Make deriveBits length parameter optional and nullable

Allow omitting the `length` parameter from calls to `deriveBits`, defaulting to `null`, and also allow passing `null` explicitly (as the web platform tests already do). The "derive bits" operations already handle `null` as it can also be returned by the "get key length" operations. In the case of ECDH, the operation returns the entire derived key; in the case of HKDF and PBKDF2, the operation returns an error. This is technically speaking a breaking change, since currently passing `null` explicitly should cause it to be converted to `0`, causing an empty `ArrayBuffer` to be returned. However, the only implementation that actually does so (Chromium) is willing to change this. Additionally, returning the entire value (for ECDH) seems more expected and more useful than returning an empty value.
w3c · May 1, 2023 · be453c6 · be453c6
1 parent 0eed687
commit be453c6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/spec/Overview.html b/spec/Overview.html
@@ -1257,7 +1257,7 @@ <h2>SubtleCrypto interface</h2>
                          sequence&lt;KeyUsage> keyUsages );
   Promise&lt;ArrayBuffer> deriveBits(AlgorithmIdentifier algorithm,
                           CryptoKey baseKey,
-                          unsigned long length);
+                          optional unsigned long length? = null);
 
   Promise&lt;CryptoKey> importKey(KeyFormat format,
                          (BufferSource or JsonWebKey) keyData,