Current behavior for calling deriveBits on an ECDH key with length == 0:
Chromium returns a zero-length ArrayBuffer
WebKit returns the entire derived key
Mozilla throws an error
Changing all implementations to return an empty value seems potentially dangerous on the off-chance that a WebKit-specific application relies on receiving the entire value.
Changing all implementations to return the entire value seems somewhat nonsensical :)
Changing all implementations to throw an error seems (IMHO) reasonable, and should be web-compatible as Mozilla already does so.
(Spun off from https://github.com/w3c/webcrypto/pull/345#issuecomment-1682720871. Should only be merged after #345, as otherwise this change will cause an error to be thrown for
nullas well, which is not the intention here.)Current behavior for calling deriveBits on an ECDH key with
length == 0:ArrayBufferChanging all implementations to return an empty value seems potentially dangerous on the off-chance that a WebKit-specific application relies on receiving the entire value.
Changing all implementations to return the entire value seems somewhat nonsensical :)
Changing all implementations to throw an error seems (IMHO) reasonable, and should be web-compatible as Mozilla already does so.
Preview | Diff