commented May 4, 2026

CI: https://ci.nodejs.org/job/node-test-pull-request/73096/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasnell jasnell jasnell approved these changes

@addaleax addaleax Awaiting requested review from addaleax

@anonrig anonrig Awaiting requested review from anonrig

@tniessen tniessen Awaiting requested review from tniessen

@aduh95 aduh95 Awaiting requested review from aduh95

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue-rebase Add this label to allow the Commit Queue to land a PR in several commits. crypto Issues and PRs related to the crypto subsystem. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. security Issues and PRs related to security. web-standards Issues and PRs related to Web APIs webcrypto

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@panva @nodejs-github-bot @jasnell