diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js index c684d6c66af26a..b64922bcdc883f 100644 --- a/lib/internal/crypto/ec.js +++ b/lib/internal/crypto/ec.js @@ -482,7 +482,7 @@ function ecdsaSignVerify(key, data, { name, hash }, signature) { // Fall through case 'NODE-ED448': if (hash !== undefined) - throw new lazyDOMException(`Hash is not permitted for ${name}`); + throw lazyDOMException(`Hash is not permitted for ${name}`); break; default: if (hash === undefined) diff --git a/test/parallel/test-webcrypto-ed25519-ed448.js b/test/parallel/test-webcrypto-ed25519-ed448.js index 8abca247738621..a0d858a4ab4837 100644 --- a/test/parallel/test-webcrypto-ed25519-ed448.js +++ b/test/parallel/test-webcrypto-ed25519-ed448.js @@ -429,3 +429,53 @@ assert.rejects( } } } + +{ + // See: https://github.com/nodejs/node/pull/40300 + for (const namedCurve of ['NODE-ED25519', 'NODE-ED448']) { + assert.rejects( + (async () => { + const { privateKey } = await generateKey(namedCurve); + return subtle.sign( + { + name: namedCurve, + hash: 'SHA-256' + }, + privateKey, + Buffer.from('abc') + ); + })(), + (err) => { + assert.strictEqual(err.message, `Hash is not permitted for ${namedCurve}`); + assert(err instanceof DOMException); + return true; + }).then(common.mustCall()); + + assert.rejects( + (async () => { + const { publicKey, privateKey } = await generateKey(namedCurve); + const signature = await subtle.sign( + { + name: namedCurve, + }, + privateKey, + Buffer.from('abc') + ).catch(common.mustNotCall()); + + return subtle.verify( + { + name: namedCurve, + hash: 'SHA-256', + }, + publicKey, + signature, + Buffer.from('abc') + ); + })(), + (err) => { + assert.strictEqual(err.message, `Hash is not permitted for ${namedCurve}`); + assert(err instanceof DOMException); + return true; + }).then(common.mustCall()); + } +}